Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser freezing up frequently


  • Please log in to reply
12 replies to this topic

#1 .Cat.

.Cat.

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:57 AM

Posted 09 January 2015 - 08:45 PM

Hello Everyone.
 

OS: Windows 7 Ultimate
Browser: IE 11 Version 11.0.9600.17501
I have Firefox installed but I rarely use it.

 

My browser freezing up seems to be a regular thing lately. Additionally it seems to be lagging quite a bit when loading web sites. I thought perhaps it might be a result of the World Community Grid BOINC but I've been working with them for years and the freezing and lag is only a recent development.

 

When the browser freezes I get a message that Internet Explorer is not responding. Sometimes I'll get a message that Windows is trying to resolve the problem then it restarts IE; sometimes it simply unfreezes all on its own; and sometimes it locks up my laptop to where I have to restart it.

 

Avira and Ad-aware are set up to run scans automatically each day - Avira at 0300 and Ad-aware at 1200 (noon)

 

Prior experience with having a rootkit infection on my desktop, I'm very leery. Spybot Search & Destroy has a Rootkit Scan. So I ran it. The following items are the only things that I am not familiar with or I am not sure what the relationship is. All the rest of the items in the report were related to World of Warcraft and Lord of the Rings online although they all were flagged "No admin in ACL" (don't know what that means).

 

 

Type: File
Object: Temp:128E1E7A:$DATA
Location: C:\Users\All Users\
Details: Unknown ADS

 

Type: File
Object: Temp:1792752F:$DATA
Location: C:\Users\All Users\
Details: Unknown ADS

 

Type: File
Object: Temp:214562D2:$DATA
Location: C:\Users\All Users\
Details: Unknown ADS

 

Type: File
Object: Temp:22B9F101:$DATA
Location: C:\Users\All Users\
Details: Unknown ADS

 

Type: File
Object: Temp:9A953997:$DATA
Location: C:\Users\All Users\
Details: Unknown ADS

 

Type: File
Object: Temp:A01C2541:$DATA
Location: C:\Users\All Users\
Details: Unknown ADS

 

Type: File
Object: Temp:C1EC2F14:$DATA
Location: C:\Users\All Users\
Details: Unknown ADS

 

Type: File
Object: Temp:C8CE5F14:$DATA
Location: C:\Users\All Users\
Details: Unknown ADS

 

Type: File
Object: 81605.bpc
Location: C:\Users\All Users\Microsoft\OFFICE\DATA\
Details: No admin in ACL

 

Type: File
Object: OPA12.BAK
Location: C:\Users\All Users\Microsoft\OFFICE\DATA\
Details: No admin in ACL

 

Type: File
Object: opa12.dat
Location: C:\Users\All Users\Microsoft\OFFICE\DATA\
Details: No admin in ACL

 

Type: File
Object: fc1e3851f429ea606d6ff1e01a5229f1_5c5ef22f-b852-494e-9f02-5c7857a4da5d
Location: C:\Users\All Users\Microsoft\Crypto\RSA\MachineKeys\
Details: No admin in ACL

 

Type: File
Object: fc1e3851f429ea606d6ff1e01a5229f1_5c5ef22f-b852-494e-9f02-5c7857a4da5d
Location: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\
Details: No admin in ACL

 


 



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:57 AM

Posted 09 January 2015 - 08:50 PM

Please download MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

Please download Junkware Removal Tool and save it on your desktop.

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

Download Panda Cloud Cleaner and save it to your desktop.

Alternate download sites are here and here.

  • Double-click on PandaCloudCleaner.exe. When the Setup - Panda Cloud Cleaner window has loaded choose Next and then Next
  • Ensure Launch Panda Cloud Cleaner is selected. Click Finish Once the window appears. Click on Accept and Scan
  • Please be patient as the scan may take some time to complete depending on your system's specifications.
  • Once the scan has completed, if Scan finished with detections is denoted in the window do not take any action and or have Panda Cloud Cleaner clean anything!
  • Now within the window click on the (or any or them if multiple) tab then on View Report a notepad file should now open called PCloudCleaner.txt
  • Save this to your desktop and post the contents in your next reply.
  • Then click on Back then Exit


#3 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:57 AM

Posted 09 January 2015 - 08:51 PM

You mention having Avira-Ad-aware-Spybot

 

I suggest that you remove Ad-Aware & Spybot before you proceed.



#4 .Cat.

.Cat.
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:57 AM

Posted 11 January 2015 - 08:58 PM

OK. Here we go.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Ultimate x64
Ran by Cat on Sun 01/11/2015 at 19:55:39.85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ad-aware browsing protection
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskPartnerCobrandingTool_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskPartnerCobrandingTool_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Sherlock Holmes and the Hound of the Baskervilles_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Sherlock Holmes and the Hound of the Baskervilles_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnStub_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnStub_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskPartnerCobrandingTool_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskPartnerCobrandingTool_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Sherlock Holmes and the Hound of the Baskervilles_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Sherlock Holmes and the Hound of the Baskervilles_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c}

 

~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"

 

~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\Alawar
Successfully deleted: [Folder] C:\ProgramData\Alawar Stargaze
Successfully deleted: [Folder] C:\ProgramData\AlawarEntertainment
Successfully deleted: [Folder] C:\ProgramData\AstralaxWrapper
Failed to delete: [Folder] "C:\ProgramData\ad-aware browsing protection"
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\blekko toolbars"
Successfully deleted: [Folder] "C:\ProgramData\dnsbasic"
Successfully deleted: [Folder] "C:\ProgramData\search protection"
Successfully deleted: [Folder] "C:\Users\Cat\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Cat\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\Cat\appdata\locallow\adawaretb"
Successfully deleted: [Folder] "C:\Program Files (x86)\adawaretb"
Successfully deleted: [Folder] "C:\Program Files (x86)\dnsbasic"
Successfully deleted: [Folder] "C:\Program Files (x86)\toolbar cleaner"
Successfully deleted: [Folder] "C:\Users\Cat\appdata\locallow\asktoolbar"

 

~~~ FireFox

Successfully deleted: [File] C:\Users\Cat\AppData\Roaming\mozilla\firefox\profiles\i9ru83jd.default\user.js
Successfully deleted: [File] C:\Users\Cat\AppData\Roaming\mozilla\firefox\profiles\i9ru83jd.default\extensions\hqukxmwhzv@hqukxmwhzv.org.xpi [Tracur]
Successfully deleted: [File] C:\Users\Cat\AppData\Roaming\mozilla\firefox\profiles\i9ru83jd.default\searchplugins\bingp.xml
Successfully deleted: [Folder] C:\Users\Cat\AppData\Roaming\mozilla\firefox\profiles\i9ru83jd.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
Successfully deleted: [Folder] C:\Users\Cat\AppData\Roaming\mozilla\firefox\profiles\i9ru83jd.default\extensions\{a79d8b60-1ff0-47f0-8e79-8cde1fecb0fd}
Successfully deleted the following from C:\Users\Cat\AppData\Roaming\mozilla\firefox\profiles\i9ru83jd.default\prefs.js

user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2438727.CTID", "CT2438727");
user_pref("CT2438727.CommunitiesChangesLastCheckTime", "0");
user_pref("CT2438727.CurrentServerDate", "28-1-2011");
user_pref("CT2438727.DialogsAlignMode", "LTR");
user_pref("CT2438727.DownloadReferralCookieData", "");
user_pref("CT2438727.EnableSearchHistory", false);
user_pref("CT2438727.EnableSearchSuggest", false);
user_pref("CT2438727.FirstServerDate", "21-2-2010");
user_pref("CT2438727.FirstTime", true);
user_pref("CT2438727.FirstTimeFF3", true);
user_pref("CT2438727.FirstTimeSettingsDone", true);
user_pref("CT2438727.GroupingInvalidateCache", false);
user_pref("CT2438727.GroupingLastCheckTime", "0");
user_pref("CT2438727.GroupingLastServerUpdateTime", "0");
user_pref("CT2438727.GroupingServerCheckInterval", 1440);
user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2438727.Initialize", true);
user_pref("CT2438727.InitializeCommonPrefs", true);
user_pref("CT2438727.InstallationAndCookieDataSentCount", 3);
user_pref("CT2438727.InstalledDate", "Sun Feb 21 2010 05:58:51 GMT-0500 (Eastern Standard Time)");
user_pref("CT2438727.InvalidateCache", false);
user_pref("CT2438727.IsGrouping", false);
user_pref("CT2438727.IsMulticommunity", false);
user_pref("CT2438727.IsOpenThankYouPage", true);
user_pref("CT2438727.IsOpenUninstallPage", true);
user_pref("CT2438727.LanguagePackLastCheckTime", "Thu Jan 27 2011 21:16:06 GMT-0500 (Eastern Standard Time)");
user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2438727.LastLogin_2.5.7.3", "Mon Apr 19 2010 18:27:19 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2438727.LastLogin_2.7.2.0", "Fri Jan 28 2011 11:10:35 GMT-0500 (Eastern Standard Time)");
user_pref("CT2438727.LatestVersion", "2.7.1.3");
user_pref("CT2438727.Locale", "en");
user_pref("CT2438727.LoginCache", 4);
user_pref("CT2438727.MCDetectTooltipHeight", "83");
user_pref("CT2438727.MCDetectTooltipShow", false);
user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2438727.MCDetectTooltipWidth", "295");
user_pref("CT2438727.RadioLastCheckTime", "0");
user_pref("CT2438727.RadioLastUpdateIPServer", "0");
user_pref("CT2438727.RadioLastUpdateServer", "0");
user_pref("CT2438727.SHRINK_TOOLBAR", 1);
user_pref("CT2438727.SearchBoxWidth", 100);
user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2438727&octid=EB_ORIGINAL_CTID&SearchSource=1");
user_pref("CT2438727.SearchFromAddressBarIsInit", true);
user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&q=");
user_pref("CT2438727.SearchInNewTabEnabled", true);
user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
user_pref("CT2438727.SearchInNewTabLastCheckTime", "Thu Jan 27 2011 21:16:06 GMT-0500 (Eastern Standard Time)");
user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
user_pref("CT2438727.SearchInNewTabUserEnabled", false);
user_pref("CT2438727.SettingsCheckIntervalMin", 120);
user_pref("CT2438727.SettingsLastCheckTime", "Fri Jan 28 2011 11:10:35 GMT-0500 (Eastern Standard Time)");
user_pref("CT2438727.SettingsLastUpdate", "1295944826");
user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Thu Jan 20 2011 13:12:45 GMT-0500 (Eastern Standard Time)");
user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1269281492");
user_pref("CT2438727.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
user_pref("CT2438727.UserID", "UN26699757405902946");
user_pref("CT2438727.ValidationData_Search", 0);
user_pref("CT2438727.ValidationData_Toolbar", 2);
user_pref("CT2438727.alertChannelId", "832836");
user_pref("CT2438727.backendstorage.currentgame", "66726F6E74696572");
user_pref("CT2438727.clientLogIsEnabled", false);
user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2438727.myStuffEnabled", true);
user_pref("CT2438727.myStuffPublihserMinWidth", 400);
user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2464976.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2464976.CTID", "CT2464976");
user_pref("CT2464976.CommunitiesChangesLastCheckTime", "0");
user_pref("CT2464976.CurrentServerDate", "20-4-2010");
user_pref("CT2464976.DialogsAlignMode", "LTR");
user_pref("CT2464976.FirstServerDate", "26-2-2010");
user_pref("CT2464976.FirstTime", true);
user_pref("CT2464976.FirstTimeFF3", true);
user_pref("CT2464976.GroupingInvalidateCache", false);
user_pref("CT2464976.GroupingLastCheckTime", "0");
user_pref("CT2464976.GroupingLastServerUpdateTime", "0");
user_pref("CT2464976.GroupingServerCheckInterval", 1440);
user_pref("CT2464976.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2464976.Initialize", true);
user_pref("CT2464976.InitializeCommonPrefs", true);
user_pref("CT2464976.InstalledDate", "Thu Feb 25 2010 20:46:35 GMT-0500 (Eastern Standard Time)");
user_pref("CT2464976.InvalidateCache", false);
user_pref("CT2464976.IsGrouping", false);
user_pref("CT2464976.IsMulticommunity", false);
user_pref("CT2464976.IsOpenThankYouPage", true);
user_pref("CT2464976.IsOpenUninstallPage", true);
user_pref("CT2464976.LanguagePackLastCheckTime", "Mon Apr 19 2010 18:27:20 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2464976.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2464976.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2464976.LastLogin_2.5.7.3", "Mon Apr 19 2010 18:27:20 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2464976.LatestVersion", "2.1.0.18");
user_pref("CT2464976.Locale", "en");
user_pref("CT2464976.LoginCache", 4);
user_pref("CT2464976.MCDetectTooltipHeight", "83");
user_pref("CT2464976.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2464976.MCDetectTooltipWidth", "295");
user_pref("CT2464976.RadioLastCheckTime", "0");
user_pref("CT2464976.RadioLastUpdateIPServer", "0");
user_pref("CT2464976.RadioLastUpdateServer", "0");
user_pref("CT2464976.SHRINK_TOOLBAR", 1);
user_pref("CT2464976.SearchBoxWidth", 100);
user_pref("CT2464976.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2464976&octid=EB_ORIGINAL_CTID");
user_pref("CT2464976.SearchFromAddressBarIsInit", true);
user_pref("CT2464976.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2464976&q=");
user_pref("CT2464976.SearchInNewTabEnabled", true);
user_pref("CT2464976.SearchInNewTabIntervalMM", 1440);
user_pref("CT2464976.SearchInNewTabLastCheckTime", "Mon Apr 19 2010 18:27:19 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2464976.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2464976.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
user_pref("CT2464976.SettingsCheckIntervalMin", 120);
user_pref("CT2464976.SettingsLastCheckTime", "Mon Apr 19 2010 18:27:19 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2464976.SettingsLastUpdate", "1270107043");
user_pref("CT2464976.ThirdPartyComponentsInterval", 504);
user_pref("CT2464976.ThirdPartyComponentsLastCheck", "Fri Apr 02 2010 23:40:51 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2464976.ThirdPartyComponentsLastUpdate", "1270107043");
user_pref("CT2464976.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
user_pref("CT2464976.UserID", "UN88785361587303376");
user_pref("CT2464976.ValidationData_Toolbar", 2);
user_pref("CT2464976.alertChannelId", "858611");
user_pref("CT2464976.clientLogIsEnabled", false);
user_pref("CT2464976.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2464976.myStuffEnabled", true);
user_pref("CT2464976.myStuffPublihserMinWidth", 400);
user_pref("CT2464976.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=2&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2464976.myStuffServiceIntervalMM", 1440);
user_pref("CT2464976.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2464976.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2536667..clientLogIsEnabled", true);
user_pref("CT2536667..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2536667..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2536667.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2536667.CTID", "CT2536667");
user_pref("CT2536667.CurrentServerDate", "23-3-2011");
user_pref("CT2536667.DialogsAlignMode", "LTR");
user_pref("CT2536667.DialogsGetterLastCheckTime", "Wed Mar 23 2011 16:12:03 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2536667.DownloadReferralCookieData", "");
user_pref("CT2536667.FirstServerDate", "23-2-2010");
user_pref("CT2536667.FirstTime", true);
user_pref("CT2536667.FirstTimeFF3", true);
user_pref("CT2536667.FirstTimeSettingsDone", true);
user_pref("CT2536667.GroupingServerCheckInterval", 1440);
user_pref("CT2536667.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2536667.HasUserGlobalKeys", true);
user_pref("CT2536667.Initialize", true);
user_pref("CT2536667.InitializeCommonPrefs", true);
user_pref("CT2536667.InstallationAndCookieDataSentCount", 3);
user_pref("CT2536667.InstalledDate", "Tue Feb 23 2010 13:01:13 GMT-0500 (Eastern Standard Time)");
user_pref("CT2536667.IsGrouping", false);
user_pref("CT2536667.IsMulticommunity", false);
user_pref("CT2536667.IsOpenThankYouPage", true);
user_pref("CT2536667.IsOpenUninstallPage", true);
user_pref("CT2536667.LanguagePackLastCheckTime", "Wed Mar 23 2011 16:12:03 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2536667.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2536667.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2536667.LastLogin_2.5.6.0", "Tue Oct 19 2010 20:22:11 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2536667.LastLogin_2.5.7.3", "Mon Apr 19 2010 18:27:19 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2536667.LastLogin_2.7.2.0", "Sun Mar 06 2011 16:57:41 GMT-0500 (Eastern Standard Time)");
user_pref("CT2536667.LastLogin_3.3.3.2", "Wed Mar 23 2011 16:12:03 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2536667.LatestVersion", "3.2.5.2");
user_pref("CT2536667.Locale", "en");
user_pref("CT2536667.LoginCache", 4);
user_pref("CT2536667.MCDetectTooltipHeight", "83");
user_pref("CT2536667.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2536667.MCDetectTooltipWidth", "295");
user_pref("CT2536667.SHRINK_TOOLBAR", 1);
user_pref("CT2536667.SearchBoxWidth", 100);
user_pref("CT2536667.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2536667&octid=EB_ORIGINAL_CTID&SearchSource=1");
user_pref("CT2536667.SearchFromAddressBarIsInit", true);
user_pref("CT2536667.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2536667&q=");
user_pref("CT2536667.SearchInNewTabEnabled", true);
user_pref("CT2536667.SearchInNewTabIntervalMM", 1440);
user_pref("CT2536667.SearchInNewTabLastCheckTime", "Wed Mar 23 2011 16:12:03 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2536667.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2536667.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
user_pref("CT2536667.SearchInNewTabUserEnabled", false);
user_pref("CT2536667.ServiceMapLastCheckTime", "Wed Mar 23 2011 16:12:03 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2536667.SettingsCheckIntervalMin", 120);
user_pref("CT2536667.SettingsLastCheckTime", "Wed Mar 23 2011 16:12:03 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2536667.SettingsLastUpdate", "1298199998");
user_pref("CT2536667.ThirdPartyComponentsInterval", 504);
user_pref("CT2536667.ThirdPartyComponentsLastCheck", "Sat Mar 05 2011 14:11:15 GMT-0500 (Eastern Standard Time)");
user_pref("CT2536667.ThirdPartyComponentsLastUpdate", "1266630927");
user_pref("CT2536667.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2536667");
user_pref("CT2536667.UserID", "UN96442427224444265");
user_pref("CT2536667.ValidationData_Toolbar", 2);
user_pref("CT2536667.alertChannelId", "929670");
user_pref("CT2536667.clientLogIsEnabled", true);
user_pref("CT2536667.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2536667.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.com\"}");
user_pref("CT2536667.globalFirstTimeInfoLastCheckTime", "Wed Mar 23 2011 16:12:03 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2536667.isAppTrackingManagerOn", true);
user_pref("CT2536667.myStuffEnabled", true);
user_pref("CT2536667.myStuffPublihserMinWidth", 400);
user_pref("CT2536667.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2536667.myStuffServiceIntervalMM", 1440);
user_pref("CT2536667.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2536667.oldAppsList", "129107410737341442,129107410737341443,129107620374841780,129107823462024086,1000034,1000080,1000082,1000234,1000,1001,1002,1003,1004,1005,1
user_pref("CT2536667.testingCtid", "");
user_pref("CT2536667.toolbarAppMetaDataLastCheckTime", "Wed Mar 23 2011 16:12:03 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2536667.toolbarContextMenuLastCheckTime", "Wed Mar 23 2011 16:12:04 GMT-0400 (Eastern Daylight Time)");
user_pref("CT2536667.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2536667.usagesFlag", 2);
user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2536667");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/832836/828639/US", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/858611/854413/US", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/929670/925454/US", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2536667", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "L+tncv4eqt6Qm5T3dzChdA==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "poKjTfHs0NrVUIalKI8jyg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "Dclc8oo4TTv7+mAkSlUSWg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "SuMy8xgBA7+FodOxmk9aiQ==");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"80927e5f86f7cb1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0652eeacc6cb1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0652eeacc6cb1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2536667", "\"634333631231730000\"");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634356118310000000");
user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2536667/CT2536667", "\"1298199998\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634351849102130000\"");
user_pref("CommunityToolbar.EngineHiddenByUser", true);
user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
user_pref("CommunityToolbar.IsEngineShown", false);
user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
user_pref("CommunityToolbar.ToolbarsList", "CT2438727,CT2536667,CT2464976,ConduitEngine");
user_pref("CommunityToolbar.ToolbarsList2", "CT2438727,CT2536667,CT2464976");
user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu Apr 14 2011 23:47:33 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon May 09 2011 02:07:08 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.alert.locale", "en");
user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon May 09 2011 13:22:52 GMT-0400 (Eastern Daylight Time)");
user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1303303927");
user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.alert.showTrayIcon", false);
user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.alert.userId", "{70845228-4e2d-4f3d-8c68-2c026c32805e}");
user_pref("CommunityToolbar.globalUserId", "954610a3-550a-4e6b-b007-8d60839b3f35");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sun May 01 2011 17:43:13 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.CTID", "ConduitEngine");
user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Mar 23 2011 16:09:52 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.FirstServerDate", "03/23/2011 23");
user_pref("ConduitEngine.FirstTime", true);
user_pref("ConduitEngine.FirstTimeFF3", true);
user_pref("ConduitEngine.HasUserGlobalKeys", true);
user_pref("ConduitEngine.Initialize", true);
user_pref("ConduitEngine.InitializeCommonPrefs", true);
user_pref("ConduitEngine.InstalledDate", "Wed Mar 23 2011 16:09:53 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.IsMulticommunity", false);
user_pref("ConduitEngine.IsOpenThankYouPage", false);
user_pref("ConduitEngine.IsOpenUninstallPage", true);
user_pref("ConduitEngine.LanguagePackLastCheckTime", "Wed Mar 23 2011 16:09:52 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.LastLogin_3.3.3.2", "Wed Mar 23 2011 16:09:52 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
user_pref("ConduitEngine.SettingsLastCheckTime", "Wed Mar 23 2011 16:09:52 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.UserID", "UN83107432420095460");
user_pref("ConduitEngine.componentAlertEnabled", false);
user_pref("ConduitEngine.engineLocale", "en-US");
user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Wed Mar 23 2011 16:09:52 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Wed Mar 23 2011 16:09:52 GMT-0400 (Eastern Daylight Time)");
user_pref("ConduitEngine.initDone", true);
user_pref("ConduitEngine.isAppTrackingManagerOn", true);
user_pref("ConduitEngine.usagesFlag", 2);
user_pref("id_igivetoolbar.variables.tmmemberXML2", "%20%0D%3Cmerchants%3E%0D%3Citem%20domain%3D%22101phones.com%22%20id%3D%2211733%22%20offertype%3D%22pm%22%20name%3D%22101Ph
user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.mode.debug", "false");
user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties");
user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://sear
user_pref("sweetim.toolbar.search.history.capacity", "10");
user_pref("sweetim.toolbar.simapp_id", "{B11E1F6F-51E7-48E5-B26C-98A9377BEB7B}");
user_pref("sweetim.toolbar.version", "1.0.0.10");
Emptied folder: C:\Users\Cat\AppData\Roaming\mozilla\firefox\profiles\i9ru83jd.default\minidumps [2 files]

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 01/11/2015 at 19:59:45.43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Cat (administrator) on 11-01-2015 at 19:30:10
Running from "C:\Users\Cat\Downloads"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer:

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Broadcom 802.11n Network Adapter = Wireless Network Connection (Connected)
NVIDIA nForce 10/100/1000 Mbps Ethernet  = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Prometheus
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : C4-17-FE-0B-32-E2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 70-1A-04-9D-15-21
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom 802.11n Network Adapter
   Physical Address. . . . . . . . . : C4-17-FE-0B-32-E2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::3587:c8ac:4ce0:4ffd%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, January 11, 2015 7:25:06 PM
   Lease Expires . . . . . . . . . . : Monday, January 12, 2015 7:25:06 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 314841086
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-EB-E4-64-00-26-B9-6F-FB-90
   DNS Servers . . . . . . . . . . . : 71.10.216.1
                                       71.10.216.2
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet
   Physical Address. . . . . . . . . : 00-26-B9-6F-FB-90
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.mi.comcast.net.:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{8053C4B2-21E1-42A1-975C-0426CBA7FFDD}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:1047:1ddb:3f57:fe9a(Preferred)
   Link-local IPv6 Address . . . . . : fe80::1047:1ddb:3f57:fe9a%16(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  rns01.charter.com
Address:  71.10.216.1

Name:    google.com
Addresses:  2607:f8b0:4002:c06::71
   74.125.196.100
   74.125.196.113
   74.125.196.138
   74.125.196.102
   74.125.196.139
   74.125.196.101

Pinging google.com [173.194.37.41] with 32 bytes of data:
Reply from 173.194.37.41: bytes=32 time=37ms TTL=50
Reply from 173.194.37.41: bytes=32 time=29ms TTL=50

Ping statistics for 173.194.37.41:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 29ms, Maximum = 37ms, Average = 33ms
Server:  rns01.charter.com
Address:  71.10.216.1

Name:    yahoo.com
Addresses:  98.139.183.24
   206.190.36.45
   98.138.253.109

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=80ms TTL=43
Reply from 98.138.253.109: bytes=32 time=81ms TTL=43

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 80ms, Maximum = 81ms, Average = 80ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...c4 17 fe 0b 32 e2 ......Microsoft Virtual WiFi Miniport Adapter
 13...70 1a 04 9d 15 21 ......Bluetooth Device (Personal Area Network)
 11...c4 17 fe 0b 32 e2 ......Broadcom 802.11n Network Adapter
 10...00 26 b9 6f fb 90 ......NVIDIA nForce 10/100/1000 Mbps Ethernet
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.101     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.101    281
    192.168.1.101  255.255.255.255         On-link     192.168.1.101    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.101    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.101    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.101    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 16     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 16     58 2001::/32                On-link
 16    306 2001:0:9d38:6abd:1047:1ddb:3f57:fe9a/128
                                    On-link
 11    281 fe80::/64                On-link
 16    306 fe80::/64                On-link
 16    306 fe80::1047:1ddb:3f57:fe9a/128
                                    On-link
 11    281 fe80::3587:c8ac:4ce0:4ffd/128
                                    On-link
  1    306 ff00::/8                 On-link
 16    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/27/2014 03:57:18 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The I/O writes cannot be held during the shadow copy creation period on volume C:\.
The volume index in the shadow copy set is 0. Error details: Open[0x00000000, The operation completed successfully.
], Flush[0x00000000, The operation completed successfully.
], Release[0x80042314, The shadow copy provider timed out while holding writes to the volume being shadow copied. This is probably due to excessive activity on the volume by an application or a system service. Try again later when activity on the volume is reduced.
], OnRun[0x00000000, The operation completed successfully.
].

Operation:
   Executing Asynchronous Operation

Context:
   Current State: DoSnapshotSet

Error: (12/27/2014 03:57:18 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The shadow copy could not be committed - operation timed out.
Error context: DeviceIoControl(\\?\Volume{8298eaa2-07a8-11df-b8fb-806e6f6e6963} - 0000000000000130,0x0053c010,000000000029DFF0,0,000000000029F000,4096,[0]).

Operation:
   Committing shadow copies

Context:
   Execution Context: System Provider

Error: (12/26/2014 00:25:30 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17496, time stamp: 0x546fdf97
Faulting module name: nvd3dumx.dll, version: 8.17.12.5738, time stamp: 0x4c281e48
Exception code: 0xc0000005
Fault offset: 0x000000000046b950
Faulting process id: 0xa7c8
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/29/2014 03:50:23 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The I/O writes cannot be held during the shadow copy creation period on volume C:\.
The volume index in the shadow copy set is 0. Error details: Open[0x00000000, The operation completed successfully.
], Flush[0x00000000, The operation completed successfully.
], Release[0x80042314, The shadow copy provider timed out while holding writes to the volume being shadow copied. This is probably due to excessive activity on the volume by an application or a system service. Try again later when activity on the volume is reduced.
], OnRun[0x00000000, The operation completed successfully.
].

Operation:
   Executing Asynchronous Operation

Context:
   Current State: DoSnapshotSet

Error: (11/29/2014 03:50:23 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The shadow copy could not be committed - operation timed out.
Error context: DeviceIoControl(\\?\Volume{8298eaa2-07a8-11df-b8fb-806e6f6e6963} - 0000000000000138,0x0053c010,0000000000367FB0,0,0000000000368FC0,4096,[0]).

Operation:
   Committing shadow copies

Context:
   Execution Context: System Provider

Error: (11/26/2014 03:51:33 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The I/O writes cannot be held during the shadow copy creation period on volume C:\.
The volume index in the shadow copy set is 0. Error details: Open[0x00000000, The operation completed successfully.
], Flush[0x00000000, The operation completed successfully.
], Release[0x80042314, The shadow copy provider timed out while holding writes to the volume being shadow copied. This is probably due to excessive activity on the volume by an application or a system service. Try again later when activity on the volume is reduced.
], OnRun[0x00000000, The operation completed successfully.
].

Operation:
   Executing Asynchronous Operation

Context:
   Current State: DoSnapshotSet

Error: (11/26/2014 03:51:33 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The shadow copy could not be committed - operation timed out.
Error context: DeviceIoControl(\\?\Volume{8298eaa2-07a8-11df-b8fb-806e6f6e6963} - 0000000000000064,0x0053c010,000000000010A7D0,0,0000000000107FB0,4096,[0]).

Operation:
   Committing shadow copies

Context:
   Execution Context: System Provider

Error: (11/20/2014 05:11:01 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1604

Start Time: 01d00508a7d9e280

Termination Time: 0

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (11/12/2014 03:35:14 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/12/2014 03:35:14 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

System errors:
=============
Error: (01/11/2015 07:27:24 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (01/11/2015 07:25:07 PM) (Source: Service Control Manager) (User: )
Description: The Aspi32 service failed to start due to the following error:
%%1275

Error: (01/11/2015 07:25:07 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\Aspi32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (01/08/2015 07:09:44 PM) (Source: nvraid) (User: )
Description:

Error: (01/08/2015 07:07:24 PM) (Source: Service Control Manager) (User: )
Description: The Aspi32 service failed to start due to the following error:
%%1275

Error: (01/08/2015 07:07:24 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\Aspi32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (01/08/2015 07:05:47 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LavasoftAdAwareService11 service.

Error: (01/02/2015 10:12:35 AM) (Source: nvraid) (User: )
Description:

Error: (01/02/2015 10:11:40 AM) (Source: Service Control Manager) (User: )
Description: The Aspi32 service failed to start due to the following error:
%%1275

Error: (01/02/2015 10:11:40 AM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\Aspi32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Microsoft Office Sessions:
=========================
Error: (04/04/2013 02:36:01 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 373 seconds with 180 seconds of active time.  This session ended with a crash.

 

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
=========================== Installed Programs ============================
9 Clues: The Secret Of Serpent Creek (HKLM-x32\...\9 Clues: The Secret Of Serpent Creek) (Version: 32.0.0.0 - Shockwave.com)
A Gnome's Home: The Great Crystal Crusade (HKLM-x32\...\A Gnome's Home: The Great Crystal Crusade) (Version: 32.0.0.0 - Shockwave.com)
Ad-Aware Security Add-on (HKLM-x32\...\adawaretb) (Version: 2.5.0.6 - Lavasoft)
Adelantado Trilogy: Book Three (HKLM-x32\...\Adelantado Trilogy: Book Three) (Version: 32.0.0.0 - Shockwave.com)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version:  - )
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
AlienRespawn v2.0 (HKLM-x32\...\AlienRespawn20_AD) (Version:  - Alienware)
Amazon MP3 Downloader 1.0.15 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.15 - Amazon Services LLC)
Avery Wizard 3.1 (HKLM-x32\...\{B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027}) (Version: 3.1.5 - Avery)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Big Kahuna Reef 2: Chain Reaction (HKLM-x32\...\Big Kahuna Reef 2: Chain Reaction) (Version: 32.0.0.0 - Shockwave.com)
Big Kahuna Reef 3 (HKLM-x32\...\Big Kahuna Reef 3) (Version: 32.0.0.0 - Shockwave.com)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.470.0 - Microsoft Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.30.21.0 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Command Center (HKLM-x32\...\InstallShield_{AE1E0DFB-A3D9-451C-AA7F-46FD390400D4}) (Version: 2.5.54.0 - Alienware Corp.)
Command Center (Version: 2.5.54.0 - Alienware Corp.) Hidden
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.3228f - CyberLink Corp.)
CyberLink PowerDVD 8 (x32 Version: 8.0.3228f - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3131 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3131 - CyberLink Corp.) Hidden
Dell Driver Download Manager (HKCU\...\bd4d3a0508d364f5) (Version: 3.0.0.0 - Dell Inc)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.6.0.4 - Dell)
Dimension 4 v5.0 (HKLM-x32\...\{935FF092-EEBA-4E97-8C1B-CD2364F392A4}) (Version: 5.0.33 - Thinking Man Software)
Disney Pirates of the Caribbean Online (HKLM-x32\...\Disney Pirates of the Caribbean Online) (Version:  - Walt Disney Internet Group)
eMusic Download Manager 4.1.4 (HKLM-x32\...\eMusic Download Manager) (Version: 4.1.4 - eMusic, Inc.)
Eraser 6.0.7.1893 (HKLM\...\{8CBBBC4D-B0B6-49DB-A421-98C65080D8EE}) (Version: 6.7.1893 - The Eraser Project)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fall of the New Age (HKLM-x32\...\Fall of the New Age) (Version:  - )
Fiber Twig 2 (HKLM-x32\...\Fiber Twig 2) (Version: 32.0.0.0 - Shockwave.com)
Free CD to MP3 Converter (HKLM-x32\...\Free CD to MP3 Converter) (Version:  - )
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 4.28 - Happy Cloud, Inc.)
Hidden World (HKLM-x32\...\Hidden World) (Version: 32.0.0.0 - Shockwave.com)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6233.0 - IDT)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version:  - )
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java™ 6 Update 16 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416016FF}) (Version: 6.0.160 - Sun Microsystems, Inc.)
Java™ 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.350 - Oracle)
Jewel Match 2 (HKLM-x32\...\Jewel Match 2) (Version: 32.0.0.0 - Shockwave.com)
Jigsaw Puzzle Player (HKLM-x32\...\Jigsaw Puzzle Player) (Version:  - )
Kalydo Player 3.08.01 (HKCU\...\KalydoPlayer) (Version: 3.08.01 - Eximion B.V.)
LG Verizon United Drivers (HKLM-x32\...\{C6A4A9B1-D8AC-46E4-B143-72FE9B8173A3}) (Version: 2.5.0 - LG Electronics)
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Logitech Unifying Software 2.00 (HKLM\...\Logitech Unifying) (Version: 2.00.43 - Logitech)
Luxor (HKLM-x32\...\Luxor) (Version: 32.0.0.0 - Shockwave.com)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Maxtor OneTouch (HKLM-x32\...\InstallShield_{3EC91FDF-FE9A-43D5-96C4-8A9C24372500}) (Version: 0.00.0011 - Maxtor)
Maxtor OneTouch (x32 Version: 0.00.0011 - Maxtor) Hidden
Messenger Plus! Live (HKLM-x32\...\Messenger Plus! Live) (Version: 4.85.0.386 - Yuna Software)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Reader (HKLM-x32\...\{B6F7DBE7-2FE2-458F-A738-B10832746036}) (Version:  - )
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.25 - mIRC Co. Ltd.)
MMI (HKLM-x32\...\{0DEDD4FD-2846-40E0-94E9-2CAB56F108DD}) (Version: 1.00.0000 - MMI)
MotoConnect 1.1.31 (HKLM-x32\...\MotoConnect) (Version: 1.1.31 - Motorola)
Motorola Mobile Drivers Installation 4.7.1 (HKLM\...\{82ED9FB2-55AF-4A61-A6F3-506CEE112779}) (Version: 4.7.1 - Motorola Inc.)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Unicorn Castle: The Beastmaster (HKLM-x32\...\Mystery of Unicorn Castle: The Beastmaster) (Version: 32.0.0.0 - Shockwave.com)
Mystery Tales: The Lost Hope (HKLM-x32\...\Mystery Tales: The Lost Hope) (Version:  - )
Nancy Drew®: The Captive Curse (HKLM-x32\...\Nancy Drew®: The Captive Curse) (Version: 32.0.0.0 - Shockwave.com)
Nancy Drew®: The Silent Spy (HKLM-x32\...\Nancy Drew®: The Silent Spy) (Version: 32.0.0.0 - Shockwave.com)
Natural Threat 2 (HKLM-x32\...\Natural Threat 2) (Version:  - )
Nero 9 Essentials (HKLM-x32\...\{43b55e7d-737e-4277-ace7-0df59d5fa25c}) (Version:  - Nero AG)
Nero BurnRights (x32 Version: 3.4.10.100 - Nero AG) Hidden
Nero BurnRights Help (x32 Version: 3.4.4.100 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 4.4.8.100 - Nero AG) Hidden
Nero CoverDesigner Help (x32 Version: 4.4.7.100 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.10.100 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.10.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.13.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.10.100 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero Rescue Agent (x32 Version: 2.4.11.100 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.11.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.13.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Northern Tale 3 (HKLM-x32\...\Northern Tale 3) (Version: 32.0.0.0 - Shockwave.com)
NVIDIA 3D Vision Controller Driver (x32 Version: 270.61 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 270.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 270.61 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 270.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 270.61 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5738 - NVIDIA Corporation)
NVIDIA Display Control Panel (Version: 6.14.12.7061 - NVIDIA Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Graphics Driver 270.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 270.61 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.270.54.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PetEmote Editor (HKLM-x32\...\{21E8405E-3357-4875-ACE2-874C2A9E2AED}) (Version: 1.7.1 - Ammunition Company)
RCA Detective™ 3.0.3.0 (HKLM-x32\...\RCA Detective™_is1) (Version:  - RCA)
RCA easyRip 2.5.7.0 (HKLM-x32\...\RCA easyRip_is1) (Version:  - RCA)
RCA Updater 2.1.7.0 (HKLM-x32\...\RCA Updater_is1) (Version:  - RCA)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.57.01 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.57.01 - RICOH)
RIFT (HKCU\...\RIFT) (Version:  - Trion Worlds, Inc.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Solitaire Kingdom Supreme (HKLM-x32\...\Solitaire Kingdom Supreme) (Version: 32.0.0.0 - Shockwave.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Syberia (HKLM-x32\...\Syberia) (Version: 32.0.0.0 - Shockwave.com)
Syberia 2 (HKLM-x32\...\Syberia 2) (Version: 32.0.0.0 - Shockwave.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.12.0 - Synaptics Incorporated)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
The Lord of the Rings Online (HKCU\...\LOTROen) (Version:  - )
TimeLineRemove 0.8.2 (HKLM-x32\...\TimeLineRemove_is1) (Version: 0.8.2 - TimeLineRemove)
Treasure Masters, Inc. (HKLM-x32\...\Treasure Masters, Inc.) (Version: 32.0.0.0 - Shockwave.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2920789) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{9913305E-D4AC-4D26-B30F-799D529FB282}) (Version:  - Microsoft)
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{7B9D2746-D03B-442B-A691-90B748E316B4}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Vacation Adventures: Park Ranger 2 (HKLM-x32\...\Vacation Adventures: Park Ranger 2) (Version: 32.0.0.0 - Shockwave.com)
Viking Saga: New World (HKLM-x32\...\Viking Saga: New World) (Version: 32.0.0.0 - Shockwave.com)
When in Rome (HKLM-x32\...\When in Rome) (Version: 32.0.0.0 - Shockwave.com)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Wi-Fi MediaConnect (HKLM-x32\...\{AA58346A-A5D7-4659-91D6-38D07345BDCF}) (Version: 1.6.42 - PHILIPS)
Windows Driver Package - ITE Tech.Inc. (itecir) HIDClass  (05/01/2009 5.1.0000.1) (HKLM\...\1ECF77EA0B590A72334E5A399ACB5AB27C3D88EE) (Version: 05/01/2009 5.1.0000.1 - ITE Tech.Inc.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
World Community Grid (HKLM-x32\...\{31B25CCC-C459-4A7B-8059-0D9913D4FAA1}) (Version: 6.10.58 - World Community Grid)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 5.3.0.17128 - Blizzard Entertainment)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
Zen of Sudoku (HKLM-x32\...\Zen of Sudoku) (Version: 32.0.0.0 - Shockwave.com)

========================= Devices: ================================

Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: FACAP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

========================= Memory info: ===================================

Percentage of memory in use: 49%
Total physical RAM: 5886.35 MB
Available physical RAM: 2957.05 MB
Total Pagefile: 11770.88 MB
Available Pagefile: 8617 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.61 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:586.83 GB) (Free:400.95 GB) NTFS

========================= Users: ========================================

User accounts for \\PROMETHEUS

Administrator            ASPNET                   Cat                     
Guest                   

**** End of log ****

 

 

# AdwCleaner v4.107 - Report created 11/01/2015 at 20:06:54
# Updated 07/01/2015 by Xplode
# Database : 2015-01-11.2 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Cat - PROMETHEUS
# Running from : C:\Users\Cat\Desktop\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : YahooAUService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Yahoo! Companion
Folder Deleted : C:\Users\Cat\AppData\LocalLow\Yahoo! Companion
Folder Deleted : C:\Users\Cat\AppData\Roaming\Mozilla\Firefox\Profiles\i9ru83jd.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110111991162}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87934C42-161D-45BC-8CEF-EF18ABE2A30C}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\adawaretb
Key Deleted : HKLM\SOFTWARE\adawaretb
Key Deleted : HKLM\SOFTWARE\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Mozilla Firefox v32.0.3 (x86 en-US)

[i9ru83jd.default\prefs.js] - Line Deleted : user_pref("CT2536667.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.com\"}");
[i9ru83jd.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/832836/828639/US", "\"0\"");
[i9ru83jd.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/858611/854413/US", "\"0\"");
[i9ru83jd.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"");
[i9ru83jd.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/929670/925454/US", "\"0\"");
[i9ru83jd.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2536667", "\"0\"");
[i9ru83jd.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"80927e5f86f7cb1:0\"");
[i9ru83jd.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0652eeacc6cb1:0\"");
[i9ru83jd.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0652eeacc6cb1:0\"");
[i9ru83jd.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2536667", "\"634333631231730000\"");
[i9ru83jd.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2536667/CT2536667", "\"1298199998\"");
[i9ru83jd.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634351849102130000\"");
[i9ru83jd.default\prefs.js] - Line Deleted : user_pref("id_playboostgamebar.storder_files.271cc4bdb27cd08e00a6df5adb9c74c7", "%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22utf-8%22%3F%3E%0A%3CTOOLBAR%20height%3D%2224%22%3E%3C%21--%20serving%20[...]
[i9ru83jd.default\prefs.js] - Line Deleted : user_pref("id_playboostgamebar.storder_files.307f0fee5ebaa2debe8f90548e28a5f5", "%3C%3Fxml%20version%3D%221.0%22%20encoding%3D%22utf-8%22%3F%3E%0A%3CTOOLBAR%20height%3D%2224%22%3E%3C%21--%20serving%20[...]
[i9ru83jd.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]

-\\ Chromium v

*************************

AdwCleaner[R0].txt - [6709 octets] - [11/01/2015 20:04:44]
AdwCleaner[S0].txt - [6260 octets] - [11/01/2015 20:06:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6320 octets] ##########

Panda Report Logs (3):

 

Unknown. FILE: C:\PROGRAMDATA\BOINC\PROJECTS\WWW.WORLDCOMMUNITYGRID.ORG\WCGRID_CEP2_QCHEM_PROD_WIN32.EXE.7.00 to be

deleted.Unknown. FILE: C:\PROGRAMDATA\BOINC\PROJECTS\WWW.WORLDCOMMUNITYGRID.ORG\WCGRID_MCM1_7.35_WINDOWS_INTELX86 to be

deleted.Unknown. FILE: C:\PROGRAMDATA\BOINC\PROJECTS\WWW.WORLDCOMMUNITYGRID.ORG\WCGRID_MCM1_7.35_WINDOWS_X86_64 to be

deleted.Unknown. FILE: C:\PROGRAMDATA\BOINC\PROJECTS\WWW.WORLDCOMMUNITYGRID.ORG\WCGRID_FAHV_VINA_PROD_64.EXE.7.32 to be

deleted.. FILE: C:\USERS\CAT\DOWNLOADS\ILIVIDSETUP-R1227-N-BI.EXE to be deleted.Unknown. FILE: C:\PROGRAMDATA\BOINC\PROJECTS

\WWW.WORLDCOMMUNITYGRID.ORG\WCGRID_FAHV_VINA_7.32_WINDOWS_X86_64 to be deleted.Suspicious Policy. POLICY: HKCU\SOFTWARE

\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] to be changed to: 0Suspicious Policy. POLICY: HKCU\SOFTWARE

\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] to be changed to: 0Malware. REGKEY: HKCU\SOFTWARE\MICROSOFT

\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLEREGISTRYTOOLS]. Value: DISABLEREGISTRYTOOLS To be deleted.Malware. REGKEY: HKCU

\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLETASKMGR]. Value: DISABLETASKMGR To be deleted.

 

Unknown. FILE: C:\PROGRAMDATA\BOINC\PROJECTS\WWW.WORLDCOMMUNITYGRID.ORG\WCGRID_CEP2_QCHEM_PROD_WIN32.EXE.7.00 to be deleted.Unknown. FILE: C:\PROGRAMDATA\BOINC\PROJECTS\WWW.WORLDCOMMUNITYGRID.ORG\WCGRID_MCM1_7.35_WINDOWS_INTELX86 to be deleted.Unknown. FILE: C:\PROGRAMDATA\BOINC\PROJECTS\WWW.WORLDCOMMUNITYGRID.ORG\WCGRID_MCM1_7.35_WINDOWS_X86_64 to be deleted.Unknown. FILE: C:\PROGRAMDATA\BOINC\PROJECTS\WWW.WORLDCOMMUNITYGRID.ORG\WCGRID_FAHV_VINA_PROD_64.EXE.7.32 to be deleted.. FILE: C:\USERS\CAT\DOWNLOADS\ILIVIDSETUP-R1227-N-BI.EXE to be deleted.Unknown. FILE: C:\PROGRAMDATA\BOINC\PROJECTS\WWW.WORLDCOMMUNITYGRID.ORG\WCGRID_FAHV_VINA_7.32_WINDOWS_X86_64 to be deleted.Suspicious Policy. POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] to be changed to: 0Suspicious Policy. POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] to be changed to: 0Malware. REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLEREGISTRYTOOLS]. Value: DISABLEREGISTRYTOOLS To be deleted.Malware. REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLETASKMGR]. Value: DISABLETASKMGR To be deleted.

 

 

 

Unknown. FILE: C:\PROGRAMDATA\BOINC\PROJECTS\WWW.WORLDCOMMUNITYGRID.ORG\WCGRID_CEP2_QCHEM_PROD_WIN32.EXE.7.00 to be deleted.Unknown. FILE: C:\PROGRAMDATA\BOINC\PROJECTS\WWW.WORLDCOMMUNITYGRID.ORG\WCGRID_MCM1_7.35_WINDOWS_INTELX86 to be deleted.Unknown. FILE: C:\PROGRAMDATA\BOINC\PROJECTS\WWW.WORLDCOMMUNITYGRID.ORG\WCGRID_MCM1_7.35_WINDOWS_X86_64 to be deleted.Unknown. FILE: C:\PROGRAMDATA\BOINC\PROJECTS\WWW.WORLDCOMMUNITYGRID.ORG\WCGRID_FAHV_VINA_PROD_64.EXE.7.32 to be deleted.. FILE: C:\USERS\CAT\DOWNLOADS\ILIVIDSETUP-R1227-N-BI.EXE to be deleted.Unknown. FILE: C:\PROGRAMDATA\BOINC\PROJECTS\WWW.WORLDCOMMUNITYGRID.ORG\WCGRID_FAHV_VINA_7.32_WINDOWS_X86_64 to be deleted.Suspicious Policy. POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] to be changed to: 0Suspicious Policy. POLICY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] to be changed to: 0Malware. REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLEREGISTRYTOOLS]. Value: DISABLEREGISTRYTOOLS To be deleted.Malware. REGKEY: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM[DISABLETASKMGR]. Value: DISABLETASKMGR To be deleted.

 

I think that's all of them.
 



#5 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:57 AM

Posted 12 January 2015 - 03:27 AM

[/B][/COLOR]Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

LOr0Gd7.png

Hit Ok.

sYFsqHx.png

Hit next make sure to leave all items checked, for removal.

8NcZjGc.png


The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete,  then OK again to finish up.

 

 

Download Malwarebytes Anti-Rootkit to your desktop.

  • Double-click the icon to start the tool.
  • It will ask you where to extract make sure it is on the desktop.
  • Malwarebytes Anti-Rootkit needs to be run from an account with admin rights.
  • Click next to continue.
  • Then Click Update
  • Once the update is Finished select Next then Scan.
  • If no malware has been found, at the end of scan select Exit
  • If an infection was found, make sure to select all items and click Cleanup.
  • Reboot your machine.
  • Open the MBAR folder and paste the content of the following into your next reply:
    • mbar-log-{date} (xx-xx-xx).txt
    • system-log.txt

 

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document

You will need to disable your antivirus prior to scanning.

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the icon..
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
      Save it to your Desktop.
    • Double click on the icon to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I
  • accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and Remove Found Threats
  • Click Advanced settingsand select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESET Scan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button


#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,610 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:57 AM

Posted 12 January 2015 - 09:50 AM

Hi Cat :)

I couldn't help but notice a few of your installed programs that should be updated/uninstalled as they present a huge security risk to your system. Feel free to follow my recommendation after InadequateInfirmity is done assisting you:
  • Uninstall Ad-Aware Security Add-on - There's better security extensions that exist, if you need, I can recommend you a few of them :)
  • Uninstall Adobe Flash Player 15 Plugin - Outdated. You don't need the plugin installed if you use a web browser that supports Flash Player natively such as Google Chrome;
  • Update Adobe Shockwave Player - We are on version 12.1.x;
  • Uninstall Free CD to MP3 Converter - Suspicious program. The name is too generic to find anything about it online. Can you tell me where you downloaded it from?;
  • Uninstall Java 7 Update 67 (64-bits) - Outdated;
  • Uninstall Java 6 Update 16 (64-bits) - Outdated;
  • Uninstall Java 6 Update 35 - Outdated;
  • Update Malwarebytes - We are on v2.4.x. Next time you open it, it will ask to update;
  • Update Mozilla Firefox;
  • Update your graphic card drivers - Go on the NVIDIA Drivers webpage, and fill the information matching your graphic card and OS to download the latest drivers and install them. If you don't know how to do that, I can help you;
  • Update Skype - We are on v7.0;
  • Uninstall Yahoo! Toolbar - Not really needed except if you use it;
If you need help with any of the programs I listed, you can let me know once InadequateInfirmity is done with you :) Good luck!

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 .Cat.

.Cat.
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:57 AM

Posted 13 January 2015 - 12:06 AM

You didn't mention that you wanted the ART log but since it gave me one I thought I'd give it to you too

 

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Adware Removal Tool v3.9
Time: 2015_01_12_21_51_05
OS: Windows 7 - 64 Bit
Account Name: Cat
U0L0S28

\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

Deleted - File - C:\Users\Cat\Appdata\Roaming\Mozilla\Firefox\Profiles\i9ru83jd.default\conduit\cachedIcons\http___storage_conduit_com_27_243_CT2438727_Images_634047717512341250.png
Deleted - File - C:\Users\Cat\Appdata\Roaming\Mozilla\Firefox\Profiles\i9ru83jd.default\conduit\cachedIcons\http___storage_conduit_com_27_243_CT2438727_Images_634047717845935000.png
Deleted - File - C:\Users\Cat\Appdata\Roaming\Mozilla\Firefox\Profiles\i9ru83jd.default\conduit\cachedIcons\http___storage_conduit_com_27_243_CT2438727_Images_Blank.png
Deleted - File - C:\Users\Cat\Appdata\Roaming\Mozilla\Firefox\Profiles\i9ru83jd.default\conduit\cachedIcons\http___storage_conduit_com_7_176_CT1764407_Images_634219899986281250.gif
Deleted - File - C:\Users\Cat\Appdata\Roaming\Mozilla\Firefox\Profiles\i9ru83jd.default\conduit\cachedIcons\http___storage_conduit_com_images_skins_zynga_seperator.gif
Deleted - File - C:\Users\Cat\Appdata\Roaming\Mozilla\Firefox\Profiles\i9ru83jd.default\ConduitEngine\Dialogs\SearchProtectorDialog\SearchProtector.css
Deleted - File - C:\Users\Cat\Appdata\Roaming\Mozilla\Firefox\Profiles\i9ru83jd.default\ConduitEngine\Dialogs\SearchProtectorDialog\SearchProtector.js
Deleted - File - C:\Users\Cat\Appdata\Roaming\Mozilla\Firefox\Profiles\i9ru83jd.default\CT2536667\Dialogs\SearchProtectorDialog\SearchProtector.css
Deleted - File - C:\Users\Cat\Appdata\Roaming\Mozilla\Firefox\Profiles\i9ru83jd.default\CT2536667\Dialogs\SearchProtectorDialog\SearchProtector.js
Deleted - Folder - C:\Users\Cat\Appdata\Roaming\Mozilla\Firefox\Profiles\i9ru83jd.default\conduit
Deleted - Folder - C:\Users\Cat\Appdata\Roaming\Mozilla\Firefox\Profiles\i9ru83jd.default\ConduitEngine
Deleted - Folder - C:\Users\Cat\Appdata\Roaming\Mozilla\Firefox\Profiles\i9ru83jd.default\ConduitEngine\Dialogs\SearchProtectorDialog
Deleted - Folder - C:\Users\Cat\Appdata\Roaming\Mozilla\Firefox\Profiles\i9ru83jd.default\CT2536667\Dialogs\SearchProtectorDialog
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}:dllname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\3413bc8_0:
Deleted - RegistryValue - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION:snapdo.exe
Deleted - RegistryKey - HKEY_CURRENT_USER\SOFTWARE:Ad-Aware Search Protection
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{98889811-442D-49DD-99D7-DC866BE87DBC}
Deleted - RegistryKey - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\DOMStorage:www.ask.com

\\ Finished

 

Malwarebytes Rootkit scan didn't find anything but did give me a report so here that is as well

 

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2015.01.13.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Cat :: PROMETHEUS [administrator]

1/12/2015 10:18:09 PM
mbar-log-2015-01-12 (22-18-09).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 336735
Time elapsed: 13 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.08.2.1001

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17501

Java version: 1.6.0_35

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.000000 GHz
Memory total: 6172282880, free: 3582169088

Downloaded database version: v2015.01.13.02
Downloaded database version: v2015.01.07.01
Downloaded database version: v2014.12.06.01
=======================================
Initializing...
------------ Kernel report ------------
     01/12/2015 22:17:33
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\gfibto.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\nvraid.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\drivers\nvstor.sys
\SystemRoot\system32\drivers\storport.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\avkmgr.sys
\SystemRoot\system32\DRIVERS\avipbb.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\nvsmu.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\drivers\1394ohci.sys
\SystemRoot\system32\drivers\sdbus.sys
\SystemRoot\system32\DRIVERS\rimmpx64.sys
\SystemRoot\system32\DRIVERS\rimspx64.sys
\SystemRoot\system32\DRIVERS\rixdpx64.sys
\SystemRoot\system32\DRIVERS\nvmf6264.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\bcmwl664.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\itecir.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\wfmcvad.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\DRIVERS\circlass.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\system32\DRIVERS\hidir.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_nvraid.sys
\SystemRoot\System32\Drivers\dump_CLASSPNP.SYS
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\LEqdUsb.Sys
\SystemRoot\system32\DRIVERS\LHidEqd.Sys
\SystemRoot\system32\DRIVERS\LHidFilt.Sys
\SystemRoot\system32\DRIVERS\LMouFilt.Sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\avgntflt.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\btusbflt.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\bthmodem.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\btwavdt.sys
\SystemRoot\system32\drivers\btwaudio.sys
\SystemRoot\system32\DRIVERS\btwl2cap.sys
\SystemRoot\system32\DRIVERS\btwrchid.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\shell32.dll
\Windows\System32\difxapi.dll
\Windows\System32\urlmon.dll
\Windows\System32\nsi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\psapi.dll
\Windows\System32\lpk.dll
\Windows\System32\usp10.dll
\Windows\System32\wininet.dll
\Windows\System32\normaliz.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\clbcatq.dll
\Windows\System32\shlwapi.dll
\Windows\System32\advapi32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\sechost.dll
\Windows\System32\msvcrt.dll
\Windows\System32\msctf.dll
\Windows\System32\oleaut32.dll
\Windows\System32\imm32.dll
\Windows\System32\user32.dll
\Windows\System32\setupapi.dll
\Windows\System32\kernel32.dll
\Windows\System32\gdi32.dll
\Windows\System32\ole32.dll
\Windows\System32\iertutil.dll
\Windows\System32\userenv.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\devobj.dll
\Windows\System32\wintrust.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80061e0060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000072\
Lower Device Object: 0xfffffa8005f37060
Lower Device Driver Name: \Driver\nvraid\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80061e0060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80061e0b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80061e0060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8005f37060, DeviceName: \Device\00000072\, DriverName: \Driver\nvraid\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 7F3C929F

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1230673920
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Other (0x12)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1230675968  Numsec = 19601408

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 640145817600 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================

Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

 

 

 Results of screen317's Security Check version 0.99.93 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
 Windows Firewall Disabled! 
Avira Desktop  
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Panda Cloud Cleaner  
 Java™ 6 Update 35 
 Java version 32-bit out of Date!
  Adobe Flash Player 15.0.0.246 Flash Player out of Date! 
 Adobe Reader XI 
 Mozilla Firefox 32.0.3 Firefox out of Date! 
````````Process Check: objlist.exe by Laurent```````` 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

 

 

 

ESET Scan Report:

C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application 
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0 a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application 
C:\Program Files\Adware-Removal-Tool\ARTP3.exe MSIL/FakeTool.PS trojan cleaned by deleting - quarantined
C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined
C:\Program Files (x86)\Avira\AntiVir Desktop\apnstub.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined
C:\Program Files (x86)\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined
C:\Users\Cat\Downloads\avira_free_antivirus_en.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
C:\Users\Cat\Downloads\ccsetup314.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application deleted - quarantined
C:\Users\Cat\Downloads\iLividSetup-r1227-n-bi.exe a variant of Win32/iLivid.A potentially unwanted application deleted - quarantined
C:\Users\Cat\Downloads\Needful Programs\MsgPlusLive-483.exe a variant of Win32/Adware.CiDHelp application cleaned by deleting - quarantined
C:\Windows\Installer\MSI1D3.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\Windows\Installer\MSID061.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\Windows\Installer\MSIEC77.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\Windows\System32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0 a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined

I think that's it.



#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:57 AM

Posted 13 January 2015 - 03:52 PM

As you can see your programs are out of date, we will get to that. How is your original issue?



#9 .Cat.

.Cat.
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:57 AM

Posted 14 January 2015 - 02:57 PM

Thank you so much for your help. The original issue seems to have been resolved!



#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:57 AM

Posted 14 January 2015 - 10:51 PM

Ok please download and install Secunia to update all of your programs.  Update anything this program suggest. Post a new Security Check Log.

 

https://secunia.com/vulnerability_scanning/personal/?utm_source=secunia&utm_medium=web&utm_content=osilanding&utm_campaign=psi

 

 

Also install adblock

https://getadblock.com/

 

And unchecky

http://unchecky.com/

 

Download DelFix by "Xplode" to your Desktop.
Right Click the tool and Run as Admin ( Xp Users Double Click)
Put a check mark next the items below:


Remove disinfection tools
Create registry backup
Purge System Restore




Now click on "Run" button.
Allow the program to complete its work.
All the tools we used will be removed.
Tool will create and open a log report (DelFix.txt)
Note: The report can be located at the following location C:\DelFix.txt



#11 .Cat.

.Cat.
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:57 AM

Posted 16 January 2015 - 07:26 PM

Sorry it took so long. Had a bit of difficulty with Secunia's scanning and updating process. I managed a work around though and everything's fine now.

 

adblock only works on chrome, firefox, and another one none of which I use so I didn't download it.

 

Here's the security check log: Results of screen317's Security Check version 0.99.93 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
 Windows Firewall Disabled! 
Avira Desktop  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Secunia PSI (3.0.0.10004)  
 Panda Cloud Cleaner  
 Adobe Flash Player 16.0.0.257 
 Adobe Reader XI 
 Mozilla Firefox (35.0)
````````Process Check: objlist.exe by Laurent```````` 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

 

And here's the Delfix log:
 Results of screen317's Security Check version 0.99.93 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
 Windows Firewall Disabled! 
Avira Desktop  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Secunia PSI (3.0.0.10004)  
 Panda Cloud Cleaner  
 Adobe Flash Player 16.0.0.257 
 Adobe Reader XI 
 Mozilla Firefox (35.0)
````````Process Check: objlist.exe by Laurent```````` 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

 

Is it okay to reinstall Ad-Aware and Spybot Serach & Destroy? I've always used Ad-Aware's firewall and Spybot helped fix a problem for me when not even the World of Warcraft tech crew could (just by running it) moreover, I like the additional tools it has.

 



#12 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:57 AM

Posted 16 January 2015 - 08:08 PM

This is your computer you may install anything you wish, although  would advise against Spybot as it is a resource hog you may notice that your computer slows down when you install.

 

I personally have never used Ad-Aware, does it come with just a firewall? If it has the bundle Antivirus along with it, then I suggest you do not install. Here is the only firewall I suggest.

 

http://www.zonealarm.co.uk/security/en-us/zonealarm-pc-security-free-firewall.htm

 

You may disable Secunia PSI  from start up just check it once in a while to update your programs.

 

Here is adblocker for chrome.

https://chrome.google.com/webstore/detail/adblock-plus/cfhdojbkjhnklbpkdaibdccddilifddb

 

I would suggest the following, to stay safe in the future.

 

Download System Ninja To remove junk files from your machine.

TooWiz Smart Defrag Obviously to defrag.

Qualys BrowserCheck To update plugins.

Safe Browsing Tool Web of trust to keep away from shady sites.


Edited by InadequateInfirmity, 16 January 2015 - 08:09 PM.


#13 .Cat.

.Cat.
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:57 AM

Posted 21 January 2015 - 05:13 PM

Ad-aware does come with just a firewall. (It's by Lavasoft if you are interested in looking into it.) I also have CCleaner by Piriform.. I have ATF cleaner by Atribune.org (It's a simple temporary file cleaner.)

 

I tried downloading adblocker for IE (I found a site that had it) but I'm sure it wasn't really intended for IE because after installation IE just came up with blank pages. So I uninstalled it.

 

I used to use Zonealarm on another machine. I had totally forgotten about it. I'll get back on that one :) And the other tools that you have suggested. Thank you so much for all your help!

 

ETA Forgot to post the Delfix log

 

# DelFix v10.8 - Logfile created 16/01/2015 at 19:17:01
# Updated 29/07/2014 by Xplode
# Username : Cat - PROMETHEUS
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\AdwCleaner
Deleted : C:\Users\Cat\Desktop\mbar
Deleted : C:\Users\Cat\Desktop\adwcleaner_4.107.exe
Deleted : C:\Users\Cat\Desktop\JRT.exe
Deleted : C:\Users\Cat\Desktop\SecurityCheck.exe
Deleted : C:\Users\Cat\Downloads\dds_com
Deleted : C:\Users\Cat\Downloads\HijackThis.exe
Deleted : C:\Users\Cat\Downloads\hijackthis.log
Deleted : C:\Users\Cat\Downloads\LSPFix.exe
Deleted : C:\Users\Cat\Downloads\MiniToolBox.exe
Deleted : C:\Users\Cat\Downloads\Result.txt
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #484 [Windows Update | 01/13/2015 21:42:15]
Deleted : RP #485 [Windows Update | 01/14/2015 08:00:16]
Deleted : RP #486 [Removed Java™ 6 Update 35 | 01/15/2015 00:38:31]
Deleted : RP #487 [Removed Java™ 6 Update 16 (64-bit) | 01/15/2015 00:40:56]
Deleted : RP #488 [Removed Java 7 Update 67 (64-bit) | 01/15/2015 00:42:16]

New restore point created !

########## - EOF - ##########

 


Edited by .Cat., 21 January 2015 - 05:49 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users