Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AVG Trojan horse Exploit_c.XZO, can't remove, Tabs play music


  • This topic is locked This topic is locked
11 replies to this topic

#1 SpiderGat

SpiderGat

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 11 February 2015 - 08:18 PM

Hello, I'm helping my dad clean his computer.

 

AVG kept popping up saying it found this in different locations (Including Malwarebytes.exe), downloaded chameleon, couldn't run any of them. Mbam finds nothing on a full scan. AVG can't remove the threat. Every time he opens a new tab in Firefox a sound byte of classical music plays.

 

He's on Windows XP 32-bit. He's always been very careful and doesn't download anything unsavory or suspicious, and doesn't torrent. I think it was a driveby via Java or an add maybe while trying to source for manufacturing materials. The chinese sites seem... less put together. 

 

Did the FRST logs and have put them below. This is a work computer with lots of confidential information so I'm trying to get it resolved quickly.

 

Sincerely,

George IV

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-02-2015 02
Ran by George N. Cahill III (administrator) on G3P0 on 11-02-2015 20:06:47
Running from C:\Documents and Settings\George N. Cahill III\Desktop
Loaded Profiles: George N. Cahill III (Available profiles: George N. Cahill III & Administrator & Guest)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(Nalpeiron Ltd.) C:\WINDOWS\system32\nlssrv32.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(NEC Electronics Corporation) C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LXCJCATS] => rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCJtime.dll,_RunDLLEntry@16
HKLM\...\Run: [NUSB3MON] => C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-12-16] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [5529328 2013-02-27] (Logitech Inc.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\RunOnce: [SpybotDeletingE8792] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE137] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8846] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1234] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1886] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1309] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3405] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4818] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7176] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4675] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1178] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1084] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE2693] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5498] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5990] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE6182] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4312] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE9423] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8964] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7381] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8876] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1544] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1124] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE6818] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE9367] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4011] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4736] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5298] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5628] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3994] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE2643] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8961] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3362] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE6840] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4538] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4091] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8865] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE2319] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE6100] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3526] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE6009] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3538] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8296] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8954] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE9559] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE105] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5403] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7898] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5103] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7333] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8327] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7616] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3024] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5009] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7540] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE599] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8464] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7467] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1205] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE2061] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8776] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4655] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8745] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE608] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1353] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1692] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE2786] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4171] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3100] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4945] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8582] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8366] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7350] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1132] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE6501] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3721] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE2543] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
Winlogon\Notify\GoToMyPC: C:\Program Files\Citrix\GoToMyPC\G2WinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF988] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4688] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7937] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7536] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF3212] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7948] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4583] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF3945] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF338] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF8324] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF8948] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF3000] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4970] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7497] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF2442] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF3022] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9296] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7057] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF952] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5898] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF686] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4643] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF6092] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5838] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF8399] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF1988] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4912] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4936] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4399] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5792] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF8669] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5181] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9947] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF220] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF343] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF553] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5487] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7208] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF6866] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4790] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF6971] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF3563] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9100] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5361] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF1793] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF6216] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF2565] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF229] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5389] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7267] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7291] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF1760] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7995] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4475] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF1392] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF8803] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF2209] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9498] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4640] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4619] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF181] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7424] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7269] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF1887] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF865] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4029] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9210] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5690] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9357] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5037] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5457] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF6587] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7468] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9032] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF2968] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5949] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x43000000
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\Policies\Explorer: [NoUserNameInStartMenu] 1
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\Policies\Explorer: [GreyMSIAds] 0
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\Policies\Explorer: [HideSCABattery] 1
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\Policies\Explorer: [NoInternetOpenWith] 1
ShellIconOverlayIdentifiers: [00001YSISyncComplete] -> {89B5F9CC-C4A2-462C-BD27-29CEAC972135} => C:\Program Files\Hightail Desktop App\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002YSISyncActive] -> {84B7BDFB-C50A-4335-B7C2-8AEC454F9E25} => C:\Program Files\Hightail Desktop App\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003YSISyncError] -> {306A9CDE-AC70-453A-8008-B5F9962B8F88} => C:\Program Files\Hightail Desktop App\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004YSILocalOnly] -> {23A7D2DC-F395-4E33-876C-84A2DFAB0EBB} => C:\Program Files\Hightail Desktop App\YSINSE.dll (Hightail Inc.)
BootExecute: autocheck xmnt2002 /bat=C:\WINDOWS\TEMP\PQ_BATCH.PQB /win=C:\WINDOWS /dbg=C:\WINDOWS\TEMP\PQ_DEBUG.TXT /ver=262144 /prd=PartitionMagicautocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://qtview.com/webcamera.html
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: [S-1-5-21-1078081533-1592454029-725345543-1003] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-1078081533-1592454029-725345543-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKU\S-1-5-21-1078081533-1592454029-725345543-1003 -> URL http://search.conduit.com/Results.aspx?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SPA59D9141-9744-4E7D-9474-628ABC1662FC&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1078081533-1592454029-725345543-1003 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-1078081533-1592454029-725345543-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKU\S-1-5-21-1078081533-1592454029-725345543-1003 -> {F4A830A1-9120-4C9D-B07D-09863956202A} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
Toolbar: HKU\S-1-5-21-1078081533-1592454029-725345543-1003 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\George N. Cahill III\Application Data\Mozilla\Firefox\Profiles\4qihyyye.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: hxxp://refdesk.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @EDVR/WebClient -> C:\windows\system32\WebClient\npwebclient.dll ( )
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1078081533-1592454029-725345543-1003: @seedonk.com/SeeVWidget;version=1.1.2.0 -> C:\Program Files\iSecurityPlusPlayer\\npseev.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Documents and Settings\George N. Cahill III\Application Data\Mozilla\Firefox\Profiles\4qihyyye.default\searchplugins\dogpile.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: DownThemAll! - C:\Documents and Settings\George N. Cahill III\Application Data\Mozilla\Firefox\Profiles\4qihyyye.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-05-17]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-08-18]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2012-03-29]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ahmcccagmbagkpbdgpammblejlmiempb] - C:\Program Files\Spybot - Search & Destroy 2\SDChrome.crx [2012-04-07]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [846056 2011-06-22] (Acronis)
S4 Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [288112 2010-08-18] (Adobe Systems Incorporated)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
S2 GoToMyPC; C:\Program Files\Citrix\GoToMyPC\g2svc.exe [1335640 2014-09-04] (Citrix Online, a division of Citrix Systems, Inc.)
S3 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [162816 2011-07-08] (HP) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2012-03-29] (Sun Microsystems, Inc.)
S3 lxcj_device; C:\WINDOWS\system32\lxcjcoms.exe [491520 2005-10-24] ( )
S2 mvOptimizerService; c:\program files\matrox mx.tools\system\mvOptimizerService.exe [129648 2010-03-09] (Matrox Electronic Systems)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 nlsX86cc; C:\WINDOWS\system32\nlssrv32.exe [66560 2010-12-07] (Nalpeiron Ltd.) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1181104 2012-02-07] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1185704 2012-02-07] (Safer-Networking Ltd.)
R2 yksvc; RUNDLL32.EXE ykx32mpcoinst,serviceStartProc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
S3 ATIAVAIW; C:\WINDOWS\System32\DRIVERS\atinavt2.sys [168576 2006-07-06] (ATI Technologies Inc.)
S3 AVCSTRM; C:\WINDOWS\System32\DRIVERS\avcstrm.sys [13696 2008-04-13] (Microsoft Corporation)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [191256 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [189720 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [197400 2014-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-11-11] (AVG Technologies)
S3 BackupReader; C:\WINDOWS\System32\DRIVERS\BackupReader.sys [53504 2011-03-02] (Microsoft Corporation)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R0 gfibto; C:\WINDOWS\System32\drivers\gfibto.sys [13560 2012-11-27] (GFI Software)
S3 HdAudAddService; C:\WINDOWS\System32\drivers\AtiHdAud.sys [84992 2006-12-28] (ATI Research Inc.)
R0 JGOGO; C:\WINDOWS\System32\DRIVERS\JGOGO.sys [6912 2006-02-07] (JMicron ) [File not signed]
R0 JRAID; C:\WINDOWS\System32\DRIVERS\jraid.sys [41216 2006-07-01] (JMicron Technology Corp.) [File not signed]
R3 LGBusEnum; C:\WINDOWS\System32\drivers\LGBusEnum.sys [19720 2009-11-23] (Logitech Inc.)
R3 LGVirHid; C:\WINDOWS\System32\drivers\LGVirHid.sys [14856 2009-11-23] (Logitech Inc.)
R2 monblanking; C:\WINDOWS\System32\DRIVERS\monblanking.sys [29280 2014-09-04] (Citrix Systems, Inc.)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15104 2004-07-09] (Microsoft Corporation)
S3 MSTAPE; C:\WINDOWS\System32\DRIVERS\mstape.sys [49024 2008-04-13] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 mvkBus; C:\WINDOWS\System32\DRIVERS\mvkBus.sys [6627184 2010-03-09] (Matrox Electronic Systems)
R3 mvkInput; C:\WINDOWS\System32\DRIVERS\mvkInput.sys [55024 2010-03-09] (Matrox Electronic Systems)
R3 mvkLQScaler; C:\WINDOWS\System32\DRIVERS\mvkLQScaler.sys [47600 2010-03-09] (Matrox Electronic Systems)
R3 mvkMemManager; C:\WINDOWS\System32\DRIVERS\mvkMemManager.sys [42480 2010-03-09] (Matrox Electronic Systems)
R3 mvkMisc; C:\WINDOWS\System32\DRIVERS\mvkMisc.sys [55664 2010-03-09] (Matrox Electronic Systems)
R3 mvkOnBrdIOdsxle; C:\WINDOWS\System32\DRIVERS\mvkOnBrdIOdsxle.sys [256624 2010-03-09] (Matrox Electronic Systems)
R3 mvkOutput; C:\WINDOWS\System32\DRIVERS\mvkOutput.sys [61424 2010-03-09] (Matrox Electronic Systems)
S3 mvkPciOptimizer; C:\Program Files\Matrox Mx.tools\system\drivers\mvkPciOptimizer.sys [14704 2011-08-08] (Matrox Electronic Systems)
R3 mvkSystemClock; C:\WINDOWS\System32\DRIVERS\mvkSystemClock.sys [47984 2010-03-09] (Matrox Electronic Systems)
R3 mvkTransfer; C:\WINDOWS\System32\DRIVERS\mvkTransfer.sys [54256 2010-03-09] (Matrox Electronic Systems)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
U0 ntdqx; C:\WINDOWS\System32\drivers\yxqossaq.sys [52440 2015-02-11] (Malwarebytes Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [129184 2014-07-21] (NVIDIA Corporation)
S3 RTLWUSB; C:\WINDOWS\System32\DRIVERS\RTL8187.sys [332928 2008-06-27] (Realtek Semiconductor Corporation                           )
R0 vididr; C:\WINDOWS\System32\DRIVERS\vididr.sys [125472 2011-08-07] (Acronis)
R0 vidsflt53; C:\WINDOWS\System32\DRIVERS\vsflt53.sys [83392 2011-08-07] (Acronis)
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [290432 2008-09-19] (Marvell)
S3 AtiHDAudioService; system32\drivers\AtihdXP3.sys [X]
U2 CertPropSvc; No ImagePath
S3 cpuz134; \??\C:\Program Files\CPUID\PC Wizard 2010\pcwiz_x32.sys [X]
S4 IntelIde; No ImagePath
S3 MtxVxd; \??\C:\WINDOWS\system32\drivers\MtxVxd.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-11 20:06 - 2015-02-11 20:07 - 00045798 _____ () C:\Documents and Settings\George N. Cahill III\Desktop\FRST.txt
2015-02-11 20:06 - 2015-02-11 20:06 - 00000000 ____D () C:\FRST
2015-02-11 20:06 - 2015-02-11 13:53 - 01125376 _____ (Farbar) C:\Documents and Settings\George N. Cahill III\Desktop\FRST.exe
2015-02-11 19:36 - 2015-02-11 19:36 - 00000832 _____ () C:\Documents and Settings\All Users\Desktop\484193531484.lnk
2015-02-11 19:35 - 2009-03-12 00:14 - 00222714 _____ () C:\Documents and Settings\George N. Cahill III\Desktop\randmbam.exe
2015-02-11 19:16 - 2015-02-11 19:16 - 00000000 ____D () C:\Documents and Settings\George N. Cahill III\Desktop\mbam-chameleon-3.1.7.0
2015-02-11 19:15 - 2014-10-09 19:39 - 04909382 _____ () C:\Documents and Settings\George N. Cahill III\Desktop\mbam-chameleon-3.1.7.0.zip
2015-02-11 11:16 - 2015-02-11 11:16 - 00052440 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\yxqossaq.sys
2015-02-11 00:30 - 2015-02-04 00:30 - 00441888 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20150211-003033.backup
2015-02-10 15:10 - 2015-02-10 15:11 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-02-06 23:13 - 2015-02-06 23:19 - 00014584 _____ () C:\Documents and Settings\George N. Cahill III\Desktop\BAKING MEASUREMENTS.xlsx
2015-02-04 00:30 - 2015-01-28 00:30 - 00441888 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20150204-003033.backup
2015-01-28 00:30 - 2015-01-21 00:30 - 00441888 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20150128-003032.backup
2015-01-27 11:14 - 2015-01-27 11:14 - 00006713 _____ () C:\WINDOWS\iis6.log
2015-01-27 11:14 - 2015-01-27 11:14 - 00006184 _____ () C:\WINDOWS\FaxSetup.log
2015-01-27 11:14 - 2015-01-27 11:14 - 00002820 _____ () C:\WINDOWS\tsoc.log
2015-01-27 11:14 - 2015-01-27 11:14 - 00001892 _____ () C:\WINDOWS\msmqinst.log
2015-01-27 11:14 - 2015-01-27 11:14 - 00001256 _____ () C:\WINDOWS\ntdtcsetup.log
2015-01-27 11:14 - 2015-01-27 11:14 - 00001083 _____ () C:\WINDOWS\netfxocm.log
2015-01-27 11:14 - 2015-01-27 11:14 - 00000425 _____ () C:\WINDOWS\MedCtrOC.log
2015-01-27 11:14 - 2015-01-27 11:14 - 00000342 _____ () C:\WINDOWS\ocmsn.log
2015-01-27 11:14 - 2015-01-27 11:14 - 00000311 _____ () C:\WINDOWS\tabletoc.log
2015-01-27 11:14 - 2015-01-27 11:14 - 00000309 _____ () C:\WINDOWS\msgsocm.log
2015-01-27 11:14 - 2015-01-27 11:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2808679$
2015-01-27 11:12 - 2015-01-27 11:14 - 00008024 _____ () C:\WINDOWS\KB2808679.log
2015-01-21 00:30 - 2015-01-14 00:30 - 00441888 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20150121-003035.backup
2015-01-14 00:30 - 2015-01-07 00:30 - 00441888 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20150114-003033.backup

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-11 20:07 - 2012-03-28 18:11 - 00000000 ____D () C:\Documents and Settings\George N. Cahill III\Local Settings\temp
2015-02-11 20:00 - 2014-11-28 00:41 - 00004692 _____ () C:\WINDOWS\system32\nvAppTimestamps
2015-02-11 19:53 - 2013-07-21 12:34 - 00000452 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{8A26E135-4EA2-4102-8861-D5AA942F6ABB}.job
2015-02-11 19:46 - 2011-05-03 12:50 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-11 19:38 - 2012-03-30 20:42 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-11 19:36 - 2014-08-09 22:28 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-11 19:36 - 2012-03-04 18:47 - 00000000 ____D () C:\Program Files\MALWAREBYTES ANTI-MALWARE
2015-02-11 19:02 - 2010-08-17 16:03 - 01291097 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-11 17:48 - 2011-02-16 14:56 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2015-02-11 17:46 - 2011-05-03 12:50 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-11 17:23 - 2014-11-12 01:05 - 00032550 _____ () C:\WINDOWS\SchedLgU.Txt
2015-02-11 16:43 - 2012-12-19 16:43 - 00000374 _____ () C:\WINDOWS\Tasks\At3.job
2015-02-11 14:48 - 2013-08-22 20:11 - 00000000 ____D () C:\Documents and Settings\George N. Cahill III\My Documents\0-A-Can Can Conceal
2015-02-11 14:30 - 2012-12-19 16:43 - 00000374 _____ () C:\WINDOWS\Tasks\At4.job
2015-02-11 11:32 - 2011-02-18 11:47 - 00000000 ____D () C:\Documents and Settings\George N. Cahill III\My Documents\0-Aphids & Bugs
2015-02-11 11:16 - 2011-02-26 22:00 - 00000000 ____D () C:\WINDOWS\Sun
2015-02-11 10:51 - 2014-08-09 22:19 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-11 10:46 - 2006-02-28 07:00 - 00012718 _____ () C:\WINDOWS\system32\wpa.dbl
2015-02-11 10:45 - 2011-02-16 19:49 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-02-11 10:45 - 2011-02-16 19:49 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-02-11 10:44 - 2012-04-24 23:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-02-11 10:44 - 2010-08-17 16:12 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-11 10:37 - 2012-04-07 16:46 - 00000594 _____ () C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2015-02-11 10:37 - 2012-03-05 11:52 - 00524288 _____ () C:\WINDOWS\system32\config\SpybotSD.evt
2015-02-11 10:37 - 2010-08-17 16:14 - 00000278 ___SH () C:\Documents and Settings\George N. Cahill III\ntuser.ini
2015-02-11 10:15 - 2012-12-19 16:43 - 00000374 _____ () C:\WINDOWS\Tasks\At1.job
2015-02-11 03:03 - 2013-07-18 08:05 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-11 03:03 - 2012-01-14 17:15 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2015-02-11 03:03 - 2010-08-17 19:16 - 113756392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-10 20:45 - 2012-12-19 16:43 - 00000374 _____ () C:\WINDOWS\Tasks\At2.job
2015-02-10 17:30 - 2013-01-09 20:57 - 00000036 ____H () C:\WINDOWS\system32\f9t.dat
2015-02-08 20:13 - 2014-03-30 22:19 - 00000246 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-02-08 09:26 - 2013-01-05 13:06 - 00000000 ____D () C:\Documents and Settings\George N. Cahill III\My Documents\INVINC PIX
2015-02-07 08:57 - 2011-03-12 14:31 - 00000000 ____D () C:\Program Files\Lx_cats
2015-02-06 23:02 - 2014-12-31 17:03 - 00000000 ____D () C:\Program Files\Steam
2015-02-06 12:48 - 2010-08-25 20:37 - 00144384 _____ () C:\Documents and Settings\George N. Cahill III\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-06 12:30 - 2013-03-15 15:36 - 00002533 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Autodesk QuickCAD 8.lnk
2015-02-06 07:36 - 2011-03-02 00:22 - 00000000 ____D () C:\Documents and Settings\George N. Cahill III\My Documents\SELF DEFENSE
2015-02-05 14:51 - 2011-07-02 17:40 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-02-04 20:38 - 2012-03-30 20:42 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-04 20:38 - 2011-05-18 18:14 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-02-03 12:41 - 2011-03-30 12:35 - 00000000 ____D () C:\Documents and Settings\George N. Cahill III\My Documents\Movie Collector
2015-02-02 08:49 - 2010-08-17 21:02 - 00000000 ____D () C:\Documents and Settings\George N. Cahill III\Application Data\Adobe
2015-02-01 09:09 - 2012-04-07 16:46 - 00000462 _____ () C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
2015-02-01 09:07 - 2012-03-05 12:14 - 00088584 _____ () C:\WINDOWS\wininit.ini
2015-01-31 00:15 - 2014-11-24 18:53 - 00000000 ___RD () C:\Documents and Settings\George N. Cahill III\Hightail
2015-01-23 15:41 - 2010-08-18 10:37 - 00002327 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Acrobat 6.0 Professional.lnk
2015-01-23 15:35 - 2012-01-17 12:04 - 00000000 ____D () C:\Documents and Settings\George N. Cahill III\My Documents\0-Bills
2015-01-23 14:58 - 2011-06-20 12:57 - 00000000 ____D () C:\Documents and Settings\George N. Cahill III\My Documents\0-E-Mail Signatures
2015-01-19 11:59 - 2010-08-18 16:17 - 00000020 ____H () C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
2015-01-16 17:09 - 2012-12-04 11:06 - 00004496 _____ () C:\lxcjscan.log
2015-01-16 12:21 - 2011-10-18 10:27 - 00000495 _____ () C:\WINDOWS\LUW2.INI
2015-01-16 12:13 - 2011-10-18 10:27 - 00000000 ____D () C:\Program Files\LU2
2015-01-16 11:44 - 2014-05-13 21:57 - 00000000 ____D () C:\Documents and Settings\George N. Cahill III\My Documents\0-HSN-B2B DOCS
2015-01-15 09:02 - 2010-08-17 16:14 - 00000000 ____D () C:\Documents and Settings\George N. Cahill III
2015-01-13 10:31 - 2014-10-08 10:49 - 00000493 _____ () C:\WINDOWS\nsw.log

==================== Files in the root of some directories =======

2013-06-26 10:07 - 2014-01-08 18:36 - 0003728 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2014-10-13 11:07 - 2014-10-13 11:34 - 0002814 _____ () C:\Documents and Settings\George N. Cahill III\Application Data\jolly.log
2010-08-18 16:15 - 2010-08-18 16:15 - 0000268 ___RH () C:\Documents and Settings\George N. Cahill III\Application Data\Metadata Importer
2010-08-18 16:17 - 2010-08-18 16:17 - 0000268 ___RH () C:\Documents and Settings\George N. Cahill III\Application Data\Nature
2011-02-19 20:19 - 2011-02-19 20:19 - 0000268 ___RH () C:\Documents and Settings\George N. Cahill III\Application Data\Organs
2011-02-19 20:19 - 2011-02-19 20:19 - 0000268 ___RH () C:\Documents and Settings\George N. Cahill III\Application Data\Overdrive
2011-02-19 20:19 - 2011-02-19 20:19 - 0000268 ___RH () C:\Documents and Settings\George N. Cahill III\Application Data\PDEs
2011-02-19 20:47 - 2011-02-19 20:47 - 0000268 ___RH () C:\Documents and Settings\George N. Cahill III\Application Data\Strings
2011-02-19 20:47 - 2011-02-19 20:47 - 0000268 ___RH () C:\Documents and Settings\George N. Cahill III\Application Data\Super Strings
2011-08-27 11:27 - 2011-08-27 11:27 - 0000000 _____ () C:\Documents and Settings\George N. Cahill III\Application Data\Vocal Transformer
2011-08-27 11:27 - 2011-08-27 11:27 - 0000000 _____ () C:\Documents and Settings\George N. Cahill III\Application Data\Vocals
2010-08-25 20:37 - 2015-02-06 12:48 - 0144384 _____ () C:\Documents and Settings\George N. Cahill III\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-17 08:35 - 2012-08-17 08:35 - 0027520 _____ () C:\Documents and Settings\George N. Cahill III\Local Settings\Application Data\dt.dat
2011-04-04 12:33 - 2011-04-04 12:33 - 0000143 _____ () C:\Documents and Settings\George N. Cahill III\Local Settings\Application Data\fusioncache.dat

Files to move or delete:
====================
C:\Documents and Settings\George N. Cahill III\default.dat
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job


Some content of TEMP:
====================
C:\Documents and Settings\George N. Cahill III\Local Settings\temp\AskSLib.dll
C:\Documents and Settings\George N. Cahill III\Local Settings\temp\Moviesetup.exe
C:\Documents and Settings\George N. Cahill III\Local Settings\temp\WKIX32.EXE


Some zero byte size files/folders:
==========================
C:\Windows\System32\tmpPrst.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:01 AM

Posted 16 February 2015 - 09:49 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

CloseProcesses:

HKLM\...\RunOnce: [SpybotDeletingE8792] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE137] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8846] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1234] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1886] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1309] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3405] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4818] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7176] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4675] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1178] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1084] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE2693] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5498] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5990] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE6182] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4312] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE9423] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8964] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7381] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8876] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1544] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1124] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE6818] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE9367] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4011] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4736] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5298] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5628] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3994] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE2643] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8961] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3362] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE6840] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4538] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4091] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8865] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE2319] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE6100] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3526] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE6009] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3538] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8296] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8954] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE9559] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE105] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5403] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7898] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5103] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7333] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8327] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7616] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3024] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5009] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7540] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE599] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8464] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7467] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1205] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE2061] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8776] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4655] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8745] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE608] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1353] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1692] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE2786] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4171] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3100] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4945] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8582] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8366] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7350] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1132] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE6501] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3721] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE2543] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF988] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4688] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7937] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7536] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF3212] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7948] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4583] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF3945] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF338] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF8324] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF8948] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF3000] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4970] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7497] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF2442] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF3022] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9296] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7057] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF952] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5898] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF686] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4643] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF6092] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5838] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF8399] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF1988] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4912] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4936] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4399] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5792] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF8669] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5181] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9947] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF220] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF343] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF553] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5487] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7208] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF6866] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4790] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF6971] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF3563] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9100] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5361] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF1793] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF6216] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF2565] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF229] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5389] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7267] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7291] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF1760] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7995] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4475] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF1392] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF8803] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF2209] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9498] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4640] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4619] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF181] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7424] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7269] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF1887] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF865] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4029] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9210] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5690] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9357] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5037] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5457] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF6587] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7468] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9032] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF2968] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5949] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: [S-1-5-21-1078081533-1592454029-725345543-1003] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-1078081533-1592454029-725345543-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKU\S-1-5-21-1078081533-1592454029-725345543-1003 -> URL http://search.conduit.com/Results.aspx?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SPA59D9141-9744-4E7D-9474-628ABC1662FC&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1078081533-1592454029-725345543-1003 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-1078081533-1592454029-725345543-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
FF Plugin HKU\S-1-5-21-1078081533-1592454029-725345543-1003: @seedonk.com/SeeVWidget;version=1.1.2.0 -> C:\Program Files\iSecurityPlusPlayer\\npseev.dll No File
FF SearchPlugin: C:\Documents and Settings\George N. Cahill III\Application Data\Mozilla\Firefox\Profiles\4qihyyye.default\searchplugins\dogpile.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
R2 yksvc; RUNDLL32.EXE ykx32mpcoinst,serviceStartProc [X]
U0 ntdqx; C:\WINDOWS\System32\drivers\yxqossaq.sys [52440 2015-02-11] (Malwarebytes Corporation)
S3 AtiHDAudioService; system32\drivers\AtihdXP3.sys [X]
U2 CertPropSvc; No ImagePath
S3 cpuz134; \??\C:\Program Files\CPUID\PC Wizard 2010\pcwiz_x32.sys [X]
S4 IntelIde; No ImagePath
S3 MtxVxd; \??\C:\WINDOWS\system32\drivers\MtxVxd.sys [X]
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job
C:\Documents and Settings\George N. Cahill III\Local Settings\temp\AskSLib.dll
C:\Documents and Settings\George N. Cahill III\Local Settings\temp\Moviesetup.exe
C:\Documents and Settings\George N. Cahill III\Local Settings\temp\WKIX32.EXE
C:\Windows\System32\tmpPrst.dll
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download Security Check by screen317 from here
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/

How is the computer running now?

======

#3 SpiderGat

SpiderGat
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 16 February 2015 - 11:28 PM

Hi,

my son got started on this and I'm finishing it up. I've followed your instructions, downloaded and run the programs in the order you prescribed and am now posting the results as requested. I don't believe I've missed anything but if so, I'll re-run it all.

 

I still get the piano music when I open a new tab in Firefox...confusing.

 

Thanks for your kind help...ps: I used to live a short ways from you in Valleyfield on Lake St. Francis...Je me souviens la belle province!

Merci,

George Cahill

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 15-02-2015
Ran by George N. Cahill III at 2015-02-16 22:06:51 Run:1
Running from C:\FRST
Loaded Profiles: George N. Cahill III &  (Available profiles: George N. Cahill III & Administrator & Guest)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start

CloseProcesses:

HKLM\...\RunOnce: [SpybotDeletingE8792] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE137] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8846] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1234] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1886] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1309] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3405] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4818] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7176] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4675] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1178] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1084] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE2693] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5498] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5990] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE6182] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4312] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE9423] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8964] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7381] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8876] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1544] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1124] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE6818] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE9367] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4011] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4736] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5298] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5628] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3994] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE2643] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8961] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3362] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE6840] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4538] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4091] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8865] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE2319] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE6100] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3526] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE6009] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3538] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8296] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8954] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE9559] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE105] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5403] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7898] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5103] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7333] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8327] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7616] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3024] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE5009] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7540] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE599] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8464] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7467] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1205] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE2061] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8776] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4655] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8745] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE608] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1353] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1692] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE2786] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4171] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3100] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE4945] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8582] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE8366] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE7350] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE1132] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE6501] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE3721] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [SpybotDeletingE2543] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF988] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4688] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7937] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7536] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF3212] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7948] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4583] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF3945] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF338] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF8324] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF8948] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF3000] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4970] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7497] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF2442] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF3022] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9296] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7057] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF952] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5898] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF686] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4643] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF6092] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5838] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF8399] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF1988] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4912] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4936] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4399] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5792] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF8669] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5181] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9947] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF220] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF343] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF553] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5487] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7208] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF6866] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4790] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF6971] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF3563] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9100] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5361] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF1793] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF6216] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF2565] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF229] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5389] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7267] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7291] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF1760] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7995] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4475] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF1392] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF8803] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF2209] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9498] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4640] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4619] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF181] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7424] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7269] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF1887] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF865] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF4029] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9210] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5690] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9357] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5037] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5457] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF6587] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF7468] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF9032] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF2968] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\...\RunOnce: [SpybotDeletingF5949] => C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe [2346408 2012-02-07] (Safer-Networking Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: [S-1-5-21-1078081533-1592454029-725345543-1003] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-1078081533-1592454029-725345543-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKU\S-1-5-21-1078081533-1592454029-725345543-1003 -> URL http://search.conduit.com/Results.aspx?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=58&CUI=&UM=5&UP=SPA59D9141-9744-4E7D-9474-628ABC1662FC&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1078081533-1592454029-725345543-1003 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-1078081533-1592454029-725345543-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
FF Plugin HKU\S-1-5-21-1078081533-1592454029-725345543-1003: @seedonk.com/SeeVWidget;version=1.1.2.0 -> C:\Program Files\iSecurityPlusPlayer\\npseev.dll No File
FF SearchPlugin: C:\Documents and Settings\George N. Cahill III\Application Data\Mozilla\Firefox\Profiles\4qihyyye.default\searchplugins\dogpile.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
R2 yksvc; RUNDLL32.EXE ykx32mpcoinst,serviceStartProc [X]
U0 ntdqx; C:\WINDOWS\System32\drivers\yxqossaq.sys [52440 2015-02-11] (Malwarebytes Corporation)
S3 AtiHDAudioService; system32\drivers\AtihdXP3.sys [X]
U2 CertPropSvc; No ImagePath
S3 cpuz134; \??\C:\Program Files\CPUID\PC Wizard 2010\pcwiz_x32.sys [X]
S4 IntelIde; No ImagePath
S3 MtxVxd; \??\C:\WINDOWS\system32\drivers\MtxVxd.sys [X]
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job
C:\Documents and Settings\George N. Cahill III\Local Settings\temp\AskSLib.dll
C:\Documents and Settings\George N. Cahill III\Local Settings\temp\Moviesetup.exe
C:\Documents and Settings\George N. Cahill III\Local Settings\temp\WKIX32.EXE
C:\Windows\System32\tmpPrst.dll
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:07BF512B

End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE8792 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE137 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE8846 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE1234 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE1886 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE1309 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE3405 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE4818 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE7176 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE4675 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE1178 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE1084 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE2693 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE5498 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE5990 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE6182 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE4312 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE9423 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE8964 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE7381 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE8876 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE1544 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE1124 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE6818 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE9367 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE4011 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE4736 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE5298 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE5628 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE3994 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE2643 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE8961 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE3362 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE6840 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE4538 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE4091 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE8865 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE2319 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE6100 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE3526 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE6009 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE3538 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE8296 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE8954 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE9559 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE105 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE5403 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE7898 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE5103 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE7333 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE8327 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE7616 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE3024 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE5009 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE7540 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE599 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE8464 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE7467 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE1205 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE2061 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE8776 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE4655 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE8745 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE608 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE1353 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE1692 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE2786 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE4171 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE3100 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE4945 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE8582 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE8366 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE7350 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE1132 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE6501 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE3721 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingE2543 => value deleted successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => Key deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF988 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF4688 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF7937 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF7536 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF3212 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF7948 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF4583 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF3945 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF338 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF8324 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF8948 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF3000 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF4970 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF7497 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF2442 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF3022 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF9296 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF7057 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF952 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF5898 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF686 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF4643 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF6092 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF5838 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF8399 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF1988 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF4912 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF4936 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF4399 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF5792 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF8669 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF5181 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF9947 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF220 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF343 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF553 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF5487 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF7208 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF6866 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF4790 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF6971 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF3563 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF9100 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF5361 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF1793 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF6216 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF2565 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF229 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF5389 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF7267 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF7291 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF1760 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF7995 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF4475 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF1392 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF8803 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF2209 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF9498 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF4640 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF4619 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF181 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF7424 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF7269 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF1887 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF865 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF4029 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF9210 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF5690 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF9357 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF5037 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF5457 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF6587 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF7468 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF9032 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF2968 => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpybotDeletingF5949 => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1078081533-1592454029-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
Error setting Default URLSearchHook.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => value deleted successfully.
HKU\S-1-5-21-1078081533-1592454029-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON => value deleted successfully.
"HKU\S-1-5-21-1078081533-1592454029-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
"HKCR\PROTOCOLS\Handler\linkscanner" => Key deleted successfully.
HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key not found.
"HKU\S-1-5-21-1078081533-1592454029-725345543-1003\Software\MozillaPlugins\@seedonk.com/SeeVWidget;version=1.1.2.0" => Key deleted successfully.
C:\Program Files\iSecurityPlusPlayer\\npseev.dll not found.
"C:\Documents and Settings\George N. Cahill III\Application Data\Mozilla\Firefox\Profiles\4qihyyye.default\searchplugins\dogpile.xml" => not found.
C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml => Moved successfully.
yksvc => Service deleted successfully.
ntdqx => Service deleted successfully.
AtiHDAudioService => Service deleted successfully.
CertPropSvc => Service deleted successfully.
cpuz134 => Service deleted successfully.
IntelIde => Service deleted successfully.
MtxVxd => Service deleted successfully.
C:\Windows\Tasks\At1.job => Moved successfully.
C:\Windows\Tasks\At2.job => Moved successfully.
C:\Windows\Tasks\At3.job => Moved successfully.
C:\Windows\Tasks\At4.job => Moved successfully.
C:\Documents and Settings\George N. Cahill III\Local Settings\temp\AskSLib.dll => Moved successfully.
C:\Documents and Settings\George N. Cahill III\Local Settings\temp\Moviesetup.exe => Moved successfully.
C:\Documents and Settings\George N. Cahill III\Local Settings\temp\WKIX32.EXE => Moved successfully.
C:\Windows\System32\tmpPrst.dll => Moved successfully.
C:\Documents and Settings\All Users\Application Data\TEMP => ":07BF512B" ADS removed successfully.


The system needed a reboot.

==== End of Fixlog 22:06:52 ====

# AdwCleaner v4.110 - Logfile created 16/02/2015 at 22:40:34
# Updated 05/02/2015 by Xplode
# Database : 2015-02-14.2 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : George N. Cahill III - G3P0
# Running from : C:\Documents and Settings\George N. Cahill III\Desktop\adwcleaner_4.110.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\SecTaskMan
Folder Deleted : C:\Program Files\AVG\AVG10\Toolbar

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\System Tools\Scheduled Tasks.lnk

***** [ Registry ] *****

Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B696D3C37BD0D6C33A65D38BEC459181
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\B696D3C37BD0D6C33A65D38BEC459181
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\B696D3C37BD0D6C33A65D38BEC459181
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v36.0 (x86 en-US)


*************************

AdwCleaner[R0].txt - [8447 bytes] - [18/01/2014 11:12:41]
AdwCleaner[R1].txt - [1609 bytes] - [16/02/2015 22:16:46]
AdwCleaner[S0].txt - [8722 bytes] - [18/01/2014 11:15:20]
AdwCleaner[S1].txt - [1677 bytes] - [16/02/2015 22:40:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1736  bytes] ##########

--------------------------------------------------------------


 Results of screen317's Security Check version 0.99.96  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
AVG AntiVirus Free Edition 2014   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 MVPS Hosts File  
 Spybot - Search & Destroy 2
 CCleaner     
 Java™ 6 Update 31  
 Java version 32-bit out of Date!
  Java 64-bit 8 Update 31  
 Adobe Flash Player     16.0.0.305  
 Adobe Reader XI  
 Mozilla Firefox (36.0)
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled!
 AVG avgwdsvc.exe
 AVG avgrsx.exe
 AVG avgnsx.exe
 AVG avgemc.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 6%
````````````````````End of Log``````````````````````
 



#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:01 AM

Posted 17 February 2015 - 09:34 AM

Firefox:
Reset Default Browsing settings:
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-problems?utm_expid=65912487-41.djHNRQY0RhaLvvtvcd0BQA.2&utm_referrer=https%3A%2F%2Fwww.google.ca%2F
===

You have the latest Java™ 6 Update 31 version.

===

How is Firefox now?

#5 SpiderGat

SpiderGat
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 19 February 2015 - 12:04 PM

Updated Firefox according to your link instructions but I still have the music...everything else seems to be running fine but the presence of the music makes me worry that something is buried in the code...am I paranoid?



#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:01 AM

Posted 19 February 2015 - 02:03 PM

Yes something is hidden.

Remove Firefox using the instructions one this page.
https://support.mozilla.org/en-US/kb/uninstall-firefox-from-your-computer

Before proceeding save your Bookmarks.
https://support.mozilla.org/en-US/kb/export-firefox-bookmarks-to-backup-or-transfer

Install the latest version of the application.

You can then import them to the new version of Firefox.

Firefox Password manager -
Remember, delete and change saved passwords in Firefox
https://support.mozilla.org/en-US/kb/password-manager-remember-delete-change-passwords
<<<>>>

#7 nasdaq

nasdaq

  • Malware Response Team
  • 40,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:01 AM

Posted 24 February 2015 - 09:36 AM

Are you still with me?

#8 SpiderGat

SpiderGat
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 27 February 2015 - 09:36 AM

Yes, I'm still with you but we've been moving our manufacturing to a new facility & I haven't been able to get online for a while...I'll try to do the uninstall/reinstall of Firefox tonight.

Thanks for your patience!

George



#9 nasdaq

nasdaq

  • Malware Response Team
  • 40,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:01 AM

Posted 27 February 2015 - 02:09 PM

Ok. Take you time.

#10 SpiderGat

SpiderGat
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 12 March 2015 - 08:57 PM

Hello Nasdaq,

thank you for the leeway to get my business in order.

I uninstalled and reinstalled Firefox and I no longer get the annoying piano music...THANK YOU!

However, after a restart I could not access an outboard drive that I use as a backup on a USB3 port. Went to Control Panel>System>Hardware and found that there was suddenly a problem with the USB3 drivers. Updated AVG to 2015, disabled it to run a scan with Malwarebytes, disabled the internet so I wouldn't catch something while scanning. The computer froze, I rebooted and it came back demanding Activation. Wouldn't activate because it couldn't find the internet. Finally got it reactivated by calling MS. Seems to be running fine but it's only been up about two hours.

 

What next?

 

Thanks for your patience.

George Cahill



#11 nasdaq

nasdaq

  • Malware Response Team
  • 40,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:01 AM

Posted 13 March 2015 - 08:02 AM

Using the Add/Remove programs applet delete this old version of Java™ 6 Update 31

===

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#12 nasdaq

nasdaq

  • Malware Response Team
  • 40,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:01:01 AM

Posted 19 March 2015 - 07:20 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users