Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

slow computer... grandkids version


  • Please log in to reply
9 replies to this topic

#1 hitpro

hitpro

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:01:39 PM

Posted 06 December 2015 - 09:22 PM

my grand daughter's pc is running very slow. she says sometimes it takes as long as a minute before the browser appears, after clicking on the icon. she thinks she may be infected. with all these social network sites nowadays, it's no wonder. lol

 

anyway, here are the specs of her pc:

 

Compaq, Windows XP Pro version 2002, service pack 3

intel pentium 4, CPU  2GHz

0.99 GHz RAM

 

any additional info needed?



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,247 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:01:39 PM

Posted 07 December 2015 - 12:15 PM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post.
 
Louis



#3 hitpro

hitpro
  • Topic Starter

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:01:39 PM

Posted 07 December 2015 - 09:30 PM

ok, here are the posts.

 

B.T.W., sorry but my grand daughter's pc is not connected to the internet so i attached the speccy report as text. i hope that's not a problem.

 

thanks

 

 

 

MiniToolBox by Farbar  Version: 02-11-2015
Ran by kmo2cute4u (administrator) on 07-12-2015 at 21:06:18
Running from "C:\Documents and Settings\kmo2cute4u\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Model: Evo D510 SFF Manufacturer: Compaq

Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/07/2015 08:59:28 PM) (Source: Windows Search Service) (User: )
Description: The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again.
Context:  Application, SystemIndex Catalog

Error: (12/07/2015 08:59:28 PM) (Source: Windows Search Service) (User: )
Description: The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again.
Context:  Application, SystemIndex Catalog

Error: (12/07/2015 08:59:27 PM) (Source: Windows Search Service) (User: )
Description: The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again.
Context:  Application, SystemIndex Catalog

Error: (12/07/2015 12:20:16 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4 3.0.8107.0, P5 mpsigdwn.dll, P6 3.0.8107.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (12/06/2015 12:20:16 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4 3.0.8107.0, P5 mpsigdwn.dll, P6 3.0.8107.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (12/05/2015 12:25:18 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4 3.0.8107.0, P5 mpsigdwn.dll, P6 3.0.8107.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (11/29/2015 12:48:53 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4 3.0.8107.0, P5 mpsigdwn.dll, P6 3.0.8107.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (11/28/2015 12:53:54 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4 3.0.8107.0, P5 mpsigdwn.dll, P6 3.0.8107.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (09/07/2015 11:13:06 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/07/2015 11:07:26 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 80070424, P2 beginsearch, P3 search, P4 3.0.8107.0, P5 mpsigdwn.dll, P6 3.0.8107.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

System errors:
=============
Error: (12/07/2015 12:20:17 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.205.1845.0
    Update Source: %NT AUTHORITY51
    Update Stage: 3.0.8107.00
    Source Path: 3.0.8107.01
    Signature Type: %NT AUTHORITY602
    Update Type: %NT AUTHORITY604
    User: NT AUTHORITY\NETWORK SERVICE
    Current Engine Version: %NT AUTHORITY605
    Previous Engine Version: %NT AUTHORITY606
    Error code: %NT AUTHORITY607
    Error description: %NT AUTHORITY608

Error: (12/07/2015 12:20:17 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.205.1845.0
    Update Source: %NT AUTHORITY51
    Update Stage: 3.0.8107.00
    Source Path: 3.0.8107.01
    Signature Type: %NT AUTHORITY602
    Update Type: %NT AUTHORITY604
    User: NT AUTHORITY\NETWORK SERVICE
    Current Engine Version: %NT AUTHORITY605
    Previous Engine Version: %NT AUTHORITY606
    Error code: %NT AUTHORITY607
    Error description: %NT AUTHORITY608

Error: (12/07/2015 12:20:17 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.205.1845.0
    Update Source: %NT AUTHORITY51
    Update Stage: 3.0.8107.00
    Source Path: 3.0.8107.01
    Signature Type: %NT AUTHORITY602
    Update Type: %NT AUTHORITY604
    User: NT AUTHORITY\NETWORK SERVICE
    Current Engine Version: %NT AUTHORITY605
    Previous Engine Version: %NT AUTHORITY606
    Error code: %NT AUTHORITY607
    Error description: %NT AUTHORITY608

Error: (12/07/2015 12:20:17 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.205.1845.0
    Update Source: %NT AUTHORITY51
    Update Stage: 3.0.8107.00
    Source Path: 3.0.8107.01
    Signature Type: %NT AUTHORITY602
    Update Type: %NT AUTHORITY604
    User: NT AUTHORITY\NETWORK SERVICE
    Current Engine Version: %NT AUTHORITY605
    Previous Engine Version: %NT AUTHORITY606
    Error code: %NT AUTHORITY607
    Error description: %NT AUTHORITY608

Error: (12/07/2015 12:20:16 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.205.1845.0

    Update Source: %NT AUTHORITY59

    Update Stage: 3.0.8107.00

    Source Path: 3.0.8107.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (12/06/2015 12:20:17 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.205.1845.0

    Update Source: %NT AUTHORITY51

    Update Stage: 3.0.8107.00

    Source Path: 3.0.8107.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (12/06/2015 12:20:17 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.205.1845.0

    Update Source: %NT AUTHORITY51

    Update Stage: 3.0.8107.00

    Source Path: 3.0.8107.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (12/06/2015 12:20:17 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.205.1845.0

    Update Source: %NT AUTHORITY51

    Update Stage: 3.0.8107.00

    Source Path: 3.0.8107.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (12/06/2015 12:20:17 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.205.1845.0

    Update Source: %NT AUTHORITY51

    Update Stage: 3.0.8107.00

    Source Path: 3.0.8107.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\NETWORK SERVICE

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (12/06/2015 12:20:16 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.205.1845.0

    Update Source: %NT AUTHORITY59

    Update Stage: 3.0.8107.00

    Source Path: 3.0.8107.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================
Error: (11/13/2012 09:37:23 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9390 seconds with 3540 seconds of active time.  This session ended with a crash.

Error: (12/08/2010 11:03:48 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1302 seconds with 420 seconds of active time.  This session ended with a crash.


=========================== Installed Programs ============================
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.1.85.3 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.4.402.287 - Adobe Systems Incorporated)
Adobe Reader 9.5.2 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}) (Version: 11.5.8.612 - Adobe Systems, Inc)
Alice in Vivaldi's Four Seasons 1.1.1 (HKLM\...\Alice in Vivaldi's Four Seasons_is1) (Version:  - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
Audacity 1.3.13 (HKLM\...\Audacity 1.3 Beta_is1) (Version:  - Audacity Team)
Audacity 1.3.13 (Unicode) (HKLM\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM\...\{703FC30C-4435-4971-A296-9277ED5BFD22}) (Version: 0.7.13 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 3.00 - Piriform)
Celestia 1.6.0 (HKLM\...\Celestia_is1) (Version:  - Shatters Software)
Computer Basics (HKLM\...\{E739A5A3-DEE2-4771-B48D-5AEC18402CFD}) (Version: 1.1.0 - Microsoft)
Computer Security and Privacy (HKLM\...\{CBA0AA4C-D630-43BA-AF37-0F80A0EC300C}) (Version: 1.0.0 - Microsoft)
Digital Lifestyles (HKLM\...\{2DE2AB70-FC1B-40DC-BFFA-1027A258971E}) (Version: 1.0.0 - Microsoft)
Download Updater (AOL LLC) (HKLM\...\SoftwareUpdUtility) (Version:  - )
EclipseCrossword (HKLM\...\{C61177FD-37C4-4C5F-BE6C-E04A8AC399B6}) (Version: 1.2.57 - Green Eclipse)
Free NaturalReader (HKLM\...\{1F2DF2C6-08F7-40BD-8E85-D16CB436E7F0}) (Version: 9.0 - NaturalSoft Limited)
FreeMind (HKLM\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.8.1 - )
Funmoods (HKLM\...\funmoods) (Version:  - Volonet Ltd)
GIMP 2.6.10 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.10 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Quick Search Box (HKLM\...\Quick Search Box) (Version: 1.2.1151.245 - Google, Inc.)
Google SketchUp 7 (HKLM\...\{597E70FF-7C46-4EED-8092-91B7C2E0529D}) (Version: 2.1.6860 - Google, Inc.)
Google Talk Plugin (HKLM\...\{2A83AD05-56E6-3FBD-8752-B4143162EF59}) (Version: 4.9.1.16010 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4601.54 - Google Inc.)
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.22.3 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
HP SetRefresh (HKLM\...\{F5242227-2051-4158-AC42-0F2BAA3CD3D6}) (Version: 1.2.1.3 - Hewlett-Packard Company)
Icon Restore 1.0 (HKLM\...\Icon Restore_is1) (Version:  - Tim Taylor)
Immune Attack (HKLM\...\{C541157F-6CE9-4DD5-A67A-CE9ADB916ED9}) (Version: 1.01.0000 - Escape Hatch Entertainment, LLC)
Inkscape 0.47 (HKLM\...\Inkscape) (Version: 0.47 - )
Intel® Extreme Graphics Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version:  - )
Intel® PRO Network Adapters and Drivers (HKLM\...\PROSet) (Version:  - )
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 21 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.210 - Oracle)
L&H TTS3000 Español (HKLM\...\LHTTSSPE) (Version:  - )
LAME v3.98.3 for Audacity (HKLM\...\LAME for Audacity_is1) (Version:  - )
Magic Flute 2.1 (HKLM\...\Magic Flute 2.1_is1) (Version:  - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2416447) (HKLM\...\M2416447) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Math 3.0 (HKLM\...\{07043840-8EBE-4287-85D8-8EC76D88B906}) (Version: 2007 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM\...\{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
Microsoft Office Basic 2007 (HKLM\...\BASICR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 2.0.657.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version:  - )
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox (3.6.16) (HKLM\...\Mozilla Firefox (3.6.16)) (Version: 3.6.16 (en-US) - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MuseScore 0.9.6.1 MuseScore score typesetter (HKLM\...\MuseScore) (Version: 0.9.6.1 - Werner Schweer and Others)
Nutcracker Game 2.3 (HKLM\...\Nutcracker Game 2.3_is1) (Version:  - )
OGA Notifier 2.0.0048.0 (HKLM\...\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}) (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenOffice.org 3.2 (HKLM\...\{5A13987D-55F4-4271-A40E-76AC9B1B38FD}) (Version: 3.2.9502 - OpenOffice.org)
PC Speed Up - Complete uninstall (HKLM\...\PCSU-SL_is1) (Version: 2.1.5 - Speedchecker Limited)
PCSpeedUp Application (HKCU\...\1631818500.www.pcspeedup.com) (Version:  - www.pcspeedup.com)

Picasa 3 (HKLM\...\Picasa 3) (Version: 3.6 - Google, Inc.)
PricePeep (HKLM\...\PricePeep) (Version: 2.1.355.0 - betwikx LLC)
Productivity Programs (HKLM\...\{C79529D5-58F2-43CD-960D-C62BDC47F06F}) (Version: 1.0.0 - Microsoft)
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Resilient Planet Game (HKLM\...\Resilient Planet Game) (Version:  - )
Scratch (HKLM\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
Shopping Sidekick (HKLM\...\Shopping Sidekick) (Version: 1.24.151.151 - 215 Apps)
Super Star Language Arts Review 3a - Advanced Level (HKLM\...\{134598AA-6449-4D46-881D-7F5E858E2121}) (Version: 1.0.0 - Help Me 2 Learn Company)
tazti (HKLM\...\{3B23DF51-DB1D-4083-BC33-672B5FC424C5}) (Version: 2.5.0.0 - Voice Tech Group, Inc.)
Tenda Wireless LAN Card (HKLM\...\{30575C28-305D-4032-B2CC-41A8291D7B82}) (Version: 1.0.0.0 - Tenda)
The Internet and the World Wide Web (HKLM\...\{5CBEC8A5-7463-45A6-9C1E-890A3854BE39}) (Version: 1.0.0 - Microsoft)
TuneUp Companion 2.2.7 (HKLM\...\TuneUpMedia) (Version: 2.2.7 - TuneUp Media, Inc.)
Tux of Math Command (remove only) (HKLM\...\TuxMath) (Version:  - )
Uniblue DriverScanner (HKLM\...\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1) (Version: 4.0.1.6 - Uniblue Systems Ltd)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Funmoods (HKCU\...\Funmoods) (Version:  - Update for Funmoods)
Update for Outlook 2007 Junk Email Filter (KB2536413) (HKLM\...\{91120000-0013-0000-0000-0000000FF1CE}_BASICR_{95DF5260-331D-4FFD-A2D5-C64164751945}) (Version:  - Microsoft)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Virtual Magnifying Glass v3.4 (HKLM\...\Virtual Magnifying Glass_is1) (Version:  - )
VLC media player 1.1.2 (HKLM\...\VLC media player) (Version: 1.1.2 - VideoLAN)
Wajam (HKLM\...\Wajam) (Version: 1.50 - Wajam)
WebbIE and Accessible Programs (HKLM\...\{C8735054-1960-402A-BDF3-C6B4DC29E75C}) (Version: 3.106.0.0 - Alasdair King)
WebFldrs XP (HKLM\...\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - )
Yontoo Layers 1.10.01 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.01 - )

========================= Memory info: ===================================
Percentage of memory in use: 59%
Total physical RAM: 1015.48 MB
Available physical RAM: 408.15 MB
Total Virtual: 1675.63 MB
Available Virtual: 1200.93 MB

========================= Partitions: =====================================
2 Drive c: () (Fixed) (Total:153.38 GB) (Free:117.78 GB) NTFS
4 Drive e: () (Removable) (Total:7.49 GB) (Free:0.42 GB) FAT32

========================= Users: ========================================
User accounts for \\COMPUTER-A6B3E2

Administrator            Guest                    HelpAssistant            
kmo2cute4u            Nizzle718                SUPPORT_388945a0         


**** End of log ****

Attached Files


Edited by hamluis, 20 December 2015 - 06:31 PM.


#4 hitpro

hitpro
  • Topic Starter

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:01:39 PM

Posted 20 December 2015 - 05:18 PM

sorry, i've been outta town for a little while.

 

with that said, do you have any opinions on the post? and any recommendations for the next step?



#5 hamluis

hamluis

    Moderator


  • Moderator
  • 55,247 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:01:39 PM

Posted 20 December 2015 - 06:33 PM

The apology is mine...I missed your inputs from 2 weeks ago and that should not have happened.

 

Appears to me that you have possible  malware issues...I am moving this topic to Am I Infected for a check.

 

Louis



#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:39 PM

Posted 22 December 2015 - 02:07 PM

Adware Cleaner Scan.

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

 

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.
  •  

Adware Removal Tool Scan.

 

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

 

 

LOr0Gd7.png

 

Hit Ok.

 

sYFsqHx.png

 

Hit next make sure to leave all items checked, for removal.

 

8NcZjGc.png

 

 

The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

 

ZHP Scan.

Please download Zhp Cleaner  to your desktop.  Right Click the icon and select run as administrator.

 http://nicolascoolman.com/download/zhpcleaner

 

 

2. Once you have started the program, you will need to click the scanner button.

EgsT69u.png

The program will close all open browsers!

3. Once the scan is completed, the you will want to click the Repair button.

6QJjV50.png

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 Zemana Scan

 

 

Run a full scan with Zemana AntiMalware!

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply.



#7 hitpro

hitpro
  • Topic Starter

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:01:39 PM

Posted 24 January 2016 - 02:06 PM

good afternoon. i know it's been a while and i hope it's not too late to post the logs, but here they are:

 

ADWARE CLEANER SCAN:

 

# AdwCleaner v5.027 - Logfile created 23/01/2016 at 12:57:04
# Updated 30/12/2015 by Xplode
# Database : 2015-12-30.1 [Local]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : kmo2cute4u - COMPUTER-A6B3E2
# Running from : C:\Documents and Settings\kmo2cute4u\Desktop\adwcleaner_5.027.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : pcsuservice
Service Found : WajamUpdater
Service Found : YahooAUService

***** [ Folders ] *****

Folder Found : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Found : C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
Folder Found : C:\Documents and Settings\All Users\Start Menu\Programs\pc speed up
Folder Found : C:\Documents and Settings\All Users\Start Menu\Programs\Uniblue
Folder Found : C:\Documents and Settings\Guest\Application Data\OpenCandy
Folder Found : C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\Extensions\crossriderapp5058@crossrider.com
Folder Found : C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\Extensions\crossriderapp5058@crossrider.com
Folder Found : C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Folder Found : C:\Documents and Settings\kmo2cute4u\Application Data\Funmoods
Folder Found : C:\Documents and Settings\kmo2cute4u\Application Data\OpenCandy
Folder Found : C:\Documents and Settings\kmo2cute4u\Application Data\Uniblue
Folder Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\OpenCandy
Folder Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Wajam
Folder Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Shopping Sidekick
Folder Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Folder Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Folder Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Folder Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nllafhekklanfkimibokomlmidmcmaoi
Folder Found : C:\Documents and Settings\kmo2cute4u\Start Menu\Programs\Wajam
Folder Found : C:\Documents and Settings\Nizzle718\Application Data\Funmoods
Folder Found : C:\Documents and Settings\Nizzle718\Application Data\OpenCandy
Folder Found : C:\Documents and Settings\Nizzle718\Application Data\Yahoo!\Companion
Folder Found : C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\Extensions\plugin@yontoo.com
Folder Found : C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\Extensions\crossriderapp5058@crossrider.com
Folder Found : C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\Extensions\crossriderapp5058@crossrider.com
Folder Found : C:\Documents and Settings\Nizzle718\Local Settings\Application Data\OpenCandy
Folder Found : C:\Documents and Settings\Nizzle718\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Folder Found : C:\Program Files\Funmoods
Folder Found : C:\Program Files\pc speed up
Folder Found : C:\Program Files\PricePeep
Folder Found : C:\Program Files\Uniblue
Folder Found : C:\Program Files\Wajam
Folder Found : C:\Program Files\Yontoo Layers
Folder Found : C:\Program Files\Yahoo!\Companion
Folder Found : C:\Program Files\Shopping Sidekick
Folder Found : C:\Program Files\GuffinsEI
Folder Found : C:\Program Files\Common Files\Software Update Utility

***** [ Files ] *****

File Found : C:\END
File Found : C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Found : C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Found : C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Found : C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Found : C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_zwinky.dl.tb.ask.com_0.localstorage
File Found : C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_zwinky.dl.tb.ask.com_0.localstorage-journal
File Found : C:\Documents and Settings\kmo2cute4u\Application Data\Microsoft\Internet Explorer\Quick Launch\driverscanner.lnk
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\funmoods.crx
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\funmoods-speeddial_sf.crx
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage-journal
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage-journal
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\cjpglkicenollcignonpgiafdgfeehoj
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jpmbfleldcgkldadpdinhjjopdfpjfjp_0.localstorage
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jpmbfleldcgkldadpdinhjjopdfpjfjp_0.localstorage-journal
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage-journal
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nllafhekklanfkimibokomlmidmcmaoi_0.localstorage
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nllafhekklanfkimibokomlmidmcmaoi_0.localstorage-journal
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\chrome-extension_nllafhekklanfkimibokomlmidmcmaoi_0
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage-journal
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\local storage\hxxp_www.metrolyrics.com_0.localstorage
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\local storage\hxxp_www.metrolyrics.com_0.localstorage-journal
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage-journal
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage-journal
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Found : C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Found : C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\searchplugins\Askcom.xml
File Found : C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\user.js
File Found : C:\Documents and Settings\Nizzle718\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage
File Found : C:\Documents and Settings\Nizzle718\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage-journal
File Found : C:\Documents and Settings\Nizzle718\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage
File Found : C:\Documents and Settings\Nizzle718\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage-journal
File Found : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
File Found : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
File Found : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
File Found : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt

***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

Task Found : driverscanner

***** [ Registry ] *****

Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [DriverScanner]
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\PricePeep.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\SOFTWARE\Classes\driverscanner
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Key Found : HKLM\SOFTWARE\Classes\f
Key Found : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Key Found : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Key Found : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Key Found : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Found : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho
Key Found : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho.1
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Found : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Found : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Found : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Found : HKLM\SOFTWARE\Classes\PCSU.Registry
Key Found : HKLM\SOFTWARE\Classes\PCSU.SysUtils
Key Found : HKLM\SOFTWARE\Classes\PCSU.SysUtils.1
Key Found : HKLM\SOFTWARE\Classes\PCSU.Registry.1
Key Found : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
Key Found : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0005058.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0005058.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0005058.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0005058.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Found : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011501158}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022502258}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Found : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505558}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506658}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3157E247-2784-4028-BF0F-52D6DDC70E1B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044504458}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501158}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501158}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501158}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501158}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D22421A9-9464-4365-AE9B-D4AD70B99924}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501158}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49a32f81-0ba1-4b43-856c-9a61425e5bf1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d22421a9-9464-4365-ae9b-d4ad70b99924}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\Crossrider
Key Found : HKCU\Software\Funmoods
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Speedchecker Limited
Key Found : HKCU\Software\Wajam
Key Found : HKCU\Software\wscontb
Key Found : HKCU\Software\Shopping Sidekick
Key Found : HKCU\Software\Shopping Sidekick
Key Found : HKCU\Software\AppDataLow\Software\PricePeep
Key Found : HKLM\SOFTWARE\Funmoods
Key Found : HKLM\SOFTWARE\InstallCore
Key Found : HKLM\SOFTWARE\Tarma Installer
Key Found : HKLM\SOFTWARE\Uniblue
Key Found : HKLM\SOFTWARE\Uniblue\DriverScanner
Key Found : HKLM\SOFTWARE\Wajam
Key Found : HKLM\SOFTWARE\Yahoo\Companion
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shopping Sidekick
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shopping Sidekick
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PCSU-SL_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PricePeep
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Companion
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AIM Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Shopping Sidekick
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Shopping Sidekick
Key Found : HKU\.DEFAULT\Software\Wajam
Key Found : HKU\.DEFAULT\Software\Shopping Sidekick
Key Found : HKU\.DEFAULT\Software\Shopping Sidekick
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\PricePeep
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8D4C6FFC-511F-46E7-A145-5A8EE42BA915}

***** [ Web browsers ] *****

[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("aol_toolbar.surf.date", "159");
[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("aol_toolbar.surf.lastDate", "27");
[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("aol_toolbar.surf.lastMonth", "2");
[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("aol_toolbar.surf.lastYear", "2011");
[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("aol_toolbar.surf.month", "4256");
[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("aol_toolbar.surf.prevMonth", "4451");
[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("aol_toolbar.surf.total", "27328");
[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("aol_toolbar.surf.week", "159");
[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("aol_toolbar.surf.year", "15984");
[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("browser.search.defaulturl", "hxxp://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us&tb_uuid=20101113181538312&tb_oid=13-11-2010&tb_mrud=13-11-2[...]
[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("browser.search.order.1", "Ask.com");
[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("browser.search.selectedEngine", "Ask.com");
[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("extensions.Guffins.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensearch.jhtml?id=YJYYYYYYYYUS&ptb=18DC01F5-471F-446D-B60F-B0F0EFEC9850&ind=2010110701&osp=mws&ptnrS=YJYYYYYY[...]
[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("extensions.enabledItems", "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,jqs@sun.com:1.0,toolbar@ask.com:3.11.3.15590,{c2f863cd-0429-48c7-bb54-db756a951760}:5.96.10.6102,{AE93811A-5C9A-4d34-[...]
[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("extentions.y2layers.installId", "faeb0b00-90c8-4356-9ddc-2083d53770d1");
[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("keyword.URL",  "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=FWV5&o=14193&locale=en_US&apn_uid=E7DAF731-6254-496A-83CC-7651750F3A4D&apn_ptnrs=FM&apn_sauid=03CFFA8A-286B-4508-9B87-A[...]
[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("browser.search.defaultengine", "Ask.com");
[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("browser.search.defaultenginename", "Ask.com");
[C:\Documents and Settings\Nizzle718\Application Data\Mozilla\Firefox\Profiles\782o0ifn.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.adsOldValue", -1);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossrider.bic", "13e4dcaf965b39872ad9262b0da10d24");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.InstallationTime", 1367104748);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.active", true);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.addressbar", "");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.addressbarenhanced", "");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.backgroundjs", "\n\n//\n");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.backgroundver", 43);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.can_run_bg_code", true);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.certdomaininstaller", "");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.changeprevious", false);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie.InstallationTime.value", "1367104748");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_aoi.value", "1367104748");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_country_code.expiration", "Mon Aug 26 2013 21:08:30 GMT-0400 (Eastern Daylight Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_country_code.value", "%22US%22");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_crr.value", "1377204302");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_currenttime.value", "%221372075137%22");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_hotfix20111102645.value", "%221%22");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_ib_delay.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_ib_delay.value", "24");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_ib_disclosure.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_ib_disclosure.value", "1373842659");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%220%22%2C%22sub_id%22%3A%220%22%2C%22uzid%22%3A%220%22%7D");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_installtime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_installtime.value", "%221366222621%22");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_parent_zoneid.value", "%2214019%22");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_pc_20120828.value", "1367104800254");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_product_id.value", "%221222%22");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie._GPL_zoneid.value", "%22178316%22");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.cookie.dbtest.value", "1367104770309");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.description", "Shopping Sidekick");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.domain", "");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.enablesearch", false);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.fbremoteurl", "");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.group", 0);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.homepage", "");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.iframe", false);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_appVer.value", "92");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_lastVersion.value", "0");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_meta.value", "%7B%7D");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_nextCheck.expiration", "Thu Aug 22 2013 22:45:02 GMT-0400 (Eastern Daylight Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_nextCheck.value", "true");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Standard Time)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.internaldb.Resources_queue.value", "%7B%7D");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.started||_GPL_PLUGIN.prepare({pid:1222,baseCDN:\"shoppingside-a.akamaihd.n[...]
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.manifesturl", "");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.name", "Shopping Sidekick");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.newtab", "");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.opensearch", "");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return appAPI.appInfo.id;}else{return appAPI.appID;}}};$jquery.exte[...]
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_1.name", "base");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_1.ver", 6);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=function( B){if(void 0===this||null===this)throw new TypeError;var c=Object[...]
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_1000014.ver", 16);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_1000015.code", "var a=appAPI.db.getList(),cf_ran=!1,_GPL_BG={vars:{},rules:{},started:!1,allowed:!1,log:function( B){console.log( B)},factor:1[...]
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_1000015.name", "GPL Background (BG)");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_1000015.ver", 39);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSelection){return window.getSelection();}else{if(document.get[...]
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_13.name", "CrossriderAppUtils");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_13.ver", 3);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={};}var CR__bIsIEWindow=false;if(typeof window!==\"undefined\"&&typeof window.navigator[...]
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_14.name", "CrossriderUtils");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_14.ver", 8);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _firefoxVersion!==\"undefined\"&&_firefoxVersion>14)&&type[...]
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_16.name", "FFAppAPIWrapper");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_16.ver", 9);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * hxxp://jquery.com/\n *\n * Copyright 2010, John [...]
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_17.name", "jQuery");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_17.ver", 4);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.appID(),url:appAPI._cr_config.debug_app};return h.Class.ex[...]
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_21.name", "debug");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_21.ver", 4);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function( B){this.queue.push( B);}};appAPI.ready=function(c, B){a.when.apply(nul[...]
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_22.name", "resources");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_22.ver", 4);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_config.appID()},b,g=new e.Deferred(),f;return e.Class.extend[...]
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_28.name", "initializer");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_28.ver", 3);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_4.code", "var jQuery = $jquery_171 = $jquery = null;\n\nif (document && typeof document.getElementById !== \"undefined\") {\n\n/*! jQuery v1[...]
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_4.name", "jquery_1_7_1");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_4.ver", 4);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());var CrossRiderResourcesManager=(function(){var C={appId:([...]
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_47.name", "resources_background");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_47.ver", 3);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPTY_CHANNEL__\";var d=function(j){return(typeof j===\"object\"&&j!==null);};var b=function(j){return(![...]
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_64.name", "appApiMessage");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_64.ver", 2);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var d={WRONG_STRICT_VALUE:\"Parameter %PARAM_NAME% value is not supp[...]
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_72.name", "appApiValidation");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_72.ver", 3);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof navigator!==\"undefined\"&&typeof navigator.userAgent!==\"undefined\"){(functi[...]
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_78.name", "CrossriderInfo");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_78.ver", 3);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_98.code", "(function(){var b=\"cr_\"+appAPI.appID+\"internalMessage\";var a=function(){var d=function(g){if(g===true){unsafeWindow.appAPI=ap[...]
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_98.name", "omniCommands");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins.plugin_98.ver", 2);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins_lists.plugins_0", "4,14,78,16,64,47,72,98,1000015");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,72,98,1000014,28");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/5058/plugins/091/ff/plugins.json");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.pluginsversion", 67);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.publisher", "Innovative Apps");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.searchstatus", 0);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.setnewtab", false);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.settingsurl", "");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.thankyou", "");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.updateinterval", 360);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.5058.ver", 92);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.adsOldValue", -1);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.apps", "5058");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.bic", "13e4dcaf965b39872ad9262b0da10d24");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.cid", 5058);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.firstrun", false);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.hadappinstalled", true);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.installationdate", 1367104748);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.lastcheck", 22949348);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.lastcheckitem", 22949348);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.modetype", "production");
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.reportInstall", true);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.crossriderapp5058.statsDailyCounter", 4);
[C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\pw1u3o7f.default\prefs.js] [Preference] Found : user_pref("extensions.enabledAddons", "crossriderapp5058@crossrider.com:0.91.84,{972ce4c6-7e08-4474-a285-3208198ce6fd}:11.0");
[C:\Documents and Settings\Nizzle718\Local Settings\Application Data\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Documents and Settings\Nizzle718\Local Settings\Application Data\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
[C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : funmoods.com
[C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
[C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [63291 bytes] ##########

 

 

 

JRT scan:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Microsoft Windows XP x86
Ran by kmo2cute4u (Administrator) on Sat 01/23/2016 at 13:18:23.84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 10

Successfully deleted: C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal (File)
Successfully deleted: C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage (File)
Successfully deleted: C:\Program Files\mozilla firefox\defaults\pref\itms.js (File)
Successfully deleted: C:\WINDOWS\Tasks\At1.job (Task)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\01K989I5 (Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\8R4TOD29 (Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\AB07EFGB (Folder)
Successfully deleted: C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\UAZCYT94 (Folder)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERSCANNER.EXE-2EA552D6.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\GOOGLETOOLBARNOTIFIER.EXE-3629C61D.pf (File)



Registry: 14

Successfully deleted: HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (Registry Key)
Successfully deleted: HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj (Registry Key)
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (Registry Key)
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj (Registry Key)
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp (Registry Key)
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb (Registry Key)
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8D4C6FFC-511F-46E7-A145-5A8EE42BA915} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/23/2016 at 13:22:00.21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

ADWARE REMOVAL TOOL scan:

 

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Adware Removal Tool v4.1
Time: 2016_01_23_23_32_44
OS: Microsoft Windows XP - x86 Bit
Account Name: kmo2cute4u
Adware Definition: Adware Definition: 01-22-2016-1
Repair Status:- Automatic Done
\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

Deleted ->> File ->> C:\program files\Google\Google SketchUp 7\Materials\Colors-Named\0129_WhiteSmoke.skm

Deleted ->> File ->> C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.smilebox.com_0.localstorage

Deleted ->> File ->> C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_www.smilebox.com_0.localstorage-journal

Deleted ->> File ->> C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TQE3NXZ8\smilebox.com\smilebox_clientproperties.sol

Deleted ->> File ->> C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TQE3NXZ8\smilebox.com\smilebox_webproperties.sol

Deleted ->> Folder ->> C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\TQE3NXZ8\smilebox.com

Deleted ->> Registry Value Data ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\ShellNoRoam\MUICache\ ->> @C:\Program Files\NetMeeting\conf.exe,-12346 : SpeedDial

Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30E7F2A0-EC4C-11ce-8865-00805F742EF6}\ ->>  : SpeedDial

Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ConferenceLink\ ->>  : SpeedDial

Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\imesh

Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\imesh

Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\imesh

Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\imesh

 

 

 

ZHP scan:

 

~ ZHPCleaner v2016.1.1.1 by Nicolas Coolman (2016/01/01)
~ Run by kmo2cute4u (Administrator)  (23/01/2016 13:45:20)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : No network file
~ Type : Repair
~ Report : C:\Documents and Settings\kmo2cute4u\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Documents and Settings\kmo2cute4u\Application Data\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows XP, 32-bit Service Pack 3 (Build 2600)


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (0)
~ No malicious or unnecessary items found.


---\\  Hosts file (0)
~ No malicious or unnecessary items found.


---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\  Explorer ( File, Folder) (6)
MOVED file: C:\Documents and Settings\kmo2cute4u\Local Settings\Temp\Tsu785F3C3B.dll [Tarma Software Research Pty Ltd - Tarma® InstallMate Setup Library]  =>PUP.Optional.Tarma
MOVED file: C:\Documents and Settings\kmo2cute4u\Local Settings\Temp\{90255563-C676-CB21-29CA-8E544BC67795}\Setup.exe [Tarma Software Research Pty Ltd - Tarma® InstallMate Setup]  =>PUP.Optional.Tarma
MOVED file: C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage    =>PUP.Optional.Generic
MOVED file: C:\Documents and Settings\kmo2cute4u\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal    =>PUP.Optional.Generic
MOVED file: C:\Documents and Settings\kmo2cute4u\Local Settings\Temp\etilqs_j1T17W3QvOdPskm    =>PUP.Optional.Qvod
MOVED folder: C:\Documents and Settings\All Users\Application Data\InstallMate  =>PUP.Optional.Tarma


---\\  Registry ( Key, Value, Data) (39)
DELETED data: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\\Application [Bad : http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s]  =>Hijacker.Association
DELETED data: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\\Intl [Bad : http://shell.windows.com/fileassoc/fileassoc.asp?LangID=%04x&Ext=%s]  =>Hijacker.Association
DELETED key*: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501158} []  =>PUP.Optional.CrossRider
DELETED key*: HKEY_USERS\S-1-5-21-1530114197-1001010265-905372005-1008\SOFTWARE\Crossrider []  =>PUP.Optional.CrossRider
DELETED key*: HKEY_USERS\S-1-5-21-1530114197-1001010265-905372005-1008\SOFTWARE\Cr_Installer []  =>PUP.Optional.CrossRider
DELETED key*: HKEY_USERS\S-1-5-21-1530114197-1001010265-905372005-1008\SOFTWARE\Funmoods []  =>PUP.Optional.Funmoods
DELETED key*: HKEY_USERS\S-1-5-21-1530114197-1001010265-905372005-1008\SOFTWARE\InstallCore []  =>Adware.InstallCore
DELETED key*: HKEY_USERS\S-1-5-21-1530114197-1001010265-905372005-1008\SOFTWARE\InstalledBrowserExtensions []  =>PUP.Optional.BrowserExtensions
DELETED key*: HKEY_USERS\S-1-5-21-1530114197-1001010265-905372005-1008\SOFTWARE\Softonic []  =>PUP.Optional.Softonic
DELETED key*: HKEY_USERS\S-1-5-21-1530114197-1001010265-905372005-1008\SOFTWARE\Speedchecker Limited []  =>PUP.Optional.InternetSpeedChecker
DELETED key*: HKEY_USERS\S-1-5-21-1530114197-1001010265-905372005-1008\SOFTWARE\Wajam []  =>PUP.Optional.Multiplug
DELETED key*: HKEY_USERS\.DEFAULT\Software\Wajam []  =>PUP.Optional.Multiplug
DELETED key*: HKEY_USERS\.DEFAULT\Software\AppDataLow\Software\PricePeep []  =>PUP.Optional.PricePeep
DELETED key: HKCU\Software\Crossrider []  =>PUP.Optional.CrossRider
DELETED key: HKCU\Software\Cr_Installer []  =>PUP.Optional.CrossRider
DELETED key: HKCU\Software\Funmoods []  =>PUP.Optional.Funmoods
DELETED key: HKCU\Software\InstallCore []  =>Adware.InstallCore
DELETED key: HKCU\Software\InstalledBrowserExtensions []  =>PUP.Optional.BrowserExtensions
DELETED key: HKCU\Software\Softonic []  =>PUP.Optional.Softonic
DELETED key: HKCU\Software\Speedchecker Limited []  =>PUP.Optional.InternetSpeedChecker
DELETED key: HKCU\Software\Wajam []  =>PUP.Optional.Multiplug
DELETED key*: HKCU\Software\AppDataLow\Software\PricePeep []  =>PUP.Optional.PricePeep
DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods [Update for Funmoods]  =>PUP.Optional.Funmoods
DELETED key*: HKLM\SOFTWARE\Funmoods []  =>PUP.Optional.Funmoods
DELETED key*: HKLM\SOFTWARE\InstallCore []  =>Adware.InstallCore
DELETED key*: HKLM\SOFTWARE\Tarma Installer []  =>PUP.Optional.Tarma
DELETED key*: HKLM\SOFTWARE\Uniblue []  =>.Superfluous.Uniblue
DELETED key*: HKLM\SOFTWARE\Wajam []  =>PUP.Optional.Multiplug
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\funmoods [Volonet Ltd]  =>PUP.Optional.Funmoods
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1 [Speedchecker Limited]  =>PUP.Optional.InternetSpeedChecker
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep [betwikx LLC]  =>PUP.Optional.PricePeep
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shopping Sidekick [215 Apps]  =>PUP.Optional.VidSaver
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam [Wajam]  =>PUP.Optional.Multiplug
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} [Yontoo Layers 1.10.01]  =>PUP.Optional.Yontoo
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1 [Uniblue Systems Ltd]  =>.Superfluous.Uniblue
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\funmoods []  =>PUP.Optional.Funmoods
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PricePeep []  =>PUP.Optional.PricePeep
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam []  =>PUP.Optional.Multiplug
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01262952674A792449A783D0C0A0C2EE [C:\Program Files\Google\Google SketchUp 7\Materials\Colors-Named\0129_WhiteSmoke.skm]  =>PUP.Optional.WhiteSmoke


---\\  Summary of the elements found (16)
http://www.nicolascoolman.fr/?p=259  =>PUP.Optional.Tarma
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.Generic
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.Qvod
http://www.nicolascoolman.fr/?p=4664  =>Hijacker.Association
http://www.nicolascoolman.fr/?p=180  =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/?p=362  =>PUP.Optional.Funmoods
http://www.nicolascoolman.fr/?p=279  =>Adware.InstallCore
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.BrowserExtensions
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.Softonic
http://www.nicolascoolman.fr/pup-internetspeedchecker/  =>PUP.Optional.InternetSpeedChecker
http://www.nicolascoolman.fr/?p=1402  =>PUP.Optional.Multiplug
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.PricePeep
http://www.nicolascoolman.fr/?p=4664  =>.Superfluous.Uniblue
http://www.nicolascoolman.fr/?p=251  =>PUP.Optional.VidSaver
http://www.nicolascoolman.fr/?p=185  =>PUP.Optional.Yontoo
http://www.nicolascoolman.fr/?p=318  =>PUP.Optional.WhiteSmoke


---\\  Other deletions. (20)
~ Registry Keys Tracing deleted (20)
~ Remove the old reports ZHPCleaner. (0)


---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 4766
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 45


~ End of clean in 00h00mn52s
===================
ZHPCleaner-[R]-23012016-13_46_12.txt
ZHPCleaner-[S]-23012016-13_44_34.txt

 

 

 

ZEMANA scan:

 

Zemana AntiMalware 2.19.2.844 (Installed)

-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2016/1/24
Operating System       : Windows XP 32-bit
Processor              : 1X  Intel® Pentium® 4 CPU 2.00GHz
BIOS Mode              : Legacy
CUID                   : 00C0DFD8CAE3C44C00D3E8
Scan Type              : Deep Scan
Duration               : 42m 19s
Scanned Objects        : 96892
Detected Objects       : 74
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : Yes
Include All Extensions : No
Scan Documents         : No
Domain Info            : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Hosts File
Status             : Scanned
Object             : %systemroot%\system32\drivers\etc\hosts
MD5                : 922D917AE6744411F414471ADD577103
Publisher          : -
Size               : 433904
Version            : -
Detection          : Hosts Hijack
Cleaning Action    : Repair
Traces             :
                Hosts file - 127.0.0.1 - firefox.com
                File - %systemroot%\system32\drivers\etc\hosts

ICReinstall_PDFCreatorSetup.exe
Status             : Scanned
Object             : %userprofile%\local settings\temp\icreinstall_pdfcreatorsetup.exe
MD5                : 9751C5C86FACF9399DD72F8E5C287061
Publisher          : Click run software
Size               : 616720
Version            : 3.1.0.0
Detection          : Adware:Win32/OutBrowse!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\local settings\temp\icreinstall_pdfcreatorsetup.exe
                Reference - C:\Documents and Settings\kmo2cute4u\Desktop\Continue PDF Creator Installation.lnk

A0401617.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401617.dll
MD5                : 37186DF22DE45889DD7640EB362765FD
Publisher          : Excellent Apps
Size               : 237960
Version            : -
Detection          : Adware:Win32/BulkHeur.c696b7!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401617.dll

A0401623.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401623.exe
MD5                : 999E56508476D0F0FD2D3534E96A723E
Publisher          : -
Size               : 450529
Version            : 1.24.151.151
Detection          : Adware:Win32/CrossRider!Sig
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401623.exe

A0401620.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401620.exe
MD5                : A4D222108D8D2B5331950277A201336E
Publisher          : Excellent Apps
Size               : 949128
Version            : 1.0.0.1
Detection          : Adware:Win32/BulkHeur.c696b7!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401620.exe

A0401619.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401619.dll
MD5                : 23A70C384DE5A26FAFE14C8D8C8CA2F6
Publisher          : Excellent Apps
Size               : 617352
Version            : 1.0.0.1
Detection          : Adware:Win32/BulkHeur.c696b7!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401619.dll

A0401618.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401618.exe
MD5                : A4D222108D8D2B5331950277A201336E
Publisher          : Excellent Apps
Size               : 949128
Version            : 1.0.0.1
Detection          : Adware:Win32/BulkHeur.c696b7!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401618.exe

A0401576.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401576.dll
MD5                : A998724F9BD5C836177BDBFFDD0CE00B
Publisher          : Uniblue Systems
Size               : 406888
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401576.dll

A0401572.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401572.exe
MD5                : C608A280C6D3C3747EA43259EF272BD5
Publisher          : Uniblue Systems
Size               : 13704
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401572.exe

A0401567.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401567.exe
MD5                : 98D7C3F58884D89D1F16F4F77BCD00EE
Publisher          : Uniblue Systems
Size               : 338296
Version            : 1.0.0.0
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401567.exe

A0401566.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401566.dll
MD5                : 0788B8DD8C4343215409652BD39BAACC
Publisher          : Uniblue Systems
Size               : 71016
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401566.dll

A0401565.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401565.exe
MD5                : ADDC9DE07C20FC5D96D8E006988EE312
Publisher          : Uniblue Systems
Size               : 25456
Version            : 4.0.1.6
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401565.exe

A0401564.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401564.exe
MD5                : 7F302FA883E75B7DA929E329C94615D2
Publisher          : Uniblue Systems
Size               : 25984
Version            : 4.0.1.6
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401564.exe

A0401563.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401563.exe
MD5                : 3B3C2BC6EC9528EE32402C4E6ECE1581
Publisher          : Uniblue Systems
Size               : 25464
Version            : 4.0.1.6
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401563.exe

A0401562.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401562.exe
MD5                : 0B14724F4869639B92CEF25F2CF72448
Publisher          : Uniblue Systems
Size               : 25464
Version            : 4.0.1.6
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401562.exe

A0401561.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401561.exe
MD5                : 2A4A70EA7630BE93758A5A328102D139
Publisher          : Uniblue Systems
Size               : 326504
Version            : 4.0.1.6
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401561.exe

A0401560.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401560.exe
MD5                : 4BBE311AF1F6937080077F1ADA622173
Publisher          : Uniblue Systems
Size               : 13192
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401560.exe

A0401559.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401559.dll
MD5                : 0B77E6E050C14BE848F6F3F596343424
Publisher          : Uniblue Systems
Size               : 18792
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401559.dll

A0401571.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401571.exe
MD5                : 3CB26660FDCFAC325F732704CF2A4EF3
Publisher          : Uniblue Systems
Size               : 1460024
Version            : 51.1051.0.0
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401571.exe

A0401600.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401600.dll
MD5                : 3F3F94AE613DDAB6E3B91122669A2F5E
Publisher          : -
Size               : 291328
Version            : 1.1.0.8
Detection          : Adware:Win32/WajamAdCash!Sig
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401600.dll

A0401597.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401597.exe
MD5                : B822DEF105B586F117746AD7BFD43A69
Publisher          : -
Size               : 466808
Version            : -
Detection          : Malware:Win32/Generic!Eaia
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401597.exe

A0401601.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401601.dll
MD5                : 4DA3B7BA41831643E9896B74D357F2B6
Publisher          : Yontoo Technology, Inc.
Size               : 194912
Version            : 1.10.1.0
Detection          : Adware:Win32/Yontoo!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401601.dll

A0401598.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401598.exe
MD5                : 4AA2CC5979AFF984227364F2C23B04F3
Publisher          : Wajam
Size               : 109064
Version            : 1.0.0.5
Detection          : Adware:Win32/WajamAdCash!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401598.exe

A0401596.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401596.exe
MD5                : 46F0CFB740C4BD4CE6D47355E27125B6
Publisher          : Wajam
Size               : 62928
Version            : 1.3.0.0
Detection          : Adware:Win32/WajamAdCash!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401596.exe

A0401595.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401595.dll
MD5                : 7079393960A4219CA4894A0A86BFF869
Publisher          : Uniblue Systems
Size               : 407400
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401595.dll

A0401594.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401594.dll
MD5                : 16FD8F17B6C1FF8BC387A08405A57C54
Publisher          : Uniblue Systems
Size               : 407400
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401594.dll

A0401593.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401593.dll
MD5                : 292B480BA0A1F652CFB1B9693DEDDEDB
Publisher          : Uniblue Systems
Size               : 407400
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401593.dll

A0401592.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401592.dll
MD5                : 8EFD9C0EF8A4AF468B112EBD2D4BC258
Publisher          : Uniblue Systems
Size               : 407400
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401592.dll

A0401591.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401591.dll
MD5                : 9CD2F8F0C874594F65987E0C2A562349
Publisher          : Uniblue Systems
Size               : 407400
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401591.dll

A0401590.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401590.dll
MD5                : FD20E771604FFC3254B0990266B398A9
Publisher          : Uniblue Systems
Size               : 407400
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401590.dll

A0401589.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401589.dll
MD5                : C901B4C18480E5E80B3A2023CEEB5251
Publisher          : Uniblue Systems
Size               : 407400
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401589.dll

A0401588.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401588.dll
MD5                : 177B79777A1CF44F6C97847827728C6A
Publisher          : Uniblue Systems
Size               : 407400
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401588.dll

A0401587.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401587.dll
MD5                : C1EB9C8F4C4FF4C161AB6A5D8E0CFBC6
Publisher          : Uniblue Systems
Size               : 407400
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401587.dll

A0401586.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401586.dll
MD5                : 9544CC124E256BED6920F3EEF66780C3
Publisher          : Uniblue Systems
Size               : 407400
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401586.dll

A0401585.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401585.dll
MD5                : E3641390930AC85E86D1DEBC5DE05374
Publisher          : Uniblue Systems
Size               : 407400
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401585.dll

A0401584.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401584.dll
MD5                : BA8C2E4D2D8E9769941CE47A85621AC2
Publisher          : Uniblue Systems
Size               : 407400
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401584.dll

A0401583.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401583.dll
MD5                : F68C7B42E9E0D832D4A9F7FC56DC47E6
Publisher          : Uniblue Systems
Size               : 407400
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401583.dll

A0401582.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401582.dll
MD5                : 86EC2D8071B489B45223175753F1B3CA
Publisher          : Uniblue Systems
Size               : 407400
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401582.dll

A0401581.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401581.dll
MD5                : 7A1C634EF8040F0BF336581BD7DAB493
Publisher          : Uniblue Systems
Size               : 407400
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401581.dll

A0401580.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401580.dll
MD5                : D78D623DDEDB383A95557CDBBC839897
Publisher          : Uniblue Systems
Size               : 407400
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401580.dll

A0401579.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401579.dll
MD5                : 3EF3A4547E12C3553C0312F867109EB1
Publisher          : Uniblue Systems
Size               : 407400
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401579.dll

A0401578.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401578.dll
MD5                : 1E101DED52AD5EFC3E2D186EB595B80B
Publisher          : Uniblue Systems
Size               : 407400
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401578.dll

A0401577.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401577.dll
MD5                : 136162B380067E6E5EB72E32F3189267
Publisher          : Uniblue Systems
Size               : 406888
Version            : -
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401577.dll

A0401557.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401557.dll
MD5                : EF2CB87EEE77E18DCE440E1CFD463B14
Publisher          : betwikx
Size               : 497008
Version            : 2.1.355.0
Detection          : Adware:Win32/Quarand!Keak
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401557.dll

A0401549.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401549.dll
MD5                : FF8B2121AAD6F54915C5444AD65E9A91
Publisher          : Volonet Ltd
Size               : 243664
Version            : 1.5.23.0
Detection          : Adware:Win32/Facemoods!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401549.dll

A0401546.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401546.exe
MD5                : C076C8E973DA52B34F79F646072E5868
Publisher          : Volonet Ltd
Size               : 410064
Version            : 1.5.23.0
Detection          : Adware:Win32/Facemoods!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401546.exe

A0401544.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401544.dll
MD5                : 337EA7BB94F14AA9FAA39059F3ABFDC0
Publisher          : Volonet Ltd
Size               : 64464
Version            : -
Detection          : Adware:Win32/Facemoods!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401544.dll

A0401543.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401543.dll
MD5                : 5C8CBD98A90E5B8007BE9E63720D38A5
Publisher          : Volonet Ltd
Size               : 551888
Version            : 1.5.23.0
Detection          : Adware:Win32/Facemoods!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401543.dll

A0401542.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401542.dll
MD5                : E31194CD38B2DA193D0130A1ABCED783
Publisher          : Volonet Ltd
Size               : 338384
Version            : 1.5.23.0
Detection          : Adware:Win32/Facemoods!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401542.dll

A0401536.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401536.exe
MD5                : 5816D8E01DC1DAAAA9DFB9DDAB586B43
Publisher          : OpenCandy Inc.
Size               : 1835840
Version            : -
Detection          : Adware:Win32/OpenCandy!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401536.exe

A0401530.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401530.exe
MD5                : A22C0B418957F3A45A8B885D2CFD081A
Publisher          : Uniblue Systems
Size               : 5845496
Version            : 4.0.1.6
Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401530.exe

A0401535.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401535.dll
MD5                : 7C3971FEDFA730CC52DDD6EA5214907F
Publisher          : OpenCandy Inc.
Size               : 73024
Version            : -
Detection          : Adware:Win32/OpenCandy!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401535.dll

A0401524.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401524.dll
MD5                : E598BC476764127909D94F5FBE9655F9
Publisher          : OpenCandy Inc.
Size               : 432456
Version            : 1.0.0.2
Detection          : Adware:Win32/OpenCandy!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401524.dll

A0401514.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401514.dll
MD5                : 8DE6CDFEC30D3CEBF7A8834B3BCB3507
Publisher          : -
Size               : 345088
Version            : -
Detection          : Adware:Win32/Bailoat.A!Kcrm
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401514.dll

A0401520.dll
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401520.dll
MD5                : 7D81144DEF5A66BF67AD713B6D42DDB0
Publisher          : OpenCandy Inc.
Size               : 725320
Version            : 3.2.2.200
Detection          : Adware:Win32/OpenCandy!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401520.dll

A0401523.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401523.exe
MD5                : 1077B01FB4C29EE464F9D2FC34D3B12F
Publisher          : OpenCandy Inc.
Size               : 2027576
Version            : -
Detection          : Adware:Win32/OpenCandy!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401523.exe

A0401522.exe
Status             : Scanned
Object             : %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401522.exe
MD5                : 3963F0F1083848D9D4C01CE69FD0096F
Publisher          : Visicom Media Inc.
Size               : 1558168
Version            : 1.0.0.20
Detection          : Adware:Win32/Visicom!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\system volume information\_restore{c9e1f23b-0228-4b93-9272-fde1460ad01e}\rp604\a0401522.exe

PDFCreatorSetup.exe
Status             : Scanned
Object             : %userprofile%\my documents\downloads\pdfcreatorsetup.exe
MD5                : 9751C5C86FACF9399DD72F8E5C287061
Publisher          : Click run software
Size               : 616720
Version            : 3.1.0.0
Detection          : Adware:Win32/OutBrowse!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\my documents\downloads\pdfcreatorsetup.exe
                Reference - C:\Documents and Settings\kmo2cute4u\Desktop\Continue PDF Creator Installation.lnk

FreeFontPack.exe
Status             : Scanned
Object             : %userprofile%\my documents\downloads\freefontpack.exe
MD5                : C613100815DB355666F649AC7DC7B5A9
Publisher          : Optimum Installer
Size               : 651048
Version            : 2.1.3.0
Detection          : Adware:Win32/AdsInstaller!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\my documents\downloads\freefontpack.exe

FastDownload.exe
Status             : Scanned
Object             : %userprofile%\my documents\downloads\fastdownload.exe
MD5                : F10F25489B98C91F80273B87C535E550
Publisher          : Natan Risman
Size               : 301496
Version            : 2012.11.8.1120
Detection          : Adware:Win32/InstalleRex
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\my documents\downloads\fastdownload.exe

_Setupx.dll
Status             : Scanned
Object             : %userprofile%\local settings\temp\{90255563-c676-cb21-29ca-8e544bc67795}\_setupx.dll
MD5                : 66E0D3CB3825B658880BE576875795BC
Publisher          : -
Size               : 43520
Version            : -
Detection          : Adware:Win32/InstalleRex
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\local settings\temp\{90255563-c676-cb21-29ca-8e544bc67795}\_setupx.dll

wstest.exe
Status             : Scanned
Object             : %userprofile%\local settings\temp\{90255563-c676-cb21-29ca-8e544bc67795}\addons\wstest.exe
MD5                : B25B68DD6DCCAF0A14ABAA69A8A2DB8C
Publisher          : -
Size               : 150016
Version            : -
Detection          : Adware:Win32/BrowserHijack.Gen
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\local settings\temp\{90255563-c676-cb21-29ca-8e544bc67795}\addons\wstest.exe

wxdownload_extension.exe
Status             : Scanned
Object             : %userprofile%\local settings\temp\{90255563-c676-cb21-29ca-8e544bc67795}\addons\wxdownload_extension.exe
MD5                : 5F208D2BCF4A1980F19C0063A13E9F63
Publisher          : -
Size               : 193211
Version            : 9.20.0.0
Detection          : Adware:Win32/Bailoat.A!Etkc
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\local settings\temp\{90255563-c676-cb21-29ca-8e544bc67795}\addons\wxdownload_extension.exe

SoftonicDownloader_for_microsoft-office-word-viewer.exe
Status             : Scanned
Object             : %userprofile%\local settings\temp\wxquk50f.tmp\softonicdownloader_for_microsoft-office-word-viewer.exe
MD5                : F86FF6CC9B180B1B2A2550312152B9F5
Publisher          : Softonic International
Size               : 319592
Version            : 1.32.3.0
Detection          : Adware:Win32/SoftonicBundle!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\local settings\temp\wxquk50f.tmp\softonicdownloader_for_microsoft-office-word-viewer.exe

ShopAtHome_Toolbar.exe
Status             : Scanned
Object             : %homedrive%\documents and settings\guest\my documents\downloads\shopathome_toolbar.exe
MD5                : CF8ED018FD09C246F3AB4C871DD504E4
Publisher          : ShopAtHome.com
Size               : 735336
Version            : 5.2.0.0
Detection          : Malware:Win32/Quarand!Rcei
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\documents and settings\guest\my documents\downloads\shopathome_toolbar.exe

MarkerFelt_downloader_by_Fonts101.exe
Status             : Scanned
Object             : %homedrive%\documents and settings\guest\my documents\downloads\markerfelt_downloader_by_fonts101.exe
MD5                : C27E36792650DF57AEB36F69311E82D8
Publisher          : Somoto Ltd.
Size               : 158168
Version            : 1.2.0.0
Detection          : Win32/Adware.Somoto!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\documents and settings\guest\my documents\downloads\markerfelt_downloader_by_fonts101.exe

fashion-victim.exe
Status             : Scanned
Object             : %homedrive%\documents and settings\guest\my documents\downloads\fashion-victim.exe
MD5                : 13787A050457A76B6537AAB1027A937F
Publisher          : The Scone Company, LLC
Size               : 662200
Version            : -
Detection          : Adware:Win32/OpenCandy
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\documents and settings\guest\my documents\downloads\fashion-victim.exe

MyBabylonTB_I.exe
Status             : Scanned
Object             : %homedrive%\documents and settings\guest\local settings\temp\mybabylontb_i.exe
MD5                : 4C5B611424EAE37680A97BFD0D2C135C
Publisher          : Babylon Ltd.
Size               : 935536
Version            : 9.0.3.21
Detection          : PUA:Win32/Babylon!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\documents and settings\guest\local settings\temp\mybabylontb_i.exe

OCSetupHlp.dll
Status             : Scanned
Object             : %homedrive%\documents and settings\guest\local settings\temp\nso1e.tmp\ocsetuphlp.dll
MD5                : 01E33FE798CB49ED230F635C40E09748
Publisher          : OpenCandy Inc.
Size               : 768328
Version            : 1.6.1.54
Detection          : Adware:Win32/OpenCandy!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\documents and settings\guest\local settings\temp\nso1e.tmp\ocsetuphlp.dll

OCSetupHlp.dll
Status             : Scanned
Object             : %homedrive%\documents and settings\guest\local settings\temp\nsrf.tmp\ocsetuphlp.dll
MD5                : F373F55E5418D53BB234A700B386A55D
Publisher          : OpenCandy Inc.
Size               : 768328
Version            : 1.6.1.54
Detection          : Adware:Win32/OpenCandy!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\documents and settings\guest\local settings\temp\nsrf.tmp\ocsetuphlp.dll

OCSetupHlp.dll
Status             : Scanned
Object             : %homedrive%\documents and settings\guest\local settings\temp\nsf14.tmp\ocsetuphlp.dll
MD5                : F373F55E5418D53BB234A700B386A55D
Publisher          : OpenCandy Inc.
Size               : 768328
Version            : 1.6.1.54
Detection          : Adware:Win32/OpenCandy!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\documents and settings\guest\local settings\temp\nsf14.tmp\ocsetuphlp.dll

OCSetupHlp.dll
Status             : Scanned
Object             : %homedrive%\documents and settings\guest\local settings\temp\nsfc.tmp\ocsetuphlp.dll
MD5                : F373F55E5418D53BB234A700B386A55D
Publisher          : OpenCandy Inc.
Size               : 768328
Version            : 1.6.1.54
Detection          : Adware:Win32/OpenCandy!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\documents and settings\guest\local settings\temp\nsfc.tmp\ocsetuphlp.dll

BetterInstaller.exe
Status             : Scanned
Object             : %homedrive%\documents and settings\guest\local settings\temp\betterinstaller.exe
MD5                : D79B88BAB3231EBEBD3C6505AB68CE56
Publisher          : -
Size               : 212480
Version            : 1.0.0.1
Detection          : Adware:Win32/Blackoat.A!Rark
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\documents and settings\guest\local settings\temp\betterinstaller.exe

AskSLib.dll
Status             : Scanned
Object             : %homedrive%\documents and settings\guest\local settings\temp\askslib.dll
MD5                : 016B4CB0F363E8563AE9D4C97189AE5D
Publisher          : Ask.com
Size               : 178568
Version            : 3.0.0.0
Detection          : Adware:Win32/AskBrowserHijack!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\documents and settings\guest\local settings\temp\askslib.dll


Cleaning Result
-------------------------------------------------------
Cleaned               : 74
Reported as safe      : 0
Failed                : 0

 



#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,821 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:09:39 PM

Posted 25 January 2016 - 06:55 AM

Hello,

Could you please tell me how your computer is running right now and what problems you still have left?


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#9 hitpro

hitpro
  • Topic Starter

  • Members
  • 119 posts
  • OFFLINE
  •  
  • Local time:01:39 PM

Posted 04 February 2016 - 11:09 PM

hi.

 

i would assume it's still running slow. she hasn't used the computer ever since we posted. i was awaiting further instruction based on my logs.



#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,821 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:09:39 PM

Posted 05 February 2016 - 03:27 AM

Yes, but those logs show me a fair bit of fixing was done, so normally this would mean the computer would be running better now. However i cannot see that from here, which is why I asked you about it. :)


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users