Facebook   Twitter   Google+   YouTube Get FREE Online Help Free Download IObit Products  

Go Back   IObit.Com Forums > IObit Security Software > Spyware-Malware Removal Help!
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Spyware-Malware Removal Help! A separate area dedicated to virus, spyware, rootkit and all other forms of malware removal.

Reply
 
Thread Tools Display Modes
  #1  
Old Sep. 23rd, 2012, 05:26
xelhaspixiestix xelhaspixiestix is offline
Junior Member
 
Join Date: 23 Sep 2012
Posts: 14
Default Spyhunter 4 won't Uninstall / Live Security Platinum / Help!

Very very very new. Um.

Trying to get rid of the Live Security Platinum virus, and downloaded Spyhunter 4. I think I have the virus gone, but now spyhunter 4 won't go away. I ran TFC, and DDS - I have the logs from DDS saved, but now I have no idea what to do.

To give you an idea, I am near to being a complete novice at this -- I just would like not to have to take my laptop somewhere and pay an arm and a leg to get it fixed.
Reply With Quote
  #2  
Old Sep. 23rd, 2012, 06:01
wozofoz's Avatar
wozofoz wozofoz is offline
Administrator
 
Join Date: 06 Apr 2009
Posts: 1,652
Smile Welcome

Welcome to the forum
Quote:
Originally Posted by xelhaspixiestix View Post
....I have the logs from DDS saved, but now I have no idea what to do.....
From the thread Guidelines for requesting malware removal assistance
Quote:
Step 3 - DDS by sUBs

Download DDS from |HERE| or |HERE| and save it to your desktop.

Vista & 7 users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.

1) DDS.txt
2) Attach.txt

* Save both logs to your desktop.
* Please copy and paste the entire contents of both logs in your next reply in 2 seperate posts.

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copy and pasting it into the reply.
Then wait for Malware Fighter Superdave to respond.

All the best, woz of oz
__________________
FORUM USAGE GUIDELINES - Read this first
Description of IObit Forum features and requirements - Reading this is compulsory
The thread also includes Handy Links

NEW USER PUBLIC PROFILE POLICY effective on February 01, 2013 !
It is compulsory to add your OS + Computer Details to your Profile

Usage of IObit Products
Information about using IObit software
Also contains a wealth of diverse information on many different related subjects
Reply With Quote
  #3  
Old Sep. 23rd, 2012, 06:05
Melvin_Deal's Avatar
Melvin_Deal Melvin_Deal is offline
Malware Advisor Moderator
 
Join Date: 06 Jul 2009
Posts: 2,937
Default Hi xelhaspixiestix... welcome to the Iobit forums!

All you have to do is Copy/Paste the log files here! The two DDS files are most important!

Sincerely,
-Mel
Live long and prosper!
__________________


Reply With Quote
  #4  
Old Sep. 23rd, 2012, 06:05
xelhaspixiestix xelhaspixiestix is offline
Junior Member
 
Join Date: 23 Sep 2012
Posts: 14
Default

Haha, thank you. Copying and pasting below.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_31
Run by best buy at 1:18:41 on 2012-09-23
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3037.1568 [GMT -4:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
C:\Windows\System32\Drivers\WTSRV.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\WTClient.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\BitLord\BitLord.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Users\best buy\AppData\Local\GetBooks\GetBooks.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Users\best buy\AppData\Local\Google\Update\1.3.21.123\GoogleC rashHandler.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Users\best buy\AppData\Local\Google\Update\1.3.21.123\GoogleC rashHandler64.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\Digsby\lib\digsby-app.exe
C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Digsby\lib\aspell\bin\aspell.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2830765
uDefault_Page_URL = hxxp://asus.msn.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: PlusIEEventHelper Class: {551a852f-39a6-44a7-9c13-afbec9185a9d} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: vShare Plugin: {043c5167-00bb-4324-af7e-62013faedacf} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {8C5878D0-6106-423B-AAA8-144C143DBF44} - No File
uRun: [Google Update] "C:\Users\best buy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [BitComet] "C:\Program Files (x86)\BitLord\BitLord.exe"
uRun: [Best Buy pc app] C:\Users\best buy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [GetBooks] "C:\Users\best buy\AppData\Local\GetBooks\GetBooks.exe" be99d4471e1b945b25d9b947573db534
uRun: [WideSearch] C:\Users\best buy\AppData\Local\WideSearch\wsearch.exe
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
mRun: [Setwallpaper] c:\programdata\SetWallpaper.cmd
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [WTClient] WTClient.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
mRun: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
mRun: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\ Ereg.ini"
mRun: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
mRun: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
StartupFolder: C:\Users\BESTBU~1\AppData\Roaming\MICROS~1\Windows \STARTM~1\Programs\Startup\Digsby.lnk - C:\Program Files (x86)\Digsby\digsby.exe
StartupFolder: C:\Users\BESTBU~1\AppData\Roaming\MICROS~1\Windows \STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\Users\BESTBU~1\AppData\Roaming\MICROS~1\Windows \STARTM~1\Programs\Startup\PDANET~1.LNK - C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
StartupFolder: C:\Users\BESTBU~1\AppData\Roaming\MICROS~1\Windows \STARTM~1\Programs\Startup\Trillian.lnk - C:\Program Files (x86)\Trillian\trillian.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Sta rtup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Sta rtup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645 FE6E4A715.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Open with PDF Viewer Plus - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{E47D5C36-6783-4B0F-A96D-EE63E3761114} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{E47D5C36-6783-4B0F-A96D-EE63E3761114}\7523237364D4 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{E47D5C36-6783-4B0F-A96D-EE63E3761114}\84F6C6964616970294E6E6 : DhcpNameServer = 205.171.3.65 4.2.2.2 8.8.8.8
TCP: Interfaces\{E47D5C36-6783-4B0F-A96D-EE63E3761114}\9516E6B6565637 : DhcpNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{E47D5C36-6783-4B0F-A96D-EE63E3761114}\D4A43502433313 : DhcpNameServer = 10.0.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
BHO-X64: vShare Plugin: {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: vShare Plugin: {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files (x86)\vShare\vshare_toolbar.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {8C5878D0-6106-423B-AAA8-144C143DBF44} - No File
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
mRun-x64: [Setwallpaper] c:\programdata\SetWallpaper.cmd
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [WTClient] WTClient.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
mRun-x64: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
mRun-x64: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\ Ereg.ini"
mRun-x64: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
mRun-x64: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
mRun-x64: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun-x64: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\best buy\AppData\Roaming\Mozilla\Firefox\Profiles\1o94x ptm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2830765&SearchSource=3&q={s earchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
FF - plugin: C:\Users\best buy\AppData\Local\Google\Update\1.3.21.123\npGoogl eUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_40 2_265.dll
.
============= SERVICES / DRIVERS ===============
.
R0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullab y.sys --> C:\Windows\system32\DRIVERS\lullaby.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHl pa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe " --> C:\Windows\system32\FBAgent.exe [?]
R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2010-4-5 14904]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-3-9 144672]
R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2012-8-21 1019328]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2012-8-20 245760]
R3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 pneteth;PdaNet Broadband;C:\Windows\system32\DRIVERS\pneteth.sys --> C:\Windows\system32\DRIVERS\pneteth.sys [?]
R3 PTSimBus;PenTablet Bus Enumerator;C:\Windows\system32\DRIVERS\PTSimBus.sy s --> C:\Windows\system32\DRIVERS\PTSimBus.sys [?]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-15 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPl ayerUpdateService.exe [2012-4-11 250288]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssflt r.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-8 533344]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-15 136176]
S3 mbamchameleon;mbamchameleon;\??\C:\Windows\system3 2\drivers\mbamchameleon.sys --> C:\Windows\system32\drivers\mbamchameleon.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 114144]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 PTSimHid;PenTablet Simulated HID MiniDriver;C:\Windows\system32\DRIVERS\PTSimHid.sy s --> C:\Windows\system32\DRIVERS\PTSimHid.sys [?]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsus bflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
.
=============== Created Last 30 ================
.
2012-09-22 17:41:13 36680 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2012-09-22 17:00:30 110080 ----a-r- C:\Users\best buy\AppData\Roaming\Microsoft\Installer\{8C5C34C7-BC6B-4831-8B2C-6535FE63E502}\IconF7A21AF7.exe
2012-09-22 17:00:30 110080 ----a-r- C:\Users\best buy\AppData\Roaming\Microsoft\Installer\{8C5C34C7-BC6B-4831-8B2C-6535FE63E502}\IconD7F16134.exe
2012-09-22 17:00:30 110080 ----a-r- C:\Users\best buy\AppData\Roaming\Microsoft\Installer\{8C5C34C7-BC6B-4831-8B2C-6535FE63E502}\Icon1226A4C5.exe
2012-09-22 17:00:28 -------- d-----w- C:\sh4ldr
2012-09-22 17:00:28 -------- d-----w- C:\Program Files\Enigma Software Group
2012-09-22 16:52:10 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-09-22 16:31:55 -------- d-----w- C:\ProgramData\0C1CFB131C4F23EEBFB5356EF875F002
2012-09-22 04:40:56 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-09-22 04:29:31 -------- d-----w- C:\Users\best buy\AppData\Local\WideSearch
2012-09-22 04:28:56 -------- d-----w- C:\Users\best buy\AppData\Local\GetBooks
2012-09-19 16:45:03 -------- d-----r- C:\Users\best buy\AppData\Roaming\Brother
2012-09-16 01:19:49 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-09-12 11:40:41 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-09-12 11:40:40 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2012-09-12 11:40:39 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-09-12 11:40:39 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2012-09-12 11:40:39 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-09-12 11:40:39 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-09-12 11:40:39 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
==================== Find3M ====================
.
2012-09-22 04:05:47 696240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-09-22 04:05:46 73136 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-07 21:04:46 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-06 18:33:55 955840 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-07-06 18:33:55 839096 ----a-w- C:\Windows\System32\deployJava1.dll
2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll
2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll
2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
2012-06-27 07:06:53 1188864 ----a-w- C:\Windows\System32\wininet.dll
2012-06-27 05:53:07 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-27 04:53:10 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-27 04:10:55 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-25 20:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll
2009-04-08 17:31:56 106496 ----a-w- C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45:20 155648 ----a-w- C:\Program Files (x86)\Common Files\MSIactionall.dll
.
============= FINISH: 1:20:04.04 ===============
Reply With Quote
  #5  
Old Sep. 23rd, 2012, 06:07
xelhaspixiestix xelhaspixiestix is offline
Junior Member
 
Join Date: 23 Sep 2012
Posts: 14
Default

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 9/7/2010 3:45:38 AM
System Uptime: 9/23/2012 1:10:11 AM (0 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | K50IJ
Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz | Socket 478 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 283 GiB total, 200.924 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP160: 8/21/2012 3:00:13 AM - Windows Update
RP161: 9/10/2012 4:11:54 PM - Scheduled Checkpoint
RP162: 9/14/2012 1:33:14 PM - Windows Update
RP163: 9/22/2012 12:57:07 PM - Installed SpyHunter
RP164: 9/22/2012 1:47:40 PM - Removed SpyHunter
RP165: 9/22/2012 1:49:10 PM - Removed SpyHunter
RP166: 9/22/2012 1:50:29 PM - Removed SpyHunter
RP167: 9/22/2012 11:28:59 PM - Removed SpyHunter
RP168: 9/22/2012 11:34:08 PM - Removed SpyHunter
RP169: 9/22/2012 11:38:40 PM - Removed SpyHunter
RP170: 9/23/2012 12:05:04 AM - Removed SpyHunter
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 9.5.2 MUI
Adobe Setup
Adobe Shockwave Player 11.6
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Alcor Micro USB Card Reader
Apple Application Support
Apple Software Update
ASUS AI Recovery
ASUS CopyProtect
ASUS Data Security Manager
ASUS FancyStart
ASUS LifeFrame3
ASUS Live Update
ASUS MultiFrame
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Virtual Camera
ASUS_Screensaver
ATK Generic Function Service
ATK Hotkey
ATK Media
ATKOSD2
AVS Update Manager 1.0
Best Buy pc app
BitLord 2.0
Brother MFL-Pro Suite MFC-J430W
calibre
Choice Guard
Compatibility Pack for the 2007 Office system
ControlDeck
Digital Media Converter 3.1
Digsby
Google Chrome
Google Earth Plug-in
Google Update Helper
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
Java Auto Updater
Java(TM) 6 Update 20
Java(TM) 6 Update 31
Junk Mail filter update
Malwarebytes Anti-Malware version 1.65.0.1400
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Reader
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Movavi Video Converter 11
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Maintenance Service
MP4 MP3 Converter v4.2 build 1425
MSVCRT
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB973685)
Nuance PaperPort 12
Nuance PDF Viewer Plus
OpenOffice.org 3.3
PdaNet for Android 3.02
PDF Settings
Platform
QuickTime
Roxio Burn
Roxio Roxio Burn
Roxio Update Manager
Scansoft PDF Professional
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Skype Toolbars
swMSM
Trillian
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Veetle TV 0.9.17
VIA Platform Device Manager
vShare Plugin
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinFlash
Wireless Console 3
Xvid 1.2.1 final uninstall
.
==== Event Viewer Messages From Past Week ========
.
9/23/2012 12:57:20 AM, Error: Service Control Manager [7034] - The ASLDR Service service terminated unexpectedly. It has done this 1 time(s).
9/23/2012 1:15:50 AM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
9/23/2012 1:15:50 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
9/23/2012 1:10:44 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
9/23/2012 1:10:43 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
9/23/2012 1:10:43 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
9/22/2012 12:37:16 PM, Error: Service Control Manager [7034] - The AFBAgent service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
Reply With Quote
  #6  
Old Sep. 23rd, 2012, 06:08
xelhaspixiestix xelhaspixiestix is offline
Junior Member
 
Join Date: 23 Sep 2012
Posts: 14
Default

IObit Malware Fighter Quick Scan said it found nothing, but I am running the full scan just to be on the safe side-- my usual malware bytes keeps turning up the same three problem files, and I just want to be a hundred hundred hundred percent sure.
Reply With Quote
  #7  
Old Sep. 23rd, 2012, 06:32
Melvin_Deal's Avatar
Melvin_Deal Melvin_Deal is offline
Malware Advisor Moderator
 
Join Date: 06 Jul 2009
Posts: 2,937
Default Hi xelhaspixiestix... thanks for the copy/paste!

Your machine definitely needs Superdave's attention! I see multiple issues.

Please be patiient xelhaspixiestix and wait for Dave. Your machine is seriously compromised. Please don't try to surf around and find software to try to fix it. Please pay attention to this and wait for Superdave to respond to your post and then follow his instructions exactly.

Sincerely,
-Mel
Live long and prosper!
__________________


Reply With Quote
  #8  
Old Sep. 23rd, 2012, 13:11
xelhaspixiestix xelhaspixiestix is offline
Junior Member
 
Join Date: 23 Sep 2012
Posts: 14
Default

Mel, IObit says I'm okay? I wish there was a beginner's thing for all of this.
Reply With Quote
  #9  
Old Sep. 23rd, 2012, 19:46
Superdave's Avatar
Superdave Superdave is offline
Malware Fighter
 
Join Date: 07 Mar 2010
Posts: 808
Default

Hello and welcome to IOBit Forums. My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
************************************************** ***********
Please download AdwCleaner by Xplode onto your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.
************************************************** ***
Download Security Check by screen317 from one of the following links and save it to your desktop.

Link 1
Link 2

* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
************************************************** ***
Re-run MBAM:

Code:
Please re-open Malwarebytes, click the Update tab, and click Check for Updates. Then, click the Scanner tab, select Perform Quick Scan, and press Scan. Remove selected, and post the log in your next reply..
Reply With Quote
  #10  
Old Sep. 24th, 2012, 01:56
xelhaspixiestix xelhaspixiestix is offline
Junior Member
 
Join Date: 23 Sep 2012
Posts: 14
Default

AdwCleaner Log:

# AdwCleaner v2.003 - Logfile created 09/23/2012 at 21:55:52
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : best buy - BESTBUY-PC
# Boot Mode : Normal
# Running from : C:\Users\best buy\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\best buy\AppData\Roaming\Mozilla\Firefox\Profiles\1o94x ptm.default\searchplugins\Askcom.xml
File Found : C:\Users\best buy\AppData\Roaming\Mozilla\Firefox\Profiles\1o94x ptm.default\searchplugins\Conduit.xml
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\vShare
Folder Found : C:\Users\best buy\AppData\Local\Conduit
Folder Found : C:\Users\best buy\AppData\LocalLow\Conduit
Folder Found : C:\Users\best buy\AppData\LocalLow\vShare
Folder Found : C:\Users\best buy\AppData\Roaming\Mozilla\Firefox\Profiles\1o94x ptm.default\ConduitCommon
Folder Found : C:\Users\best buy\AppData\Roaming\Mozilla\Firefox\Profiles\1o94x ptm.default\CT2830765
Folder Found : C:\Users\best buy\AppData\Roaming\Mozilla\Firefox\Profiles\1o94x ptm.default\extensions\{8c5878d0-6106-423b-aaa8-144c143dbf44}
Folder Found : C:\Users\best buy\AppData\Roaming\Mozilla\Firefox\Profiles\1o94x ptm.default\extensions\vshare@toolbar

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchSco pes
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\vShare
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\vsharechro me
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2830765
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3E315C81-442B-431C-AEC8-ED189699EC24}
Key Found : HKLM\SOFTWARE\Classes\vShare.IMedixProtocol
Key Found : HKLM\SOFTWARE\Classes\vShare.IMedixProtocol.1
Key Found : HKLM\SOFTWARE\Classes\vShare.PugiObj
Key Found : HKLM\SOFTWARE\Classes\vShare.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\vShare.ScriptHelpers
Key Found : HKLM\SOFTWARE\Classes\vShare.ScriptHelpers.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3B7599DF-3D5D-4EF5-BF51-9C2EDA788E83}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{20ED5 AF7-D9C4-409E-9EB3-D2A44A77FB6D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Explorer\Browser Helper Objects\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\vShare
Key Found : HKLM\SOFTWARE\Classes\Interface\{20ED5AF7-D9C4-409E-9EB3-D2A44A77FB6D}
Key Found : HKU\S-1-5-21-2692702394-3717547501-365279644-1000\Software\Microsoft\Internet Explorer\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}
Key Found : HKU\S-1-5-21-2692702394-3717547501-365279644-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{043C5167-00BB-4324-AF7E-62013FAEDACF}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{043C5167-00BB-4324-AF7E-62013FAEDACF}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2830765

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\best buy\AppData\Roaming\Mozilla\Firefox\Profiles\1o94x ptm.default\prefs.js

Found : user_pref("CT2830765..clientLogIsEnabled", true);
Found : user_pref("CT2830765..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2830765..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2830765.ALLOW_SHOWING_HIDDEN_TOOLBAR" , false);
Found : user_pref("CT2830765.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2830765.AppTrackingLastCheckTime", "Tue Apr 03 2012 01:19:23 GMT-0400 (Eastern Daylight[...]
Found : user_pref("CT2830765.BrowserCompStateIsOpen_832196 5553382844501", true);
Found : user_pref("CT2830765.CTID", "CT2830765");
Found : user_pref("CT2830765.CurrentServerDate", "6-4-2012");
Found : user_pref("CT2830765.DSChangedManually", true);
Found : user_pref("CT2830765.DSInstall", true);
Found : user_pref("CT2830765.DialogsAlignMode", "LTR");
Found : user_pref("CT2830765.DialogsGetterLastCheckTime", "Thu Mar 29 2012 13:21:07 GMT-0400 (Eastern Daylig[...]
Found : user_pref("CT2830765.DownloadReferralCookieData", "");
Found : user_pref("CT2830765.EnableClickToSearchBox", false);
Found : user_pref("CT2830765.EnableSearchHistory", false);
Found : user_pref("CT2830765.EnableSearchSuggest", false);
Found : user_pref("CT2830765.FirstServerDate", "8-3-2012");
Found : user_pref("CT2830765.FirstTime", true);
Found : user_pref("CT2830765.FirstTimeFF3", true);
Found : user_pref("CT2830765.FixPageNotFoundErrors", false);
Found : user_pref("CT2830765.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2830765.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2830765.HPInstall", true);
Found : user_pref("CT2830765.HasUserGlobalKeys", true);
Found : user_pref("CT2830765.HomePageProtectorEnabled", true);
Found : user_pref("CT2830765.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2830765&SearchSource=[...]
Found : user_pref("CT2830765.Initialize", true);
Found : user_pref("CT2830765.InitializeCommonPrefs", true);
Found : user_pref("CT2830765.InstallationAndCookieDataSent Count", 3);
Found : user_pref("CT2830765.InstallationId", "ConduitNSISIntegration");
Found : user_pref("CT2830765.InstallationType", "ConduitXPEIntegration");
Found : user_pref("CT2830765.InstalledDate", "Thu Mar 08 2012 02:43:23 GMT-0500 (Eastern Standard Time)");
Found : user_pref("CT2830765.IsAlertDBUpdated", true);
Found : user_pref("CT2830765.IsGrouping", false);
Found : user_pref("CT2830765.IsInitSetupIni", true);
Found : user_pref("CT2830765.IsMulticommunity", false);
Found : user_pref("CT2830765.IsOpenThankYouPage", false);
Found : user_pref("CT2830765.IsOpenUninstallPage", true);
Found : user_pref("CT2830765.IsProtectorsInit", true);
Found : user_pref("CT2830765.LanguagePackLastCheckTime", "Wed Apr 04 2012 22:06:51 GMT-0400 (Eastern Dayligh[...]
Found : user_pref("CT2830765.LanguagePackReloadIntervalMM" , 1440);
Found : user_pref("CT2830765.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2830765.LastLogin_3.10.0.1", "Thu Apr 05 2012 18:06:46 GMT-0400 (Eastern Daylight Time)[...]
Found : user_pref("CT2830765.LatestVersion", "3.10.0.1");
Found : user_pref("CT2830765.Locale", "en-us");
Found : user_pref("CT2830765.MCDetectTooltipHeight", "83");
Found : user_pref("CT2830765.MCDetectTooltipShow", false);
Found : user_pref("CT2830765.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2830765.MCDetectTooltipWidth", "295");
Found : user_pref("CT2830765.MyStuffEnabledAtInstallation" , true);
Found : user_pref("CT2830765.OriginalFirstVersion", "3.10.0.1");
Found : user_pref("CT2830765.SavedHomepage", "hxxp://www.google.com/");
Found : user_pref("CT2830765.SearchBackToDefaultEngine", false);
Found : user_pref("CT2830765.SearchCaption", "Bitlord 1.2 Customized Web Search");
Found : user_pref("CT2830765.SearchEngineBeforeUnload", "Bitlord 1.2 Customized Web Search");
Found : user_pref("CT2830765.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2830765.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT283[...]
Found : user_pref("CT2830765.SearchInNewTabEnabled", true);
Found : user_pref("CT2830765.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2830765.SearchInNewTabLastCheckTime", "Wed Apr 04 2012 22:06:45 GMT-0400 (Eastern Dayli[...]
Found : user_pref("CT2830765.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2830765.SearchInNewTabUserEnabled", false);
Found : user_pref("CT2830765.SearchProtectorEnabled", false);
Found : user_pref("CT2830765.SearchProtectorToolbarDisable d", false);
Found : user_pref("CT2830765.SendProtectorDataViaLogin", true);
Found : user_pref("CT2830765.ServiceMapLastCheckTime", "Tue Apr 03 2012 01:19:22 GMT-0400 (Eastern Daylight [...]
Found : user_pref("CT2830765.SettingsLastCheckTime", "Thu Apr 05 2012 13:11:18 GMT-0400 (Eastern Daylight Ti[...]
Found : user_pref("CT2830765.SettingsLastUpdate", "1332164605");
Found : user_pref("CT2830765.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2830765&SearchSource=13");
Found : user_pref("CT2830765.ThirdPartyComponentsInterval" , 504);
Found : user_pref("CT2830765.ThirdPartyComponentsLastCheck ", "Thu Mar 29 2012 13:20:51 GMT-0400 (Eastern Day[...]
Found : user_pref("CT2830765.ThirdPartyComponentsLastUpdat e", "1312887586");
Found : user_pref("CT2830765.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2830765.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2830765");
Found : user_pref("CT2830765.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2830765.UserID", "UN26384125765688526");
Found : user_pref("CT2830765.ValidationData_Toolbar", 0);
Found : user_pref("CT2830765.alertChannelId", "1222832");
Found : user_pref("CT2830765.approveUntrustedApps", false);
Found : user_pref("CT2830765.autoDisableScopes", -1);
Found : user_pref("CT2830765.components.129360156979906390 ", false);
Found : user_pref("CT2830765.components.129360157920531315 ", false);
Found : user_pref("CT2830765.components.129373346914725908 ", false);
Found : user_pref("CT2830765.components.129382176415350348 ", false);
Found : user_pref("CT2830765.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"soci al.c[...]
Found : user_pref("CT2830765.globalFirstTimeInfoLastCheckT ime", "Thu Mar 29 2012 13:21:06 GMT-0400 (Eastern [...]
Found : user_pref("CT2830765.homepageProtectorEnableByLogi n", true);
Found : user_pref("CT2830765.initDone", true);
Found : user_pref("CT2830765.isAppTrackingManagerOn", true);
Found : user_pref("CT2830765.isSearchProtectorNotifyChange s", false);
Found : user_pref("CT2830765.myStuffEnabled", true);
Found : user_pref("CT2830765.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2830765.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2830765.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2830765.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2830765.navigateToUrlOnSearch", false);
Found : user_pref("CT2830765.oldAppsList", "129331842495825790,129331842496294546,111,1293601 56979906390,129[...]
Found : user_pref("CT2830765.revertSettingsEnabled", false);
Found : user_pref("CT2830765.searchProtectorDialogDelayInS ec", 10);
Found : user_pref("CT2830765.searchProtectorEnableByLogin" , true);
Found : user_pref("CT2830765.testingCtid", "");
Found : user_pref("CT2830765.toolbarAppMetaDataLastCheckTi me", "Thu Apr 05 2012 16:15:39 GMT-0400 (Eastern D[...]
Found : user_pref("CT2830765.toolbarContextMenuLastCheckTi me", "Thu Mar 29 2012 13:21:08 GMT-0400 (Eastern D[...]
Found : user_pref("CT2830765.usageEnabled", false);
Found : user_pref("CT2830765.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2830765&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "Bitlord 1.2 Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2830765/CT2830765[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1222832/1218505/US", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2830765", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2830765",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\best buy\\AppData\\Roaming\\Mozilla[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionIn stalled", "3.10.0.1");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSa vedUrl", "");
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2830765");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2830765");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2830765");
Found : user_pref("CommunityToolbar.globalUserId", "3fd88372-6096-4a2c-a0e4-506a53d1d834");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedI temTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFe edItemTable", true);
Found : user_pref("CommunityToolbar.notifications.alertDia logsGetterLastCheckTime", "Thu Mar 29 2012 13:21:0[...]
Found : user_pref("CommunityToolbar.notifications.alertInf oInterval", 1440);
Found : user_pref("CommunityToolbar.notifications.alertInf oLastCheckTime", "Tue Apr 03 2012 21:17:44 GMT-040[...]
Found : user_pref("CommunityToolbar.notifications.clientsS erverUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginInt ervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLas tCheckTime", "Thu Apr 05 2012 16:15:32 GMT-0400 (E[...]
Found : user_pref("CommunityToolbar.notifications.loginLas tUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageS howTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.services ServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTray Icon", false);
Found : user_pref("CommunityToolbar.notifications.userClos eIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "2a4933c2-4f9a-4add-8da4-b3812b20cfa6");
Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.com/");
Found : user_pref("CommunityToolbar.originalSearchEngine", "Google");
Found : user_pref("browser.search.defaultengine", "Ask.com");
Found : user_pref("browser.search.defaultenginename", "Ask.com");
Found : user_pref("browser.search.defaultthis.engineName", "Bitlord 1.2 Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2830765&Sea[...]
Found : user_pref("browser.search.order.1", "Ask.com");
Found : user_pref("extensions.toolbar@ask.com.install-event-fired", true);
Found : user_pref("extensions.vshare@toolbar.install-event-fired", true);
Found : user_pref("vshare.install.date", "1287100800000");
Found : user_pref("vshare.install.finished", "1.0.0");
Found : user_pref("vshare.install.guid", "{238c7d42-0e66-4298-aa0a-f2d06150015f}");
Found : user_pref("vshare.install.isDisabled", true);
Found : user_pref("vshare.install.isHidden", true);
Found : user_pref("vshare.install.laststatreq", "1287360000000");
Found : user_pref("vshare.install.newtab", false);

-\\ Google Chrome v21.0.1180.89

File : C:\Users\best buy\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.12] : homepage = "hxxp://search.conduit.com/?ctid=CT2830765&SearchSource=48",
Found [l.16] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT2830765&SearchSource=48" ]
Found [l.58] : icon_url = "hxxp://search.conduit.com/fav.ico",
Found [l.61] : keyword = "search.conduit.com",
Found [l.64] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&hl=en&SelfSearch=1&Se archSource=49&ctid=CT2830765",
Found [l.65] : suggest_url = "hxxp://search.conduit.com/"
Found [l.1178] : homepage = "hxxp://search.conduit.com/?ctid=CT2830765&SearchSource=48",
Found [l.1603] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT2830765&SearchSource=48" ]

*************************

AdwCleaner[R1].txt - [18437 octets] - [23/09/2012 21:55:52]

########## EOF - C:\AdwCleaner[R1].txt - [18498 octets] ##########
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Get FREE Online Help



Free Download IObit Products




Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Problem with hard-to-get-rid-of Malware (e-markettop) Zoberraz Spyware-Malware Removal Help! 18 Jul. 9th, 2011 23:01
Search File goes to hijacked ie web page Bin Spyware-Malware Removal Help! 21 Jun. 19th, 2011 23:03
Xp Inspiron mini Ulfhere Spyware-Malware Removal Help! 34 Jun. 4th, 2011 23:16
ie browser search hijack dhammer Spyware-Malware Removal Help! 56 Mar. 21st, 2011 06:11
Virus? blue321 Spyware-Malware Removal Help! 26 Dec. 23rd, 2010 19:45


All times are GMT +0. The time now is 00:15.


Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.