Page 1 of 4 1234 LastLast
Results 1 to 10 of 33

Thread: Yes, it's Win32.downloader.gen...

  1. #1
    Junior Member
    Join Date
    Oct 2013
    Posts
    17

    Angry Yes, it's Win32.downloader.gen...

    I have read the rules, and also read the sticky that recommends running Spybot as Administrator. I have done this, and it's not working.

    Curiously, Spybot used to remove it, but it would simply come back. Now I try to remove it and it gives me an error message saying it's in use and it can't destroy it. Either way, I want to get rid of this thing :( I've searched around, but it seems that no two solutions are the same, and some involve messing with the registry, which is something I am nervous about.

    I am running Windows 7. Please help!

  2. #2
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default



    Lets run a few other scans and see whats going on

    Please download aswMBR to your desktop.

    • Double click the aswMBR icon to run it.
    • Click the Scan button to start scan.
    • If you are asked to update the Avast Virus database please allow it to do so.
    • When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.






    Download DDS from one of the links below to your desktop

    Link 1
    Link 2

    • Double click the tool to run it.
    • A black Screen will open, just read the contents and do nothing.
    • When the tool finishes, it will open 2 reports, DDS.txt and attach.txt
    • Copy/Paste the contents of 'DDS.txt' into your post.
    • 'attach.txt' should be zipped using Windows native zip utility and attached to your post. Compress and uncompress files (zip files)
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  3. #3
    Junior Member
    Join Date
    Oct 2013
    Posts
    17

    Default

    Thank you very much.

    I've followed your directions and here are the results:

    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2013-10-26 14:27:19
    -----------------------------
    14:27:19.983 OS Version: Windows x64 6.1.7601 Service Pack 1
    14:27:19.983 Number of processors: 8 586 0x1E05
    14:27:19.983 ComputerName: AZADETH-PC UserName: azadeth
    14:27:21.930 Initialize success
    14:30:16.553 AVAST engine defs: 13102602
    14:31:07.513 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2
    14:31:07.520 Disk 0 Vendor: SAMSUNG_ 1AJ1 Size: 953869MB BusType: 8
    14:31:07.703 Disk 0 MBR read successfully
    14:31:07.708 Disk 0 MBR scan
    14:31:07.716 Disk 0 Windows 7 default MBR code
    14:31:07.722 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
    14:31:07.736 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920
    14:31:07.753 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 938828 MB offset 30801920
    14:31:07.782 Disk 0 scanning C:\Windows\system32\drivers
    14:31:18.633 Service scanning
    14:31:41.183 Modules scanning
    14:31:41.198 Disk 0 trace - called modules:
    14:31:41.234 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
    14:31:41.245 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800de34790]
    14:31:41.254 3 CLASSPNP.SYS[fffff88001b1243f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-2[0xfffffa800db76050]
    14:31:43.686 AVAST engine scan C:\Windows
    14:31:47.073 AVAST engine scan C:\Windows\system32
    14:36:24.603 AVAST engine scan C:\Windows\system32\drivers
    14:36:37.991 AVAST engine scan C:\Users\azadeth
    15:48:45.904 AVAST engine scan C:\ProgramData
    16:21:11.165 Scan finished successfully
    18:24:58.024 Disk 0 MBR has been saved successfully to "C:\Users\azadeth\Desktop\MBR.dat"
    18:24:58.024 The log file has been saved successfully to "C:\Users\azadeth\Desktop\aswMBR.txt"

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.16720 BrowserJavaVersion: 10.45.2
    Run by azadeth at 18:34:17 on 2013-10-26
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.16343.10034 [GMT -4:00]
    .
    AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
    C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Program Files\Dell\DellDock\DockLogin.exe
    C:\Windows\system32\atieclxx.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\SysWOW64\svchost.exe -k Akamai
    C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
    C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
    C:\Windows\system32\dleacoms.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
    C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\SysWOW64\Rundll32.exe
    C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Windows\System32\jusched.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe
    C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe
    C:\Program Files\Microsoft LifeChat\LifeChat.exe
    C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
    C:\Program Files\Logitech Gaming Software\LCore.exe
    C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
    C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
    C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Users\azadeth\AppData\Local\Akamai\netsession_win.exe
    C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Users\azadeth\AppData\Local\Akamai\netsession_win.exe
    C:\Program Files\Dell\DellDock\DellDock.exe
    C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
    c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\AVG Secure Search\vprot.exe
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
    C:\Program Files (x86)\AVG\AVG2014\avgui.exe
    C:\Users\azadeth\AppData\Local\Digsby\App\lib\digsby-app.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
    C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
    C:\Users\azadeth\AppData\Local\Digsby\App\lib\aspell\bin\aspell.exe
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Users\azadeth\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\azadeth\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\azadeth\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\azadeth\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\azadeth\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\azadeth\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\azadeth\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\azadeth\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    C:\Users\azadeth\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.yahoo.com/?type=714647&fr=spigot-yhp-ie
    uProxyOverride = 127.0.0.1:9421;<local>
    uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dll
    uURLSearchHooks: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
    uURLSearchHooks: SweetPacks A8 Toolbar: {0b5130a9-cc50-4ced-99d5-cda8cc12ae48} - C:\Program Files (x86)\SweetPacks_A8\prxtbSwee.dll
    mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dll
    mURLSearchHooks: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
    mURLSearchHooks: SweetPacks A8 Toolbar: {0b5130a9-cc50-4ced-99d5-cda8cc12ae48} - C:\Program Files (x86)\SweetPacks_A8\prxtbSwee.dll
    dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
    mWinlogon: Userinit = userinit.exe
    BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
    BHO: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
    BHO: Dell Toolbar: {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll
    BHO: SweetPacks A8 Toolbar: {0b5130a9-cc50-4ced-99d5-cda8cc12ae48} - C:\Program Files (x86)\SweetPacks_A8\prxtbSwee.dll
    BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - <orphaned>
    BHO: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin1.dll
    BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
    BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - <orphaned>
    BHO: PETN: {8182E209-46EC-47BB-9FD2-8A90A81817B8} - C:\Users\azadeth\AppData\Local\TidyNetwork\petn.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll
    BHO: Word: {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - C:\Users\azadeth\AppData\Local\WordLayers\temp.dat
    BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: uTorrentBar Toolbar: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dll
    TB: InternetHelper3.1 Toolbar: {07CBF788-1359-421B-A4E3-5A8D041B90A3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
    TB: Dell Toolbar: {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll
    TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll
    TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTo1.dll
    TB: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin1.dll
    TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll
    TB: InternetHelper3.1 Toolbar: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - C:\Program Files (x86)\InternetHelper3.1\prxtbInte.dll
    TB: SweetPacks A8 Toolbar: {0b5130a9-cc50-4ced-99d5-cda8cc12ae48} - C:\Program Files (x86)\SweetPacks_A8\prxtbSwee.dll
    uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    uRun: [Akamai NetSession Interface] "C:\Users\azadeth\AppData\Local\Akamai\netsession_win.exe"
    uRun: [Google Update] "C:\Users\azadeth\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [HP Photosmart 5520 series (NET)] "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN31B1633Q0602:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1
    uRun: [AdobeBridge] <no file>
    mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
    mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
    mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    mRun: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
    mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    mRun: [UpdReg] C:\Windows\UpdReg.EXE
    mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
    mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    StartupFolder: C:\Users\azadeth\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe
    StartupFolder: C:\Users\azadeth\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Digsby.lnk - C:\Users\azadeth\AppData\Local\Digsby\App\digsby.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    mPolicies-System: EnableLUA = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: freerealms.com
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    TCP: NameServer = 209.18.47.61 209.18.47.62
    TCP: Interfaces\{2495A0B1-68CF-4A27-9D40-C6628707C984} : DHCPNameServer = 209.18.47.61 209.18.47.62
    TCP: Interfaces\{27555421-7781-4AD0-A67D-A4D15696D33C} : DHCPNameServer = 209.18.47.61 209.18.47.62
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs=
    SSODL: WebCheck - <orphaned>
    x64-BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll
    x64-BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - <orphaned>
    x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    x64-Run: [RunDLLEntry_EptMon] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\EptMon64.dll,RunDLLEntry EptMon64
    x64-Run: [RunDLLEntry_THXCfg] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
    x64-Run: [dleamon.exe] "C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe"
    x64-Run: [EzPrint] "C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe"
    x64-Run: [LifeChat] "C:\Program Files\Microsoft LifeChat\LifeChat.exe"
    x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
    x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
    x64-Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
    x64-Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
    x64-Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
    x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    x64-DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
    x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\azadeth\AppData\Roaming\Mozilla\Firefox\Profiles\wkj2s5gh.default\
    FF - prefs.js: browser.startup.homepage - hxxp://search.yahoo.com/?type=714647&fr=spigot-yhp-ff
    FF - prefs.js: browser.search.selectedEngine - Yahoo
    FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p=
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\npsitesafety.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
    FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\azadeth\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll
    FF - plugin: C:\Users\azadeth\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Users\azadeth\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
    FF - plugin: C:\Users\azadeth\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: C:\Users\azadeth\AppData\Roaming\Mozilla\plugins\npo1d.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
    FF - ExtSQL: 2013-09-22 09:47; avg@toolbar; C:\ProgramData\AVG Secure Search\FireFoxExt\15.5.0.2
    FF - ExtSQL: 2013-10-13 21:36; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; C:\Users\azadeth\AppData\Roaming\Mozilla\Firefox\Profiles\wkj2s5gh.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    FF - ExtSQL: 2013-10-25 00:00; ugnraew@jqhljqmpngx.net; C:\Users\azadeth\AppData\Roaming\Mozilla\Firefox\Profiles\wkj2s5gh.default\extensions\ugnraew@jqhljqmpngx.net
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-9-2 192824]
    R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-9-2 294712]
    R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-8-20 123704]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-8 31544]
    R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2010-6-9 69152]
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-3-1 55280]
    R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-9-25 148792]
    R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-9-2 241464]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-9-2 212280]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
    R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-3 46368]
    R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-3-1 202752]
    R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-10-3 3538480]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-25 301152]
    R2 dlea_device;dlea_device;C:\Windows\System32\dleacoms.exe -service --> C:\Windows\System32\dleacoms.exe -service [?]
    R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
    R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2013-6-8 9216]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-3-1 13336]
    R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-9-8 14997280]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-5-5 1153368]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-15 414496]
    R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2011-12-15 450848]
    R2 vToolbarUpdater17.0.12;vToolbarUpdater17.0.12;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [2013-10-1 1734680]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-3-1 56344]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-3-1 233984]
    R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-3-1 320040]
    R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
    R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\Windows\System32\drivers\LGSHidFilt.Sys [2012-2-7 66328]
    R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
    R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-12-15 351392]
    R3 LVUVC64;Logitech HD Pro Webcam C920(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-12-15 4862368]
    R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-9-8 39200]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 CltMngSvc;Search Protect by Conduit Updater;C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe --> C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [?]
    S2 dleaCATSCustConnectService;dleaCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\dleaserv.exe [2010-5-19 45224]
    S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-4-21 947528]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-8-13 19456]
    S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe [2009-6-26 1124848]
    S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-8-13 57856]
    S3 UsbFltr;WayTech USB Filter Driver;C:\Windows\System32\drivers\UsbFltr.sys [2007-4-9 12288]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-1 1255736]
    .
    =============== File Associations ===============
    .
    ShellExec: SnagItEditor.exe: open="C:\PROGRA~2\TECHSM~1\SNAGIT~1\SNAGIT~1.EXE" "%1"
    .
    =============== Created Last 30 ================
    .
    2013-10-26 05:09:36 -------- d-----w- C:\Users\azadeth\AppData\Roaming\Search Protection
    2013-10-25 22:08:35 -------- d-----w- C:\Users\azadeth\AppData\Local\Conduit
    2013-10-25 22:08:35 -------- d-----w- C:\Program Files (x86)\SweetPacks_A8
    2013-10-25 22:08:18 -------- d-----w- C:\Program Files (x86)\SearchProtect
    2013-10-25 22:07:49 -------- d-----w- C:\Users\azadeth\AppData\Local\WordLayers
    2013-10-25 22:07:48 -------- d-----w- C:\Users\azadeth\AppData\Local\TidyNetwork
    2013-10-19 14:41:19 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-10-15 20:54:06 589600 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
    2013-10-13 18:31:01 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
    2013-10-10 02:55:59 2241024 ----a-w- C:\Windows\System32\wininet.dll
    2013-10-10 01:45:27 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
    2013-10-10 01:45:27 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
    2013-10-10 01:45:27 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
    2013-10-10 01:45:27 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
    2013-10-10 01:45:27 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
    2013-10-10 01:45:27 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
    2013-10-10 01:45:27 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
    2013-10-06 14:31:48 -------- d-----w- C:\Users\azadeth\AppData\Roaming\Guild Wars 2
    .
    ==================== Find3M ====================
    .
    2013-10-15 21:47:39 6665504 ----a-w- C:\Windows\System32\nvcpl.dll
    2013-10-15 21:47:39 3489568 ----a-w- C:\Windows\System32\nvsvc64.dll
    2013-10-15 21:47:36 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
    2013-10-15 21:47:36 63776 ----a-w- C:\Windows\System32\nvshext.dll
    2013-10-15 21:47:36 219424 ----a-w- C:\Windows\System32\nvmctray.dll
    2013-10-09 02:32:33 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-10-09 02:32:33 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-10-08 19:14:15 3398914 ----a-w- C:\Windows\System32\nvcoproc.bin
    2013-10-01 20:35:48 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
    2013-09-26 01:07:30 148792 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
    2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
    2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll
    2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll
    2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll
    2013-09-21 03:38:39 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-09-21 03:30:24 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
    2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
    2013-09-12 08:58:10 1884448 ----a-w- C:\Windows\System32\nvdispco6432723.dll
    2013-09-12 08:58:10 1511712 ----a-w- C:\Windows\System32\nvdispgenco6432723.dll
    2013-09-09 02:11:42 31544 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
    2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
    2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
    2013-09-02 14:59:14 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
    2013-09-02 14:29:18 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys
    2013-09-02 14:26:50 192824 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
    2013-09-02 14:26:42 241464 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
    2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
    2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
    2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
    2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
    2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
    2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
    2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
    2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
    2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll
    2013-08-21 02:53:58 123704 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
    2013-08-20 13:33:40 39200 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
    2013-08-20 13:32:58 29984 ----a-w- C:\Windows\System32\nvaudcap64v.dll
    2013-08-20 13:32:46 28448 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
    2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
    2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
    2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
    2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
    2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
    2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2013-08-01 20:07:06 251192 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
    2013-08-01 12:09:36 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
    .
    ============= FINISH: 18:34:32.06 ===============
    Attached Files Attached Files

  4. #4
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Hi,

    uTorrentBar Toolbar <-- Let me explain about File Sharing, the programs themselves are safe but what you may be downloading may not be, your downloading that file from an unknown source, not all but most contain malware of some sort, its like playing Russian Roulette Malwarewise. I would like you to go to Programs and Features in the Control Panel and uninstall it, if not I am just wasting my time because after we get you clean you will just be reinfecting yourself.

    You have a lot of garbage on this system , unwanted toolbars and the like, lets do this

    Please download AdwCleaner by Xplode and save to your Desktop.
    • Double click on AdwCleaner.exe to run the tool.
      Vista/Windows 7/8 users right-click and select Run As Administrator.
    • Click on the Scan button.
    • AdwCleaner will begin...be patient as the scan may take some time to complete.
    • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
    • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  5. #5
    Junior Member
    Join Date
    Oct 2013
    Posts
    17

    Default

    Okay it's done, including uninstallation of utorrent. I don't really see anything in this list that I recognize as something I would need (incidentally, thanks for helping me get rid of this excess crap). Anyway, here are the results:

    # AdwCleaner v3.010 - Report created 26/10/2013 at 23:42:29
    # Updated 20/10/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : azadeth - AZADETH-PC
    # Running from : C:\Users\azadeth\Downloads\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****

    Service Found : CltMngSvc
    Service Found : vToolbarUpdater17.0.12

    ***** [ Files / Folders ] *****

    File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
    File Found : C:\Users\azadeth\AppData\Roaming\Mozilla\Firefox\Profiles\wkj2s5gh.default\user.js
    Folder Found : C:\Users\azadeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
    Folder Found : C:\Users\azadeth\AppData\Roaming\Mozilla\Firefox\Profiles\wkj2s5gh.default\Extensions\{0b5130a9-cc50-4ced-99d5-cda8cc12ae48}
    Folder Found : C:\Users\azadeth\AppData\Roaming\Mozilla\Firefox\Profiles\wkj2s5gh.default\Extensions\tidynetwork@tidynetwork
    Folder Found C:\Program Files (x86)\AVG Secure Search
    Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search
    Folder Found C:\Program Files (x86)\Conduit
    Folder Found C:\Program Files (x86)\ConduitEngine
    Folder Found C:\Program Files (x86)\internethelper3.1
    Folder Found C:\Program Files (x86)\InternetHelper3.1
    Folder Found C:\Program Files (x86)\Searchprotect
    Folder Found C:\Program Files (x86)\SweetPacks_A8
    Folder Found C:\ProgramData\AVG Secure Search
    Folder Found C:\ProgramData\AVG Security Toolbar
    Folder Found C:\ProgramData\Conduit
    Folder Found C:\Users\azadeth\AppData\Local\AVG Secure Search
    Folder Found C:\Users\azadeth\AppData\Local\AVG Security Toolbar
    Folder Found C:\Users\azadeth\AppData\Local\Conduit
    Folder Found C:\Users\azadeth\AppData\Local\PackageAware
    Folder Found C:\Users\azadeth\AppData\Local\TidyNetwork
    Folder Found C:\Users\azadeth\AppData\Local\WordLayers
    Folder Found C:\Users\azadeth\AppData\LocalLow\AVG Secure Search
    Folder Found C:\Users\azadeth\AppData\LocalLow\Conduit
    Folder Found C:\Users\azadeth\AppData\LocalLow\ConduitEngine
    Folder Found C:\Users\azadeth\AppData\LocalLow\internethelper3.1
    Folder Found C:\Users\azadeth\AppData\LocalLow\InternetHelper3.1
    Folder Found C:\Users\azadeth\AppData\LocalLow\PriceGong
    Folder Found C:\Users\azadeth\AppData\LocalLow\SweetPacks_A8
    Folder Found C:\Users\azadeth\AppData\Roaming\Mozilla\Firefox\Profiles\wkj2s5gh.default\CT3316068
    Folder Found C:\Users\azadeth\AppData\Roaming\Search Protection

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Found : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
    Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
    Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
    Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Found : HKCU\Software\AppDataLow\Software\InternetHelper3.1
    Key Found : HKCU\Software\AppDataLow\Software\PriceGong
    Key Found : HKCU\Software\AppDataLow\Software\smartbar
    Key Found : HKCU\Software\AppDataLow\Software\SweetPacks_A8
    Key Found : HKCU\Software\AppDataLow\Toolbar
    Key Found : HKCU\Software\AVG Secure Search
    Key Found : HKCU\Software\AVG Security Toolbar
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0B5130A9-CC50-4CED-99D5-CDA8CC12AE48}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKCU\Software\SearchProtect
    Key Found : HKCU\Software\YahooPartnerToolbar
    Key Found : [x64] HKCU\Software\AVG Secure Search
    Key Found : [x64] HKCU\Software\AVG Security Toolbar
    Key Found : [x64] HKCU\Software\Conduit
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : [x64] HKCU\Software\SearchProtect
    Key Found : [x64] HKCU\Software\YahooPartnerToolbar
    Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
    Key Found : HKLM\Software\AVG Secure Search
    Key Found : HKLM\Software\AVG Security Toolbar
    Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Found : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
    Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
    Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
    Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{0B5130A9-CC50-4CED-99D5-CDA8CC12AE48}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B1F1E22-DB92-4C92-BECC-D4BBF55F8356}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B4A6C3D-35BB-4E28-B66E-3C7847299BC9}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{6CE83F03-4DFD-4070-A0A7-C46C82E20971}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
    Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
    Key Found : HKLM\SOFTWARE\Classes\S
    Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3289663
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3316068
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\Software\conduitEngine
    Key Found : HKLM\Software\conduitEngine
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
    Key Found : HKLM\Software\InternetHelper3.1
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30827020-707B-4487-8EFC-AB4E5C538922}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{451B1DAF-8975-4503-A9CB-EE4B657AB98C}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80ED1015-D878-4C53-A431-E8E8B820544A}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7B65D4F-DD86-4CDE-853B-0F4A23E3D8DB}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1E666B1-B75F-4BD4-B92A-2D173EE066B1}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0B5130A9-CC50-4CED-99D5-CDA8CC12AE48}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B1F1E22-DB92-4C92-BECC-D4BBF55F8356}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6CE83F03-4DFD-4070-A0A7-C46C82E20971}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
    Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Key Found : HKLM\Software\SearchProtect
    Key Found : HKLM\Software\SweetPacks_A8
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0B5130A9-CC50-4CED-99D5-CDA8CC12AE48}]
    Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ConduitFloatingPlugin_aobbhmkkplckkcbnbcdbkneemiooegoc]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0B5130A9-CC50-4CED-99D5-CDA8CC12AE48}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0B5130A9-CC50-4CED-99D5-CDA8CC12AE48}]
    Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
    Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

    ***** [ Browsers ] *****

    -\\ Internet Explorer v10.0.9200.16720


    -\\ Mozilla Firefox v24.0 (en-US)

    [ File : C:\Users\azadeth\AppData\Roaming\Mozilla\Firefox\Profiles\wkj2s5gh.default\prefs.js ]


    -\\ Google Chrome v

    [ File : C:\Users\azadeth\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [17588 octets] - [26/10/2013 23:38:40]
    AdwCleaner[R1].txt - [15435 octets] - [26/10/2013 23:42:29]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [15496 octets] ##########

  6. #6
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Ok, thanks for the log, lets move on


    Double click on AdwCleaner.exe to run the tool again.
    • Click on the Scan button.
    • AdwCleaner will begin to scan your computer like it did before.
    • After the scan has finished...
    • This time, click on the Clean button.
    • Press OK when asked to close all programs and follow the onscreen prompts.
    • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of that logfile will also be saved in the C:\AdwCleaner folder.






    Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  7. #7
    Junior Member
    Join Date
    Oct 2013
    Posts
    17

    Default

    Okay I've done as you've asked, but there was a problem.

    After running the first program and cleaning, on restart there was an error message and my NVIDIA card crashed (but recovered). When I ran the second program it detected a bad module and asked me to restart again. When I did, the card did not crash, but I got the same error message. I've attached a screenshot from the first crash. Please tell me how to fix whatever this is.

    Logs:

    # AdwCleaner v3.010 - Report created 27/10/2013 at 11:01:47
    # Updated 20/10/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : azadeth - AZADETH-PC
    # Running from : C:\Users\azadeth\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****

    [#] Service Deleted : CltMngSvc
    Service Deleted : vToolbarUpdater17.0.12

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\AVG Secure Search
    Folder Deleted : C:\ProgramData\AVG Security Toolbar
    Folder Deleted : C:\ProgramData\Conduit
    Folder Deleted : C:\Program Files (x86)\AVG Secure Search
    Folder Deleted : C:\Program Files (x86)\Conduit
    Folder Deleted : C:\Program Files (x86)\ConduitEngine
    Folder Deleted : C:\Program Files (x86)\internethelper3.1
    Folder Deleted : C:\Program Files (x86)\Searchprotect
    Folder Deleted : C:\Program Files (x86)\SweetPacks_A8
    Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
    Folder Deleted : C:\Users\azadeth\AppData\Local\AVG Secure Search
    Folder Deleted : C:\Users\azadeth\AppData\Local\AVG Security Toolbar
    Folder Deleted : C:\Users\azadeth\AppData\Local\Conduit
    Folder Deleted : C:\Users\azadeth\AppData\Local\PackageAware
    Folder Deleted : C:\Users\azadeth\AppData\Local\TidyNetwork
    Folder Deleted : C:\Users\azadeth\AppData\Local\WordLayers
    Folder Deleted : C:\Users\azadeth\AppData\LocalLow\AVG Secure Search
    Folder Deleted : C:\Users\azadeth\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\azadeth\AppData\LocalLow\ConduitEngine
    Folder Deleted : C:\Users\azadeth\AppData\LocalLow\internethelper3.1
    Folder Deleted : C:\Users\azadeth\AppData\LocalLow\PriceGong
    Folder Deleted : C:\Users\azadeth\AppData\LocalLow\SweetPacks_A8
    Folder Deleted : C:\Users\azadeth\AppData\Roaming\Search Protection
    Folder Deleted : C:\Users\azadeth\AppData\Roaming\Mozilla\Firefox\Profiles\wkj2s5gh.default\CT3316068
    Folder Deleted : C:\Users\azadeth\AppData\Roaming\Mozilla\Firefox\Profiles\wkj2s5gh.default\Extensions\tidynetwork@tidynetwork
    Folder Deleted : C:\Users\azadeth\AppData\Roaming\Mozilla\Firefox\Profiles\wkj2s5gh.default\Extensions\{0b5130a9-cc50-4ced-99d5-cda8cc12ae48}
    Folder Deleted : C:\Users\azadeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
    File Deleted : C:\Users\azadeth\AppData\Roaming\Mozilla\Firefox\Profiles\wkj2s5gh.default\user.js

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
    Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
    Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
    Key Deleted : HKLM\SOFTWARE\Classes\S
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289663
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3316068
    Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ConduitFloatingPlugin_aobbhmkkplckkcbnbcdbkneemiooegoc]
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B4A6C3D-35BB-4E28-B66E-3C7847299BC9}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6CE83F03-4DFD-4070-A0A7-C46C82E20971}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0B5130A9-CC50-4CED-99D5-CDA8CC12AE48}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B1F1E22-DB92-4C92-BECC-D4BBF55F8356}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0B5130A9-CC50-4CED-99D5-CDA8CC12AE48}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07CBF788-1359-421B-A4E3-5A8D041B90A3}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0B5130A9-CC50-4CED-99D5-CDA8CC12AE48}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6CE83F03-4DFD-4070-A0A7-C46C82E20971}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B1F1E22-DB92-4C92-BECC-D4BBF55F8356}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30827020-707B-4487-8EFC-AB4E5C538922}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E1E666B1-B75F-4BD4-B92A-2D173EE066B1}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7B65D4F-DD86-4CDE-853B-0F4A23E3D8DB}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{451B1DAF-8975-4503-A9CB-EE4B657AB98C}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80ED1015-D878-4C53-A431-E8E8B820544A}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0B5130A9-CC50-4CED-99D5-CDA8CC12AE48}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0B5130A9-CC50-4CED-99D5-CDA8CC12AE48}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{07CBF788-1359-421B-A4E3-5A8D041B90A3}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0B5130A9-CC50-4CED-99D5-CDA8CC12AE48}]
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\AVG Secure Search
    Key Deleted : HKCU\Software\AVG Security Toolbar
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\SearchProtect
    Key Deleted : HKCU\Software\YahooPartnerToolbar
    Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Deleted : HKCU\Software\AppDataLow\Toolbar
    Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
    Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
    Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
    Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
    Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
    Key Deleted : HKCU\Software\AppDataLow\Software\InternetHelper3.1
    Key Deleted : HKCU\Software\AppDataLow\Software\SweetPacks_A8
    Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
    Key Deleted : HKLM\Software\AVG Secure Search
    Key Deleted : HKLM\Software\AVG Security Toolbar
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\Software\conduitEngine
    Key Deleted : HKLM\Software\SearchProtect
    Key Deleted : HKLM\Software\InternetHelper3.1
    Key Deleted : HKLM\Software\SweetPacks_A8
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

    ***** [ Browsers ] *****

    -\\ Internet Explorer v10.0.9200.16720


    -\\ Mozilla Firefox v24.0 (en-US)

    [ File : C:\Users\azadeth\AppData\Roaming\Mozilla\Firefox\Profiles\wkj2s5gh.default\prefs.js ]


    -\\ Google Chrome v

    [ File : C:\Users\azadeth\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [17588 octets] - [26/10/2013 23:38:40]
    AdwCleaner[R1].txt - [15629 octets] - [26/10/2013 23:42:29]
    AdwCleaner[R2].txt - [15745 octets] - [27/10/2013 11:01:06]
    AdwCleaner[S0].txt - [14139 octets] - [27/10/2013 11:01:47]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14200 octets] ##########


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.0.7 (10.15.2013:2)
    OS: Windows 7 Home Premium x64
    Ran by azadeth on Sun 10/27/2013 at 11:19:44.23
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values




    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\utorrentbar
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2190BA05-D43B-4E72-9A25-25704CC13956}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{26521163-200b-4090-a0ef-1619fec1d3ce}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}



    ~~~ Files



    ~~~ Folders

    Successfully deleted: [Folder] "C:\Users\azadeth\appdata\local\cre"
    Successfully deleted: [Folder] "C:\Users\azadeth\appdata\locallow\utorrentbar"
    Successfully deleted: [Empty Folder] C:\Users\azadeth\appdata\local\{070882AB-1770-47BF-8810-1526D704FFB9}
    Successfully deleted: [Empty Folder] C:\Users\azadeth\appdata\local\{42BE5CC9-E5CD-43D6-99A0-63552DD5E16F}
    Successfully deleted: [Empty Folder] C:\Users\azadeth\appdata\local\{6CEC273A-448B-46C7-84B2-9B3A9EE9F09A}
    Successfully deleted: [Empty Folder] C:\Users\azadeth\appdata\local\{70A76A90-847C-486F-88D1-110201E72A04}
    Successfully deleted: [Empty Folder] C:\Users\azadeth\appdata\local\{B3A03E5C-73B7-4B84-A734-8575B018BFED}
    Successfully deleted: [Empty Folder] C:\Users\azadeth\appdata\local\{B5A66BE3-ACBB-48FF-B0C4-61B09F1097FC}



    ~~~ Chrome

    Successfully deleted: [Folder] C:\Users\azadeth\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sun 10/27/2013 at 11:22:20.65
    Computer was rebooted
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Attached Images Attached Images

  8. #8
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    The error your getting is because Conduit was removed and it cant find the file

    Run Malwarebytes, it removes conduit, it may find that key and delete it and stop that error

    Please download Malwarebytes from Here or Here

    • Double-click mbam-setup.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform quick scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected .
    • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
    • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
    Post the report please
    Last edited by ken545; 2013-10-27 at 17:57.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  9. #9
    Junior Member
    Join Date
    Oct 2013
    Posts
    17

    Default

    It doesn't look like it worked...

    I ran it, and then ran it as administrator, and it came up reporting 0 objects found both times. I also restarted, and I'm still getting the error message.

    Malwarebytes Anti-Malware (Trial) 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.10.27.04

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16721
    azadeth :: AZADETH-PC [administrator]

    Protection: Enabled

    10/27/2013 1:50:03 PM
    mbam-log-2013-10-27 (13-50-03).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 233279
    Time elapsed: 2 minute(s), 6 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)

  10. #10
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Ok, run this program and post the log please, you need the 64 bit version


    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2
    64 Bit Version

    • Double-click SystemLook.exe to run it.
    • Copy the content of the following codebox into the main textfield:
      Code:
      :folderfind
      Conduit
      :filefind
      Conduit
      :regfind
      Conduit
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •