Page 1 of 4 1234 LastLast
Results 1 to 10 of 31

Thread: mysterious desktop icons probably malware Silverlight and FantasticInst.exe

  1. #1
    Member
    Join Date
    Jul 2007
    Location
    North Carolina
    Posts
    43

    Default mysterious desktop icons probably malware Silverlight and FantasticInst.exe

    Thanks so much for providing this opportunity to fix my computer problem with your assistance.

    I'm using an old desktop with Windows XP operating system, so I expect it to be a little slow and unable to operate some of the most up to date software, but I'm pretty sure it could function a little faster and better with some help.

    Here is what I have experienced:

    Mozilla Firefox sometimes will not open at all. I have uninstalled and reinstalled it a couple of times. When it does open it takes a really long time to open (like 5 minutes)

    Internet Explore is slow to open and respond. I can't seem to set it up to open sites like Yahoo.com without it blocking the page.

    There are a couple of icons on my desktop that I can not remove or uninstall. I found Silverlight and thought I uninstalled it through the Program Manager, but it still appears on my desktop.

    I also had an icon for something that looked like a game controller with the words Plug & Play below it but did not find it in my Program Manager. I found the source file and tried to delete it manually, but some form of the icon still appears on the desktop. File is listed as C:\Program Files\FGIcon\FantasticInst.exe

    I have had a notice appear frequently that "Software you are installing for this hardware Non-Plug & Play drivers has not passed Windows Logo testing to verify its compatibility with Windows XP. I click the button to stop installing but it continues to attempt to install.

    I have run Spybot many times as well as AVG but the problem continues.

    I would love to be able to use Windows and Internet Explorer on this computer as my laptop is using a Linux operating system and I am unable to do some things on it due to compatibility with some sites.

    I appreciate any help you can provide.

    Thanks, Tonia

  2. #2
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    I would love to be able to use Windows and Internet Explorer on this computer as my laptop is using a Linux operating system and I am unable to do some things on it due to compatibility with some sites.
    This might become an issue. I can help with windows errors and malware but I am not familiar with Linux at all.


    To remove unused desktop icons

    1.Open Display in Control Panel.

    2.On the Desktop tab, click Customize Desktop.

    3.Under Desktop cleanup, click Clean Desktop Now.

    4.Follow the directions in the Desktop Cleanup Wizard.

    Note
    To open Display, click Start, click Control Panel, click Appearance and Themes, and then click Display.


    The Desktop Cleanup Wizard displays a list of the desktop icons that have not been used for 60 days or more, enabling you to remove those icons that you don't want on your desktop. You can retrieve icons you have removed by opening the Unused Desktop Shortcuts folder on your desktop.


    Clear the Run Desktop Cleanup Wizard every 60 days check box if you don't want the wizard to run automatically every two months.

    You can remove an individual desktop icon by right-clicking the icon and then clicking Delete.

    To add or remove the icons for My Documents, My Computer, My Network Places, or Internet Explorer, select or clear those items under Desktop icons.


    Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)
    There are 6 different versions. If one of them won't run then download and try to run the other one.
    Vista and Win7 users need to right click and choose Run as Admin
    You only need to get one of them to run, not all of them.
    1. rkill.exe
    2. rkill.com
    3. rkill.scr
    4. rkill.pif
    5. WiNlOgOn.exe
    6. uSeRiNiT.exe


    ~~~~~~~~~~~~~~~~~~~~~~~

    Please download Farbar Recovery Scan Tool

    (use correct version for your system.....Which system am I using?)



    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #3
    Member
    Join Date
    Jul 2007
    Location
    North Carolina
    Posts
    43

    Default Thanks for your reply - Rkill logs attached.

    Thanks so much for your reply. I ran the desktop clean up, installed the programs you suggested and ran the scans. At some point, Windows updated and restarted my computer. Hopefully it doesn't impact the results of the log.

    My logs are really long and it appears that I can not post the text in the message. I also have to break them up into smaller files to upload them. If there is another way to get this information to you please let me know.

    Sorry for any confusion I may have caused by mentioning the Linux operating system I have on my laptop. It's running fine. I just want to get this Windows operating system working better right now.

    Thanks, Tonia
    Attached Files Attached Files

  4. #4
    Member
    Join Date
    Jul 2007
    Location
    North Carolina
    Posts
    43

    Default FRST Logs

    Here are the other logs you requested.

    Thanks again.

    Tonia
    Attached Files Attached Files

  5. #5
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    I'm posting the logs to make it easier to read for me.

    I'll be back after I've had time to research these.


    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-03-2014
    Ran by User (administrator) on HOME on 05-03-2014 14:34:49
    Running from C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\JAKG28F6
    Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
    Internet Explorer Version 8
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/down...an-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/down...an-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    () C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe
    (AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe
    () C:\Program Files\NetDrive\wdService.exe
    () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\loggingserver.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgnsx.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgrsx.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    (Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
    (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    (RealNetworks, Inc.) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    () C:\Program Files\AVG Secure Search\vprot.exe
    (Koyote-Lab, inc) C:\Program Files\Settings Alerter\Datamngr\datamngrUI.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgtray.exe
    (Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Farbar) C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\JAKG28F6\FRST[1].exe


    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [437008 2005-12-04] (Microsoft Corporation)
    HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [461584 2005-12-04] (Microsoft Corporation)
    HKLM\...\Run: [pdfFactory Pro Dispatcher v2] - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe [499712 2006-04-06] (FinePrint Software, LLC)
    HKLM\...\Run: [TkBellExe] - C:\Program Files\Common Files\Real\Update_OB\realsched.exe [198160 2010-02-11] (RealNetworks, Inc.)
    HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2010-11-29] (Apple Inc.)
    HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2552856 2014-03-02] ()
    HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems Incorporated)
    HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-11] (Adobe Systems Incorporated)
    HKLM\...\Run: [DATAMNGR] - C:\Program Files\Settings Alerter\Datamngr\datamngrUI.exe [1684016 2013-02-05] (Koyote-Lab, inc)
    HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
    HKLM\...\Run: [SunJavaUpdateSched] - "C:\Program Files\Java\jre6\bin\jusched.exe"
    HKLM\...\Run: [AVG_TRAY] - C:\Program Files\AVG\AVG2012\avgtray.exe [2596984 2012-07-31] (AVG Technologies CZ, s.r.o.)
    HKLM\...\runonceex: [] - [X]
    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
    HKU\.DEFAULT\...\Run: [DWQueuedReporting] - C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [39264 2007-03-13] (Microsoft Corporation)
    HKU\S-1-5-21-1266927252-1395366336-781762406-1005\...\MountPoints2: G - G:\LaunchU3.exe
    HKU\S-1-5-21-1266927252-1395366336-781762406-1005\...\MountPoints2: {63c54ca6-3192-11dd-91b8-000fb53d70e5} - G:\LaunchU3.exe -a
    AppInit_DLLs: C:\DOCUME~1\ALLUSE~1\APPLIC~1\Wincert\WIN32C~1.DLL => C:\Documents and Settings\All Users\Application Data\Wincert\win32cert.dll [7168 2012-12-20] ()
    AppInit_DLLs: C:\PROGRA~1\SETTIN~1\Datamngr\datamngr.dll => C:\PROGRA~1\SETTIN~1\Datamngr\datamngr.dll File Not Found
    AppInit_DLLs: C:\PROGRA~1\SETTIN~1\Datamngr\IEBHO.dll => C:\PROGRA~1\SETTIN~1\Datamngr\IEBHO.dll File Not Found
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk
    ShortcutTarget: DesktopWeatherAlerts.lnk -> C:\Documents and Settings\User\Local Settings\Application Data\WeatherAlerts\DesktopWeatherAlertsApp.exe (No File)
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Weather Alerts.lnk
    ShortcutTarget: Weather Alerts.lnk -> C:\Documents and Settings\User\Local Settings\Application Data\WeatherAlerts\WeatherAlerts.exe (No File)
    Startup: C:\Documents and Settings\User\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE ()

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.coupons.com/
    SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=107&systemid=465&q={searchTerms}
    SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=107&systemid=465&q={searchTerms}
    SearchScopes: HKCU - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=107&systemid=465&q={searchTerms}
    SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={BB0DF854-3FD9-463C-87B5-E3E22F8E6471}&mid=5bb1442fcf05010cec7e7e879cb0efd6-06ce4fc639803a2e3563922518183d8e94088cb9&lang=en&ds=AVG&pr=fr&d=2012-05-10 19:23:05&v=14.2.0.1&pid=avg&sg=0&sap=dsp&q={searchTerms}
    SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://search.coupons.com/search.asp?p=df&q={searchTerms}
    SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=107&systemid=465&q={searchTerms}
    BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
    BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
    BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
    BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
    BHO: PlurPush - {82249076-d5c8-431d-982b-023779779587} - C:\Program Files\PlurPush\PlurPushbho.dll (PlurPush)
    BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.0.0.248\AVG Secure Search_toolbar.dll (AVG Secure Search)
    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
    BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll No File
    BHO: TBSB07898 Class - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll No File
    Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.0.0.248\AVG Secure Search_toolbar.dll (AVG Secure Search)
    Toolbar: HKLM - Coupons.com CouponBar - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll No File
    Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
    Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
    Toolbar: HKCU - &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
    Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
    Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab
    DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} http://zone.msn.com/binFrameWork/v10...I.cab55579.cab
    DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/...oUploader5.cab
    DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} https://www.corestaff.com/application/ScriptX.cab
    DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} http://downloads.ewido.net/ewidoOnlineScan.cab
    DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab
    DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} http://zone.msn.com/binframework/v10...t.cab55579.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsu...?1141696688906
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab
    DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/bingame/zpagames...l.cab55579.cab
    DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
    DPF: {C2B78FF1-6E5A-4854-AC24-E09A0E2411BA} http://static1.meetupstatic.com/appl...tUploader5.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} http://zone.msn.com/binframework/v10...y.cab55579.cab
    DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} http://driveragent.com/files/driveragent.cab
    Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.0\ViProtocol.dll (AVG Secure Search)
    Handler: x-excid - {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\WINDOWS\Downloaded Program Files\mimectl.dll No File
    ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

    FireFox:
    ========
    FF ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default
    FF user.js: detected! => C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\user.js
    FF DefaultSearchEngine: AVG Secure Search
    FF SearchEngineOrder.1: Web Search
    FF SelectedSearchEngine: AVG Secure Search
    FF Homepage: hxxp://my.yahoo.com/
    FF NetworkProxy: "no_proxies_on", "127.0.0.1,localhost,*.local"
    FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
    FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.0\\npsitesafety.dll (AVG Technologies)
    FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
    FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
    FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF Plugin: @real.com/nprjplug;version=1.0.3.448 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
    FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
    FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017300.dll (Amazon.com, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npmnqmp07030901.dll (Move Networks)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npmozax.dll ()
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
    FF SearchPlugin: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\searchplugins\web-search.xml
    FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
    FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\WebSearch.xml
    FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
    FF Extension: No Name - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\Extensions\nostmp [2012-02-01]
    FF Extension: Adobe DLM (powered by getPlus(R)) - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\Extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2011-06-21]
    FF Extension: PlurPush - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\Extensions\{552199fb-9890-4055-9aaf-b2f6d51d46e9}.xpi [2014-02-26]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-02-09]
    FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-02-09]
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
    FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext
    FF Extension: RealPlayer Browser Record Plugin - C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext [2010-02-11]
    FF HKLM\...\Firefox\Extensions: [ShopperReports@ShopperReports.com] - C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions
    FF Extension: ShopperReports - C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions [2011-06-09]
    FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\18.0.0.248
    FF Extension: AVG Security Toolbar - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\18.0.0.248 [2014-03-02]
    FF HKLM\...\Firefox\Extensions: [{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}] - C:\Program Files\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi
    FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
    FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4\
    FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG2012\Firefox4\ []

    ========================== Services (Whitelisted) =================

    S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [1025352 2011-09-01] ()
    R2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [5174392 2012-11-02] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
    R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe [546112 2014-01-27] ()
    S2 SLService; C:\WINDOWS\system32\slserv.exe [45056 2002-07-02] ( )
    R2 vToolbarUpdater18.0.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe [1759768 2014-03-02] (AVG Secure Search)
    R2 WebDriveService; C:\Program Files\NetDrive\wdService.exe [94208 2003-03-26] ()
    S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)

    ==================== Drivers (Whitelisted) ====================

    R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [659356 2002-10-02] (Avance Logic, Inc.)
    R3 AN983; C:\WINDOWS\System32\DRIVERS\AN983.sys [36224 2002-08-29] (ADMtek Incorporated.)
    R3 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [139856 2011-12-23] (AVG Technologies CZ, s.r.o. )
    R3 AVGIDSFilter; C:\WINDOWS\System32\DRIVERS\avgidsfilterx.sys [24144 2011-12-23] (AVG Technologies CZ, s.r.o. )
    R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
    R3 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [17232 2011-12-23] (AVG Technologies CZ, s.r.o. )
    R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [237408 2012-07-26] (AVG Technologies CZ, s.r.o.)
    R1 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [41040 2011-12-23] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [31952 2012-01-31] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [301920 2012-08-24] (AVG Technologies CZ, s.r.o.)
    R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [42784 2014-03-02] (AVG Technologies)
    S3 CVirtA; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [5315 2005-05-17] (Cisco Systems, Inc.)
    S3 DNINDIS5; C:\WINDOWS\system32\DNINDIS5.SYS [17149 2003-07-24] (Printing Communications Assoc., Inc. (PCAUSA))
    R1 FileDisk; C:\WINDOWS\system32\Drivers\FileDisk.sys [12928 2005-10-16] (Bo Brantén)
    S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51056 2003-05-14] (HP)
    S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2003-05-14] (HP)
    S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21488 2003-05-14] (HP)
    R2 MDC8021X; C:\WINDOWS\System32\DRIVERS\mdc8021x.sys [15890 2006-03-10] (Meetinghouse Data Communications)
    S3 MLFILEM; C:\WINDOWS\system32\drivers\MLFILEM.SYS [28288 2004-06-04] (Sysinternals - www.sysinternals.com)
    R3 Mtlmnt5; C:\WINDOWS\System32\DRIVERS\Mtlmnt5.sys [197152 2002-09-24] ( )
    S3 Mtlstrm; C:\WINDOWS\System32\DRIVERS\Mtlstrm.sys [1807568 2002-07-02] ( )
    S3 NtMtlFax; C:\WINDOWS\System32\DRIVERS\NtMtlFax.sys [161976 2002-07-02] ( )
    R3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
    S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
    R3 Slntamr; C:\WINDOWS\System32\DRIVERS\slntamr.sys [418720 2002-07-02] ( )
    S3 SlNtHal; C:\WINDOWS\System32\DRIVERS\Slnthal.sys [84720 2002-07-02] ( )
    R3 SlWdmSup; C:\WINDOWS\System32\DRIVERS\SlWdmSup.sys [39348 2002-07-02] (Vireo Software)
    R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [716272 2008-11-01] ()
    S3 TVICHW32; C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [23600 2008-01-03] (EnTech Taiwan)
    R2 WebDriveFSD; C:\Program Files\NetDrive\rffsd.sys [67032 2002-11-27] ()
    R1 {6080A529-897E-4629-A488-ABA0C29B635E}; C:\WINDOWS\System32\drivers\ialmsbw.sys [91390 2002-07-31] (Intel Corporation)
    R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}; C:\WINDOWS\System32\drivers\ialmkchw.sys [71258 2002-07-31] (Intel Corporation)
    S3 AR5523; system32\DRIVERS\wg11tnd5.sys [X]
    S3 ATHFMWDL; System32\Drivers\ATHFMWDL.sys [X]
    S3 mcdbus; system32\DRIVERS\mcdbus.sys [X]
    S4 RFNP32; No ImagePath
    U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
    S3 vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys [X]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-03-05 14:34 - 2014-03-05 14:34 - 00000000 ____D () C:\FRST
    2014-03-05 14:18 - 2014-03-05 14:24 - 00213888 _____ () C:\Documents and Settings\User\Desktop\Rkill.txt
    2014-03-05 13:47 - 2014-03-05 13:47 - 00000000 ____D () C:\Documents and Settings\User\Desktop\Unused Desktop Shortcuts
    2014-03-05 12:51 - 2014-03-05 12:36 - 00451108 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140305-125113.backup
    2014-03-05 12:36 - 2014-03-02 18:39 - 00446704 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140305-123626.backup
    2014-03-05 12:24 - 2014-03-05 12:24 - 00002067 _____ () C:\Documents and Settings\User\Desktop\aswMBR.txt
    2014-03-05 12:24 - 2014-03-05 12:24 - 00000512 _____ () C:\Documents and Settings\User\Desktop\MBR.dat
    2014-03-05 11:53 - 2014-03-05 11:53 - 00014985 ____C () C:\Documents and Settings\User\Desktop\attach.txt
    2014-03-05 11:53 - 2014-03-05 11:52 - 00015852 _____ () C:\Documents and Settings\User\Desktop\dds.txt
    2014-03-05 11:49 - 2014-03-05 12:47 - 00000000 ____D () C:\WINDOWS\ERDNT
    2014-03-05 11:49 - 2014-03-05 11:49 - 00000000 ____D () C:\Program Files\ERUNT
    2014-03-05 11:49 - 2014-03-05 11:49 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
    2014-03-03 11:20 - 2014-03-03 11:20 - 00000000 ____D () C:\Documents and Settings\User\Application Data\ParetoLogic
    2014-03-03 11:20 - 2014-03-03 11:20 - 00000000 ____D () C:\Documents and Settings\User\Application Data\DriverCure
    2014-03-03 11:15 - 2014-03-03 12:59 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ParetoLogic
    2014-03-03 10:02 - 2014-03-03 10:02 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG
    2014-03-02 19:58 - 2014-03-03 13:14 - 00072877 _____ () C:\WINDOWS\setupapi.log
    2014-03-02 18:39 - 2013-04-06 18:27 - 00446704 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140302-183920.backup
    2014-03-02 15:49 - 2014-03-05 12:42 - 00000000 ____D () C:\Program Files\SavingsBull
    2014-03-01 21:54 - 2014-03-01 21:54 - 00862120 _____ (Download Manager ) C:\Documents and Settings\User\Desktop\java(1).exe
    2014-03-01 21:53 - 2014-03-01 21:53 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Weather Alerts
    2014-03-01 21:52 - 2014-03-01 21:52 - 00000000 ____D () C:\Program Files\Level Quality Watcher
    2014-03-01 21:50 - 2014-03-01 21:51 - 00000000 ____D () C:\Program Files\PlurPush
    2014-03-01 21:49 - 2014-03-02 19:57 - 00000000 ____D () C:\Program Files\SearchProtect
    2014-03-01 21:09 - 2014-03-01 21:12 - 00015385 _____ () C:\WINDOWS\KB2909921-IE8.log
    2014-03-01 20:43 - 2014-03-01 20:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
    2014-03-01 20:24 - 2014-03-01 20:25 - 00004867 _____ () C:\WINDOWS\KB2909210-IE8.log
    2014-03-01 18:52 - 2014-03-01 18:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
    2014-03-01 18:51 - 2014-03-01 18:52 - 00009419 _____ () C:\WINDOWS\KB2914368.log
    2014-03-01 18:51 - 2014-03-01 18:51 - 00009399 _____ () C:\WINDOWS\KB2904266.log
    2014-03-01 18:51 - 2014-03-01 18:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
    2014-03-01 18:50 - 2014-03-01 18:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
    2014-03-01 18:48 - 2014-03-01 18:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893984$
    2014-03-01 18:48 - 2014-03-01 18:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
    2014-03-01 18:47 - 2014-03-01 18:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
    2014-03-01 18:46 - 2014-03-01 18:46 - 00007706 _____ () C:\WINDOWS\KB2900986.log
    2014-03-01 18:46 - 2014-03-01 18:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
    2014-03-01 18:45 - 2014-03-01 18:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
    2014-03-01 18:44 - 2014-03-01 18:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
    2014-03-01 18:43 - 2014-03-01 18:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
    2014-03-01 18:36 - 2014-03-01 18:36 - 17858952 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
    2014-03-01 18:08 - 2014-03-01 20:43 - 00011995 _____ () C:\WINDOWS\KB2916036.log
    2014-03-01 18:08 - 2014-03-01 18:50 - 00016197 _____ () C:\WINDOWS\KB2898715.log
    2014-03-01 18:08 - 2014-03-01 18:45 - 00013778 _____ () C:\WINDOWS\KB2868626.log
    2014-03-01 18:07 - 2014-03-01 18:48 - 00015700 _____ () C:\WINDOWS\KB2893984.log
    2014-03-01 18:07 - 2014-03-01 18:47 - 00014503 _____ () C:\WINDOWS\KB2893294.log
    2014-03-01 18:07 - 2014-03-01 18:46 - 00014365 _____ () C:\WINDOWS\KB2876331.log
    2014-03-01 18:07 - 2014-03-01 18:43 - 00012789 _____ () C:\WINDOWS\KB2862152.log
    2014-03-01 18:04 - 2014-03-01 18:48 - 00014515 _____ () C:\WINDOWS\KB2892075.log

    ==================== One Month Modified Files and Folders =======

    2014-03-05 14:36 - 2012-05-06 20:37 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2014-03-05 14:34 - 2014-03-05 14:34 - 00000000 ____D () C:\FRST
    2014-03-05 14:24 - 2014-03-05 14:18 - 00213888 _____ () C:\Documents and Settings\User\Desktop\Rkill.txt
    2014-03-05 13:56 - 2010-01-06 14:29 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2014-03-05 13:47 - 2014-03-05 13:47 - 00000000 ____D () C:\Documents and Settings\User\Desktop\Unused Desktop Shortcuts
    2014-03-05 13:11 - 2006-03-12 13:11 - 00000340 _____ () C:\WINDOWS\Tasks\HP Usg Daily.job
    2014-03-05 12:47 - 2014-03-05 11:49 - 00000000 ____D () C:\WINDOWS\ERDNT
    2014-03-05 12:46 - 2010-01-06 14:29 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2014-03-05 12:46 - 2002-12-24 06:29 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
    2014-03-05 12:43 - 2006-03-06 20:58 - 01437880 _____ () C:\WINDOWS\WindowsUpdate.log
    2014-03-05 12:42 - 2014-03-02 15:49 - 00000000 ____D () C:\Program Files\SavingsBull
    2014-03-05 12:42 - 2002-12-23 23:37 - 00000157 _____ () C:\WINDOWS\wiadebug.log
    2014-03-05 12:41 - 2002-12-24 07:43 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2014-03-05 12:41 - 2002-12-23 23:37 - 00000048 _____ () C:\WINDOWS\wiaservc.log
    2014-03-05 12:40 - 2012-12-30 15:25 - 00014010 _____ () C:\WINDOWS\SchedLgU.Txt
    2014-03-05 12:39 - 2006-03-06 18:39 - 00000278 ___SH () C:\Documents and Settings\User\ntuser.ini
    2014-03-05 12:36 - 2014-03-05 12:51 - 00451108 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140305-125113.backup
    2014-03-05 12:24 - 2014-03-05 12:24 - 00002067 _____ () C:\Documents and Settings\User\Desktop\aswMBR.txt
    2014-03-05 12:24 - 2014-03-05 12:24 - 00000512 _____ () C:\Documents and Settings\User\Desktop\MBR.dat
    2014-03-05 11:53 - 2014-03-05 11:53 - 00014985 ____C () C:\Documents and Settings\User\Desktop\attach.txt
    2014-03-05 11:52 - 2014-03-05 11:53 - 00015852 _____ () C:\Documents and Settings\User\Desktop\dds.txt
    2014-03-05 11:49 - 2014-03-05 11:49 - 00000000 ____D () C:\Program Files\ERUNT
    2014-03-05 11:49 - 2014-03-05 11:49 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
    2014-03-05 11:21 - 2008-07-23 11:17 - 00000420 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{1B35155B-B273-4F78-A4C9-B3AD29E35858}.job
    2014-03-05 10:45 - 2011-04-22 12:25 - 00000000 ____D () C:\WINDOWS\system32\Drivers\AVG
    2014-03-03 13:14 - 2014-03-02 19:58 - 00072877 _____ () C:\WINDOWS\setupapi.log
    2014-03-03 12:59 - 2014-03-03 11:15 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\ParetoLogic
    2014-03-03 11:30 - 2006-03-06 18:39 - 00001599 _____ () C:\Documents and Settings\User\Start Menu\Programs\Remote Assistance.lnk
    2014-03-03 11:23 - 2002-12-24 07:43 - 00001599 _____ () C:\Documents and Settings\Default User\Start Menu\Programs\Remote Assistance.lnk
    2014-03-03 11:22 - 2007-07-09 11:03 - 00001599 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
    2014-03-03 11:20 - 2014-03-03 11:20 - 00000000 ____D () C:\Documents and Settings\User\Application Data\ParetoLogic
    2014-03-03 11:20 - 2014-03-03 11:20 - 00000000 ____D () C:\Documents and Settings\User\Application Data\DriverCure
    2014-03-03 10:02 - 2014-03-03 10:02 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG
    2014-03-03 09:53 - 2011-04-22 12:08 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
    2014-03-02 22:57 - 2013-02-23 14:11 - 00000000 ____D () C:\Program Files\Settings Alerter
    2014-03-02 21:23 - 2011-09-27 11:30 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
    2014-03-02 21:23 - 2011-09-27 11:30 - 00000000 ____D () C:\Program Files\AVG Secure Search
    2014-03-02 21:22 - 2012-09-05 09:44 - 00042784 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
    2014-03-02 21:22 - 2011-12-08 17:31 - 00000000 ____D () C:\WINDOWS\system32\cache
    2014-03-02 21:22 - 2011-12-08 17:31 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG Secure Search
    2014-03-02 19:57 - 2014-03-01 21:49 - 00000000 ____D () C:\Program Files\SearchProtect
    2014-03-02 19:57 - 2006-03-10 13:07 - 00003503 _____ () C:\WINDOWS\wininit.ini
    2014-03-02 18:39 - 2014-03-05 12:36 - 00446704 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140305-123626.backup
    2014-03-02 18:33 - 2006-10-08 18:00 - 00000000 ____D () C:\Program Files\Java
    2014-03-02 18:21 - 2006-03-22 16:42 - 00000000 ____D () C:\WINDOWS\Corel
    2014-03-02 18:00 - 2011-03-24 22:37 - 00000000 ____D () C:\Program Files\OpenOffice.org 3
    2014-03-02 18:00 - 2008-09-29 19:31 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
    2014-03-02 17:50 - 2006-03-15 10:59 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Kodak
    2014-03-02 17:24 - 2007-11-10 18:37 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Google
    2014-03-02 17:24 - 2006-05-06 16:51 - 00000000 ____D () C:\Program Files\Google
    2014-03-02 17:24 - 2006-05-06 16:51 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Google
    2014-03-01 21:59 - 2012-06-20 15:22 - 00859072 _____ (Oracle Corporation) C:\WINDOWS\system32\npdeployJava1.dll
    2014-03-01 21:59 - 2010-12-08 23:57 - 00779704 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll
    2014-03-01 21:54 - 2014-03-01 21:54 - 00862120 _____ (Download Manager ) C:\Documents and Settings\User\Desktop\java(1).exe
    2014-03-01 21:53 - 2014-03-01 21:53 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Weather Alerts
    2014-03-01 21:52 - 2014-03-01 21:52 - 00000000 ____D () C:\Program Files\Level Quality Watcher
    2014-03-01 21:51 - 2014-03-01 21:50 - 00000000 ____D () C:\Program Files\PlurPush
    2014-03-01 21:30 - 2013-02-09 14:47 - 00000000 ____D () C:\Program Files\Mozilla Firefox
    2014-03-01 21:12 - 2014-03-01 21:09 - 00015385 _____ () C:\WINDOWS\KB2909921-IE8.log
    2014-03-01 21:12 - 2009-06-24 22:57 - 00000000 ____D () C:\WINDOWS\ie8updates
    2014-03-01 21:12 - 2006-03-06 23:59 - 00482093 _____ () C:\WINDOWS\updspapi.log
    2014-03-01 21:12 - 2002-12-23 23:35 - 03283003 _____ () C:\WINDOWS\FaxSetup.log
    2014-03-01 21:12 - 2002-12-23 23:35 - 01270282 _____ () C:\WINDOWS\tsoc.log
    2014-03-01 21:12 - 2002-12-23 23:35 - 00621392 _____ () C:\WINDOWS\ntdtcsetup.log
    2014-03-01 21:12 - 2002-12-23 23:35 - 00518548 _____ () C:\WINDOWS\iis6.log
    2014-03-01 21:12 - 2002-12-23 23:35 - 00166046 _____ () C:\WINDOWS\ocmsn.log
    2014-03-01 21:12 - 2002-12-23 23:35 - 00165529 _____ () C:\WINDOWS\msgsocm.log
    2014-03-01 21:09 - 2013-10-20 20:39 - 00000000 ____D () C:\WINDOWS\system32\MRT
    2014-03-01 20:49 - 2002-12-23 23:34 - 00570014 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2014-03-01 20:43 - 2014-03-01 20:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
    2014-03-01 20:43 - 2014-03-01 18:08 - 00011995 _____ () C:\WINDOWS\KB2916036.log
    2014-03-01 20:43 - 2002-12-23 23:35 - 00001355 _____ () C:\WINDOWS\imsins.BAK
    2014-03-01 20:25 - 2014-03-01 20:24 - 00004867 _____ () C:\WINDOWS\KB2909210-IE8.log
    2014-03-01 19:44 - 2012-05-06 20:18 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\AVG Secure Search
    2014-03-01 19:28 - 2012-05-06 20:37 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
    2014-03-01 19:28 - 2011-08-20 11:39 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
    2014-03-01 19:19 - 2002-12-23 23:34 - 00220840 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
    2014-03-01 18:52 - 2014-03-01 18:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
    2014-03-01 18:52 - 2014-03-01 18:51 - 00009419 _____ () C:\WINDOWS\KB2914368.log
    2014-03-01 18:51 - 2014-03-01 18:51 - 00009399 _____ () C:\WINDOWS\KB2904266.log
    2014-03-01 18:51 - 2014-03-01 18:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
    2014-03-01 18:51 - 2007-02-16 00:30 - 00894282 _____ () C:\WINDOWS\system32\TZLog.log
    2014-03-01 18:50 - 2014-03-01 18:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
    2014-03-01 18:50 - 2014-03-01 18:08 - 00016197 _____ () C:\WINDOWS\KB2898715.log
    2014-03-01 18:48 - 2014-03-01 18:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893984$
    2014-03-01 18:48 - 2014-03-01 18:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
    2014-03-01 18:48 - 2014-03-01 18:07 - 00015700 _____ () C:\WINDOWS\KB2893984.log
    2014-03-01 18:48 - 2014-03-01 18:04 - 00014515 _____ () C:\WINDOWS\KB2892075.log
    2014-03-01 18:47 - 2014-03-01 18:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
    2014-03-01 18:47 - 2014-03-01 18:07 - 00014503 _____ () C:\WINDOWS\KB2893294.log
    2014-03-01 18:46 - 2014-03-01 18:46 - 00007706 _____ () C:\WINDOWS\KB2900986.log
    2014-03-01 18:46 - 2014-03-01 18:46 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
    2014-03-01 18:46 - 2014-03-01 18:07 - 00014365 _____ () C:\WINDOWS\KB2876331.log
    2014-03-01 18:45 - 2014-03-01 18:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
    2014-03-01 18:45 - 2014-03-01 18:08 - 00013778 _____ () C:\WINDOWS\KB2868626.log
    2014-03-01 18:44 - 2014-03-01 18:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
    2014-03-01 18:43 - 2014-03-01 18:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
    2014-03-01 18:43 - 2014-03-01 18:07 - 00012789 _____ () C:\WINDOWS\KB2862152.log
    2014-03-01 18:36 - 2014-03-01 18:36 - 17858952 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
    2014-03-01 17:18 - 2006-03-10 11:10 - 00002489 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
    2014-02-06 03:54 - 2006-11-07 03:26 - 00174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2014-02-06 03:54 - 2002-12-24 06:28 - 00174592 ____N (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2014-02-05 18:26 - 2012-06-15 16:32 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
    2014-02-05 18:26 - 2010-06-10 05:02 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
    2014-02-05 18:26 - 2009-06-24 22:55 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
    2014-02-05 18:26 - 2009-06-24 22:55 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
    2014-02-05 18:26 - 2009-03-08 03:33 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
    2014-02-05 18:26 - 2007-05-08 19:14 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
    2014-02-05 18:26 - 2007-05-08 19:14 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
    2014-02-05 18:26 - 2007-05-08 19:14 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
    2014-02-05 18:26 - 2007-05-08 19:14 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    2014-02-05 18:26 - 2006-11-07 21:03 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2014-02-05 18:26 - 2006-11-07 21:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2014-02-05 18:26 - 2006-11-07 21:03 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
    2014-02-05 18:26 - 2006-11-07 03:27 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
    2014-02-05 18:26 - 2006-10-17 12:05 - 01469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
    2014-02-05 18:26 - 2006-10-17 12:05 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
    2014-02-05 18:26 - 2006-10-17 12:05 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
    2014-02-05 18:26 - 2006-10-17 12:04 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
    2014-02-05 18:26 - 2006-10-17 11:57 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2014-02-05 18:26 - 2006-09-18 09:15 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
    2014-02-05 18:26 - 2006-05-19 10:08 - 06021120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
    2014-02-05 18:26 - 2006-05-10 00:23 - 01216000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
    2014-02-05 18:26 - 2006-05-10 00:23 - 00920064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
    2014-02-05 18:26 - 2006-05-10 00:23 - 00611840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
    2014-02-05 18:26 - 2006-05-10 00:23 - 00067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
    2014-02-05 18:26 - 2006-05-10 00:22 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
    2014-02-05 18:26 - 2006-05-10 00:22 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
    2014-02-05 18:26 - 2005-11-22 16:49 - 06021120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2014-02-05 18:26 - 2005-10-21 12:51 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2014-02-05 18:26 - 2005-10-21 12:51 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2014-02-05 18:26 - 2002-12-24 06:29 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
    2014-02-05 18:26 - 2002-12-24 06:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
    2014-02-05 18:26 - 2002-12-24 06:28 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2014-02-05 18:26 - 2002-12-24 06:28 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
    2014-02-05 18:26 - 2002-12-24 06:28 - 00387584 ____N (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2014-02-05 18:26 - 2002-12-24 06:28 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
    2014-02-05 18:26 - 2002-12-24 06:28 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2014-02-05 18:26 - 2002-12-24 06:28 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
    2014-02-05 18:26 - 2002-12-24 06:28 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
    2014-02-05 18:26 - 2002-12-24 06:28 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
    2014-02-05 17:24 - 2006-03-07 00:38 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
    2014-02-04 19:09 - 2006-03-06 23:59 - 85946576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

    ==================== Bamital & volsnap Check =================

    C:\WINDOWS\explorer.exe => MD5 is legit
    C:\WINDOWS\system32\winlogon.exe => MD5 is legit
    C:\WINDOWS\system32\svchost.exe => MD5 is legit
    C:\WINDOWS\system32\services.exe => MD5 is legit
    C:\WINDOWS\system32\User32.dll => MD5 is legit
    C:\WINDOWS\system32\userinit.exe => MD5 is legit
    C:\WINDOWS\system32\rpcss.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

    ==================== End Of Log ============================
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  6. #6
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-03-2014
    Ran by User at 2014-03-05 14:36:44
    Running from C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\JAKG28F6
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: AVG Anti-Virus Free Edition 2012 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

    ==================== Installed Programs ======================

    56Kbps Internal Modem (HKLM\...\SLAMRNTV) (Version: - )
    Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
    Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
    Adobe AIR (Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
    Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.103 - NOS Microsystems Ltd.)
    Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
    Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
    Adobe Reader 9.5.2 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
    Adobe Shockwave Player (HKLM\...\Adobe Shockwave Player) (Version: 10.3.0.24 - Adobe Systems, Inc.)
    Amazon MP3 Downloader 1.0.17 (HKLM\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
    AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
    Avance AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: - )
    AVG 2012 (HKLM\...\AVG) (Version: 2012.0.2221 - AVG Technologies)
    AVG 2012 (Version: 12.0.2221 - AVG Technologies) Hidden
    AVG 2012 (Version: 12.0.3705 - AVG Technologies) Hidden
    AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.0.0.248 - AVG Technologies)
    CCScore (Version: 5.03.0000.0003 - EASTMAN KODAK Company) Hidden
    Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    DigitImg (Version: 2.00.0000 - Hewlett-Packard) Hidden
    DivX Codec (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.5 - DivX, Inc.)
    DivX Player (HKLM\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 6.8.2 - )
    DivX Web Player (HKLM\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.4.2 - DivX,Inc.)
    ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer)
    ESSBrwr (Version: 5.03.0000.0101 - EASTMAN KODAK Company) Hidden
    ESSCDBK (Version: 5.03.0000.0001 - EASTMAN KODAK Company) Hidden
    ESScore (Version: 5.03.0000.0301 - EASTMAN KODAK Company) Hidden
    ESSgui (Version: 5.03.0000.0101 - EASTMAN KODAK Company) Hidden
    ESShelp (Version: 5.03.0000.0003 - EASTMAN KODAK Company) Hidden
    ESSini (Version: 5.03.0000.0201 - EASTMAN KODAK Company) Hidden
    ESSPCD (Version: 5.03.0000.0001 - EASTMAN KODAK Company) Hidden
    ESSPDock (Version: 5.03.0000.0008 - EASTMAN KODAK Company) Hidden
    ESSSONIC (Version: 5.3.0000.0001 - EASTMAN KODAK Company) Hidden
    ESSTOOLS (Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden
    essvatgt (Version: 5.03.0000.0001 - EASTMAN KODAK Company) Hidden
    essvcpt (Version: 5.03.0000.0001 - EASTMAN KODAK Company) Hidden
    GdiplusUpgrade (Version: 1.00.01 - Hewlett-Packard) Hidden
    Google Earth (HKLM\...\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}) (Version: 4.3.7284.3916 - Google)
    Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
    HLPPDOCK (Version: 5.03.0000.0001 - EASTMAN KODAK Company) Hidden
    Intel(R) 82845G Graphics Driver Software (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: - )
    kgcbase (Version: 5.03.0000.0004 - EASTMAN KODAK Company) Hidden
    K-Lite Codec Pack 8.8.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 8.8.0 - )
    KSU (Version: 632.62.0003.0003 - EASTMAN KODAK Company) Hidden
    LiveUpdate 2.0 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 2.0.39.0 - Symantec Corporation)
    Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
    Microsoft IntelliPoint 5.5 (HKLM\...\{EBC91840-41E1-4CC3-AC11-0B889546223C}) (Version: 5.50.661.0 - Microsoft)
    Microsoft IntelliType Pro 5.5 (HKLM\...\{F02CF4B0-05EC-4938-A8D2-F739AF3B4363}) (Version: 5.50.661.0 - Microsoft)
    Microsoft Internationalized Domain Names Mitigation APIs (Version: - Microsoft Corporation) Hidden
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 (Version: - Microsoft Corporation) Hidden
    Microsoft National Language Support Downlevel APIs (Version: - Microsoft Corporation) Hidden
    Microsoft Office XP Professional (HKLM\...\{90110409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
    Microsoft Outlook Web Access S/MIME (HKLM\...\{6CF08AD2-00C5-4A63-B74B-2EFFFAFEBE1A}) (Version: 6.5.7651.60 - Microsoft)
    Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Works 7.0 (HKLM\...\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}) (Version: 07.02.0620 - Microsoft Corporation)
    MoodLogic Service (HKLM\...\MoodLogic Service) (Version: - MoodLogic)
    Move Networks Player for Firefox (HKLM\...\Move Player_is1) (Version: - Move Networks)
    Movie Download Manager (HKCU\...\DownloadCoach) (Version: - )
    Mozilla Firefox 19.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 19.0.2 (x86 en-US)) (Version: 19.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 19.0.2 - Mozilla)
    MSXML 4.0 SP2 (KB925672) (HKLM\...\{A9CF9052-F4A0-475D-A00F-A8388C62DD63}) (Version: 4.20.9839.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Multimedia Keyboard Driver Ver1.0 (KB-0108) (HKLM\...\{FF262740-C85A-11D5-BBEC-00D0B740900A}) (Version: - )
    NetDrive (HKLM\...\NetDrive) (Version: - )
    Netflix Movie Viewer (HKLM\...\{BCE72AED-3332-4863-9567-C5DCB9052CA2}) (Version: 1.2.211 - Netflix)
    Notifier (Version: 5.03.0000.0001 - EASTMAN KODAK Company) Hidden
    OfotoXMI (Version: 5.03.0000.0302 - EASTMAN KODAK Company) Hidden
    OTtBP (Version: 5.03.0000.0001 - EASTMAN KODAK Company) Hidden
    OTtBPSDK (Version: 4.00.0000.0000 - EASTMAN KODAK Company) Hidden
    pdfFactory Pro (HKLM\...\pdfFactory Pro) (Version: - )
    Photosmart 140,240,7200,7600,7700,7900 Series (HKLM\...\{45B6180B-DCAB-4093-8EE8-6164457517F0}) (Version: 2.0 - Hewlett-Packard)
    PS7700 (Version: 1.00.0000 - Hewlett-Packard) Hidden
    PSShortcuts (Version: 1.00.0000 - Hewlett-Packard) Hidden
    PSUsage (Version: 1.20.0000 - Hewlett-Packard) Hidden
    QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
    RealPlayer (HKLM\...\RealPlayer 12.0) (Version: - RealNetworks)
    SavingsBull (HKLM\...\Level Quality Watcher) (Version: SavingsBull - SavingsBull) <==== ATTENTION
    SavingsBull (Version: 1.0.0.0 - SavingsBull) Hidden
    SFR (Version: 5.00.0000.0005 - Eastman Kodak Company) Hidden
    SFR2 (Version: 3.00.0004.0000 - Eastman Kodak Company) Hidden
    SHASTA (Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden
    SKIN0001 (Version: 5.03.0000.0101 - EASTMAN KODAK Company) Hidden
    SKINXSDK (Version: 5.03.0000.0101 - EASTMAN KODAK Company) Hidden
    Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.0 - Safer Networking Limited)
    staticcr (Version: 5.03.0000.0001 - EASTMAN KODAK Company) Hidden
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB971930) (HKLM\...\KB971930-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB976749) (HKLM\...\KB976749-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
    Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
    Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
    VPRINTOL (Version: 5.03.0000.0101 - EASTMAN KODAK Company) Hidden
    WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
    Winamp (remove only) (HKLM\...\Winamp) (Version: - )
    Windows Backup Utility (HKLM\...\{76EFFC7C-17A6-479D-9E47-8E658C1695AE}) (Version: 5.1 - Microsoft Corporation)
    Windows Defender (HKLM\...\{A06275F4-324B-4E85-95E6-87B2CD729401}) (Version: 1.1.1593.21 - Microsoft Corporation)
    Windows Defender Signatures (Version: 1.20.1459.12 - Microsoft Corporation) Hidden
    Windows Internet Explorer 7 (Version: 20061107.210142 - Microsoft Corporation) Hidden
    Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
    Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
    Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
    Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
    Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
    Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
    WIRELESS (Version: 5.03.0000.0003 - EASTMAN KODAK Company) Hidden
    WordPerfect Office 2002 Professional (HKLM\...\WordPerfect Office 2002 Professional) (Version: - )
    WordPerfect Office 2002 Professional (Version: 10 - Corel) Hidden

    ==================== Restore Points =========================

    01-03-2014 23:39:34 Software Distribution Service 3.0
    02-03-2014 01:06:33 Software Distribution Service 3.0
    02-03-2014 02:59:32 Installed Java 7 Update 10
    02-03-2014 03:20:37 Software Distribution Service 3.0
    02-03-2014 22:11:56 Removed Apple Application Support
    02-03-2014 22:16:31 Removed Apple Mobile Device Support
    02-03-2014 22:19:49 Removed Apple Software Update
    02-03-2014 22:37:56 Removed iTunes
    02-03-2014 22:51:09 Removed OneClickdigital Media Manager.
    02-03-2014 22:58:25 Removed OpenOffice.org 3.3
    02-03-2014 23:03:10 Removed OverDrive Media Console
    02-03-2014 23:22:21 Removed Java 7 Update 10
    02-03-2014 23:27:23 Removed Bonjour
    02-03-2014 23:29:26 Removed Java(TM) 6 Update 2
    02-03-2014 23:31:28 Removed Java(TM) 6 Update 22
    02-03-2014 23:33:13 Removed Java(TM) 6 Update 3
    02-03-2014 23:34:27 Removed Java(TM) 6 Update 33
    03-03-2014 02:03:01 Software Distribution Service 3.0
    03-03-2014 03:56:00 Removed Microsoft Silverlight
    03-03-2014 05:22:03 Software Distribution Service 3.0
    03-03-2014 18:14:30 Software Distribution Service 3.0
    05-03-2014 15:55:03 System Checkpoint

    ==================== Hosts content: ==========================

    2002-12-24 06:28 - 2014-03-05 12:51 - 00451108 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 www.10sek.com
    127.0.0.1 10sek.com
    127.0.0.1 www.123topsearch.com
    127.0.0.1 123topsearch.com
    127.0.0.1 www.132.com
    127.0.0.1 132.com
    127.0.0.1 www.136136.net
    127.0.0.1 136136.net
    127.0.0.1 www.163ns.com
    127.0.0.1 163ns.com
    127.0.0.1 171203.com
    127.0.0.1 17-plus.com
    127.0.0.1 www.1800searchonline.com
    127.0.0.1 1800searchonline.com

    There are 1000 more lines.


    ==================== Scheduled Tasks (whitelisted) =============

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\HP DArC Task #Hewlett-Packard#7700#MY365110DR7F.job => C:\Program Files\HP\hpcoretech\comp\hpdarc.exe
    Task: C:\WINDOWS\Tasks\HP Usg Daily.job => C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\pexpress\hphped05.exe
    Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{1B35155B-B273-4F78-A4C9-B3AD29E35858}.job => C:\WINDOWS\system32\msfeedssync.exe

    ==================== Loaded Modules (whitelisted) =============

    2006-09-13 19:09 - 2003-04-14 15:11 - 00503808 _____ () C:\WINDOWS\system32\RFHelper.dll
    2006-09-13 19:09 - 2001-08-23 08:24 - 00032768 _____ () C:\WINDOWS\system32\rfhres.dll
    2014-01-27 15:45 - 2014-01-27 15:45 - 00546112 _____ () C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe
    2006-09-13 19:09 - 2003-03-26 11:52 - 00094208 _____ () C:\Program Files\NetDrive\wdService.exe
    2014-03-02 21:22 - 2014-03-02 21:22 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\loggingserver.exe
    2014-03-02 21:22 - 2014-03-02 21:22 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\log4cplusU.dll
    2011-09-27 11:30 - 2014-03-02 21:23 - 02552856 _____ () C:\Program Files\AVG Secure Search\vprot.exe
    2008-08-11 13:59 - 2008-06-19 17:35 - 00333288 _____ () C:\Program Files\Spybot - Search & Destroy\sqlite3.dll
    2008-08-11 13:59 - 2008-03-04 14:52 - 00790392 _____ () C:\Program Files\Spybot - Search & Destroy\Plugins\Chai.dll
    2008-08-11 13:59 - 2008-03-05 09:34 - 00795520 _____ () C:\Program Files\Spybot - Search & Destroy\Plugins\Fennel.dll
    2008-08-11 13:59 - 2008-02-26 11:04 - 00717176 _____ () C:\Program Files\Spybot - Search & Destroy\Plugins\Mate.dll
    2007-06-16 12:23 - 2007-12-24 01:05 - 00121344 _____ () C:\Program Files\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll

    ==================== Alternate Data Streams (whitelisted) =========

    AlternateDataStreams: C:\WINDOWS\AIM.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\emachines_32.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\encarta.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\ICQ.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\Netscape.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\Winamp1.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\system32\OemLinkIcon.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\system32\OEMLOGO.BMP:Q30lsldxJoudresxAaaqpcawXc
    AlternateDataStreams: C:\WINDOWS\system32\OEMLOGO.BMP:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:CAAA7DD7
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

    ==================== Safe Mode (whitelisted) ===================

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"

    ==================== Disabled items from MSCONFIG ==============

    MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Cisco Systems VPN Client.lnk => C:\WINDOWS\pss\Cisco Systems VPN Client.lnkCommon Startup
    MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^CorelCENTRAL 10.lnk => C:\WINDOWS\pss\CorelCENTRAL 10.lnkCommon Startup
    MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk => C:\WINDOWS\pss\Google Updater.lnkCommon Startup
    MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk => C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup
    MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
    MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NETGEAR WG111T Smart Wizard.lnk => C:\WINDOWS\pss\NETGEAR WG111T Smart Wizard.lnkCommon Startup
    MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    MSCONFIG\startupreg: ccApp => "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    MSCONFIG\startupreg: CHotkey => mHotkey.exe
    MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
    MSCONFIG\startupreg: HP Component Manager => "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    MSCONFIG\startupreg: HPDJ Taskbar Utility => C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
    MSCONFIG\startupreg: HPHmon05 => C:\WINDOWS\system32\hphmon05.exe
    MSCONFIG\startupreg: HPHUPD05 => C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
    MSCONFIG\startupreg: IntelliPoint => "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: itype => "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
    MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
    MSCONFIG\startupreg: MoodLogic Service => C:\Program Files\MoodLogic\Service\MLService.exe
    MSCONFIG\startupreg: MoodLogic Updater => C:\Program Files\MoodLogic\Service\Updater.exe
    MSCONFIG\startupreg: pdfFactory Pro Dispatcher v2 => "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /source=HKLM
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
    MSCONFIG\startupreg: SDTray => "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
    MSCONFIG\startupreg: SNM => C:\Program Files\SpyNoMore\SNM.exe /startup
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    MSCONFIG\startupreg: swg => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    MSCONFIG\startupreg: Uniblue RegistryBooster 2 => C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
    MSCONFIG\startupreg: vptray => C:\PROGRA~1\SYMANT~1\VPTray.exe
    MSCONFIG\startupreg: WebDriveTray => C:\Program Files\NetDrive\netdrive.exe /trayicon
    MSCONFIG\startupreg: Windows Defender => "C:\Program Files\Windows Defender\MSASCui.exe" -hide

    ==================== Faulty Device Manager Devices =============

    Name: Realtek RTL8139 Family PCI Fast Ethernet NIC
    Description: Realtek RTL8139 Family PCI Fast Ethernet NIC
    Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Realtek
    Service: rtl8139
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (03/03/2014 10:02:31 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010057): Driver installation failed

    Error: (03/03/2014 10:02:31 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 27046. CA_Error27046: DriverInstallationFun(0x00000000): Driver installation failed

    Error: (03/03/2014 00:02:20 AM) (Source: Application Hang) (User: )
    Description: Fault bucket 1180947459.

    Error: (03/02/2014 11:42:14 PM) (Source: Application Hang) (User: )
    Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

    Error: (03/02/2014 11:37:24 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010057): Driver installation failed

    Error: (03/02/2014 11:37:24 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 27046. CA_Error27046: DriverInstallationFun(0x00000000): Driver installation failed

    Error: (03/02/2014 07:59:16 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010057): Driver installation failed

    Error: (03/02/2014 07:59:15 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 27046. CA_Error27046: DriverInstallationFun(0x00000000): Driver installation failed

    Error: (03/02/2014 06:19:11 PM) (Source: MsiInstaller) (User: HOME)
    Description: Product: WordPerfect Office 2002 Professional -- Error 1327.Invalid Drive: H:\

    Error: (03/02/2014 05:49:46 PM) (Source: MsiInstaller) (User: HOME)
    Description: Product: HLPPDOCK -- Error 1327.Invalid Drive: H:\


    System errors:
    =============
    Error: (03/05/2014 02:18:04 PM) (Source: Service Control Manager) (User: )
    Description: The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (03/05/2014 02:18:04 PM) (Source: Service Control Manager) (User: )
    Description: The SmartLinkService service terminated unexpectedly. It has done this 1 time(s).

    Error: (03/05/2014 11:50:57 AM) (Source: Service Control Manager) (User: )
    Description: The SmartLinkService service has reported an invalid current state 0.

    Error: (03/05/2014 10:38:28 AM) (Source: 0) (User: )
    Description: 0xC0000001HarddiskVolume1

    Error: (03/03/2014 09:47:00 AM) (Source: 0) (User: )
    Description: 0xC0000001HarddiskVolume1

    Error: (03/02/2014 10:56:42 PM) (Source: Service Control Manager) (User: )
    Description: The Application Management service terminated with the following error:
    %%126

    Error: (03/02/2014 10:56:42 PM) (Source: Service Control Manager) (User: )
    Description: The Application Management service terminated with the following error:
    %%126

    Error: (03/02/2014 10:56:42 PM) (Source: Service Control Manager) (User: )
    Description: The Application Management service terminated with the following error:
    %%126

    Error: (03/02/2014 10:56:42 PM) (Source: Service Control Manager) (User: )
    Description: The Application Management service terminated with the following error:
    %%126

    Error: (03/02/2014 10:56:42 PM) (Source: Service Control Manager) (User: )
    Description: The Application Management service terminated with the following error:
    %%126


    Microsoft Office Sessions:
    =========================
    Error: (03/03/2014 10:02:31 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
    Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010057): Driver installation failed(NULL)(NULL)(NULL)

    Error: (03/03/2014 10:02:31 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
    Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 27046. CA_Error27046: DriverInstallationFun(0x00000000): Driver installation failed(NULL)(NULL)(NULL)

    Error: (03/03/2014 00:02:20 AM) (Source: Application Hang)(User: )
    Description: 1180947459

    Error: (03/02/2014 11:42:14 PM) (Source: Application Hang)(User: )
    Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

    Error: (03/02/2014 11:37:24 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
    Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010057): Driver installation failed(NULL)(NULL)(NULL)

    Error: (03/02/2014 11:37:24 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
    Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 27046. CA_Error27046: DriverInstallationFun(0x00000000): Driver installation failed(NULL)(NULL)(NULL)

    Error: (03/02/2014 07:59:16 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
    Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 27046. CA_Error27046: DriverInstallation(0xE0010057): Driver installation failed(NULL)(NULL)(NULL)

    Error: (03/02/2014 07:59:15 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
    Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 27046. CA_Error27046: DriverInstallationFun(0x00000000): Driver installation failed(NULL)(NULL)(NULL)

    Error: (03/02/2014 06:19:11 PM) (Source: MsiInstaller)(User: HOME)
    Description: Product: WordPerfect Office 2002 Professional -- Error 1327.Invalid Drive: H:\(NULL)(NULL)(NULL)

    Error: (03/02/2014 05:49:46 PM) (Source: MsiInstaller)(User: HOME)
    Description: Product: HLPPDOCK -- Error 1327.Invalid Drive: H:\(NULL)(NULL)(NULL)
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  7. #7
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Lot of infection on the machine.

    Running from C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\JAKG28F6

    You ran the tool out of the temp folder. We need to download Farbar Recovery Scan Tool again and make sure it's placed on your desktop.

    Firefox
    you press the orange Firefox button in the top left corner >> Options
    Beneath where it shows homepage, click on save files to desktop

    Chrome --
    Press the Customize and Control Google button (three horizontal lines in top right corner of screen) >> Settings >> Show Advanced Settings >> Downloads, Download location, click on save to desktop

    Change IE Default "Save" Download Location in Download Manager
    Open IE9, IE10, or IE11.
    Click/tap on the gear icon in the upper right corner, then click/tap on View downloads.
    You could also press CTRL + J instead.
    Click/tap on the Options button, Click/tap on the Browse button. Navigate to and select (highlight) the folder (Desktop) that you want IE9 or IE10 to use as the default download location, then click on the Select Folder button.
    Click/tap on OK.
    Click/tap on Close.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Please download Farbar Recovery Scan Tool

    (use correct version for your system.....Which system am I using?)

    After you have the FRST icon on your desktop, place the below fix.txt beside it. Open FRST and click on the Fix button.

    Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.
    Paste this into the open notepad. save it to the Desktop as fixlist.txt
    NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
    It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

    start
    () C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe
    HKU\S-1-5-21-1266927252-1395366336-781762406-1005\...\MountPoints2: G - G:\LaunchU3.exe
    HKU\S-1-5-21-1266927252-1395366336-781762406-1005\...\MountPoints2: {63c54ca6-3192-11dd-91b8-000fb53d70e5} - G:\LaunchU3.exe -a
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk
    ShortcutTarget: DesktopWeatherAlerts.lnk -> C:\Documents and Settings\User\Local Settings\Application Data\WeatherAlerts\DesktopWeatherAlertsApp.exe (No File)
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Weather Alerts.lnk
    ShortcutTarget: Weather Alerts.lnk -> C:\Documents and Settings\User\Local Settings\Application Data\WeatherAlerts\WeatherAlerts.exe (No File)
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.coupons.com/
    SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=107&systemid=465&q={searchTerms}
    SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=107&systemid=465&q={searchTerms}
    SearchScopes: HKCU - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=107&systemid=465&q={searchTerms}
    SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://search.coupons.com/search.asp?p=df&q={searchTerms}
    SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=107&systemid=465&q={searchTerms}
    BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
    BHO: PlurPush - {82249076-d5c8-431d-982b-023779779587} - C:\Program Files\PlurPush\PlurPushbho.dll (PlurPush)
    BHO: TBSB07898 Class - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll No File
    Toolbar: HKLM - Coupons.com CouponBar - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll No File
    Toolbar: HKCU - &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
    Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
    FF SearchEngineOrder.1: Web Search
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npmozax.dll ()
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
    FF SearchPlugin: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\searchplugins\web-search.xml
    FF Extension: PlurPush - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\Extensions\{552199fb-9890-4055-9aaf-b2f6d51d46e9}.xpi [2014-02-26]
    FF HKLM\...\Firefox\Extensions: [ShopperReports@ShopperReports.com] - C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions
    FF Extension: ShopperReports - C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions [2011-06-09]
    FF HKLM\...\Firefox\Extensions: [{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}] - C:\Program Files\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi
    R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe [546112 2014-01-27] ()
    2014-03-02 15:49 - 2014-03-05 12:42 - 00000000 ____D () C:\Program Files\SavingsBull
    2014-03-01 21:52 - 2014-03-01 21:52 - 00000000 ____D () C:\Program Files\Level Quality Watcher
    2014-03-01 21:50 - 2014-03-01 21:51 - 00000000 ____D () C:\Program Files\PlurPush
    2014-03-01 21:49 - 2014-03-02 19:57 - 00000000 ____D () C:\Program Files\SearchProtect
    SavingsBull (HKLM\...\Level Quality Watcher) (Version: SavingsBull - SavingsBull) <==== ATTENTION
    SavingsBull (Version: 1.0.0.0 - SavingsBull) Hidden
    AlternateDataStreams: C:\WINDOWS\AIM.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\emachines_32.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\encarta.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\ICQ.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\Netscape.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\Winamp1.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\system32\OemLinkIcon.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\system32\OEMLOGO.BMP:Q30lsldxJoudresxAaaqpcawXc
    AlternateDataStreams: C:\WINDOWS\system32\OEMLOGO.BMP:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:CAAA7DD7
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
    Reboot:
    end
    Run FRST/FRST64 and press the Fix button just once and wait.
    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system




    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    -AdwCleaner-by Xplode

    Click on this link to download : ADWCleaner
    Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

    Do not click on any links in the top Advertisment.

    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Scan.
    • After the scan is complete click on "Clean"
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



    Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.




    Please post:
    Fixlog.txt
    C:\AdwCleaner[S1].txt
    JRT.txt
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  8. #8
    Member
    Join Date
    Jul 2007
    Location
    North Carolina
    Posts
    43

    Default Oh no... More infection/malware and logs

    When I clicked on the link to download adwcleaner some kind of zip file installed and now I have a bunch more junk on my computer and on my IE toolbar...

    I installed adwcleaner through CNET instead. I'm a mess...

    Here is the fixlog

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 06-03-2014
    Ran by User at 2014-03-06 16:47:23 Run:1
    Running from C:\Documents and Settings\User\Desktop
    Boot Mode: Normal

    ==============================================

    Content of fixlist:
    *****************
    start
    () C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe
    HKU\S-1-5-21-1266927252-1395366336-781762406-1005\...\MountPoints2: G - G:\LaunchU3.exe
    HKU\S-1-5-21-1266927252-1395366336-781762406-1005\...\MountPoints2: {63c54ca6-3192-11dd-91b8-000fb53d70e5} - G:\LaunchU3.exe -a
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk
    ShortcutTarget: DesktopWeatherAlerts.lnk -> C:\Documents and Settings\User\Local Settings\Application Data\WeatherAlerts\DesktopWeatherAlertsApp.exe (No File)
    Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Weather Alerts.lnk
    ShortcutTarget: Weather Alerts.lnk -> C:\Documents and Settings\User\Local Settings\Application Data\WeatherAlerts\WeatherAlerts.exe (No File)
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.coupons.com/
    SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=107&systemid=465&q={searchTerms}
    SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=107&systemid=465&q={searchTerms}
    SearchScopes: HKCU - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=107&systemid=465&q={searchTerms}
    SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://search.coupons.com/search.asp?p=df&q={searchTerms}
    SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} URL = http://isearch.fantastigames.com/web?src=ieb&gct=ds&appid=107&systemid=465&q={searchTerms}
    BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
    BHO: PlurPush - {82249076-d5c8-431d-982b-023779779587} - C:\Program Files\PlurPush\PlurPushbho.dll (PlurPush)
    BHO: TBSB07898 Class - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll No File
    Toolbar: HKLM - Coupons.com CouponBar - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll No File
    Toolbar: HKCU - &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
    Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
    FF SearchEngineOrder.1: Web Search
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npmozax.dll ()
    FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
    FF SearchPlugin: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\searchplugins\web-search.xml
    FF Extension: PlurPush - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\Extensions\{552199fb-9890-4055-9aaf-b2f6d51d46e9}.xpi [2014-02-26]
    FF HKLM\...\Firefox\Extensions: [ShopperReports@ShopperReports.com] - C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions
    FF Extension: ShopperReports - C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions [2011-06-09]
    FF HKLM\...\Firefox\Extensions: [{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}] - C:\Program Files\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi
    R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe [546112 2014-01-27] ()
    2014-03-02 15:49 - 2014-03-05 12:42 - 00000000 ____D () C:\Program Files\SavingsBull
    2014-03-01 21:52 - 2014-03-01 21:52 - 00000000 ____D () C:\Program Files\Level Quality Watcher
    2014-03-01 21:50 - 2014-03-01 21:51 - 00000000 ____D () C:\Program Files\PlurPush
    2014-03-01 21:49 - 2014-03-02 19:57 - 00000000 ____D () C:\Program Files\SearchProtect
    SavingsBull (HKLM\...\Level Quality Watcher) (Version: SavingsBull - SavingsBull) <==== ATTENTION
    SavingsBull (Version: 1.0.0.0 - SavingsBull) Hidden
    AlternateDataStreams: C:\WINDOWS\AIM.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\emachines_32.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\encarta.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\ICQ.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\Netscape.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\Winamp1.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\system32\OemLinkIcon.ico:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\WINDOWS\system32\OEMLOGO.BMP:Q30lsldxJoudresxAaaqpcawXc
    AlternateDataStreams: C:\WINDOWS\system32\OEMLOGO.BMP:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:CAAA7DD7
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
    Reboot:
    end

    *****************

    [1932] C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe => Process closed successfully.
    HKU\S-1-5-21-1266927252-1395366336-781762406-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-1266927252-1395366336-781762406-1005 => Key not found.
    HKU\S-1-5-21-1266927252-1395366336-781762406-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{63c54ca6-3192-11dd-91b8-000fb53d70e5} => Key deleted successfully.
    HKCR\CLSID\{63c54ca6-3192-11dd-91b8-000fb53d70e5} => Key not found.
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk => Moved successfully.
    C:\Documents and Settings\User\Local Settings\Application Data\WeatherAlerts\DesktopWeatherAlertsApp.exe not found.
    C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Weather Alerts.lnk => Moved successfully.
    C:\Documents and Settings\User\Local Settings\Application Data\WeatherAlerts\WeatherAlerts.exe not found.
    HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} => Key deleted successfully.
    HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} => Key not found.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e} => Key deleted successfully.
    HKCR\Wow6432Node\CLSID\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e} => Key not found.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} => Key deleted successfully.
    HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2465} => Key not found.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.
    HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82249076-d5c8-431d-982b-023779779587} => Key deleted successfully.
    HKCR\CLSID\{82249076-d5c8-431d-982b-023779779587} => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} => Key deleted successfully.
    HKCR\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8660E5B3-6C41-44DE-8503-98D99BBECD41} => Value deleted successfully.
    HKCR\CLSID\{8660E5B3-6C41-44DE-8503-98D99BBECD41} => Key deleted successfully.
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => Value deleted successfully.
    HKCR\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} => Key deleted successfully.
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
    HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Value deleted successfully.
    HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => Key deleted successfully.
    Firefox SearchEngineOrder.1 deleted successfully.
    C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\searchplugins\web-search.xml => Moved successfully.
    C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\Extensions\{552199fb-9890-4055-9aaf-b2f6d51d46e9}.xpi => Moved successfully.
    HKLM\Software\Mozilla\Firefox\Extensions\\ShopperReports@ShopperReports.com => Value deleted successfully.
    C:\Program Files\ShopperReports3\bin\3.0.517.0\firefox\firefoxtoolbar\extensions => Moved successfully.
    HKLM\Software\Mozilla\Firefox\Extensions\\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D} => Value deleted successfully.
    Level Quality Watcher => Service deleted successfully.
    C:\Program Files\SavingsBull => Moved successfully.
    C:\Program Files\Level Quality Watcher => Moved successfully.

    "C:\Program Files\PlurPush" directory move:

    Could not move "C:\Program Files\PlurPush\PlurPushBHO.dll" => Scheduled to move on reboot.
    C:\Program Files\PlurPush\updatePlurPush.exe => Moved successfully.
    Could not move "C:\Program Files\PlurPush" directory. => Scheduled to move on reboot.

    C:\Program Files\SearchProtect => Moved successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Level Quality Watcher\\SystemComponent => Value not found.
    C:\WINDOWS\AIM.ico => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully.
    C:\WINDOWS\emachines_32.bmp => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully.
    C:\WINDOWS\encarta.ico => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully.
    C:\WINDOWS\ICQ.ico => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully.
    C:\WINDOWS\Netscape.ico => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully.
    C:\WINDOWS\Winamp1.ico => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully.
    C:\WINDOWS\system32\OemLinkIcon.ico => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully.
    C:\WINDOWS\system32\OEMLOGO.BMP => ":Q30lsldxJoudresxAaaqpcawXc" ADS removed successfully.
    C:\WINDOWS\system32\OEMLOGO.BMP => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully.
    C:\Documents and Settings\All Users\Application Data\TEMP => ":0B4227B4" ADS removed successfully.
    C:\Documents and Settings\All Users\Application Data\TEMP => ":CAAA7DD7" ADS removed successfully.
    C:\Documents and Settings\All Users\Application Data\TEMP => ":DFC5A2B2" ADS removed successfully.

    => Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-03-06 16:55:07)<=

    C:\Program Files\PlurPush\PlurPushBHO.dll => Is moved successfully.
    C:\Program Files\PlurPush => Moved successfully.

    ==== End of Fixlog ====

  9. #9
    Member
    Join Date
    Jul 2007
    Location
    North Carolina
    Posts
    43

    Default adwcleaner

    # AdwCleaner v3.020 - Report created 06/03/2014 at 17:28:06
    # Updated 27/02/2014 by Xplode
    # Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
    # Username : User - HOME
    # Running from : C:\Documents and Settings\User\Local Settings\Temp\dlmD.tmp\adwcleaner.exe
    # Option : Scan

    ***** [ Services ] *****

    Service Found : CltMngSvc

    ***** [ Files / Folders ] *****

    File Found : C:\Documents and Settings\All Users\Desktop\Advanced System Protector.lnk
    File Found : C:\Documents and Settings\All Users\Desktop\Advanced System Protector.lnk
    File Found : C:\Documents and Settings\All Users\Desktop\Open It!.lnk
    File Found : C:\Documents and Settings\All Users\Desktop\RegClean Pro.lnk
    File Found : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
    File Found : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\searchplugins\conduit-search.xml
    File Found : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\searchplugins\Mysearchdial.xml
    File Found : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\user.js
    File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
    File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
    File Found : C:\Program Files\Mozilla Firefox\searchplugins\WebSearch.xml
    File Found : C:\WINDOWS\system32\roboot.exe
    File Found : C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
    File Found : C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
    Folder Found C:\DOCUME~1\User\LOCALS~1\Temp\AirInstaller
    Folder Found C:\Documents and Settings\All Users\Application Data\AVG Secure Search
    Folder Found C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
    Folder Found C:\Documents and Settings\All Users\Application Data\ParetoLogic
    Folder Found C:\Documents and Settings\All Users\Application Data\Systweak
    Folder Found C:\Documents and Settings\All Users\Application Data\Trymedia
    Folder Found C:\Documents and Settings\All Users\Application Data\wincert
    Folder Found C:\Documents and Settings\All Users\Start Menu\Programs\Advanced System Protector
    Folder Found C:\Documents and Settings\All Users\Start Menu\Programs\open it!
    Folder Found C:\Documents and Settings\All Users\Start Menu\Programs\RegClean Pro
    Folder Found C:\Documents and Settings\User\Application Data\AVG Secure Search
    Folder Found C:\Documents and Settings\User\Application Data\DigitalSites
    Folder Found C:\Documents and Settings\User\Application Data\DriverCure
    Folder Found C:\Documents and Settings\User\Application Data\Mysearchdial
    Folder Found C:\Documents and Settings\User\Application Data\ParetoLogic
    Folder Found C:\Documents and Settings\User\Application Data\ShopperReports3
    Folder Found C:\Documents and Settings\User\Application Data\Systweak
    Folder Found C:\Documents and Settings\User\Application Data\Toolbar4
    Folder Found C:\Documents and Settings\User\Application Data\uniblue
    Folder Found C:\Documents and Settings\User\Local Settings\Application Data\AVG Secure Search
    Folder Found C:\Documents and Settings\User\Local Settings\Application Data\AVG Security Toolbar
    Folder Found C:\Documents and Settings\User\Local Settings\Application Data\SearchProtect
    Folder Found C:\Program Files\Advanced System Protector
    Folder Found C:\Program Files\AVG Secure Search
    Folder Found C:\Program Files\Common Files\AVG Secure Search
    Folder Found C:\Program Files\Mysearchdial
    Folder Found C:\Program Files\openit
    Folder Found C:\Program Files\RegClean Pro
    Folder Found C:\Program Files\SearchProtect
    Folder Found C:\Program Files\ShopperReports3

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Wincert\WIN32C~1.DLL
    Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
    Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SETTIN~1\Datamngr\datamngr.dll
    Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SETTIN~1\Datamngr\IEBHO.dll
    Key Found : HKCU\Software\AVG Secure Search
    Key Found : HKCU\Software\AVG Security Toolbar
    Key Found : HKCU\Software\CompeteInc
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\DataMngr
    Key Found : HKCU\Software\dsiteproducts
    Key Found : HKCU\Software\InstallCore
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10AD2C61-0898-4348-8600-14A342F22AC3}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5428486-50A0-4A02-9D20-520B59A9F9B2}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5428486-50A0-4A02-9D20-520B59A9F9B3}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
    Key Found : HKCU\Software\mysearchdial
    Key Found : HKCU\Software\ParetoLogic
    Key Found : HKCU\Software\ShopperReports3
    Key Found : HKCU\Software\systweak
    Key Found : HKCU\Software\YahooPartnerToolbar
    Key Found : HKLM\Software\AVG Secure Search
    Key Found : HKLM\Software\AVG Security Toolbar
    Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{7025E484-D4B0-441A-9F0B-69063BD679CE}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{8258B35C-05B8-4C0E-9525-9BCCC70F8F2D}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{A89256AD-EC17-4A83-BEF5-4B8BC4F39306}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
    Key Found : HKLM\SOFTWARE\Classes\AppID\BRNstIE.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
    Key Found : HKLM\SOFTWARE\Classes\AppID\CmndFF.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    Key Found : HKLM\SOFTWARE\Classes\AppID\mozillaps.dll
    Key Found : HKLM\SOFTWARE\Classes\AppID\Pltfrm.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
    Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
    Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
    Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
    Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{09325003-167C-483D-A4BA-8B3122ABB432}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{396CFC12-932D-496B-A0A8-5D7201E105E1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{60DA826C-B1C6-4358-BDEC-4837CED45470}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{6DD76B7B-6423-4DF0-9A07-84A6CAD973A0}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{74C22317-5B90-471F-9AD2-FEC049870A16}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{7F6CFB6A-9227-4BB8-B941-F2B067E76F51}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{AB0EE208-DF60-4FA7-A617-C4269760033E}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{C1089F63-7AFC-4538-B0EB-BEA0F4225A57}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC7BD6F1-565C-47CE-A5BB-9C935E77B59D}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFC16189-8A92-4A29-A940-60248385F426}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{DEE758B4-C3FB-4A5B-9939-848B9C77A2FB}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E12AEAB6-7D12-4C07-8E36-5892EFB4DAFB}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E2F2C137-A782-4FB5-81AF-086156F5EB0A}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F1D06C9F-51F0-4476-BEDE-5DDF91BE304E}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F3A32DF2-7413-4FB1-B575-1AC920A17B76}
    Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
    Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
    Key Found : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
    Key Found : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
    Key Found : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard
    Key Found : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard.1
    Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{83B2FE06-BA20-4F7D-96C6-6FC3A4E877D3}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{B32966A2-F7C2-4362-A6CF-399EC8B44110}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{F8B4EC8A-2407-4BE0-AEE2-0F430D65A90D}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
    Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
    Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
    Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
    Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
    Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
    Key Found : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
    Key Found : HKLM\Software\Classes\popcaploader.popcaploaderctrl2
    Key Found : HKLM\Software\Classes\popcaploader.popcaploaderctrl2.1
    Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
    Key Found : HKLM\SOFTWARE\Classes\S
    Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.AsyncReporter
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.AsyncReporter.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.CntntDic
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.CntntDic.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.CntntDisp
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.CntntDisp.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.Dwnldr
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.Dwnldr.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.HbAx
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.HbAx.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.HbGuru
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.HbGuru.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.HbInfoBand
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.HbInfoBand.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.IEButton
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.IEButton.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.IEButtonA
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.IEButtonA.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.KOPFF
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.KOPFF.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.MozillaNvgtnTrpr
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.MozillaNvgtnTrpr.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.MozillaPSExecuter
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.MozillaPSExecuter.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.ReportData
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.ReportData.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.Reporter
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.Reporter.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.RprtCtrl
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.RprtCtrl.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.Scopes
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.Scopes.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.Stock
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.Stock.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.TriggerImmidiate
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.TriggerImmidiate.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.TriggerImmidiateOrRandomTS
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.TriggerImmidiateOrRandomTS.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.TriggerOnceInDay
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.TriggerOnceInDay.1
    Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
    Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
    Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
    Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
    Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
    Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
    Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
    Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
    Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
    Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
    Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
    Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
    Key Found : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar
    Key Found : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar.1
    Key Found : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898
    Key Found : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898.3
    Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
    Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
    Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
    Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
    Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
    Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
    Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898
    Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898
    Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898.1
    Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898.1
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{02AED140-2B62-4B49-8B3B-179020CC39B9}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5FE0CEAE-CB69-40AF-A323-40F94257DACB}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F1A1892C-2A6C-4817-98B4-FF81443CBA20}
    Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
    Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
    Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Key Found : HKLM\Software\CompeteInc
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
    Key Found : HKLM\Software\InstallCore
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4D03-A0CF-8203604C3DA6}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483C-A137-731E8F113DD5}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C19AC53289098045B06B0DD1D37CBAB
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23D9E9D21B4E77E41B9F50DD22F24E20
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23EEA1F105A7F45449974D9B95E7AC89
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26982796A8AFD1246B95E00265A95BF9
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42D92D0D75AFEF74297E03876C8D9D33
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50FFE845C555A6E4BADB7CB7A145BFEB
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\715A3348920B6534690067594BB69F60
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B7B13B037A7C2A42AC3E3EAF14D7107
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D05B2942E9CC80499F397F6114DFB35
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8591B8948E1C4A04F90505B3CDEE8555
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D841C5FEC311624CB88D49DB3884FA7
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD746BF3B3B3FD8409B86604BA85982A
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F355F0DB7A2E3A14B8E7A568FBA25937
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\openit open it!
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
    Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Key Found : HKLM\Software\mysearchdial
    Key Found : HKLM\Software\ParetoLogic
    Key Found : HKLM\Software\SearchProtect
    Key Found : HKLM\Software\ShopperReports3
    Key Found : HKLM\Software\systweak
    Key Found : HKLM\Software\Trymedia Systems
    Key Found : HKLM\Software\Viewpoint
    Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [RDReminder]
    Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [systweakasp]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [ShopperReports 3.0.517.0]
    Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Advanced System Protector_Startup]
    Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]
    Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
    Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

    ***** [ Browsers ] *****

    -\\ Internet Explorer v8.0.6001.18702

    Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP39EB8F52-728A-4B52-97F8-70299885813E&SSPV=
    Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=dsites&cd=2XzuyEtN2Y1L1QzutDtDtDyEyD0Azz0E0FzzyCzy0Azy0D0DtN0D0Tzu0SyBzyyCtN1L2XzutBtFtCzztFtAtFtDtN1L1CzutDtBtCtC1V1TtN1L1G1B1V1N2Y1L1Qzu2SyByC0EzztBzy0C0FtG0ByDtAyBtGtBtD0FyCtGzyzyzzyEtGyD0BzzyCtB0AyDyD0F0CyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtD0D0CyCzzyByEtG0BtA0A0CtGzy0CyBtDtGtDtBtDtAtGtAyEyD0EtB0BtB0BzytB0Ezy2Q&cr=1830075973&ir=

    -\\ Mozilla Firefox v19.0.2 (en-US)

    [ File : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\prefs.js ]

    Line Found : user_pref("avg.install.installDirPath", "C:\\Documents and Settings\\All Users\\Application Data\\AVG Secure Search\\FireFoxExt\\17.0.1.12");
    Line Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");
    Line Found : user_pref("browser.search.selectedEngine", "Conduit Search");
    Line Found : user_pref("browser.startup.homepage", "hxxp://www.outfox.tv/?referid=150|hxxp://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP39EB8F52-728A-4B52-97F8-7029988[...]
    Line Found : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=4&UP=SP39EB8F52-728A-4B52-97F8-70299885813E");

    *************************

    AdwCleaner[R0].txt - [30944 octets] - [06/03/2014 17:28:06]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [31005 octets] ##########

  10. #10
    Member
    Join Date
    Jul 2007
    Location
    North Carolina
    Posts
    43

    Default adwcleaner2

    # AdwCleaner v3.020 - Report created 06/03/2014 at 17:41:23
    # Updated 27/02/2014 by Xplode
    # Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
    # Username : User - HOME
    # Running from : C:\Documents and Settings\User\Local Settings\Temp\dlmD.tmp\adwcleaner.exe
    # Option : Clean

    ***** [ Services ] *****

    Service Deleted : CltMngSvc

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\ParetoLogic
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\Systweak
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\wincert
    Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\Advanced System Protector
    Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\open it!
    Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\RegClean Pro
    Folder Deleted : C:\Program Files\Advanced System Protector
    Folder Deleted : C:\Program Files\AVG Secure Search
    Folder Deleted : C:\Program Files\Mysearchdial
    Folder Deleted : C:\Program Files\openit
    Folder Deleted : C:\Program Files\RegClean Pro
    Folder Deleted : C:\Program Files\SearchProtect
    Folder Deleted : C:\Program Files\ShopperReports3
    Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
    Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\AVG Secure Search
    Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\AVG Security Toolbar
    Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\SearchProtect
    Folder Deleted : C:\DOCUME~1\User\LOCALS~1\Temp\AirInstaller
    Folder Deleted : C:\Documents and Settings\User\Application Data\AVG Secure Search
    Folder Deleted : C:\Documents and Settings\User\Application Data\DigitalSites
    Folder Deleted : C:\Documents and Settings\User\Application Data\DriverCure
    Folder Deleted : C:\Documents and Settings\User\Application Data\Mysearchdial
    Folder Deleted : C:\Documents and Settings\User\Application Data\ParetoLogic
    Folder Deleted : C:\Documents and Settings\User\Application Data\ShopperReports3
    Folder Deleted : C:\Documents and Settings\User\Application Data\Systweak
    Folder Deleted : C:\Documents and Settings\User\Application Data\Toolbar4
    Folder Deleted : C:\Documents and Settings\User\Application Data\uniblue
    File Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
    File Deleted : C:\Documents and Settings\All Users\Desktop\Advanced System Protector.lnk
    File Deleted : C:\Documents and Settings\All Users\Desktop\Open It!.lnk
    File Deleted : C:\Documents and Settings\All Users\Desktop\RegClean Pro.lnk
    File Deleted : C:\WINDOWS\system32\roboot.exe
    File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
    File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
    File Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\searchplugins\conduit-search.xml
    File Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\searchplugins\Mysearchdial.xml
    File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\WebSearch.xml
    File Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\user.js
    File Deleted : C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
    File Deleted : C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
    Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [RDReminder]
    Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [systweakasp]
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\BRNstIE.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\CmndFF.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\mozillaps.dll
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\Pltfrm.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
    Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
    Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
    Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
    Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
    Key Deleted : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard
    Key Deleted : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard.1
    Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
    Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
    Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
    Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
    Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
    Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
    Key Deleted : HKLM\Software\Classes\popcaploader.popcaploaderctrl2
    Key Deleted : HKLM\Software\Classes\popcaploader.popcaploaderctrl2.1
    Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
    Key Deleted : HKLM\SOFTWARE\Classes\S
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.AsyncReporter
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.AsyncReporter.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.CntntDic
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.CntntDic.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.CntntDisp
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.CntntDisp.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.Dwnldr
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.Dwnldr.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.HbAx
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.HbAx.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.HbGuru
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.HbGuru.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.HbInfoBand
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.HbInfoBand.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.IEButton
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.IEButton.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.IEButtonA
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.IEButtonA.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.KOPFF
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.KOPFF.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.MozillaNvgtnTrpr
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.MozillaNvgtnTrpr.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.MozillaPSExecuter
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.MozillaPSExecuter.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.ReportData
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.ReportData.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.Reporter
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.Reporter.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.RprtCtrl
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.RprtCtrl.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.Scopes
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.Scopes.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.Stock
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.Stock.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.TriggerImmidiate
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.TriggerImmidiate.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.TriggerImmidiateOrRandomTS
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.TriggerImmidiateOrRandomTS.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.TriggerOnceInDay
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.TriggerOnceInDay.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
    Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
    Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [ShopperReports 3.0.517.0]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Advanced System Protector_Startup]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar
    Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.IEToolbar.1
    Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898
    Key Deleted : HKLM\SOFTWARE\Classes\TBSB07898.TBSB07898.3
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07898.1
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7025E484-D4B0-441A-9F0B-69063BD679CE}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{8258B35C-05B8-4C0E-9525-9BCCC70F8F2D}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A89256AD-EC17-4A83-BEF5-4B8BC4F39306}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{09325003-167C-483D-A4BA-8B3122ABB432}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{396CFC12-932D-496B-A0A8-5D7201E105E1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60DA826C-B1C6-4358-BDEC-4837CED45470}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DD76B7B-6423-4DF0-9A07-84A6CAD973A0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{74C22317-5B90-471F-9AD2-FEC049870A16}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6CFB6A-9227-4BB8-B941-F2B067E76F51}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AB0EE208-DF60-4FA7-A617-C4269760033E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1089F63-7AFC-4538-B0EB-BEA0F4225A57}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC7BD6F1-565C-47CE-A5BB-9C935E77B59D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC16189-8A92-4A29-A940-60248385F426}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DEE758B4-C3FB-4A5B-9939-848B9C77A2FB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E12AEAB6-7D12-4C07-8E36-5892EFB4DAFB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2F2C137-A782-4FB5-81AF-086156F5EB0A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F1D06C9F-51F0-4476-BEDE-5DDF91BE304E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F3A32DF2-7413-4FB1-B575-1AC920A17B76}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{83B2FE06-BA20-4F7D-96C6-6FC3A4E877D3}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32966A2-F7C2-4362-A6CF-399EC8B44110}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E25DA6D6-C365-46CF-ABAF-DC5893135D7A}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F8B4EC8A-2407-4BE0-AEE2-0F430D65A90D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{02AED140-2B62-4B49-8B3B-179020CC39B9}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5FE0CEAE-CB69-40AF-A323-40F94257DACB}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F1A1892C-2A6C-4817-98B4-FF81443CBA20}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10AD2C61-0898-4348-8600-14A342F22AC3}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5428486-50A0-4A02-9D20-520B59A9F9B2}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5428486-50A0-4A02-9D20-520B59A9F9B3}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F2D6C718-7E52-428E-8852-365C4B1A6E36}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4D03-A0CF-8203604C3DA6}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483C-A137-731E8F113DD5}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    Key Deleted : HKCU\Software\AVG Secure Search
    Key Deleted : HKCU\Software\AVG Security Toolbar
    Key Deleted : HKCU\Software\CompeteInc
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\DataMngr
    Key Deleted : HKCU\Software\dsiteproducts
    Key Deleted : HKCU\Software\InstallCore
    Key Deleted : HKCU\Software\mysearchdial
    Key Deleted : HKCU\Software\ParetoLogic
    Key Deleted : HKCU\Software\ShopperReports3
    Key Deleted : HKCU\Software\systweak
    Key Deleted : HKCU\Software\YahooPartnerToolbar
    Key Deleted : HKLM\Software\AVG Secure Search
    Key Deleted : HKLM\Software\AVG Security Toolbar
    Key Deleted : HKLM\Software\CompeteInc
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\Software\InstallCore
    Key Deleted : HKLM\Software\mysearchdial
    Key Deleted : HKLM\Software\ParetoLogic
    Key Deleted : HKLM\Software\SearchProtect
    Key Deleted : HKLM\Software\ShopperReports3
    Key Deleted : HKLM\Software\systweak
    Key Deleted : HKLM\Software\Trymedia Systems
    Key Deleted : HKLM\Software\Viewpoint
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\openit open it!
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
    Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
    Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Wincert\WIN32C~1.DLL
    Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SETTIN~1\Datamngr\datamngr.dll
    Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SETTIN~1\Datamngr\IEBHO.dll
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C19AC53289098045B06B0DD1D37CBAB
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23D9E9D21B4E77E41B9F50DD22F24E20
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23EEA1F105A7F45449974D9B95E7AC89
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26982796A8AFD1246B95E00265A95BF9
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42D92D0D75AFEF74297E03876C8D9D33
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50FFE845C555A6E4BADB7CB7A145BFEB
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\715A3348920B6534690067594BB69F60
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B7B13B037A7C2A42AC3E3EAF14D7107
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D05B2942E9CC80499F397F6114DFB35
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8591B8948E1C4A04F90505B3CDEE8555
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D841C5FEC311624CB88D49DB3884FA7
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD746BF3B3B3FD8409B86604BA85982A
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F355F0DB7A2E3A14B8E7A568FBA25937

    ***** [ Browsers ] *****

    -\\ Internet Explorer v8.0.6001.18702

    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

    -\\ Mozilla Firefox v19.0.2 (en-US)

    [ File : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\br7jorsi.default\prefs.js ]

    Line Deleted : user_pref("avg.install.installDirPath", "C:\\Documents and Settings\\All Users\\Application Data\\AVG Secure Search\\FireFoxExt\\17.0.1.12");
    Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
    Line Deleted : user_pref("browser.search.selectedEngine", "Conduit Search");
    Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.outfox.tv/?referid=150|hxxp://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP39EB8F52-728A-4B52-97F8-7029988[...]
    Line Deleted : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=4&UP=SP39EB8F52-728A-4B52-97F8-70299885813E");

    *************************

    AdwCleaner[R0].txt - [31086 octets] - [06/03/2014 17:28:06]
    AdwCleaner[S0].txt - [31101 octets] - [06/03/2014 17:41:23]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [31162 octets] ##########

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •