Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: 1 2 [All]   Go Down

Author Topic: My machine is still acting up even worse than before.  (Read 12004 times)

0 Members and 1 Guest are viewing this topic.

jim.mar

    Topic Starter


    Apprentice
  • Long in the tooth, shy between the ears
    • Yes
  • Computer: Specs
  • Experience: Familiar
  • OS: Windows 7
My machine is still acting up even worse than before.
« on: January 16, 2013, 09:50:24 AM »

At first I thought that it was strictly a problem with Internet Explorer, and I posted it on the internet browser forum, but I see now that it is more wide spread than that.   Truenorth suggested I move it to this forum. 

1.   My machine intermittently freezes up every time I access the internet.  Usually for 10 or 15 seconds.   Sometimes even longer that that. It does seem to be worse on Internet Explorer but it does it also on Firefox and Chrome.
2.   My maneuvering on facebook is slow and awkward.
3.   My Skype program will operate for a few seconds then cut off.

My machine is homebuilt using and AMD Athlon(tm) IIx4 Processor
64 bit operating system, Windows 7, with 4.ooGB ram

I have performed all of the routines suggested in: IMPORTANT: Read this before requesting malware removal help
Started by evilfantasy
and I am posting the following logs...


# AdwCleaner v2.105 - Logfile created 01/15/2013 at 14:29:41
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : JIM - ROSIE
# Boot Mode : Normal
# Running from : C:\Users\JIM\Downloads\AdwCleaner.exe
# Option [Search]


***** [Services] *****

Found : DefaultTabUpdate

***** [Files / Folders] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\user.js
File Found : C:\Users\JIM\AppData\Roaming\Mozilla\Firefox\Profiles\vqxnew7a.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Found : C:\Users\JIM\AppData\Roaming\Mozilla\Firefox\Profiles\vqxnew7a.default\searchplugins\SweetIm.xml
Folder Found : C:\Program Files (x86)\AppGraffiti
Folder Found : C:\Program Files (x86)\AVG Secure Search
Folder Found : C:\Program Files (x86)\Babylon
Folder Found : C:\Program Files (x86)\BabylonToolbar
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\DealPly
Folder Found : C:\Program Files (x86)\FreeRIP3
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\[email protected]
Folder Found : C:\Program Files (x86)\NCH
Folder Found : C:\Program Files (x86)\Searchqu Toolbar
Folder Found : C:\Program Files (x86)\SweetIM
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\FreeRIP
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\24x7 Help
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppGraffiti
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeRIP3
Folder Found : C:\ProgramData\SweetIM
Folder Found : C:\ProgramData\WeCareReminder
Folder Found : C:\Users\JIM\AppData\Local\APN
Folder Found : C:\Users\JIM\AppData\Local\AVG Secure Search
Folder Found : C:\Users\JIM\AppData\Local\Conduit
Folder Found : C:\Users\JIM\AppData\Local\ConduitEngine
Folder Found : C:\Users\JIM\AppData\Local\CouponDropDown
Folder Found : C:\Users\JIM\AppData\Local\Google\Chrome\User Data\Default\Extensions\angobeimajilfhlcpeiccndaifchnppl
Folder Found : C:\Users\JIM\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Folder Found : C:\Users\JIM\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjdclclfjdpbghlihfbhpgajifihjam
Folder Found : C:\Users\JIM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Folder Found : C:\Users\JIM\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Found : C:\Users\JIM\AppData\Local\Ilivid Player
Folder Found : C:\Users\JIM\AppData\Local\NCH
Folder Found : C:\Users\JIM\AppData\Local\OpenCandy
Folder Found : C:\Users\JIM\AppData\LocalLow\AppGraffiti
Folder Found : C:\Users\JIM\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\JIM\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Users\JIM\AppData\LocalLow\Conduit
Folder Found : C:\Users\JIM\AppData\LocalLow\ConduitEngine
Folder Found : C:\Users\JIM\AppData\LocalLow\DailyBibleGuideEI
Folder Found : C:\Users\JIM\AppData\LocalLow\Dealio
Folder Found : C:\Users\JIM\AppData\LocalLow\NCH
Folder Found : C:\Users\JIM\AppData\LocalLow\PriceGong
Folder Found : C:\Users\JIM\AppData\LocalLow\Search Settings
Folder Found : C:\Users\JIM\AppData\LocalLow\searchquband
Folder Found : C:\Users\JIM\AppData\LocalLow\Searchqutoolbar
Folder Found : C:\Users\JIM\AppData\LocalLow\SweetIM
Folder Found : C:\Users\JIM\AppData\Roaming\Babylon
Folder Found : C:\Users\JIM\AppData\Roaming\BabylonToolbar
Folder Found : C:\Users\JIM\AppData\Roaming\DefaultTab
Folder Found : C:\Users\JIM\AppData\Roaming\Mozilla\Firefox\Profiles\vqxnew7a.default\extensions\[email protected]
Folder Found : C:\Users\JIM\AppData\Roaming\Mozilla\Firefox\Profiles\vqxnew7a.default\SweetPacksToolbarData
Folder Found : C:\Users\Terri\AppData\LocalLow\Conduit
Folder Found : C:\Users\Terri\AppData\LocalLow\NCH
Folder Found : C:\Users\Terri\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Vue\AppData\Local\AVG Secure Search
Folder Found : C:\Windows\Installer\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Folder Found : C:\Windows\Installer\{FB697452-8CA4-46B4-98B1-165C922A2EF3}

***** [Registry] *****

Data Found : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll
Data Found : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll
Data Found : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll
Data Found : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll
Key Found : HKCU\Software\24x7HELP
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\CouponAlert_2p
Key Found : HKCU\Software\AppDataLow\Software\CouponDropDown
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\DailyBibleGuideEI
Key Found : HKCU\Software\AppDataLow\Software\DefaultTab
Key Found : HKCU\Software\AppDataLow\Software\Freecause
Key Found : HKCU\Software\AppDataLow\Software\NCH
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\Toolbar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\AppGraffiti
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\AVG Security Toolbar
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Default Tab
Key Found : HKCU\Software\DefaultTab
Key Found : HKCU\Software\Google\Chrome\Extensions\fkjdclclfjdpbghlihfbhpgajifihjam
Key Found : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Babylon
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C1B9042-3D32-49A1-916B-0AA3A9CDDFD6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6C788BC-ACD0-4147-8C71-33ED5CE6722D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F78BF7A8-CF12-4DE7-A6DA-C463D1B539A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\NCH
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\SweetIM
Key Found : HKCU\Software\wecarereminder
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\Software\24x7HELP
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AppGraffiti
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BabylonToolbar
Key Found : HKLM\SOFTWARE\Classes\AppGraffiti.AppGraffitiJS
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Found : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Found : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\b
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Key Found : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0004352.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0004352.FBApi
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0004352.FBApi.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0004352.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0004352.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\DnsBHO.BHO
Key Found : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Found : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Found : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Found : HKLM\SOFTWARE\Classes\sim-packages
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2117678
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2857573
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3008653
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\DealPly
Key Found : HKLM\Software\Default Tab
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C1B9042-3D32-49A1-916B-0AA3A9CDDFD6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A6C788BC-ACD0-4147-8C71-33ED5CE6722D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\NCH
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\SearchquMediabarTb
Key Found : HKLM\Software\SweetIM
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022432252}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A6C788BC-ACD0-4147-8C71-33ED5CE6722D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\angobeimajilfhlcpeiccndaifchnppl
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fkjdclclfjdpbghlihfbhpgajifihjam
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3DA259BA-4413-4536-B643-A687250FB655}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4183178B-4D4E-48A7-9257-454BA90A760E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NCH Toolbar
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Key Found : HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B3595550-5007-4AEB-BB04-D00E62E836A8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F0786343-938E-456B-8798-DE7EEC08F820}
Key Found : HKLM\SOFTWARE\DataMngr
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKU\S-1-5-21-3909975552-3371312792-2741729148-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-3909975552-3371312792-2741729148-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Value Found : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.1 (en-US)

File : C:\Users\JIM\AppData\Roaming\Mozilla\Firefox\Profiles\vqxnew7a.default\prefs.js

Found : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\13.2.0.5");
Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Found : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=110803&tt=4412_7&babsrc=NT_ss&mntr[...]
Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Found : user_pref("browser.search.order.1", "Search the web (Babylon)");
Found : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Found : user_pref("browser.startup.homepage", "hxxps://isearch.avg.com?cid=%7Ba929f1c4-14b1-4bc9-b1bd-21a301[...]
Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=110803&tt=4412_[...]
Found : user_pref("extensions.crossriderapp4352.4352.Insta llationThankYouPage", true);
Found : user_pref("extensions.crossriderapp4352.4352.Insta llationTime", 1340399801);
Found : user_pref("extensions.crossriderapp4352.4352.Insta llationUserSettings.searchUserConifrmat ion", false[...]
Found : user_pref("extensions.crossriderapp4352.4352.Insta llationUserSettings.setHomepage", false);
Found : user_pref("extensions.crossriderapp4352.4352.Insta llationUserSettings.setNewTab", false);
Found : user_pref("extensions.crossriderapp4352.4352.Insta llationUserSettings.setSearch", false);
Found : user_pref("extensions.crossriderapp4352.4352.activ e", true);
Found : user_pref("extensions.crossriderapp4352.4352.addre ssbar", "");
Found : user_pref("extensions.crossriderapp4352.4352.backg roundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&[...]
Found : user_pref("extensions.crossriderapp4352.4352.backg roundver", 9);
Found : user_pref("extensions.crossriderapp4352.4352.can_r un_bg_code", true);
Found : user_pref("extensions.crossriderapp4352.4352.certd omaininstaller", "");
Found : user_pref("extensions.crossriderapp4352.4352.chang eprevious", false);
Found : user_pref("extensions.crossriderapp4352.4352.cooki e.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Found : user_pref("extensions.crossriderapp4352.4352.cooki e.InstallationTime.value", "1340399801");
Found : user_pref("extensions.crossriderapp4352.4352.cooki e.InstallerParams.expiration", "Fri Feb 01 2030 00[...]
Found : user_pref("extensions.crossriderapp4352.4352.cooki e.InstallerParams.value", "%7B%22source_id%22%3A%2[...]
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_aoi.value", "1340399801");
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_blocklist.expiration", "Tue Jan 15 2013 13:[...]
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_blocklist.value", "%22nonexistantdomain.com[...]
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_country_code.expiration", "Mon Jan 21 2013 [...]
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_country_code.value", "%22US%22");
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_crr.value", "1358281372");
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_currenttime.expiration", "Fri Feb 01 2030 0[...]
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_currenttime.value", "%221357677823%22");
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_hotfix20111102645.value", "%221%22");
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_installer_params.expiration", "Fri Feb 01 2[...]
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_installer_params.value", "%7B%22source_id%2[...]
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_parent_zoneid.value", "%2224526%22");
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_pc_20120828.value", "1358189104145");
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_product_id.value", "%221154%22");
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Found : user_pref("extensions.crossriderapp4352.4352.cooki e._GPL_zoneid.value", "%2248119%22");
Found : user_pref("extensions.crossriderapp4352.4352.cooki e.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Found : user_pref("extensions.crossriderapp4352.4352.cooki e.dbtest.value", "1355254157241");
Found : user_pref("extensions.crossriderapp4352.4352.descr iption", "CouponDropDown saves you money by displa[...]
Found : user_pref("extensions.crossriderapp4352.4352.domai n", "");
Found : user_pref("extensions.crossriderapp4352.4352.enabl esearch", false);
Found : user_pref("extensions.crossriderapp4352.4352.fbrem oteurl", "");
Found : user_pref("extensions.crossriderapp4352.4352.group", 0);
Found : user_pref("extensions.crossriderapp4352.4352.homep age", "");
Found : user_pref("extensions.crossriderapp4352.4352.ifram e", false);
Found : user_pref("extensions.crossriderapp4352.4352.inter naldb.InstallerIdentifiers.expiration", "Fri Feb 0[...]
Found : user_pref("extensions.crossriderapp4352.4352.inter naldb.InstallerIdentifiers.value", "%7B%22installe[...]
Found : user_pref("extensions.crossriderapp4352.4352.inter naldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
Found : user_pref("extensions.crossriderapp4352.4352.inter naldb.Resources_appVer.value", "58");
Found : user_pref("extensions.crossriderapp4352.4352.inter naldb.Resources_lastVersion.expiration", "Fri Feb [...]
Found : user_pref("extensions.crossriderapp4352.4352.inter naldb.Resources_lastVersion.value", "0");
Found : user_pref("extensions.crossriderapp4352.4352.inter naldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
Found : user_pref("extensions.crossriderapp4352.4352.inter naldb.Resources_meta.value", "%7B%7D");
Found : user_pref("extensions.crossriderapp4352.4352.inter naldb.Resources_nextCheck.expiration", "Tue Jan 15[...]
Found : user_pref("extensions.crossriderapp4352.4352.inter naldb.Resources_nextCheck.value", "true");
Found : user_pref("extensions.crossriderapp4352.4352.inter naldb.Resources_queue.expiration", "Fri Feb 01 203[...]
Found : user_pref("extensions.crossriderapp4352.4352.inter naldb.Resources_queue.value", "%7B%7D");
Found : user_pref("extensions.crossriderapp4352.4352.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]
Found : user_pref("extensions.crossriderapp4352.4352.manif esturl", "");
Found : user_pref("extensions.crossriderapp4352.4352.name", "CouponDropDown");
Found : user_pref("extensions.crossriderapp4352.4352.newta b", "");
Found : user_pref("extensions.crossriderapp4352.4352.opens earch", "");
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_1.code", "appAPI._cr_config={appID:funct[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_1.name", "base");
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_1.ver", 3);
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_1000014.code", "Array.prototype.indexOf|[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_1000014.name", "GPL Plugin (Loader)");
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_1000014.ver", 12);
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_1000015.name", "GPL Background (BG)");
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_1000015.ver", 4);
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_13.code", "(function(a){a.selectedText=f[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_13.name", "CrossriderAppUtils");
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_13.ver", 2);
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_14.name", "CrossriderUtils");
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_14.ver", 2);
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_15.code", "(function(f){var u={};var e=M[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_15.name", "FacebookFFIE");
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_15.ver", 1);
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_16.code", "if((typeof isBackground===\"u[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_16.name", "FFAppAPIWrapper");
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_16.ver", 4);
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_17.code", "if(typeof window!==\"undefine[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_17.name", "jQuery");
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_17.ver", 3);
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_21.code", "var CrossriderDebugManager=(f[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_21.name", "debug");
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_21.ver", 3);
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_22.code", "(function(a){appAPI.queueMana[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_22.name", "resources");
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_22.ver", 2);
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_28.code", "var CrossriderInitializerPlug[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_28.name", "initializer");
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_28.ver", 2);
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_4.name", "jquery_1_7_1");
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_4.ver", 3);
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_47.code", "(function(){appAPI.ready=func[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_47.name", "resources_background");
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_47.ver", 1);
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_64.code", "(function(){var h=\"__CR_EMPT[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_64.name", "appApiMessage");
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_64.ver", 1);
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_72.code", "if(appAPI.__should_activate_v[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_72.name", "appApiValidation");
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_72.ver", 1);
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_78.code", "if(typeof jQuery!==\"undefine[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_78.name", "CrossriderInfo");
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns.plugin_78.ver", 2);
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns_lists.plugins_0", "4,14,78,16,64,47,72,1000015"[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi ns_lists.plugins_1", "17,14,78,13,16,15,64,4,1,21,[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi nsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
Found : user_pref("extensions.crossriderapp4352.4352.plugi nsversion", 25);
Found : user_pref("extensions.crossriderapp4352.4352.publi sher", "215 Apps");
Found : user_pref("extensions.crossriderapp4352.4352.searc hstatus", 0);
Found : user_pref("extensions.crossriderapp4352.4352.setne wtab", false);
Found : user_pref("extensions.crossriderapp4352.4352.setti ngsurl", "");
Found : user_pref("extensions.crossriderapp4352.4352.thank you", "");
Found : user_pref("extensions.crossriderapp4352.4352.updat einterval", 360);
Found : user_pref("extensions.crossriderapp4352.4352.ver", 58);
Found : user_pref("extensions.crossriderapp4352.adsOldValu e", -1);
Found : user_pref("extensions.crossriderapp4352.apps", "4352");
Found : user_pref("extensions.crossriderapp4352.bic", "13ad1535f0cd7dff763921f71560fce0");
Found : user_pref("extensions.crossriderapp4352.cid", 4352);
Found : user_pref("extensions.crossriderapp4352.firstrun", false);
Found : user_pref("extensions.crossriderapp4352.hadappinst alled", true);
Found : user_pref("extensions.crossriderapp4352.installati ondate", 1352131633);
Found : user_pref("extensions.crossriderapp4352.lastcheck", 22638021);
Found : user_pref("extensions.crossriderapp4352.lastchecki tem", 22638024);
Found : user_pref("extensions.crossriderapp4352.modetype", "production");
Found : user_pref("extensions.enabledAddons", "[email protected]:1.0.0.22,crossriderapp4352@crossr[...]
Found : user_pref("keyword.URL", "hxxps://isearch.avg.com/search?cid=%7Ba929f1c4-14b1-4bc9-b1bd-21a301493478[...]
Found : user_pref("sweetim.toolbar.cargo", "3.1010000.10002");
Found : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Found : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]
Found : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Found : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Found : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Found : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.html")[...]
Found : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Found : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Found : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]
Found : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Found : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Found : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Found : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]
Found : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Found : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]
Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.M inReportLevel", "7");
Found : user_pref("sweetim.toolbar.logger.FileHandler.File Name", "ff-toolbar.log");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxF ileSize", "200000");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MinR eportLevel", "7");
Found : user_pref("sweetim.toolbar.mode.debug", "false");
Found : user_pref("sweetim.toolbar.prad.initialized_by_rc", "true");
Found : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.sweetim.com/search.asp?src=2&q=");
Found : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Found : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Found : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Found : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Found : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Found : user_pref("sweetim.toolbar.scripts.0.enable", "true");
Found : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Found : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Found : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "false");
Found : user_pref("sweetim.toolbar.scripts.1.callback", "");
Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]
Found : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "");
Found : user_pref("sweetim.toolbar.scripts.1.elementid", "id_predict_include_script");
Found : user_pref("sweetim.toolbar.scripts.1.enable", "true");
Found : user_pref("sweetim.toolbar.scripts.1.id", "id_script_prad");
Found : user_pref("sweetim.toolbar.scripts.1.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...]
Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Found : user_pref("sweetim.toolbar.search.history.capacity", "10");
Found : user_pref("sweetim.toolbar.searchguard.enable", "true");
Found : user_pref("sweetim.toolbar.simapp_id", "{F5E23240-BBCE-11E1-961A-6C626D7BE897}");

File : C:\Users\Vue\AppData\Roaming\Mozilla\Firefox\Profiles\8iapzz99.default\prefs.js

Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Found : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Found : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={0E284222-13ED-43EF-8FD5-98E75F56[...]

-\\ Google Chrome v24.0.1312.52

File : C:\Users\JIM\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Vue\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [55284 octets] - [15/01/2013 14:29:41]

########## EOF - C:\AdwCleaner[R1].txt - [55345 octets] ##########

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.15.14

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
JIM :: ROSIE [administrator]

1/15/2013 2:39:14 PM
MBAM-log-2013-01-15 (14-52-00).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 344270
Time elapsed: 10 minute(s), 2 second(s)

Memory Processes Detected: 1
C:\Program Files (x86)\WeatherBlink\bar\1.bin\gcbrmon.exe (PUP.MyWebSearch) -> 3256 -> No action taken.

Memory Modules Detected: 7
C:\Program Files (x86)\WeatherBlink\bar\1.bin\gcbrstub.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\WeatherBlink\bar\1.bin\gcauxstb.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\WeatherBlink\bar\1.bin\gcSrcAs.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\WeatherBlink\bar\1.bin\gcdlghk.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\WeatherBlink\bar\1.bin\gcieovr.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\WeatherBlink\bar\1.bin\gcbar.dll (PUP.MyWebSearch) -> No action taken.
C:\Program Files (x86)\WeatherBlink\bar\1.bin\gcradio.dll (PUP.MyWebSearch) -> No action taken.

Registry Keys Detected: 53
HKLM\SYSTEM\CurrentControlSet\Services\WeatherBlinkService (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{8ba2cfef-a1bc-4964-aadc-33be1ae5a33c} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{9b9dcae3-be34-424c-8d73-75e305a9e091} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9B9DCAE3-BE34-424C-8D73-75E305A9E091} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9B9DCAE3-BE34-424C-8D73-75E305A9E091} (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9B9DCAE3-BE34-424C-8D73-75E305A9E091} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{393f1621-f8c2-4e27-a179-438b9f1ea6f7} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{a66f331b-51cb-42c8-b1b3-83ced369b007} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{710AC531-FB66-4ED3-BB1C-D996A8C061B4} (PUP.MyWebSearch) -> No action taken.
HKCR\CLSID\{d229a1e0-7b36-4912-a874-0f0a4e1c039d} (PUP.MyWebSearch) -> No action taken.
HKCR\TypeLib\{a7ec9f40-1b68-46f5-afe7-97bcd8ff67c3} (PUP.MyWebSearch) -> No action taken.
HKCR\Interface\{19A42F40-E285-4300-BEDF-AFFA58AC1AC2} (PUP.MyWebSearch) -> No action taken.
HKCR\WeatherBlink.SettingsPlugin.1 (PUP.MyWebSearch) -> No action taken.
HKCR\WeatherBlink.SettingsPlugin (PUP.MyWebSearch) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D229A1E0-7B36-4912-A874-0F0A4E1C039D} (PUP.MyWebSearch) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D229A1E0-7B36-4912-A874-0F0A4
Logged
You are much appreciated..     Thank you ,

SuperDave

  • Malware Removal Specialist
  • Moderator


    • Genius
    • Thanked: 1020
  • Certifications: List
  • Experience: Expert
  • OS: Windows 10
Re: My machine is still acting up even worse than before.
« Reply #1 on: January 16, 2013, 12:45:36 PM »
Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
Remove the Adware:
  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with OK
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
*************************************************
Please run MBAM again and this time, clean the infections.

Download Combofix from any of the links below, and save it to your DESKTOP

Link 1
Link 2
Link 3

To prevent your anti-virus application interfering with  ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.
  • Close any open windows and double click ComboFix.exe to run it.

    You will see the following image:


Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to  have this pre-installed on your machine before doing any malware  removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair  mode that will allow us to more easily help you should your computer  have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.
Logged
Windows 8 and Windows 10 dual boot with two SSD's

jim.mar

    Topic Starter


    Apprentice
  • Long in the tooth, shy between the ears
    • Yes
  • Computer: Specs
  • Experience: Familiar
  • OS: Windows 7
Re: My machine is still acting up even worse than before.
« Reply #2 on: January 17, 2013, 01:26:28 PM »
/Superdave: Combofix has asked that I disable Microsoft Security  Essentials  antivirus and antispyware.   I haven't been able to find out how to do that.   I am running Windows 7    64 bit OS.    Can you help me with that ? ?     Thank you..  JIM
Logged
You are much appreciated..     Thank you ,

SuperDave

  • Malware Removal Specialist
  • Moderator


    • Genius
    • Thanked: 1020
  • Certifications: List
  • Experience: Expert
  • OS: Windows 10
Re: My machine is still acting up even worse than before.
« Reply #3 on: January 17, 2013, 03:54:57 PM »
Open MSE, click on Settings and click on Realtime protection. Uncheck the box and it will be disabled.
Logged
Windows 8 and Windows 10 dual boot with two SSD's

jim.mar

    Topic Starter


    Apprentice
  • Long in the tooth, shy between the ears
    • Yes
  • Computer: Specs
  • Experience: Familiar
  • OS: Windows 7
Re: My machine is still acting up even worse than before.
« Reply #4 on: January 17, 2013, 08:14:04 PM »
SUPERDAVE::   THANK YOU EVERYTHING WENT WELL.  COMBOFIX LOG FOLLOWS;

ComboFix 13-01-17.03 - JIM 01/17/2013  19:25:04.3.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4095.2117 [GMT -7:00]
Running from: c:\users\JIM\Desktop\Clean PC 1-15-2013\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\WeatherBlink
c:\program files (x86)\WeatherBlink\bar\1.bin\BOOTSTRAP.JS
c:\program files (x86)\WeatherBlink\bar\1.bin\CHROME.MANIFEST
c:\program files (x86)\WeatherBlink\bar\1.bin\chrome\gcffxtbr.jar
c:\program files (x86)\WeatherBlink\bar\1.bin\CREXT.DLL
c:\program files (x86)\WeatherBlink\bar\1.bin\CrExtPgc.exe
c:\program files (x86)\WeatherBlink\bar\1.bin\gcdatact.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcdyn.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcfeedmg.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gchighin.exe
c:\program files (x86)\WeatherBlink\bar\1.bin\gchkstub.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gchtmlmu.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gchttpct.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcidle.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcimpipe.exe
c:\program files (x86)\WeatherBlink\bar\1.bin\gcmedint.exe
c:\program files (x86)\WeatherBlink\bar\1.bin\gcmlbtn.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcmsg.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcPlugin.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcregfft.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcreghk.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcregiet.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcscript.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcskin.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcsknlcr.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcskplay.exe
c:\program files (x86)\WeatherBlink\bar\1.bin\gctpinst.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\gcuabtn.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\INSTALL.RDF
c:\program files (x86)\WeatherBlink\bar\1.bin\installKeys.js
c:\program files (x86)\WeatherBlink\bar\1.bin\LOGO.BMP
c:\program files (x86)\WeatherBlink\bar\1.bin\NPgcStub.dll
c:\program files (x86)\WeatherBlink\bar\1.bin\T8EXTEX.DLL
c:\program files (x86)\WeatherBlink\bar\1.bin\T8EXTPEX.DLL
c:\program files (x86)\WeatherBlink\bar\1.bin\T8HTML.DLL
c:\program files (x86)\WeatherBlink\bar\1.bin\T8RES.DLL
c:\program files (x86)\WeatherBlink\bar\1.bin\T8TICKER.DLL
c:\program files (x86)\WeatherBlink\bar\gen1\COMMON.T8S
c:\program files (x86)\WeatherBlink\bar\IE9Mesg\COMMON.T8S
c:\program files (x86)\WeatherBlink\bar\Message\COMMON.T8S
c:\program files (x86)\WeatherBlink\bar\Settings\s_pid.dat
c:\users\JIM\Documents\~WRL0003.tmp
c:\users\JIM\Documents\~WRL1247.tmp
c:\windows\SysWow64\Cache
c:\windows\SysWow64\Cache\272512937d9e61a4.fb
c:\windows\SysWow64\Cache\287204568329e189.fb
c:\windows\SysWow64\Cache\28bc8f716fd76a47.fb
c:\windows\SysWow64\Cache\31a0997e9a5b5eb3.fb
c:\windows\SysWow64\Cache\32c84fe32bb74d60.fb
c:\windows\SysWow64\Cache\3917078cb68ec657.fb
c:\windows\SysWow64\Cache\590ba23ce359fd0c.fb
c:\windows\SysWow64\Cache\610289e025a3ee9a.fb
c:\windows\SysWow64\Cache\651c5d3cdbfb8bd1.fb
c:\windows\SysWow64\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\SysWow64\Cache\6d03dad1035885d3.fb
c:\windows\SysWow64\Cache\a8556537add6dfc5.fb
c:\windows\SysWow64\Cache\ad10a52aff5e038d.fb
c:\windows\SysWow64\Cache\c1fa887b03019701.fb
c:\windows\SysWow64\Cache\c4332ea89ed5c19b.fb
c:\windows\SysWow64\Cache\c4d28dca2e7648be.fb
c:\windows\SysWow64\Cache\d201ef9910cd39de.fb
c:\windows\SysWow64\Cache\d2e94710a5708128.fb
c:\windows\SysWow64\Cache\d79b9dfe81484ec4.fb
c:\windows\SysWow64\Cache\f998975c9cc711ee.fb
.
.
(((((((((((((((((((((((((   Files Created from 2012-12-18 to 2013-01-18  )))))))))))))))))))))))))))))))
.
.
2013-01-18 02:31 . 2013-01-18 02:31   --------   d-----w-   c:\users\Vue\AppData\Local\temp
2013-01-18 02:31 . 2013-01-18 02:31   --------   d-----w-   c:\users\vue 3\AppData\Local\temp
2013-01-18 02:31 . 2013-01-18 02:31   --------   d-----w-   c:\users\UpdatusUser\AppData\Local\temp
2013-01-18 02:31 . 2013-01-18 02:31   --------   d-----w-   c:\users\Terri\AppData\Local\temp
2013-01-18 02:31 . 2013-01-18 02:31   --------   d-----w-   c:\users\Public\AppData\Local\temp
2013-01-18 02:31 . 2013-01-18 02:31   --------   d-----w-   c:\users\Default\AppData\Local\temp
2013-01-18 02:31 . 2013-01-18 02:31   --------   d-----w-   c:\users\Guest\AppData\Local\temp
2013-01-17 18:41 . 2013-01-08 05:32   9161176   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D52993FF-28DB-4B3C-9AD6-431303082AB1}\mpengine.dll
2013-01-17 18:11 . 2013-01-17 18:11   --------   d-----w-   c:\users\JIM\AppData\Roaming\LavasoftStatistics
2013-01-17 18:11 . 2013-01-17 18:11   --------   d-----w-   c:\users\JIM\AppData\Roaming\Ad-Aware Antivirus
2013-01-16 16:26 . 2013-01-08 05:32   9161176   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-01-14 16:29 . 2013-01-14 16:29   --------   d-----w-   c:\program files\Enigma Software Group
2013-01-14 16:28 . 2013-01-16 18:44   --------   d-----w-   c:\windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2013-01-14 16:28 . 2013-01-14 16:28   --------   d-----w-   c:\program files (x86)\Common Files\Wise Installation Wizard
2013-01-09 18:10 . 2013-01-09 18:10   --------   d-----w-   c:\users\Vue\AppData\Local\Eraser 6
2013-01-09 17:56 . 2012-11-09 05:45   750592   ----a-w-   c:\windows\system32\win32spl.dll
2013-01-09 17:56 . 2012-11-09 04:43   492032   ----a-w-   c:\windows\SysWow64\win32spl.dll
2013-01-09 17:56 . 2012-11-01 05:43   2002432   ----a-w-   c:\windows\system32\msxml6.dll
2013-01-09 17:56 . 2012-11-01 05:43   1882624   ----a-w-   c:\windows\system32\msxml3.dll
2013-01-09 17:56 . 2012-11-01 04:47   1389568   ----a-w-   c:\windows\SysWow64\msxml6.dll
2013-01-09 17:56 . 2012-11-01 04:47   1236992   ----a-w-   c:\windows\SysWow64\msxml3.dll
2013-01-09 17:56 . 2012-11-20 05:48   307200   ----a-w-   c:\windows\system32\ncrypt.dll
2013-01-09 17:56 . 2012-11-20 04:51   220160   ----a-w-   c:\windows\SysWow64\ncrypt.dll
2013-01-09 17:56 . 2012-11-22 05:44   800768   ----a-w-   c:\windows\system32\usp10.dll
2013-01-09 17:56 . 2012-11-22 04:45   626688   ----a-w-   c:\windows\SysWow64\usp10.dll
2012-12-31 20:41 . 2012-12-31 20:42   --------   d-----w-   c:\users\JIM\AppData\Roaming\PDFlite
2012-12-31 20:36 . 2013-01-14 18:53   --------   d-----w-   c:\users\JIM\AppData\Roaming\FileAssociationManager
2012-12-31 20:36 . 2012-12-31 20:36   --------   d-----w-   c:\program files (x86)\FileAssociationManager
2012-12-31 20:36 . 2005-03-11 18:07   87040   ----a-w-   c:\windows\system32\redmonnt.dll
2012-12-31 20:36 . 2005-03-11 18:07   46080   ----a-w-   c:\windows\system32\unredmon.exe
2012-12-31 20:36 . 2012-12-31 20:36   --------   d-----w-   c:\program files (x86)\PDFlite
2012-12-31 18:59 . 2012-12-31 18:59   --------   d-----w-   c:\programdata\REGSERVO64
2012-12-29 17:49 . 2013-01-17 22:39   --------   d-----r-   c:\users\JIM\Dropbox
2012-12-29 17:41 . 2013-01-17 22:39   --------   d-----w-   c:\users\JIM\AppData\Roaming\Dropbox
2012-12-22 17:38 . 2012-12-22 17:38   --------   d-----w-   c:\users\JIM\AppData\Local\IAC
2012-12-22 17:37 . 2012-12-22 17:37   --------   d-----w-   c:\users\JIM\AppData\Local\WeatherBlink
2012-12-22 16:56 . 2012-11-14 05:52   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
2012-12-22 00:04 . 2012-11-09 05:45   2048   ----a-w-   c:\windows\system32\tzres.dll
2012-12-22 00:04 . 2012-11-09 04:42   2048   ----a-w-   c:\windows\SysWow64\tzres.dll
2012-12-22 00:02 . 2012-11-02 05:59   478208   ----a-w-   c:\windows\system32\dpnet.dll
2012-12-22 00:02 . 2012-11-02 05:11   376832   ----a-w-   c:\windows\SysWow64\dpnet.dll
2012-12-21 23:58 . 2012-12-16 17:11   46080   ----a-w-   c:\windows\system32\atmlib.dll
2012-12-21 23:58 . 2012-12-16 14:13   34304   ----a-w-   c:\windows\SysWow64\atmlib.dll
2012-12-21 23:58 . 2012-12-16 14:45   367616   ----a-w-   c:\windows\system32\atmfd.dll
2012-12-21 23:58 . 2012-12-16 14:13   295424   ----a-w-   c:\windows\SysWow64\atmfd.dll
2012-12-21 23:55 . 2012-12-21 23:55   --------   d-----w-   c:\programdata\Strongvault Online Backup
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-10 15:32 . 2011-04-30 16:16   67599240   ----a-w-   c:\windows\system32\MRT.exe
2013-01-08 20:49 . 2012-07-19 20:52   74248   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-08 20:49 . 2012-07-19 20:52   697864   ----a-w-   c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-14 23:49 . 2012-09-21 00:51   24176   ----a-w-   c:\windows\system32\drivers\mbam.sys
2012-11-30 04:45 . 2013-01-09 17:55   44032   ----a-w-   c:\windows\apppatch\acwow64.dll
2012-11-29 18:33 . 2012-11-29 18:34   972264   ------w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4517E95E-A92C-4E3B-8B6F-881229C13E01}\gapaengine.dll
2012-11-09 15:31 . 2012-07-18 19:13   30568   ----a-w-   c:\windows\system32\drivers\avgtpx64.sys
2012-11-08 18:29 . 2012-11-08 18:29   1402312   ----a-w-   c:\windows\SysWow64\msxml4.dll
2011-01-18 08:53 . 2011-01-18 08:53   2994688   ----a-w-   c:\program files (x86)\openofficeorg33.msi
2011-01-18 08:52 . 2011-01-18 08:52   475016   ----a-w-   c:\program files (x86)\setup.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll" [2012-06-11 1524056]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   129272   ----a-w-   c:\users\JIM\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   129272   ----a-w-   c:\users\JIM\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   129272   ----a-w-   c:\users\JIM\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-21 39408]
"Facebook Update"="c:\users\JIM\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-10-03 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SMessaging"="c:\users\JIM\AppData\Local\Strongvault Online Backup\SMessaging.exe" [2012-04-05 31664]
.
c:\users\JIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\JIM\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-12-28 28539392]
Stickies.lnk - c:\program files (x86)\Stickies\stickies.exe [2011-2-18 1101824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R0 nazrf;nazrf;c:\windows\system32\drivers\nmnvygsd.sys

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 spd Updater;spd Updater;c:\program files (x86)\SPDUpdater\updater.exe [2012-09-28 1731072]
R2 ZDManager Service;ZDManager Service;c:\program files (x86)\ZD Systems\ZD Manager\ZDManagerService.exe [2012-10-18 176640]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys

R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\6D4.tmp

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-19 1255736]
S1 aswSnx;aswSnx;

S1 aswSP;aswSP;

S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-11-09 30568]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 aswFsBlk;aswFsBlk;

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 66904]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-09 711112]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-11-27 67072]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-05-15 1327520]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - AVGIDSDriver
*Deregistered* - AVGIDSEH
*Deregistered* - AVGIDSFilter
*Deregistered* - Avgrkx64
*Deregistered* - Avgtdia
*Deregistered* - PCTFW-PacketFilter
*Deregistered* - pctgntdi
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt   REG_MULTI_SZ      hpqcxs08 hpqddsvc
Akamai   REG_MULTI_SZ      Akamai
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-01-12 17:10   1606760   ----a-w-   c:\program files (x86)\Google\Chrome\Application\24.0.1312.52\Installer\setup.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-19 20:49]
.
2013-01-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3909975552-3371312792-2741729148-1000Core.job
- c:\users\JIM\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-09 00:00]
.
2013-01-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3909975552-3371312792-2741729148-1000UA.job
- c:\users\JIM\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-09 00:00]
.
2013-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-21 16:45]
.
2013-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-21 16:45]
.
2013-01-17 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~2\SMARTD~1\Messages\SDNotify.exe [2012-10-02 18:22]
.
2012-06-16 c:\windows\Tasks\SidebarExecute.job
- c:\program files\Windows Sidebar\sidebar.exe [2011-06-20 13:25]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01   134384   ----a-w-   c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   162552   ----a-w-   c:\users\JIM\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   162552   ----a-w-   c:\users\JIM\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   162552   ----a-w-   c:\users\JIM\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32   162552   ----a-w-   c:\users\JIM\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-12-18 02:50   755816   ----a-w-   c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-12-18 02:50   755816   ----a-w-   c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-12-18 02:50   755816   ----a-w-   c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-12-18 02:50   755816   ----a-w-   c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearchAssistant =
IE: Open with PDF Viewer Plus - c:\program files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: Search the Web - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\JIM\AppData\Roaming\Mozilla\Firefox\Profiles\vqxnew7a.default\
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-12-22 10:37; [email protected]; c:\users\JIM\AppData\Roaming\Mozilla\Firefox\Profiles\vqxnew7a.default\extensions\[email protected]
FF - ExtSQL: !HIDDEN! 2012-12-22 10:37; [email protected]; c:\program files (x86)\WeatherBlink\bar\1.bin
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{3eec3c07-13c6-4b41-87c6-40b425a0b0a2} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-{f20de5e0-2a6e-4c54-985f-1cf59551ce39} - c:\program files (x86)\WeatherBlink\bar\1.bin\gcbar.dll
WebBrowser-{B9B97401-98E1-4942-930D-C36652DAB7F2} - (no file)
WebBrowser-{3EEC3C07-13C6-4B41-87C6-40B425A0B0A2} - (no file)
AddRemove-{501451DE-5808-4599-B544-8BD0915B6B24}_is1 - c:\program files (x86)\FreeRIP3\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_ce5ba24.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\6D4.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-01-17  19:36:10
ComboFix-quarantined-files.txt  2013-01-18 02:36
ComboFix2.txt  2012-02-17 16:54
ComboFix3.txt  2012-01-30 19:59
ComboFix4.txt  2011-07-05 17:05
.
Pre-Run: 191,168,352,256 bytes free
Post-Run: 194,873,524,224 bytes free
.
- - End Of File - - E85CBE2E2E63856371FF48FF6C84FCAD
Logged
You are much appreciated..     Thank you ,

SuperDave

  • Malware Removal Specialist
  • Moderator


    • Genius
    • Thanked: 1020
  • Certifications: List
  • Experience: Expert
  • OS: Windows 10
Re: My machine is still acting up even worse than before.
« Reply #5 on: January 18, 2013, 12:10:15 PM »
The log shows that you have two AV's on your computer. Just make sure that only one is enabled at any time.

Download Security Check by screen317 from one of the following links and save it to your desktop.

Link 1
Link 2

* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
************************************************
Please download Rooter and Save it to your desktop.
  • Double click it to start the tool.Vista and Windows7 run as administrator.
  • Click Scan.
  • Eventually, a Notepad file containing the report will open, also found at C:\Rooter.txt. Post that log in your next reply.
Logged
Windows 8 and Windows 10 dual boot with two SSD's

jim.mar

    Topic Starter


    Apprentice
  • Long in the tooth, shy between the ears
    • Yes
  • Computer: Specs
  • Experience: Familiar
  • OS: Windows 7
Re: My machine is still acting up even worse than before.
« Reply #6 on: January 21, 2013, 03:30:05 PM »
SuperDaveThanks again.   
I could not determine what two (2) AV's were on my cocmputer.  I know Microsoft Essentials was one (it is disabled at the time). but I don't know what the other one is.  Is it Avast or Malwarebytes? ?
following are the logs from Security Check and Rooter.

Rooter.exe (v1.0.2) by Eric_71
.
The token does not have the SeDebugPrivilege privilege ! (error:1300)
Can not acquire SeDebugPrivilege !
Please run the tool as administrator ..
.
Windows 7 Home Edition (6.1.7601) Service Pack 1
[32_bits] - AMD64 Family 16 Model 5 Stepping 3, AuthenticAMD
.
Error OpenService (wscsvc) : 6
Error OpenSCManager : 5
Error OpenService (MpsSvc) : 6
Windows Defender -> Enabled
User Account Control (UAC) -> Enabled
.
Internet Explorer 9.0.8112.16421
Mozilla Firefox 16.0.1 (en-US)
.
C:\  [Fixed-NTFS] .. ( Total:244 Go - Free:181 Go )
D:\  [Fixed-NTFS] .. ( Total:352 Go - Free:262 Go )
E:\  [Fixed-NTFS] .. ( Total:63 Go - Free:36 Go )
F:\  [Fixed-NTFS] .. ( Total:12 Go - Free:2 Go )
G:\  [CD_Rom]
H:\  [CD_Rom]
I:\  [CD_Rom]
.
Scan : 15:47.49
Path : C:\Users\JIM\Downloads\Rooter (1).exe
User : JIM ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
Locked smss.exe??0 (336)
Locked csrss.ex??0 (424)
Locked wininit.??0 (488)
Locked csrss.ex??0 (512)
Locked services??0 (556)
Locked lsass.ex??0 (572)
Locked lsm.exe (580)
Locked winlogon??0 (616)
Locked svchost.??0 (740)
Locked nvvsvc.e??0 (828)
Locked nvSCPAPI??0 (852)
Locked svchost.??0 (888)
Locked MsMpEng.??0 (960)
Locked svchost.??0 (168)
Locked svchost.??0 (516)
Locked svchost.??0 (684)
Locked audiodg.??0 (1036)
Locked svchost.??0 (1140)
Locked nvxdsync??0 (1212)
Locked nvvsvc.e??0 (1224)
Locked svchost.??0 (1388)
Locked spoolsv.??0 (1792)
Locked svchost.??0 (1832)
Locked SASCore6??0 (1928)
Locked armsvc.e??0 (1956)
Locked svchost.??0 (2024)
Locked LSSrvc.e??0 (1576)
Locked mbamsche??0 (1668)
Locked mbamserv??0 (1176)
Locked svchost.??0 (2156)
Locked ToolbarU??0 (2216)
Locked WLIDSVC.??0 (2272)
Locked YahooAUS??0 (2324)
Locked WLIDSVCM??0 (2832)
Locked SearchIn??0 (2948)
Locked svchost.??0 (2040)
______ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (3352)
______ ?????????? (3432)
______ ?????????? (3492)
______ ?????????? (3528)
______ ?????????? (3804)
______ ?????????? (3172)
______ C:\Program Files (x86)\Stickies\stickies.exe (3472)
Locked svchost.??0 (4716)
Locked wmpnetwk??0 (4860)
Locked dllhost.??0 (4824)
Locked daemonu.??0 (3096)
Locked svchost.??0 (3660)
______ ?????????? (2816)
______ C:\Users\JIM\AppData\Roaming\Dropbox\bin\Dropbox.exe (2288)
______ ?????????? (3424)
Locked svchost.??0 (3632)
______ ?????????? (4068)
Locked SearchPr??0 (3952)
Locked SearchFi??0 (1456)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (4208)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (3712)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (2900)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (3564)
______ C:\Users\JIM\Downloads\Rooter (1).exe (3940)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:1048576 | Length:104857600)
\Device\Harddisk0\Partition2 (Start_Offset:105906176 | Length:262039142400)
\Device\Harddisk0\Partition3 (Start_Offset:262145048576 | Length:377987530752)
.
----------------------\\ Scheduled Tasks
.
C:\Windows\Tasks\Adobe Flash Player Updater.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3909975552-3371312792-2741729148-1000Core.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3909975552-3371312792-2741729148-1000UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
C:\Windows\Tasks\SDMsgUpdate (TE).job
C:\Windows\Tasks\SidebarExecute.job
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 15:47.53
.
C:\Rooter$\Rooter_2.txt - (21/01/2013 | 15:47.53)
Logged
You are much appreciated..     Thank you ,

SuperDave

  • Malware Removal Specialist
  • Moderator


    • Genius
    • Thanked: 1020
  • Certifications: List
  • Experience: Expert
  • OS: Windows 10
Re: My machine is still acting up even worse than before.
« Reply #7 on: January 21, 2013, 03:49:30 PM »
The other AV is  avast! Antivirus. You can uninstall it by going to Start, Control Panel, Program and Features.
How's your computer running now?
Logged
Windows 8 and Windows 10 dual boot with two SSD's

jim.mar

    Topic Starter


    Apprentice
  • Long in the tooth, shy between the ears
    • Yes
  • Computer: Specs
  • Experience: Familiar
  • OS: Windows 7
Re: My machine is still acting up even worse than before.
« Reply #8 on: January 22, 2013, 01:37:09 PM »
SuperDave:
Well I tried to uninstall Avast as instructed but reiceived the following

avast setup Fatal Error

    Error reading product data from "C:\ProgramFiles\AVAST Software\Avast\setup\part-setup_ais-557.vpx" Setup cannot contimue.

and quit.   Other than that my computer is running much better now.  I want to thank all those who read this and especially you, Dave, for your help.  You guys do a terrific job and I know it must take a lot of effort on your part.  Keep up the good work,   JIM
Logged
You are much appreciated..     Thank you ,

SuperDave

  • Malware Removal Specialist
  • Moderator


    • Genius
    • Thanked: 1020
  • Certifications: List
  • Experience: Expert
  • OS: Windows 10
Re: My machine is still acting up even worse than before.
« Reply #9 on: January 22, 2013, 03:58:15 PM »
Try running this Avast Removal Tool.

AVAST! Removal Tool - Avast! uninstall utility

I'd like to scan your machine with ESET OnlineScan

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however may need to disable your current installed Anti-Virus, how to do so can be read here.

•Please go then click on the: button.

••Select the option YES, I accept the Terms of Use then click on: button.
      •When prompted allow the
Add-On/Active X to install.
[/list]
•Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
•Now click on Advanced Settings and select the following:

•Scan for potentially unwanted applications
•Scan for potentially unsafe applications
•Enable Anti-Stealth Technology
[/list]
•Push the Start button.
•The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.

•When completed the Online Scan will begin automatically.

Do not touch either the Mouse or keyboard during the scan otherwise it may stall.

•When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!

•Push
•Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

•Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
Logged
Windows 8 and Windows 10 dual boot with two SSD's

jim.mar

    Topic Starter


    Apprentice
  • Long in the tooth, shy between the ears
    • Yes
  • Computer: Specs
  • Experience: Familiar
  • OS: Windows 7
Re: My machine is still acting up even worse than before.
« Reply #10 on: January 23, 2013, 11:48:26 AM »
SuperDave:  OK,  Thanks again.  Log follows:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.7600.16385 (win7_rtm.090713-1255)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=d98198eacd3b934982b0cf2249bb25a8
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-02-08 07:42:47
# local_time=2012-02-08 12:42:47 (-0700, Mountain Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 28145138 28145138 0 0
# compatibility_mode=768 16777215 100 0 28145517 28145517 0 0
# compatibility_mode=1024 16777215 100 0 28145500 28145500 0 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776573 100 94 0 80261076 0 0
# compatibility_mode=8192 67108863 100 0 28145478 28145478 0 0
# scanned=258156
# found=3
# cleaned=3
# scan_time=12541
C:\Program Files (x86)\EpicPlay\epicPlayGames.dll   a variant of Win32/Adware.Gamevance.BI application (cleaned by deleting (after the next restart) - quarantined)   00000000000000000000000000000000   C
C:\Users\JIM\AppData\Local\Temp\NODC07B.tmp   a variant of Win32/Adware.Gamevance.BI application (cleaned by deleting (after the next restart) - quarantined)   00000000000000000000000000000000   C
C:\Users\JIM\Downloads\freeripmp3-setup.exe   multiple threats (deleted - quarantined)   00000000000000000000000000000000   C
# version=7
# iexplore.exe=8.00.7600.16385 (win7_rtm.090713-1255)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=d98198eacd3b934982b0cf2249bb25a8
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-02-28 06:01:20
# local_time=2012-02-28 11:01:20 (-0700, Mountain Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 29874054 29874054 0 0
# compatibility_mode=768 16777215 100 0 29874433 29874433 0 0
# compatibility_mode=1024 16777215 100 0 29874416 29874416 0 0
# compatibility_mode=5893 16776573 100 94 0 81989992 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=261223
# found=1
# cleaned=1
# scan_time=5538
C:\Users\JIM\Downloads\freeripmp3-setup.exe   multiple threats (deleted - quarantined)   00000000000000000000000000000000   C
# version=8
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6889
# api_version=3.0.2
# EOSSerial=d98198eacd3b934982b0cf2249bb25a8
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-01-23 06:12:29
# local_time=2013-01-23 11:12:29 (-0700, Mountain Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 16763664 110508199 0 0
# scanned=277173
# found=15
# cleaned=0
# scan_time=6226
C:\Qoobox\Quarantine\C\Program Files (x86)\Search Toolbar\SearchToolbarUpdater.exe.vir   Win32/Toolbar.Zugo application   ED1A5E762C2C8A6CFBBF9303EF5B18F6B49FCE2 D   I
C:\Qoobox\Quarantine\C\Program Files (x86)\WeatherBlink\bar\1.bin\gcdatact.dll.vir   a variant of Win32/Toolbar.MyWebSearch.A application   BAEFCB03679575349E01668C4F0938643BAAA02 2   I
C:\Qoobox\Quarantine\C\Program Files (x86)\WeatherBlink\bar\1.bin\gchtmlmu.dll.vir   probably a variant of Win32/Toolbar.MyWebSearch.B application   EAA9D46B8FAB8F3D48BB239ADFE46BA31243401 7   I
C:\Qoobox\Quarantine\C\Program Files (x86)\WeatherBlink\bar\1.bin\gcPlugin.dll.vir   probably a variant of Win32/Toolbar.MyWebSearch application   A62045168FE92EC16E7764ECD96F592D2D63BB7 C   I
C:\Qoobox\Quarantine\C\Program Files (x86)\WeatherBlink\bar\1.bin\gcskin.dll.vir   a variant of Win32/Toolbar.MyWebSearch.P application   857980A7B7AB77FF8E34A090CCD76B8BA628E7E 4   I
C:\Qoobox\Quarantine\C\Program Files (x86)\WeatherBlink\bar\1.bin\T8HTML.DLL.vir   probably a variant of Win32/Toolbar.MyWebSearch.F application   A8B583E2BFA2B7E04C3719FF000CCF7151AEEA7 F   I
C:\Users\JIM\Desktop\SYTEM PROTECT\BundleSweetIMSetup.exe   a variant of Win32/SweetIM.C application   4C4377FF9272D448D9CB0ABB30FEA849B94F407 B   I
C:\Users\JIM\Downloads\7Zip_38.exe   a variant of Win32/InstallIQ application   E48B301BB3C739A2E919137C339C269C65D35D1 E   I
C:\Users\JIM\Downloads\ARO2011_tbt.exe   a variant of Win32/Bundled.Toolbar.Ask application   71B15FC33F44E5A0EA2D16E9CDFFC463914C9D2 6   I
C:\Users\JIM\Downloads\iLividSetupV1.exe   Win32/Toolbar.SearchSuite application   3807BF9AF4C48971386C09C7F1C7018C8F4D535 2   I
C:\Users\JIM\Downloads\installer_skype_English.exe   Win32/Toolbar.Babylon application   54DC2CE7F46557B8A34BC600A4AB1F9A6EBA063 8   I
C:\Users\JIM\Downloads\PDFCreator-1_6_1_setup.exe   Win32/OpenCandy application   64131EBCE68286BAAEFAC74F12628EBFC159B7C B   I
C:\Users\JIM\Downloads\PDFCreatorInstaller.exe   a variant of Win32/Bundled.Toolbar.Ask application   37920FAF0E8AC74459FD43E643BBBE474FE05F4 8   I
C:\Users\JIM\Downloads\PDFReader.exe   a variant of Win32/Bundled.Toolbar.Ask application   30B702985DB151D4FB5B435575E42FB667BADB3 4   I
C:\Users\JIM\Downloads\TuneUp360_Setup.exe   Win32/TuneUp360 application   4C64072F0E8DA8A8C718B3BB926D473765650BC D   I
Logged
You are much appreciated..     Thank you ,

SuperDave

  • Malware Removal Specialist
  • Moderator


    • Genius
    • Thanked: 1020
  • Certifications: List
  • Experience: Expert
  • OS: Windows 10
Re: My machine is still acting up even worse than before.
« Reply #11 on: January 23, 2013, 12:33:18 PM »
That's looks good. How's your computer running now? Any other issues?
Logged
Windows 8 and Windows 10 dual boot with two SSD's

jim.mar

    Topic Starter


    Apprentice
  • Long in the tooth, shy between the ears
    • Yes
  • Computer: Specs
  • Experience: Familiar
  • OS: Windows 7
Re: My machine is still acting up even worse than before.
« Reply #12 on: January 24, 2013, 10:05:04 AM »
No.   My machine seems to be running really well now.   Thank you very much SuperDave..   Once again I want to tell you how much  I appreciate all the help that you and your colleagues have given me and my friends over the last few years.. :D.   And I spread the word often about ComputerHope forums.

Question:  Eset scan found 15 "bad" items but did not clear any of them out.  What does that mean???  ???
Logged
You are much appreciated..     Thank you ,

SuperDave

  • Malware Removal Specialist
  • Moderator


    • Genius
    • Thanked: 1020
  • Certifications: List
  • Experience: Expert
  • OS: Windows 10
Re: My machine is still acting up even worse than before.
« Reply #13 on: January 24, 2013, 12:51:01 PM »
Quote
Eset scan found 15 "bad" items but did not clear any of them out.  What does that mean??? 
Please run ESET again and clean the infections then we'll do some cleanup.
Logged
Windows 8 and Windows 10 dual boot with two SSD's

jim.mar

    Topic Starter


    Apprentice
  • Long in the tooth, shy between the ears
    • Yes
  • Computer: Specs
  • Experience: Familiar
  • OS: Windows 7
Re: My machine is still acting up even worse than before.
« Reply #14 on: January 25, 2013, 12:09:55 PM »
OK it is done eset has cleaned all 15 infected files.
Logged
You are much appreciated..     Thank you ,

SuperDave

  • Malware Removal Specialist
  • Moderator


    • Genius
    • Thanked: 1020
  • Certifications: List
  • Experience: Expert
  • OS: Windows 10
Re: My machine is still acting up even worse than before.
« Reply #15 on: January 25, 2013, 07:07:03 PM »
To uninstall ComboFix

  • Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  • In the field, type in ComboFix /uninstall


(Note: Make sure there's a space between the word ComboFix and the forward-slash.)

  • Then, press Enter, or click OK.
  • This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.
If this doesn't remove ComboFix, please let me know.
***********************************************************
Click Start> Computer> right click the C Drive and choose Properties> enter
Click Disk Cleanup from there.



Click OK on the Disk Cleanup Screen.
Click Yes on the Confirmation screen.



This runs the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive)
*****************************************************
Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!
Logged
Windows 8 and Windows 10 dual boot with two SSD's

jim.mar

    Topic Starter


    Apprentice
  • Long in the tooth, shy between the ears
    • Yes
  • Computer: Specs
  • Experience: Familiar
  • OS: Windows 7
Re: My machine is still acting up even worse than before.
« Reply #16 on: January 26, 2013, 11:26:14 AM »
SUPERDAVE:OKAY, I'm done.   Thanks again,   JIM
Logged
You are much appreciated..     Thank you ,

SuperDave

  • Malware Removal Specialist
  • Moderator


    • Genius
    • Thanked: 1020
  • Certifications: List
  • Experience: Expert
  • OS: Windows 10
Re: My machine is still acting up even worse than before.
« Reply #17 on: January 26, 2013, 12:11:30 PM »
You're welcome. I will lock this thread. If you need it re-opened, please send me a pm.
Logged
Windows 8 and Windows 10 dual boot with two SSD's
Pages: 1 2 [All]   Go Up
« previous next »