• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
jeffh8511

PC Running Slow

16 posts in this topic

Thank you for checking my computer... Seems to be running slower than when first purchased. Also, browser slow to open (chrome) and Babylon Search browser opens. Not sure what this is. The kids use my computer a lot, so not sure if they did something. Thank you.

 

lOGS:

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

 

Database version: v2012.11.10.10

 

Windows 7 x86 NTFS

Internet Explorer 9.0.8112.16421

Jeff :: HARPERHOUSE [administrator]

 

11/10/2012 4:55:19 PM

mbam-log-2012-11-10 (16-55-19).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 346871

Time elapsed: 13 minute(s), 54 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 24

C:\Users\Jacob\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON (PUP.MyWebsearch) -> No action taken.

C:\Users\Jadon\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> No action taken.

C:\Users\Jadon\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> No action taken.

C:\Users\Jadon\AppData\LocalLow\MyWebSearch\bar\Settings (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\History (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Settings (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\History (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Settings (PUP.MyWebsearch) -> No action taken.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> No action taken.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> No action taken.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache (PUP.MyWebsearch) -> No action taken.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\History (PUP.MyWebsearch) -> No action taken.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Settings (PUP.MyWebsearch) -> No action taken.

 

Files Detected: 116

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\8_step1.gif (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\autoup.gif (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\autoup.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkez.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkgr.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkgs.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bklf.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkrg.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkwebfet.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzc.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzl.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzn.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzq.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzr.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzu.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzv.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzw.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzwinky.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn2d.png (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn2r.png (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn3d.png (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn3r.png (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\center.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\index.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\mid_dots.gif (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\protect.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4b.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4c.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\shield.png (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\shocked.gif (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\stop.gif (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\systray.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\systrayp.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\tp_grad.gif (PUP.MyWebsearch) -> No action taken.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\warn.gif (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\01D3575C.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\01D357B9.bmp (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\01D35855.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\01D359BC.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35B69C (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C04C (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C387.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C59A.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C6A3.bmp (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C76E.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C877.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\files.ini (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\History\search3 (PUP.MyWebsearch) -> No action taken.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\01EAB351.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\01EAB8CD.bmp (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\01EABB7B.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\01EABEC6.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C448A.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C4999.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C524F.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C54EE.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C572F.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B02B.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B430.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B5C6.bmp (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B671.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B7B9.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\files.ini (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\History\search3 (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\8_step1.gif (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\autoup.gif (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\autoup.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkez.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkgr.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkgs.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bklf.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkrg.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkwebfet.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzc.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzl.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzn.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzq.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzr.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzu.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzv.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzw.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzwinky.jpg (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn2d.png (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn2r.png (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn3d.png (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn3r.png (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\center.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\index.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\mid_dots.gif (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\protect.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4b.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4c.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\shield.png (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\shocked.gif (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\stop.gif (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\systray.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\systrayp.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\tp_grad.gif (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\warn.gif (PUP.MyWebsearch) -> No action taken.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01330B9A (PUP.MyWebsearch) -> No action taken.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01331C1D (PUP.MyWebsearch) -> No action taken.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01331F29.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01331FF4.bmp (PUP.MyWebsearch) -> No action taken.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\013320DE.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\0133216B.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01332226.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01332293.bin (PUP.MyWebsearch) -> No action taken.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\files.ini (PUP.MyWebsearch) -> No action taken.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\History\search3 (PUP.MyWebsearch) -> No action taken.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebsearch) -> No action taken.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Settings\s_FeatCk.dat (PUP.MyWebsearch) -> No action taken.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Settings\s_FeatCk.dat.bak (PUP.MyWebsearch) -> No action taken.

 

(end)

 

DDS (Ver_2012-11-07.01) - NTFS_x86

Internet Explorer: 9.0.8112.16450

Run by Jeff at 17:12:28 on 2012-11-10

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3071.1389 [GMT -8:00]

.

AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

.

============== Running Processes ================

.

C:\PROGRA~1\AVG\AVG2013\avgrsx.exe

C:\Program Files\AVG\AVG2013\avgcsrvx.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe

C:\Program Files\Paragon Software\HFS+ for Windows 8.0\apmwinsrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\AVG\AVG2013\avgfws.exe

C:\Program Files\AVG\AVG2013\avgidsagent.exe

C:\Program Files\AVG\AVG2013\avgwdsvc.exe

C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Broadcom\BPowMon\BPowMon.exe

C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe

C:\Program Files\AVG\AVG2013\avgnsx.exe

C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Dantz\Retrospect Express HD\retrorun.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Dantz\Retrospect Express HD\RetroExpress.exe

C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe

C:\Program Files\AVG Secure Search\vprot.exe

C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe

C:\Program Files\AVG\AVG2013\avgui.exe

C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Logitech\Vid HD\Vid.exe

C:\Users\Jeff\AppData\Local\Akamai\netsession_win.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Common Files\Apple\Internet Services\ubd.exe

C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

C:\Users\Jeff\AppData\Local\Akamai\netsession_win.exe

C:\Program Files\AVG\AVG2013\avgcsrvx.exe

C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe

C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe

C:\Program Files\Belkin\Router Setup and Monitor\dlnaPlugin.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Logitech\LWS\LU\LULnchr.exe

C:\Program Files\Logitech\LWS\LU\LogitechUpdate.exe

C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\system32\vssvc.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\notepad.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\AVG\AVG2013\avgcmgr.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\System32\svchost.exe -k swprv

.

============== Pseudo HJT Report ===============

.

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Wincore Mediabar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} -

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>

TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll

TB: Wincore Mediabar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} -

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [Google Update] "c:\users\jeff\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [Logitech Vid] "c:\program files\logitech\vid hd\Vid.exe" -bootmode

uRun: [Akamai NetSession Interface] "c:\users\jeff\appdata\local\akamai\netsession_win.exe"

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun

uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe

uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe

uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe

uRun: [chromium] c:\users\jeff\appdata\local\google\chrome\application\chrome.exe --no-startup-window

mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s

mRun: [RetroExpress] c:\progra~1\dantz\retros~1\RetroExpress.exe /h

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [NetFxUpdate_v1.1.4322] "c:\windows\microsoft.net\framework\v1.1.4322\netfxupdate.exe" 1 v1.1.4322 GAC + NI NID

mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe

mRun: [uSBToolTip] c:\progra~1\pinnacle\shared~1\programs\usbtip\USBTip.exe

mRun: [uSB2Check] RUNDLL32.EXE "c:\windows\system32\PCLECoInst.dll",CheckUSBController

mRun: [vProt] "c:\program files\avg secure search\vprot.exe"

mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe

mRun: [WinCast] f:\cdsetup\setup.exe -leng

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide

mRun: [ROC_roc_dec12] "c:\program files\avg secure search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [instaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup

mRun: [ROC_ROC_JULY_P1] "c:\program files\avg secure search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1

mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY

mRun: [ROC_roc_ssl_v12] "c:\program files\avg secure search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12

mRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\interv~1.lnk - c:\program files\intervideo\common\bin\WinCinemaMgr.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} - hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: NameServer = 192.168.2.1

TCP: Interfaces\{4AD1DB34-5391-4D54-8064-46758E08C149} : DHCPNameServer = 192.168.2.1

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\13.2.0\ViProtocol.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 apmwin;apmwin;c:\windows\system32\drivers\apmwin.sys [2011-8-7 41168]

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776]

R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]

R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-10-5 93536]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552]

R0 gpt_loader;GUID Partition table support driver;c:\windows\system32\drivers\gpt_loader.sys [2011-8-7 42320]

R0 mounthlp;Mounter helper driver for HFS volumes;c:\windows\system32\drivers\mounthlp.sys [2011-8-7 31440]

R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2012-9-4 50296]

R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936]

R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832]

R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-4 26984]

R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2010-5-31 81920]

R2 apmwinsrv;Paragon APM service;c:\program files\paragon software\hfs+ for windows 8.0\apmwinsrv.exe [2010-12-16 63568]

R2 avgfws;AVG Firewall;c:\program files\avg\avg2013\avgfws.exe [2012-11-2 1340976]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-6 5814392]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]

R2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\belkin\belkin usb print and storage center\BkBackupScheduler.exe [2011-2-24 152576]

R2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\belkin\belkin usb print and storage center\Bkapcs.exe [2011-2-24 49152]

R2 BPowMon;Broadcom Power monitoring service;c:\program files\broadcom\bpowmon\BPowMon.exe [2009-8-17 79168]

R2 HfsplusRec;HfsplusRec;c:\windows\system32\drivers\hfsplusrec.sys [2011-8-7 13904]

R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2011-8-19 450848]

R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\ToolbarUpdater.exe [2012-10-15 711112]

R3 CompFilter;UVCCompositeFilter;c:\windows\system32\drivers\lvbusflt.sys [2010-11-9 20704]

R3 Hfsplus;Hfsplus;c:\windows\system32\drivers\hfsplus.sys [2011-8-7 158800]

R3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2010-5-31 273960]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-11-10 40776]

R3 sxuptp;SXUPTP Driver;c:\windows\system32\drivers\sxuptp.sys [2011-2-24 247320]

S2 Carbonite-Mirror-Image-Svc;Carbonite Mirror Image Service;c:\program files\carbonite\carbonite mirror image\CarboniteMirrorImage.exe [2012-10-17 4110336]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-6-22 39272]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]

S3 hcwhdpvr;Hauppauge HD PVR Capture Device;c:\windows\system32\drivers\hcwhdpvr.sys [2011-10-20 152576]

S3 ICDUSB2;Sony IC Recorder (ST);c:\windows\system32\drivers\IcdUsb2.sys [2011-3-1 39048]

S3 PlextorTV402U;Plextor ConvertX TV402U A/V Capture;c:\windows\system32\drivers\TVXstream.sys [2005-12-5 150808]

S3 TVXLoader;PLEXTOR EZ-USB FX2 FIRMWARE LOADER (TVXLoader.sys);c:\windows\system32\drivers\TVXLoader.sys [2005-12-5 18200]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-6-5 1343400]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]

S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

.

=============== File Associations ===============

.

ShellExec: DigitalTheatre.exe: open="c:\program files\arcsoft\totalmedia extreme\digital theatre\uDTStart.exe" "%1"

.

=============== Created Last 30 ================

.

2012-11-11 00:54:57 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-10-22 21:02:46 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys

2012-10-15 18:04:55 -------- d-----w- c:\users\jeff\appdata\roaming\AVG2013

2012-10-15 17:55:03 -------- d-----w- c:\users\jeff\appdata\roaming\TuneUp Software

2012-10-15 17:54:02 -------- d-----w- c:\program files\AVG Secure Search

2012-10-15 17:48:01 -------- d-----w- c:\programdata\AVG2013

2012-10-15 11:48:52 55776 ----a-w- c:\windows\system32\drivers\avgidshx.sys

2012-10-13 05:11:37 -------- d-----w- c:\windows\rescache

.

==================== Find3M ====================

.

2012-10-15 17:53:35 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys

2012-10-09 15:55:05 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-10-09 15:55:05 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-10-02 10:30:38 159712 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2012-09-30 02:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-21 10:46:06 164832 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2012-09-21 10:46:00 177376 ----a-w- c:\windows\system32\drivers\avglogx.sys

2012-09-21 10:45:54 19936 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys

2012-09-19 19:58:46 4096000 ----a-w- c:\program files\GUT23F7.tmp

2012-09-14 18:30:38 2048 ----a-w- c:\windows\system32\tzres.dll

2012-09-14 10:05:20 35552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2012-09-04 17:39:32 50296 ----a-w- c:\windows\system32\drivers\avgfwd6x.sys

2012-08-31 17:21:56 1210736 ----a-w- c:\windows\system32\drivers\ntfs.sys

2012-08-30 17:18:33 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-08-30 17:18:33 3902832 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-24 17:10:47 172544 ----a-w- c:\windows\system32\wintrust.dll

2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll

2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll

2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-08-18 11:23:05 169984 ----a-w- c:\windows\system32\winsrv.dll

2012-08-18 11:21:20 293376 ----a-w- c:\windows\system32\KernelBase.dll

2012-08-18 11:18:47 271360 ----a-w- c:\windows\system32\conhost.exe

2012-08-18 09:07:02 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2012-08-18 09:07:02 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2012-08-18 09:07:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2012-08-18 09:07:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

.

============= FINISH: 17:18:10.80 ===============

 

Results of screen317's Security Check version 0.99.54

Windows 7 x86 (UAC is enabled)

Out of date service pack!!

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Disabled!

AVG Internet Security 2013

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.65.1.1000

Java 6 Update 31

Java version out of Date!

Adobe Flash Player 10 Flash Player out of Date!

Adobe Reader X 10.1.2 Adobe Reader out of Date!

Google Chrome 21.0.1180.83

Google Chrome 21.0.1180.89

Google Chrome 22.0.1229.79

Google Chrome 22.0.1229.94

Google Chrome 23.0.1271.64

````````Process Check: objlist.exe by Laurent````````

Malwarebytes Anti-Malware mbam.exe

AVG avgwdsvc.exe

AVG avgrsx.exe

AVG avgnsx.exe

AVG avgemc.exe

Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 11% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log``````````````````````

Share this post


Link to post
Share on other sites

Hello jeffh8511.

 

Please run Malwarebytes Anti-Malware (MBAM) again and let it remove everything it finds.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected. Post the new log.

 

After that:

Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

Share this post


Link to post
Share on other sites

Here are the two new logs:

 

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

 

Database version: v2012.11.10.10

 

Windows 7 x86 NTFS

Internet Explorer 9.0.8112.16421

Jeff :: HARPERHOUSE [administrator]

 

11/12/2012 5:59:47 PM

mbam-log-2012-11-12 (17-59-47).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 347020

Time elapsed: 14 minute(s), 52 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 24

C:\Users\Jacob\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jadon\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jadon\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jadon\AppData\LocalLow\MyWebSearch\bar\Settings (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\History (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Settings (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\History (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Settings (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\History (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Settings (PUP.MyWebsearch) -> Quarantined and deleted successfully.

 

Files Detected: 116

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\8_step1.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\autoup.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\autoup.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkez.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkgr.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkgs.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bklf.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkrg.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkwebfet.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzc.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzl.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzn.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzq.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzr.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzu.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzv.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzw.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzwinky.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn2d.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn2r.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn3d.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn3r.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\center.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\index.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\mid_dots.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\protect.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4b.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4c.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\shield.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\shocked.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\stop.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\systray.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\systrayp.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\tp_grad.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\warn.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\01D3575C.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\01D357B9.bmp (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\01D35855.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\01D359BC.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35B69C (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C04C (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C387.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C59A.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C6A3.bmp (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C76E.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C877.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\files.ini (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\History\search3 (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\01EAB351.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\01EAB8CD.bmp (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\01EABB7B.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\01EABEC6.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C448A.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C4999.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C524F.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C54EE.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C572F.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B02B.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B430.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B5C6.bmp (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B671.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B7B9.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\files.ini (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\History\search3 (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\8_step1.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\autoup.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\autoup.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkez.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkgr.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkgs.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bklf.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkrg.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkwebfet.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzc.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzl.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzn.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzq.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzr.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzu.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzv.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzw.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzwinky.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn2d.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn2r.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn3d.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn3r.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\center.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\index.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\mid_dots.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\protect.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4b.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4c.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\shield.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\shocked.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\stop.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\systray.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\systrayp.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\tp_grad.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\warn.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01330B9A (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01331C1D (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01331F29.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01331FF4.bmp (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\013320DE.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\0133216B.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01332226.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01332293.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\files.ini (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\History\search3 (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Settings\s_FeatCk.dat (PUP.MyWebsearch) -> Quarantined and deleted successfully.

C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Settings\s_FeatCk.dat.bak (PUP.MyWebsearch) -> Quarantined and deleted successfully.

 

(end)

 

# AdwCleaner v2.007 - Logfile created 11/12/2012 at 18:26:28

# Updated 06/11/2012 by Xplode

# Operating system : Windows 7 Home Premium (32 bits)

# User : Jeff - HARPERHOUSE

# Boot Mode : Normal

# Running from : C:\Users\Jeff\Downloads\adwcleaner.exe

# Option [search]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

File Found : C:\user.js

Folder Found : C:\Program Files\AVG Secure Search

Folder Found : C:\Program Files\Common Files\AVG Secure Search

Folder Found : C:\Program Files\DailyBibleGuideEI

Folder Found : C:\Program Files\Free Offers from Freeze.com

Folder Found : C:\Program Files\SelectRebates

Folder Found : C:\ProgramData\AVG Secure Search

Folder Found : C:\ProgramData\Babylon

Folder Found : C:\ProgramData\boost_interprocess

Folder Found : C:\ProgramData\Tarma Installer

Folder Found : C:\Users\Jacob\AppData\Local\AVG Secure Search

Folder Found : C:\Users\Jacob\AppData\LocalLow\AVG Secure Search

Folder Found : C:\Users\Jacob\AppData\LocalLow\Conduit

Folder Found : C:\Users\Jacob\AppData\LocalLow\CouponAlert_2p

Folder Found : C:\Users\Jacob\AppData\LocalLow\Search Settings

Folder Found : C:\Users\Jacob\AppData\LocalLow\searchquband

Folder Found : C:\Users\Jacob\AppData\LocalLow\Searchqutoolbar

Folder Found : C:\Users\Jadon\AppData\Local\AVG Secure Search

Folder Found : C:\Users\Jadon\AppData\LocalLow\AVG Secure Search

Folder Found : C:\Users\Jadon\AppData\LocalLow\Conduit

Folder Found : C:\Users\Jadon\AppData\LocalLow\CouponAlert_2p

Folder Found : C:\Users\Jadon\AppData\LocalLow\Search Settings

Folder Found : C:\Users\Jadon\AppData\LocalLow\searchquband

Folder Found : C:\Users\Jadon\AppData\LocalLow\Searchqutoolbar

Folder Found : C:\Users\Jadon\AppData\Roaming\Bandoo

Folder Found : C:\Users\Jeff\AppData\Local\AVG Secure Search

Folder Found : C:\Users\Jeff\AppData\Local\Conduit

Folder Found : C:\Users\Jeff\AppData\LocalLow\AVG Secure Search

Folder Found : C:\Users\Jeff\AppData\LocalLow\Conduit

Folder Found : C:\Users\Jeff\AppData\LocalLow\CouponAlert_2p

Folder Found : C:\Users\Jeff\AppData\LocalLow\DailyBibleGuideEI

Folder Found : C:\Users\Jeff\AppData\LocalLow\searchquband

Folder Found : C:\Users\Jeff\AppData\Roaming\Babylon

Folder Found : C:\Users\Jeff\Documents\DealRunner

Folder Found : C:\Users\Jenna\AppData\Local\AVG Secure Search

Folder Found : C:\Users\Jenna\AppData\LocalLow\AVG Secure Search

Folder Found : C:\Users\Jenna\AppData\LocalLow\Conduit

Folder Found : C:\Users\Jenna\AppData\LocalLow\CouponAlert_2p

Folder Found : C:\Users\Jenna\AppData\LocalLow\FunWebProducts

Folder Found : C:\Users\Jenna\AppData\LocalLow\Search Settings

Folder Found : C:\Users\Jenna\AppData\LocalLow\searchquband

Folder Found : C:\Users\Jenna\AppData\LocalLow\Searchqutoolbar

Folder Found : C:\Users\Jonathan\AppData\Local\Ilivid Player

Folder Found : C:\Users\Jonathan\AppData\LocalLow\AVG Secure Search

Folder Found : C:\Users\Jonathan\AppData\LocalLow\Conduit

Folder Found : C:\Users\Jonathan\AppData\LocalLow\CouponAlert_2p

Folder Found : C:\Users\Jonathan\AppData\LocalLow\FunWebProducts

Folder Found : C:\Users\Jonathan\AppData\LocalLow\Search Settings

Folder Found : C:\Users\Jonathan\AppData\LocalLow\searchquband

Folder Found : C:\Users\Jonathan\AppData\LocalLow\Searchqutoolbar

Folder Found : C:\Users\Jonathan\AppData\Roaming\Bandoo

Folder Found : C:\Users\Venessa\AppData\Local\AVG Secure Search

Folder Found : C:\Users\Venessa\AppData\LocalLow\AVG Secure Search

Folder Found : C:\Users\Venessa\AppData\LocalLow\Conduit

Folder Found : C:\Users\Venessa\AppData\LocalLow\CouponAlert_2p

Folder Found : C:\Users\Venessa\AppData\LocalLow\FunWebProducts

Folder Found : C:\Users\Venessa\AppData\LocalLow\Search Settings

Folder Found : C:\Users\Venessa\AppData\LocalLow\searchquband

Folder Found : C:\Users\Venessa\AppData\LocalLow\Searchqutoolbar

 

***** [Registry] *****

 

Key Found : HKCU\Software\AppDataLow\Software\DailyBibleGuideEI

Key Found : HKCU\Software\AppDataLow\Software\Freecause

Key Found : HKCU\Software\AppDataLow\Software\iWon

Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar

Key Found : HKCU\Software\AVG Secure Search

Key Found : HKCU\Software\DataMngr

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKCU\Software\Softonic

Key Found : HKLM\Software\AVG Secure Search

Key Found : HKLM\Software\Babylon

Key Found : HKLM\Software\Bandoo

Key Found : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}

Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Found : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE

Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Key Found : HKLM\SOFTWARE\Classes\BandooCore.BandooCore

Key Found : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1

Key Found : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr

Key Found : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1

Key Found : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr

Key Found : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1

Key Found : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr

Key Found : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1

Key Found : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}

Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}

Key Found : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}

Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Found : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}

Key Found : HKLM\SOFTWARE\Classes\Prod.cap

Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol

Key Found : HKLM\SOFTWARE\Classes\S

Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils

Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2572819

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3045513

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}

Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Key Found : HKLM\Software\Conduit

Key Found : HKLM\Software\Freeze.com

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C1B9042-3D32-49A1-916B-0AA3A9CDDFD6}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Found : HKLM\Software\Tarma Installer

Key Found : HKU\S-1-5-21-1476907165-494745801-3556744265-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Found : HKU\S-1-5-21-1476907165-494745801-3556744265-1004\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKU\S-1-5-21-1476907165-494745801-3556744265-1004\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}

Key Found : HKU\S-1-5-21-1476907165-494745801-3556744265-1004\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Found : HKU\S-1-5-21-1476907165-494745801-3556744265-1004\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}]

Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v9.0.8112.16421

 

[OK] Registry is clean.

 

-\\ Google Chrome v23.0.1271.64

 

File : C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

Found [l.20] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://search.babylon.com/?affID=110796&tt=201208_mnt_n_3512_8&babsrc=HP_ss&mntrId=b23746f9000000000000b8ac6fb52881" ]

Found [l.2173] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://search.babylon.com/?affID=110796&tt=201208_mnt_n_3512_8&babsrc=HP_ss&mntrId=b23746f9000000000000b8ac6fb52881" ]

 

File : C:\Users\Venessa\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

Found [l.38] : search_url = "hxxp://isearch.avg.com/search?cid={CFB493F3-BF73-46D4-AC34-D0AF1BA178E7}&mid=6dc1707ac98f47d1bb7969e52951c172-93b4c11dab23232edd380615502ac8ef338a7bd4〈=en&ds=AVG&pr=fr&d=2011-09-04 21:12:20&v=11.1.0.12&sap=dsp&q={searchTerms}",

 

File : C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

*************************

 

AdwCleaner[R1].txt - [14776 octets] - [12/11/2012 18:26:28]

 

########## EOF - C:\AdwCleaner[R1].txt - [14837 octets] ##########

 

 

Hello jeffh8511.

 

Please run Malwarebytes Anti-Malware (MBAM) again and let it remove everything it finds.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected. Post the new log.

 

After that:

Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

Share this post


Link to post
Share on other sites

Good, now let AdwCleaner delete everything it found. PC should speed up without all that junk. :) Let me know.

 

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.

 

Incidentally - please use the dark 'Add Reply' button. I don't need to see what I said...

Share this post


Link to post
Share on other sites

Here's the result: :O)

 

# AdwCleaner v2.007 - Logfile created 11/24/2012 at 12:07:32

# Updated 06/11/2012 by Xplode

# Operating system : Windows 7 Home Premium (32 bits)

# User : Jeff - HARPERHOUSE

# Boot Mode : Normal

# Running from : C:\Users\Jeff\Downloads\adwcleaner.exe

# Option [Delete]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search

 

***** [Registry] *****

 

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v9.0.8112.16421

 

[OK] Registry is clean.

 

-\\ Google Chrome v23.0.1271.64

 

File : C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

File : C:\Users\Venessa\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

Deleted [l.38] : search_url = "hxxp://isearch.avg.com/search?cid={CFB493F3-BF73-46D4-AC34-D0AF1BA178E7}&mid=6dc1707ac98f47d1bb7969e52951c172-93b4c11dab23232edd380615502ac8ef338a7bd4〈=en&ds=AVG&pr=fr&d=2011-09-04 21:12:20&v=11.1.0.12&sap=dsp&q={searchTerms}",

 

File : C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

*************************

 

AdwCleaner[R1].txt - [14907 octets] - [12/11/2012 18:26:28]

AdwCleaner[R2].txt - [14968 octets] - [12/11/2012 19:01:33]

AdwCleaner[R3].txt - [1478 octets] - [24/11/2012 12:04:35]

AdwCleaner[s1].txt - [14622 octets] - [12/11/2012 19:01:57]

AdwCleaner[s2].txt - [1416 octets] - [24/11/2012 12:07:32]

 

########## EOF - C:\AdwCleaner[s2].txt - [1476 octets] ##########

Share this post


Link to post
Share on other sites

Good - a lot of junk has been cleaned out.

 

You need to get Windows 7 SP1

Start > Windows Update

If Service Pack is not offered, please see here and follow the steps.

 

These updates are important for your security:

Updating Java:

  • Go

    and download the latest version of Java:

  • Go to
    Start
    ->
    Control Panel
    ->
    Add or Remove Programs
    .

  • Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )

    They should have this icon next to any that are there:
    javaicon.gif
    Select any found and choose
    Uninstall
    .

  • Then install the version you downloaded earlier.

Update
(uncheck the option box for McAfee scan)

Update

 

If you have a regular hard drive (not a flash drive) you need to defragment.

Start > Disk Defragmenter. Schedule it to defrag once a week.

Share this post


Link to post
Share on other sites

I haven't yet succeeded in helping as much as I would like to.

 

While you're at it you could run CCleaner. Don't use the Registry cleaner, but the rest of its options are safe. The space freed up tends to be only temporary as the temp files get replaced. However if there are any weird large ones then removing might be permanent help.

Share this post


Link to post
Share on other sites

I ran the service pack updates. I just need to run the add cleaner again and post it. I will do that tomorrow. Appreciate all your help.

Share this post


Link to post
Share on other sites

You're welcome!

 

Time to clean up our tools:

 

Delete the DDS files and Security Check folder from your Desktop.

Uninstall AdwCleaner (you'll need an up to date one if you ever want to use it again).

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with yes

General advice:

 

Configure Windows to do automatic updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

 

Keep MalwareBytes Anti-Malware updated and run it whenever you suspect a problem.

 

The free FileHippo Update Checker makes it easy to keep all your programs up to date - run it every few weeks.

 

When you install something, watch for unwanted add ons and uncheck any options you don't want.

Share this post


Link to post
Share on other sites

Glad we could help. :)

 

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.