Jump to content


Photo

PC Running Slow


  • This topic is locked This topic is locked
15 replies to this topic

#1 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 10 November 2012 - 08:35 PM

Thank you for checking my computer... Seems to be running slower than when first purchased. Also, browser slow to open (chrome) and Babylon Search browser opens. Not sure what this is. The kids use my computer a lot, so not sure if they did something. Thank you.

lOGS:
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.10.10

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Jeff :: HARPERHOUSE [administrator]

11/10/2012 4:55:19 PM
mbam-log-2012-11-10 (16-55-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 346871
Time elapsed: 13 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 24
C:\Users\Jacob\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON (PUP.MyWebsearch) -> No action taken.
C:\Users\Jadon\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> No action taken.
C:\Users\Jadon\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> No action taken.
C:\Users\Jadon\AppData\LocalLow\MyWebSearch\bar\Settings (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\History (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Settings (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\History (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Settings (PUP.MyWebsearch) -> No action taken.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> No action taken.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> No action taken.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache (PUP.MyWebsearch) -> No action taken.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\History (PUP.MyWebsearch) -> No action taken.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Settings (PUP.MyWebsearch) -> No action taken.

Files Detected: 116
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\8_step1.gif (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\autoup.gif (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\autoup.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkez.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkgr.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkgs.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bklf.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkrg.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkwebfet.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzc.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzl.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzn.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzq.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzr.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzu.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzv.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzw.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzwinky.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn2d.png (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn2r.png (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn3d.png (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn3r.png (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\center.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\index.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\mid_dots.gif (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\protect.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4b.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4c.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\shield.png (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\shocked.gif (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\stop.gif (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\systray.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\systrayp.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\tp_grad.gif (PUP.MyWebsearch) -> No action taken.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\warn.gif (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\01D3575C.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\01D357B9.bmp (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\01D35855.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\01D359BC.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35B69C (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C04C (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C387.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C59A.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C6A3.bmp (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C76E.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C877.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\files.ini (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\History\search3 (PUP.MyWebsearch) -> No action taken.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\01EAB351.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\01EAB8CD.bmp (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\01EABB7B.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\01EABEC6.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C448A.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C4999.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C524F.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C54EE.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C572F.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B02B.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B430.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B5C6.bmp (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B671.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B7B9.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\files.ini (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\History\search3 (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\8_step1.gif (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\autoup.gif (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\autoup.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkez.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkgr.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkgs.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bklf.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkrg.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkwebfet.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzc.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzl.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzn.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzq.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzr.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzu.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzv.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzw.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzwinky.jpg (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn2d.png (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn2r.png (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn3d.png (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn3r.png (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\center.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\index.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\mid_dots.gif (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\protect.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4b.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4c.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\shield.png (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\shocked.gif (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\stop.gif (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\systray.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\systrayp.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\tp_grad.gif (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\warn.gif (PUP.MyWebsearch) -> No action taken.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01330B9A (PUP.MyWebsearch) -> No action taken.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01331C1D (PUP.MyWebsearch) -> No action taken.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01331F29.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01331FF4.bmp (PUP.MyWebsearch) -> No action taken.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\013320DE.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\0133216B.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01332226.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01332293.bin (PUP.MyWebsearch) -> No action taken.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\files.ini (PUP.MyWebsearch) -> No action taken.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\History\search3 (PUP.MyWebsearch) -> No action taken.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebsearch) -> No action taken.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Settings\s_FeatCk.dat (PUP.MyWebsearch) -> No action taken.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Settings\s_FeatCk.dat.bak (PUP.MyWebsearch) -> No action taken.

(end)

DDS (Ver_2012-11-07.01) - NTFS_x86
Internet Explorer: 9.0.8112.16450
Run by Jeff at 17:12:28 on 2012-11-10
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3071.1389 [GMT -8:00]
.
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files\Paragon Software\HFS+ for Windows 8.0\apmwinsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2013\avgfws.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\BPowMon\BPowMon.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Dantz\Retrospect Express HD\retrorun.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Dantz\Retrospect Express HD\RetroExpress.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Vid HD\Vid.exe
C:\Users\Jeff\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Users\Jeff\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files\Belkin\Router Setup and Monitor\dlnaPlugin.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Logitech\LWS\LU\LULnchr.exe
C:\Program Files\Logitech\LWS\LU\LogitechUpdate.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\notepad.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AVG\AVG2013\avgcmgr.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Wincore Mediabar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} -
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll
TB: Wincore Mediabar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Google Update] "c:\users\jeff\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Logitech Vid] "c:\program files\logitech\vid hd\Vid.exe" -bootmode
uRun: [Akamai NetSession Interface] "c:\users\jeff\appdata\local\akamai\netsession_win.exe"
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe
uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe
uRun: [chromium] c:\users\jeff\appdata\local\google\chrome\application\chrome.exe --no-startup-window
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [RetroExpress] c:\progra~1\dantz\retros~1\RetroExpress.exe /h
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [NetFxUpdate_v1.1.4322] "c:\windows\microsoft.net\framework\v1.1.4322\netfxupdate.exe" 1 v1.1.4322 GAC + NI NID
mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe
mRun: [USBToolTip] c:\progra~1\pinnacle\shared~1\programs\usbtip\USBTip.exe
mRun: [USB2Check] RUNDLL32.EXE "c:\windows\system32\PCLECoInst.dll",CheckUSBController
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [WinCast] f:\cdsetup\setup.exe -leng
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
mRun: [ROC_roc_dec12] "c:\program files\avg secure search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [InstaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup
mRun: [ROC_ROC_JULY_P1] "c:\program files\avg secure search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [ROC_roc_ssl_v12] "c:\program files\avg secure search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
mRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\interv~1.lnk - c:\program files\intervideo\common\bin\WinCinemaMgr.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} - hxxp://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{4AD1DB34-5391-4D54-8064-46758E08C149} : DHCPNameServer = 192.168.2.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\13.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 apmwin;apmwin;c:\windows\system32\drivers\apmwin.sys [2011-8-7 41168]
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-10-5 93536]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552]
R0 gpt_loader;GUID Partition table support driver;c:\windows\system32\drivers\gpt_loader.sys [2011-8-7 42320]
R0 mounthlp;Mounter helper driver for HFS volumes;c:\windows\system32\drivers\mounthlp.sys [2011-8-7 31440]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2012-9-4 50296]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-4 26984]
R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2010-5-31 81920]
R2 apmwinsrv;Paragon APM service;c:\program files\paragon software\hfs+ for windows 8.0\apmwinsrv.exe [2010-12-16 63568]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2013\avgfws.exe [2012-11-2 1340976]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-6 5814392]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
R2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\belkin\belkin usb print and storage center\BkBackupScheduler.exe [2011-2-24 152576]
R2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\belkin\belkin usb print and storage center\Bkapcs.exe [2011-2-24 49152]
R2 BPowMon;Broadcom Power monitoring service;c:\program files\broadcom\bpowmon\BPowMon.exe [2009-8-17 79168]
R2 HfsplusRec;HfsplusRec;c:\windows\system32\drivers\hfsplusrec.sys [2011-8-7 13904]
R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2011-8-19 450848]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\ToolbarUpdater.exe [2012-10-15 711112]
R3 CompFilter;UVCCompositeFilter;c:\windows\system32\drivers\lvbusflt.sys [2010-11-9 20704]
R3 Hfsplus;Hfsplus;c:\windows\system32\drivers\hfsplus.sys [2011-8-7 158800]
R3 k57nd60x;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2010-5-31 273960]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-11-10 40776]
R3 sxuptp;SXUPTP Driver;c:\windows\system32\drivers\sxuptp.sys [2011-2-24 247320]
S2 Carbonite-Mirror-Image-Svc;Carbonite Mirror Image Service;c:\program files\carbonite\carbonite mirror image\CarboniteMirrorImage.exe [2012-10-17 4110336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-6-22 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 hcwhdpvr;Hauppauge HD PVR Capture Device;c:\windows\system32\drivers\hcwhdpvr.sys [2011-10-20 152576]
S3 ICDUSB2;Sony IC Recorder (ST);c:\windows\system32\drivers\IcdUsb2.sys [2011-3-1 39048]
S3 PlextorTV402U;Plextor ConvertX TV402U A/V Capture;c:\windows\system32\drivers\TVXstream.sys [2005-12-5 150808]
S3 TVXLoader;PLEXTOR EZ-USB FX2 FIRMWARE LOADER (TVXLoader.sys);c:\windows\system32\drivers\TVXLoader.sys [2005-12-5 18200]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-6-5 1343400]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== File Associations ===============
.
ShellExec: DigitalTheatre.exe: open="c:\program files\arcsoft\totalmedia extreme\digital theatre\uDTStart.exe" "%1"
.
=============== Created Last 30 ================
.
2012-11-11 00:54:57 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-10-22 21:02:46 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2012-10-15 18:04:55 -------- d-----w- c:\users\jeff\appdata\roaming\AVG2013
2012-10-15 17:55:03 -------- d-----w- c:\users\jeff\appdata\roaming\TuneUp Software
2012-10-15 17:54:02 -------- d-----w- c:\program files\AVG Secure Search
2012-10-15 17:48:01 -------- d-----w- c:\programdata\AVG2013
2012-10-15 11:48:52 55776 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-10-13 05:11:37 -------- d-----w- c:\windows\rescache
.
==================== Find3M ====================
.
2012-10-15 17:53:35 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-10-09 15:55:05 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-09 15:55:05 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-02 10:30:38 159712 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2012-09-30 02:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-21 10:46:06 164832 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-09-21 10:46:00 177376 ----a-w- c:\windows\system32\drivers\avglogx.sys
2012-09-21 10:45:54 19936 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2012-09-19 19:58:46 4096000 ----a-w- c:\program files\GUT23F7.tmp
2012-09-14 18:30:38 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 10:05:20 35552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2012-09-04 17:39:32 50296 ----a-w- c:\windows\system32\drivers\avgfwd6x.sys
2012-08-31 17:21:56 1210736 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 17:18:33 3958128 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-30 17:18:33 3902832 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-24 17:10:47 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-18 11:23:05 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-08-18 11:21:20 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-18 11:18:47 271360 ----a-w- c:\windows\system32\conhost.exe
2012-08-18 09:07:02 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-18 09:07:02 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-18 09:07:02 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-18 09:07:02 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 17:18:10.80 ===============

Results of screen317's Security Check version 0.99.54
Windows 7 x86 (UAC is enabled)
Out of date service pack!!
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
AVG Internet Security 2013
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
Java™ 6 Update 31
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Reader X 10.1.2 Adobe Reader out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbam.exe
AVG avgwdsvc.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 11% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

#2 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,248 posts

Posted 11 November 2012 - 12:39 PM

Hello jeffh8511.

Please run Malwarebytes Anti-Malware (MBAM) again and let it remove everything it finds.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected. Post the new log.

After that:
Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#3 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 12 November 2012 - 09:30 PM

Here are the two new logs:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.10.10

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Jeff :: HARPERHOUSE [administrator]

11/12/2012 5:59:47 PM
mbam-log-2012-11-12 (17-59-47).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 347020
Time elapsed: 14 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 24
C:\Users\Jacob\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jadon\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jadon\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jadon\AppData\LocalLow\MyWebSearch\bar\Settings (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\History (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Settings (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\History (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Settings (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\History (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Settings (PUP.MyWebsearch) -> Quarantined and deleted successfully.

Files Detected: 116
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\8_step1.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\autoup.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\autoup.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkez.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkgr.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkgs.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bklf.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkrg.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkwebfet.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzc.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzl.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzn.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzq.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzr.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzu.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzv.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzw.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzwinky.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn2d.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn2r.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn3d.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn3r.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\center.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\index.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\mid_dots.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\protect.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4b.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4c.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\shield.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\shocked.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\stop.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\systray.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\systrayp.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\tp_grad.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jacob\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\warn.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\01D3575C.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\01D357B9.bmp (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\01D35855.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\01D359BC.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35B69C (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C04C (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C387.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C59A.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C6A3.bmp (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C76E.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\0B35C877.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Cache\files.ini (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\History\search3 (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jenna\AppData\LocalLow\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\01EAB351.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\01EAB8CD.bmp (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\01EABB7B.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\01EABEC6.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C448A.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C4999.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C524F.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C54EE.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0B6C572F.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B02B.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B430.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B5C6.bmp (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B671.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\0F12B7B9.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Cache\files.ini (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\History\search3 (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\8_step1.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\autoup.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\autoup.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkez.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkgr.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkgs.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bklf.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkrg.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkwebfet.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzc.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzl.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzn.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzq.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzr.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzu.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzv.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzw.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\bkzwinky.jpg (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn2d.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn2r.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn3d.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\blubtn3r.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\center.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\index.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\mid_dots.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\protect.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4b.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\rebut4c.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\shield.png (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\shocked.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\stop.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\systray.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\systrayp.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\tp_grad.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Message\COMMON\warn.gif (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Jonathan\AppData\LocalLow\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01330B9A (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01331C1D (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01331F29.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01331FF4.bmp (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\013320DE.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\0133216B.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01332226.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\01332293.bin (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Cache\files.ini (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\History\search3 (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Settings\s_FeatCk.dat (PUP.MyWebsearch) -> Quarantined and deleted successfully.
C:\Users\Venessa\AppData\LocalLow\MyWebSearch\bar\Settings\s_FeatCk.dat.bak (PUP.MyWebsearch) -> Quarantined and deleted successfully.

(end)

# AdwCleaner v2.007 - Logfile created 11/12/2012 at 18:26:28
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Home Premium (32 bits)
# User : Jeff - HARPERHOUSE
# Boot Mode : Normal
# Running from : C:\Users\Jeff\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\user.js
Folder Found : C:\Program Files\AVG Secure Search
Folder Found : C:\Program Files\Common Files\AVG Secure Search
Folder Found : C:\Program Files\DailyBibleGuideEI
Folder Found : C:\Program Files\Free Offers from Freeze.com
Folder Found : C:\Program Files\SelectRebates
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\Jacob\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Jacob\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\Jacob\AppData\LocalLow\Conduit
Folder Found : C:\Users\Jacob\AppData\LocalLow\CouponAlert_2p
Folder Found : C:\Users\Jacob\AppData\LocalLow\Search Settings
Folder Found : C:\Users\Jacob\AppData\LocalLow\searchquband
Folder Found : C:\Users\Jacob\AppData\LocalLow\Searchqutoolbar
Folder Found : C:\Users\Jadon\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Jadon\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\Jadon\AppData\LocalLow\Conduit
Folder Found : C:\Users\Jadon\AppData\LocalLow\CouponAlert_2p
Folder Found : C:\Users\Jadon\AppData\LocalLow\Search Settings
Folder Found : C:\Users\Jadon\AppData\LocalLow\searchquband
Folder Found : C:\Users\Jadon\AppData\LocalLow\Searchqutoolbar
Folder Found : C:\Users\Jadon\AppData\Roaming\Bandoo
Folder Found : C:\Users\Jeff\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Jeff\AppData\Local\Conduit
Folder Found : C:\Users\Jeff\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\Jeff\AppData\LocalLow\Conduit
Folder Found : C:\Users\Jeff\AppData\LocalLow\CouponAlert_2p
Folder Found : C:\Users\Jeff\AppData\LocalLow\DailyBibleGuideEI
Folder Found : C:\Users\Jeff\AppData\LocalLow\searchquband
Folder Found : C:\Users\Jeff\AppData\Roaming\Babylon
Folder Found : C:\Users\Jeff\Documents\DealRunner
Folder Found : C:\Users\Jenna\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Jenna\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\Jenna\AppData\LocalLow\Conduit
Folder Found : C:\Users\Jenna\AppData\LocalLow\CouponAlert_2p
Folder Found : C:\Users\Jenna\AppData\LocalLow\FunWebProducts
Folder Found : C:\Users\Jenna\AppData\LocalLow\Search Settings
Folder Found : C:\Users\Jenna\AppData\LocalLow\searchquband
Folder Found : C:\Users\Jenna\AppData\LocalLow\Searchqutoolbar
Folder Found : C:\Users\Jonathan\AppData\Local\Ilivid Player
Folder Found : C:\Users\Jonathan\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\Jonathan\AppData\LocalLow\Conduit
Folder Found : C:\Users\Jonathan\AppData\LocalLow\CouponAlert_2p
Folder Found : C:\Users\Jonathan\AppData\LocalLow\FunWebProducts
Folder Found : C:\Users\Jonathan\AppData\LocalLow\Search Settings
Folder Found : C:\Users\Jonathan\AppData\LocalLow\searchquband
Folder Found : C:\Users\Jonathan\AppData\LocalLow\Searchqutoolbar
Folder Found : C:\Users\Jonathan\AppData\Roaming\Bandoo
Folder Found : C:\Users\Venessa\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Venessa\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\Venessa\AppData\LocalLow\Conduit
Folder Found : C:\Users\Venessa\AppData\LocalLow\CouponAlert_2p
Folder Found : C:\Users\Venessa\AppData\LocalLow\FunWebProducts
Folder Found : C:\Users\Venessa\AppData\LocalLow\Search Settings
Folder Found : C:\Users\Venessa\AppData\LocalLow\searchquband
Folder Found : C:\Users\Venessa\AppData\LocalLow\Searchqutoolbar

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\DailyBibleGuideEI
Key Found : HKCU\Software\AppDataLow\Software\Freecause
Key Found : HKCU\Software\AppDataLow\Software\iWon
Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Softonic
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\Bandoo
Key Found : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Key Found : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2572819
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3045513
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C1B9042-3D32-49A1-916B-0AA3A9CDDFD6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\Tarma Installer
Key Found : HKU\S-1-5-21-1476907165-494745801-3556744265-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-1476907165-494745801-3556744265-1004\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKU\S-1-5-21-1476907165-494745801-3556744265-1004\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Found : HKU\S-1-5-21-1476907165-494745801-3556744265-1004\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKU\S-1-5-21-1476907165-494745801-3556744265-1004\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.64

File : C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.20] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://search.babylon.com/?affID=110796&tt=201208_mnt_n_3512_8&babsrc=HP_ss&mntrId=b23746f9000000000000b8ac6fb52881" ]
Found [l.2173] : urls_to_restore_on_startup = [ "hxxp://www.google.com/", "hxxp://search.babylon.com/?affID=110796&tt=201208_mnt_n_3512_8&babsrc=HP_ss&mntrId=b23746f9000000000000b8ac6fb52881" ]

File : C:\Users\Venessa\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.38] : search_url = "hxxp://isearch.avg.com/search?cid={CFB493F3-BF73-46D4-AC34-D0AF1BA178E7}&mid=6dc1707ac98f47d1bb7969e52951c172-93b4c11dab23232edd380615502ac8ef338a7bd4&lang=en&ds=AVG&pr=fr&d=2011-09-04 21:12:20&v=11.1.0.12&sap=dsp&q={searchTerms}",

File : C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [14776 octets] - [12/11/2012 18:26:28]

########## EOF - C:\AdwCleaner[R1].txt - [14837 octets] ##########


Hello jeffh8511.

Please run Malwarebytes Anti-Malware (MBAM) again and let it remove everything it finds.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected. Post the new log.

After that:
Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.



#4 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,248 posts

Posted 12 November 2012 - 09:47 PM

Good, now let AdwCleaner delete everything it found. PC should speed up without all that junk. :) Let me know.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Incidentally - please use the dark 'Add Reply' button. I don't need to see what I said...

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#5 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 16 November 2012 - 05:33 PM

Hi... Just FYI that I will work on this over the weekend. Thank you for all your help!

#6 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,248 posts

Posted 24 November 2012 - 12:31 PM

Are you still with me, jeffh8511?

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#7 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 24 November 2012 - 03:13 PM

Here's the result: :O)

# AdwCleaner v2.007 - Logfile created 11/24/2012 at 12:07:32
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Home Premium (32 bits)
# User : Jeff - HARPERHOUSE
# Boot Mode : Normal
# Running from : C:\Users\Jeff\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.64

File : C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Venessa\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.38] : search_url = "hxxp://isearch.avg.com/search?cid={CFB493F3-BF73-46D4-AC34-D0AF1BA178E7}&mid=6dc1707ac98f47d1bb7969e52951c172-93b4c11dab23232edd380615502ac8ef338a7bd4&lang=en&ds=AVG&pr=fr&d=2011-09-04 21:12:20&v=11.1.0.12&sap=dsp&q={searchTerms}",

File : C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [14907 octets] - [12/11/2012 18:26:28]
AdwCleaner[R2].txt - [14968 octets] - [12/11/2012 19:01:33]
AdwCleaner[R3].txt - [1478 octets] - [24/11/2012 12:04:35]
AdwCleaner[S1].txt - [14622 octets] - [12/11/2012 19:01:57]
AdwCleaner[S2].txt - [1416 octets] - [24/11/2012 12:07:32]

########## EOF - C:\AdwCleaner[S2].txt - [1476 octets] ##########

#8 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,248 posts

Posted 24 November 2012 - 03:42 PM

Good - a lot of junk has been cleaned out.

You need to get Windows 7 SP1
Start > Windows Update
If Service Pack is not offered, please see here and follow the steps.

These updates are important for your security:

Updating Java:

  • Go
    here
    and download the latest version of Java:
  • Go to Start -> Control Panel -> Add or Remove Programs.
  • Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
    They should have this icon next to any that are there: Posted Image
    Select any found and choose Uninstall.
  • Then install the version you downloaded earlier.
Update Adobe Reader (uncheck the option box for McAfee scan)
Update Adobe Flash Player


If you have a regular hard drive (not a flash drive) you need to defragment.
Start > Disk Defragmenter. Schedule it to defrag once a week.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#9 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 26 November 2012 - 11:31 PM

Thank you.... I will work on this over the next days... Really appreciate your help!

#10 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,248 posts

Posted 26 November 2012 - 11:37 PM

I haven't yet succeeded in helping as much as I would like to.

While you're at it you could run CCleaner. Don't use the Registry cleaner, but the rest of its options are safe. The space freed up tends to be only temporary as the temp files get replaced. However if there are any weird large ones then removing might be permanent help.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#11 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 01 December 2012 - 04:11 PM

Thank you... I am working on this now... stay tuned.

#12 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 07 December 2012 - 09:23 PM

I ran the service pack updates. I just need to run the add cleaner again and post it. I will do that tomorrow. Appreciate all your help.

#13 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,248 posts

Posted 07 December 2012 - 09:24 PM

Good luck. :)

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#14 jeffh8511

jeffh8511

    Member

  • Full Member
  • Pip
  • 48 posts

Posted 15 December 2012 - 11:10 AM

Thank you for all your help!

#15 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,248 posts

Posted 15 December 2012 - 12:07 PM

You're welcome!

Time to clean up our tools:

Delete the DDS files and Security Check folder from your Desktop.
Uninstall AdwCleaner (you'll need an up to date one if you ever want to use it again).
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with yes
General advice:

Configure Windows to do automatic updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Keep MalwareBytes Anti-Malware updated and run it whenever you suspect a problem.

The free FileHippo Update Checker makes it easy to keep all your programs up to date - run it every few weeks.

When you install something, watch for unwanted add ons and uncheck any options you don't want.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE


#16 cnm

cnm

    Mother Lion of SWI

  • Administrators
  • PipPipPipPipPip
  • 25,248 posts

Posted 18 December 2012 - 01:21 PM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button