Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

imvu virus or malware? can't remove it [Closed]

Started by Tarheel1977 , Aug 21 2012 02:16 PM

  • This topic is locked This topic is locked

#1
Tarheel1977
Posted 21 August 2012 - 02:16 PM

Tarheel1977

    New Member

  • Member
  • Pip
  • 3 posts
My niece stayed with us July 4th weekend. When she was here she stayed on the computer and one thing I know she downloaded is imvu. Ever since she stayed the computer has been slower and I can't get rid of imvu. the imvu toolbar and homepage come up everytime I get on the internet no matter how many times I change it. The internet history will not delete. The computer will allow you into internet options to change the homepage and delete internet history but they never actually change. I tried removing imvu with the uninstall tab but it gets about 3/4 the way through and it starts back over like it is in a loop. The computer will not let me change anything in the settings either I always get the error message WINDOWS CANNOT FIND C:\WINDOWS\system32\rundll32.exe. I googled on how to fix that by typing this expandC:\i386\rundll32.exe_C:\windowssystem32\rundll32.exe and that did not work either. I have ran avg virus scan and Malware bytes and nothing fixed it.
Please help.

OTL logfile created on: 8/21/2012 1:33:06 PM - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Documents and Settings\Shane\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.94 Gb Available Physical Memory | 47.06% Memory free
5.75 Gb Paging File | 4.53 Gb Available in Paging File | 78.87% Paging File free
Paging file location(s): C:\pagefile.sys 4000 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186.31 Gb Total Space | 105.45 Gb Free Space | 56.60% Space Free | Partition Type: NTFS

Computer Name: COMPUTER | User Name: Shane | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/21 13:32:27 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shane\Desktop\OTL.exe
PRC - [2012/07/09 15:13:00 | 000,935,008 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
PRC - [2012/07/09 15:12:51 | 001,107,552 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/06/13 03:48:26 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/06/13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/05/30 20:06:18 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/15 10:32:12 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/09/10 12:32:21 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/06/01 12:42:28 | 000,071,432 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/06/01 12:16:54 | 002,260,992 | ---- | M] (Axentra Corporation) -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
PRC - [2011/05/04 17:04:32 | 000,325,344 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
PRC - [2011/03/30 18:04:28 | 000,258,048 | ---- | M] (Pantech) -- C:\Program Files\PCD\Pantech\EUDL\UTM\PantechUTM.exe
PRC - [2011/03/07 12:21:00 | 000,107,008 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
PRC - [2010/11/03 05:58:38 | 003,535,318 | ---- | M] (iMesh Inc. ) -- C:\WINDOWS\Temp\mia85.tmp\iMesh_V10_en_Setup.exe
PRC - [2009/11/10 11:14:38 | 000,443,728 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2009/11/10 10:28:06 | 001,131,808 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/28 11:08:02 | 000,151,552 | ---- | M] (Skyhook Wireless) -- C:\Program Files\Skyhook Wireless\Wi-Fi Service\wpsscannersvc.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/09/10 15:32:48 | 000,053,248 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\system32\BrmfBAgS.exe
PRC - [2003/03/09 16:30:52 | 000,188,416 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
PRC - [2001/08/17 22:36:00 | 000,032,256 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\system32\BrmfRsmg.exe


========== Modules (No Company Name) ==========

MOD - [2012/07/09 15:13:02 | 000,132,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll
MOD - [2012/07/09 15:13:00 | 000,935,008 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
MOD - [2012/07/09 15:12:51 | 001,107,552 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2012/06/13 03:31:27 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359fd69eb60e9844ffd497e92345178c\Microsoft.VisualBasic.ni.dll
MOD - [2012/06/13 03:30:44 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012/06/13 03:30:38 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012/06/13 03:28:17 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012/06/13 03:27:42 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012/06/13 03:22:45 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012/05/11 03:20:15 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
MOD - [2012/05/11 03:20:06 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/11 03:19:27 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/05/11 03:19:18 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
MOD - [2012/05/11 03:16:45 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/05/11 03:15:43 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\12c6fe8d4dd78f9bddf847d3b2821c03\System.Data.ni.dll
MOD - [2012/05/11 03:10:25 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/05/11 03:09:29 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2011/11/03 11:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/01 12:46:02 | 000,030,984 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
MOD - [2011/06/01 12:42:24 | 000,108,296 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\Memeo.Progress.dll
MOD - [2011/06/01 12:16:54 | 000,971,776 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
MOD - [2011/06/01 12:16:54 | 000,241,664 | ---- | M] () -- C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
MOD - [2011/05/04 17:04:54 | 002,896,608 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\Memeo.Client.UI.dll
MOD - [2011/05/04 17:04:50 | 000,027,360 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
MOD - [2011/05/04 17:04:32 | 000,325,344 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
MOD - [2010/11/03 05:58:38 | 000,579,640 | ---- | M] () -- C:\WINDOWS\Temp\mia85.tmp\mia.lib
MOD - [2010/03/22 18:59:46 | 000,504,293 | ---- | M] () -- C:\Program Files\Memeo\AutoBackup\sqlite3.dll
MOD - [2009/09/04 23:31:52 | 002,076,672 | ---- | M] () -- C:\Program Files\LeapFrog\LeapFrog Connect\QtCore4.dll
MOD - [2009/06/19 22:54:40 | 007,745,536 | ---- | M] () -- C:\Program Files\LeapFrog\LeapFrog Connect\QtGui4.dll
MOD - [2008/04/13 20:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 20:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2006/03/15 08:00:00 | 000,268,288 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012/08/14 19:47:15 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/09 15:13:00 | 000,935,008 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe -- (vToolbarUpdater11.2.0)
SRV - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/05/04 17:04:38 | 000,025,824 | ---- | M] (Memeo) [Auto | Stopped] -- C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/11/23 18:22:46 | 000,065,536 | ---- | M] (TODO: <Company name>) [Auto | Stopped] -- C:\Program Files\PCD\Pantech\EUDL\UTM\PantechService.exe -- (Pantech UTM Service)
SRV - [2009/11/10 10:28:06 | 001,131,808 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/28 11:08:02 | 000,151,552 | ---- | M] (Skyhook Wireless) [Auto | Running] -- C:\Program Files\Skyhook Wireless\Wi-Fi Service\wpsscannersvc.exe -- (wpsscannersvc)
SRV - [2008/04/10 20:08:44 | 000,212,992 | ---- | M] (IDT, Inc.) [Disabled | Stopped] -- c:\Documents and Settings\Shane\Local Settings\Temp\CDM\{5CC68007-179B-4D34-8235-709BD41ABEB6}\stacsv.exe -- (STacSV)
SRV - [2008/03/18 16:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Disabled | Stopped] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/03/14 13:28:15 | 000,172,032 | ---- | M] (New Boundary Technologies, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS -- (PrismXL)
SRV - [2004/09/10 15:32:48 | 000,053,248 | ---- | M] (Brother Industries, Ltd.) [Auto | Running] -- C:\WINDOWS\system32\BrmfBAgS.exe -- (brmfbags)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- -- (MCSTRM)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Shane\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/08/03 11:03:38 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/05/01 16:19:42 | 000,012,984 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/03/19 05:17:28 | 000,301,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/02/22 05:25:32 | 000,235,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2009/11/10 10:27:06 | 000,018,560 | ---- | M] (LeapFrog) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlyUsb.sys -- (FlyUsb)
DRV - [2008/11/09 10:35:36 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2008/10/28 11:07:59 | 000,013,312 | ---- | M] (Skyhook Wireless) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wpsnuio.sys -- (Wpsnuio)
DRV - [2008/04/13 14:36:41 | 000,063,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mf.sys -- (mf)
DRV - [2008/04/10 20:10:10 | 001,271,032 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2008/03/21 16:13:00 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008/02/21 11:08:54 | 000,038,656 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Capt9052.sys -- (SQTECH9052)
DRV - [2007/07/16 18:27:24 | 000,063,008 | ---- | M] (Juniper Networks) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NEOFLTR_550_11965.sys -- (NEOFLTR_550_11965)
DRV - [2007/05/18 12:41:30 | 000,037,760 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Capt905c.sys -- (SQTECH905C)
DRV - [2007/04/09 10:56:22 | 000,021,248 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007/04/09 10:55:08 | 000,022,912 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007/04/09 10:53:24 | 000,012,672 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2005/10/12 20:15:50 | 000,007,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ELacpi.sys -- (ELacpi)
DRV - [2001/08/17 13:12:24 | 000,003,168 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrParImg.sys -- (brparimg)
DRV - [2001/08/17 13:12:18 | 000,039,552 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrParwdm.sys -- (BrParWdm)
DRV - [2001/08/17 13:12:12 | 000,002,944 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrFilt.sys -- (brfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpr...1-8DD6DD709088}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{44f44034-6036-4f06-9336-74ec4620edab}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://search.bearsh...q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://www.searchqu....q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://inboxtoolbar....tb_id&%language
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2612669
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.search.ya...520,16898,0,8,0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\URLSearchHook: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\prxtbIMVU.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{44f44034-6036-4f06-9336-74ec4620edab}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\..\SearchScopes\{6930B084-4F90-4556-9E5B-E5F6B97347D6}: "URL" = http://ws.infospace....r?_iceUrl=true user_id=%userid&tool_id=60231&qkw={searchTerms}
IE - HKCU\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = http://search.ibryte...y={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-04-29 19:38:56&v=10.2.0.3&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpr...q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}: "URL" = http://search.bearsh...q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://www.searchqu....q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2612669
IE - HKCU\..\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}: "URL" = http://inboxtoolbar....id=80533&lng=en
IE - HKCU\..\SearchScopes\{CADCDD46-1B7D-46FE-B894-07FBF6FF09CD}: "URL" = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{D605C891-F1DD-4888-A6CF-D3A91F2C3155}: "URL" = http://search.yahoo....0418,6901,0,8,0
IE - HKCU\..\SearchScopes\{EA4B13CA-FDBF-E716-8E65-65F1231BD0D7}: "URL" = http://www.startnow....ion=5.1-x86-SP3
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "IMVU Inc Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=634471"
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3
FF - prefs.js..extensions.enabledItems: 2zffxtbr@Retrogamer_2z.com:1.1
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.1894
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: {000F1EA4-5E08-4564-A29B-29076F63A37A}:1.0.3.154
FF - prefs.js..extensions.enabledItems: [email protected]:0.74.24
FF - prefs.js..keyword.URL: "http://isearch.avg.c...8:56&sap=ku&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.666: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.666: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.666: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.666: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.666: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/09/10 12:32:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/07/19 07:46:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Secure Search\11.1.0.12\ [2012/07/09 15:13:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/02 09:55:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/02 00:30:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/07/02 00:30:08 | 000,000,000 | ---D | M]

[2011/09/26 16:27:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Shane\Application Data\Mozilla\Extensions
[2012/08/13 15:29:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\extensions
[2011/12/08 17:30:06 | 000,000,000 | ---D | M] () -- C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2011/04/08 19:24:18 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/08/13 15:29:21 | 000,000,000 | ---D | M] (IMVU Inc Community Toolbar) -- C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
[2011/01/14 20:38:37 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\extensions\{dc572301-7619-498c-a57d-39143191b318}(2)
[2012/08/13 15:29:14 | 000,000,000 | ---D | M] ("I Want This") -- C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\extensions\[email protected]
[2011/05/15 18:19:08 | 000,002,263 | ---- | M] () -- C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\searchplugins\bing-zugo.xml
[2012/06/28 13:45:26 | 000,000,919 | ---- | M] () -- C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\searchplugins\conduit.xml
[2011/09/10 10:14:18 | 000,002,230 | ---- | M] () -- C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\searchplugins\iBryte_playbryte.xml
[2011/11/26 01:18:55 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\searchplugins\Retrogamer_2z.xml
[2011/08/29 07:45:21 | 000,002,503 | ---- | M] () -- C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\searchplugins\SearchResults.xml
[2012/07/02 00:30:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/07/09 15:13:18 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS.WINDOWS\APPLICATION DATA\AVG SECURE SEARCH\11.1.0.12
[2012/07/02 09:55:05 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012/07/19 07:46:46 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4
[2011/05/09 07:50:25 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012/07/02 00:30:06 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 06:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/07/09 15:12:43 | 000,003,696 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/07/02 00:29:59 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/08/29 07:45:21 | 000,002,503 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2012/07/02 00:29:59 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2006/03/15 08:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (IMVU Inc Toolbar) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\prxtbIMVU.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Updater For Simppull Toolbar) - {C4B8BAB4-1667-11DF-A242-BA9455D89593} - C:\Program Files\simppulltoolbar\auxi\simppulltoolbAu.dll (Visicom Media)
O2 - BHO: (no name) - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No CLSID value found.
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll File not found
O2 - BHO: (RebateRobot BHO) - {FA3FEDF6-1A34-4076-9F25-A26A2DE6A401} - C:\Program Files\RebateRobot\RebateRobot.dll (RebateRobot)
O3 - HKLM\..\Toolbar: (IMVU Inc Toolbar) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\prxtbIMVU.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (IMVU Inc Toolbar) - {90B49673-5506-483E-B92B-CA0265BD9CA8} - C:\Program Files\IMVU_Inc\prxtbIMVU.dll (Conduit Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe (HP)
O4 - HKLM..\Run: [KodakShareButtonApp] C:\Program Files\Kodak\KODAK Share Button App\Listener.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Memeo AutoSync] C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe ()
O4 - Startup: C:\Documents and Settings\Shane\Start Menu\Programs\Startup\IMVU.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll File not found
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Shane\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Program Files\Juniper Networks\Secure Application Manager\samnsp.dll (Juniper Networks)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Juniper Networks\Secure Application Manager\samnsp.dll (Juniper Networks)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53045E73-6CDC-481F-B2B2-C69AE7B4EFB6}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Shane\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Shane\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/09 21:13:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0be942b4-0cc5-11e1-abf3-0016760499f6}\Shell - "" = AutoRun
O33 - MountPoints2\{0be942b4-0cc5-11e1-abf3-0016760499f6}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{0be942b4-0cc5-11e1-abf3-0016760499f6}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL TL-Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/21 13:32:25 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Shane\Desktop\OTL.exe
[2012/08/03 11:03:38 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/08/01 18:13:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Shane\Application Data\Malwarebytes
[2012/08/01 18:13:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/01 18:13:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
[2012/08/01 18:13:35 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/08/01 18:13:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2003/03/18 22:20:00 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mfc71.dll
[2003/03/18 22:12:12 | 001,047,552 | ---- | C] (Microsoft Corporation) -- C:\Program Files\mfc71u.dll
[2003/03/18 21:44:38 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MFC71ENU.DLL
[2003/03/18 21:44:38 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MFC71KOR.DLL
[2003/03/18 21:44:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MFC71ITA.DLL
[2003/03/18 21:44:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MFC71ESP.DLL
[2003/03/18 21:44:36 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MFC71CHT.DLL
[2003/03/18 21:44:36 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MFC71CHS.DLL
[2003/03/18 21:44:34 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MFC71DEU.DLL
[2003/03/18 21:44:34 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MFC71FRA.DLL
[2003/03/18 21:44:34 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MFC71JPN.DLL
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/21 13:47:05 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/08/21 13:32:27 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Shane\Desktop\OTL.exe
[2012/08/21 13:20:00 | 000,000,444 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
[2012/08/21 12:19:15 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1757981266-630328440-839522115-1003.job
[2012/08/21 12:19:14 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1757981266-630328440-839522115-1003.job
[2012/08/21 12:02:32 | 000,230,840 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid
[2012/08/21 08:28:42 | 104,465,839 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/08/20 16:22:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job
[2012/08/19 03:23:00 | 000,000,326 | ---- | M] () -- C:\WINDOWS\tasks\iMeshNAG.job
[2012/08/18 14:42:15 | 006,170,777 | ---- | M] () -- C:\Documents and Settings\Shane\My Documents\notorious_b.i.g-big_poppa.mp3
[2012/08/18 14:40:13 | 006,170,777 | ---- | M] () -- C:\Documents and Settings\Shane\My Documents\13-the_notorious_b.i.g-big_poppa-rns.mp3
[2012/08/18 14:32:12 | 000,000,894 | ---- | M] () -- C:\Documents and Settings\Shane\Start Menu\Programs\Startup\IMVU.lnk
[2012/08/18 14:25:00 | 000,000,410 | ---- | M] () -- C:\WINDOWS\tasks\PC Optimizer Pro startups.job
[2012/08/18 14:25:00 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job
[2012/08/18 14:24:58 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/18 14:24:49 | 000,001,090 | ---- | M] () -- C:\WINDOWS\BrmfBidi.ini
[2012/08/16 19:51:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/08/16 03:27:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/16 03:27:34 | 2136,481,792 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/16 03:27:34 | 000,149,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/16 03:09:17 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/08/12 16:54:58 | 000,027,520 | ---- | M] () -- C:\Documents and Settings\Shane\Local Settings\Application Data\dt.dat
[2012/08/03 11:03:38 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/08/01 18:13:38 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/28 11:22:24 | 000,319,576 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/18 14:42:03 | 006,170,777 | ---- | C] () -- C:\Documents and Settings\Shane\My Documents\notorious_b.i.g-big_poppa.mp3
[2012/08/18 14:40:11 | 006,170,777 | ---- | C] () -- C:\Documents and Settings\Shane\My Documents\13-the_notorious_b.i.g-big_poppa-rns.mp3
[2012/08/12 16:54:58 | 000,027,520 | ---- | C] () -- C:\Documents and Settings\Shane\Local Settings\Application Data\dt.dat
[2012/08/01 18:13:38 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/25 16:31:50 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/04/29 19:38:22 | 000,012,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2012/02/17 14:24:31 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/11/26 16:34:00 | 000,000,903 | ---- | C] () -- C:\Documents and Settings\Shane\Archive.rar
[2011/09/29 07:52:33 | 000,000,064 | ---- | C] () -- C:\WINDOWS\GPlrLanc.dat
[2011/04/15 23:03:13 | 004,373,892 | ---- | C] () -- C:\Documents and Settings\Shane\kernelcache.release.n72
[2011/04/15 23:02:38 | 000,100,676 | ---- | C] () -- C:\Documents and Settings\Shane\iBSS.n72ap
[2011/01/03 18:16:55 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2010/07/27 19:46:34 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Shane\brmfc
[2009/09/03 20:35:34 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Shane\jagex_runescape_preferences2.dat
[2008/12/15 21:55:11 | 000,017,920 | ---- | C] () -- C:\Documents and Settings\Shane\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/14 16:17:37 | 000,000,039 | ---- | C] () -- C:\Documents and Settings\Shane\jagex_runescape_preferences.dat
[2008/12/06 12:38:06 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\Shane\Application Data\007EDF
[2008/12/06 12:38:05 | 000,870,128 | ---- | C] () -- C:\Documents and Settings\Shane\Application Data\mcs.rma
[2008/12/01 16:45:42 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Shane\Local Settings\Application Data\fusioncache.dat
[2005/04/07 22:16:43 | 000,000,811 | -H-- | C] () -- C:\Documents and Settings\Shane\Application Data\Shanelog.dat

========== LOP Check ==========

[2011/08/16 23:56:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ableton
[2012/08/06 17:08:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Secure Search
[2011/10/16 13:30:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG2012
[2011/08/29 07:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\boost_interprocess
[2011/01/03 18:21:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Canneverbe Limited
[2011/04/19 10:16:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Common Files
[2011/07/28 15:15:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Driver Whiz
[2011/05/09 19:55:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EmailNotifier
[2011/05/09 19:56:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Fighters
[2011/09/21 20:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\GameTap Web Player
[2009/12/26 15:27:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Leapfrog
[2012/01/26 18:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MemeoCommon
[2012/08/21 08:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MFAData
[2010/07/15 17:31:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Drivers HeadQuarters
[2012/04/29 19:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Optimizer Pro
[2009/03/03 10:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2010/07/15 17:32:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\UAB
[2011/11/26 06:48:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\W3i
[2012/05/01 16:38:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WeCareReminder
[2011/04/15 22:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip
[2010/05/04 15:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/12/05 20:27:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/06/20 10:00:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/07/28 15:53:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{A2A58654-12AA-408A-B411-58A76959BE7F}
[2011/08/16 23:56:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Ableton
[2012/04/29 19:38:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\AVG Secure Search
[2011/04/19 10:31:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\AVG10
[2011/09/26 16:41:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\AVG2012
[2011/09/10 10:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Bandoo
[2011/08/29 19:40:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\bsbandmltbpi
[2011/01/03 18:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Canneverbe Limited
[2011/05/09 19:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\com.w3i.intune
[2011/07/22 21:14:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Datel
[2010/08/26 16:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Disney Mix It Plug-in
[2010/01/31 19:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Disney Pix 3.1
[2011/10/05 19:06:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Easy MP3 Recorder
[2011/08/17 19:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\eSSsC
[2011/05/13 16:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Fighters
[2011/10/17 21:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\FrostWire
[2010/09/18 18:03:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\GameTuts
[2011/10/17 22:13:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Genius
[2010/12/31 17:32:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\ImgBurn
[2009/08/26 21:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Juniper Networks
[2012/01/26 17:46:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Leadertech
[2012/03/23 21:00:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Memeo
[2012/07/02 04:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\PriceGong
[2012/01/26 17:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Seagate
[2011/07/18 21:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\searchquband
[2011/05/21 22:15:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\simppulltoolbar
[2012/05/02 17:39:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Sony Online Entertainment
[2011/08/07 21:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\TeamViewer
[2011/05/21 22:32:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Toolbar4
[2011/04/18 12:38:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Uniblue
[2011/01/08 16:06:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Unity
[2012/06/07 16:52:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\uTorrent
[2011/05/09 19:48:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\WeatherBug
[2011/12/11 14:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Wizards of the Coast
[2012/08/21 13:20:00 | 000,000,444 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2012/08/19 03:23:00 | 000,000,326 | ---- | M] () -- C:\WINDOWS\Tasks\iMeshNAG.job
[2012/08/18 14:25:00 | 000,000,410 | ---- | M] () -- C:\WINDOWS\Tasks\PC Optimizer Pro startups.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 5749254 bytes -> C:\WINDOWS\System32\http:SUNP0001.m4v
@Alternate Data Stream - 153 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:522EA216

< End of report >

Attached Files

  • Attached File  OTL.Txt   108.42KB   156 downloads
  • Attached File  Extras.Txt   47.84KB   253 downloads

  • 0

Advertisements

#2
Dakeyras
Posted 21 August 2012 - 03:17 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post the appropriate logs in the Malware Removal forum and wait for help.

Hi and welcome to Geeks to Go. :)

I'm Dakeyras and I am going to try to assist you with your problem. Please take note of the below:

  • I will start working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine!
  • The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Refrain from running self fixes as this will hinder the malware removal process.
  • It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
Before we start:

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Peer to Peer Advice:

I see both FrostWire 4.21.3 FrostWire 5.1.4 are presently installed(and indication of similar software in the past). If these have been recently used, you can be fairly confident this is a principal reason your computer is infected.

It's really important, if you value your PC at all, to stay away from P2P file sharing programs, like utorrent, Bittorrent, Azureus, Limewire, Vuze and FrostWire to name a few.

Criminals have "planted" thousands upon thousands of infections in the "free" shared files.
Virtually all of these recent infections will compromise your Security, and some can turn your machine into a useless "doorstop".

My advice would be to uninstall both FrostWire versions. However if you opt not to please refrain from using them for the duration of the malware removal process, thank you.

Next:

No need to attach logs, just post the contents please.

Next:

Out of date Adobe and Java installations pose a security risk. They can be used by malware as a means to infect a computer and or re-infect. We will update both in due course.

Advised/optional removal is highlighted in red below...

Note: I have not included the IMVU Inc Toolbar related as we will deal with this via another methodology.

Now please go to Start >> Control Panel >> Add/Remove Programs and remove the following (if present):

Adobe Reader 9.1
Driver Detective <-- This type of software rarely proves of any real use and can often be misleading/actually create more problems in some instances.
Java™ 6 Update 29

To do so, click once on each of the above in turn to highlight and then click on the Remove button.

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please go here and download ERUNT.
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double-click on erunt-setup.exe to install ERUNT by following the prompts.
  • Use the default install settings but say no to the portion that asks you to add ERUNT to the Start-Up folder.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup. Note: the default location is C:\WINDOWS\ERDNT which is acceptable.
  • Make sure that at least the first two check boxes are selected.
  • Click on OK
  • Then click on YES to create the folder.
Note: If it is necessary to restore the registry, open the backup folder and start ERDNT.exe

Scan with AdwCleaner:

Please download adwcleaner from here and save to your desktop.

Alternate download is here.

  • Double click on adwcleaner.exe to launch the application.
  • Now click on the Search tab.
  • Please post the contents of the log-file created in your next post.
Note: The log can also be located at C: >> AdwCleaner[XX].txt >> XX <-- denotes the number of times the application has been ran, so in this case should be R1.

When completed the above, please post back the following in the order asked for:

  • How is your computer performing now, any further symptoms and or problems encountered?
  • AdwCleaner Log.

  • 0

#3
Tarheel1977
Posted 22 August 2012 - 03:42 PM

Tarheel1977

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Ok I have removed both Frostwires and the Driver detective by going to the individual program and clicking the uninstall option with the drop down associated with the program. I cannot access the Add/Remove programs because I get the Windows 32 sytem error, so I have not removed the out of date Adobe or Java. Do I continue with the registry back up or hold off?
  • 0

#4
Dakeyras
Posted 22 August 2012 - 05:56 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Ok I have removed both Frostwires and the Driver detective by going to the individual program and clicking the uninstall option with the drop down associated with the program.

Fair play.

I cannot access the Add/Remove programs because I get the Windows 32 sytem error, so I have not removed the out of date Adobe or Java.

Noted, this may be due to malware and or a corrupted Rundll32.exe file for example. We will address this next time round I think, earlier than I was anticipating. Have you got a copy of the XP Installation CD-ROM if we need to use it?

Do I continue with the registry back up or hold off?

Aye please do continue with my prior Backup the Registry/Scan with AdwCleaner instructions. Any problems encountered doing so just stop what you are doing and inform myself OK.
  • 0

#5
Tarheel1977
Posted 23 August 2012 - 02:24 PM

Tarheel1977

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Ok I have completed all of the steps and the adwcleaner file is below. So far the computer is not running any different.

# AdwCleaner v1.801 - Logfile created 08/23/2012 at 16:20:28
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Shane - COMPUTER
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Shane\My Documents\New Folder\adwcleaner.exe
# Option [Search]


***** [Services] *****

Found : vToolbarUpdater11.2.0

***** [Files / Folders] *****

Folder Found : C:\Documents and Settings\Shane\Local Settings\Application Data\AVG Secure Search
Folder Found : C:\Documents and Settings\Shane\Local Settings\Application Data\Conduit
Folder Found : C:\Documents and Settings\Shane\Local Settings\Application Data\ConduitEngine
Folder Found : C:\Documents and Settings\Shane\Local Settings\Application Data\Ilivid Player
Folder Found : C:\Documents and Settings\Shane\Local Settings\Application Data\IMVU_Inc
Folder Found : C:\DOCUME~1\Shane\LOCALS~1\Temp\avg@toolbar
Folder Found : C:\DOCUME~1\Shane\LOCALS~1\Temp\CT2612669
Folder Found : C:\DOCUME~1\Shane\LOCALS~1\Temp\OpenCandy
Folder Found : C:\Documents and Settings\Shane\Application Data\AVG Secure Search
Folder Found : C:\Documents and Settings\Shane\Application Data\Bandoo
Folder Found : C:\Documents and Settings\Shane\Application Data\PriceGong
Folder Found : C:\Documents and Settings\Shane\Application Data\searchquband
Folder Found : C:\Documents and Settings\Shane\Application Data\Toolbar4
Folder Found : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\Conduit
Folder Found : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\ConduitCommon
Folder Found : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\CT2612669
Folder Found : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
Folder Found : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\extensions\[email protected]
Folder Found : C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Secure Search
Folder Found : C:\Documents and Settings\All Users.WINDOWS\Application Data\boost_interprocess
Folder Found : C:\Documents and Settings\All Users.WINDOWS\Application Data\Trymedia
Folder Found : C:\Documents and Settings\All Users.WINDOWS\Application Data\WeCareReminder
Folder Found : C:\Program Files\AppGraffiti
Folder Found : C:\Program Files\AVG Secure Search
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\ConduitEngine
Folder Found : C:\Program Files\Free Offers from Freeze.com
Folder Found : C:\Program Files\IMVU_Inc
Folder Found : C:\Program Files\kikin
Folder Found : C:\Program Files\SelectRebates
Folder Found : C:\Program Files\Shop To Win
Folder Found : C:\Program Files\Viewpoint
Folder Found : C:\Program Files\Windows iLivid Toolbar
Folder Found : C:\Program Files\Common Files\AVG Secure Search
Folder Found : C:\Program Files\Common Files\spigot
File Found : C:\DOCUME~1\Shane\LOCALS~1\Temp\Searchqu.ini
File Found : C:\DOCUME~1\Shane\LOCALS~1\Temp\searchqutoolbar-manifest.xml
File Found : C:\DOCUME~1\Shane\LOCALS~1\Temp\SetupDataMngr_Searchqu.exe
File Found : C:\DOCUME~1\Shane\LOCALS~1\Temp\Uninstall.exe
File Found : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\searchplugins\Conduit.xml
File Found : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\searchplugins\SearchResults.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml

***** [Registry] *****

[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2612669
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3007394
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\Freecause
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\ConduitSearchScopes
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\IMVU_Inc
Key Found : HKCU\Software\PriceGong
Key Found : HKCU\Software\Smartbar
Key Found : HKCU\Software\Surf Canyon
Key Found : HKCU\Software\wecarereminder
Key Found : HKCU\Software\Zugo
Key Found : HKCU\Toolbar
Key Found : HKLM\SOFTWARE\AskBarDis
Key Found : HKLM\SOFTWARE\AVG Secure Search
Key Found : HKLM\SOFTWARE\bandoo
Key Found : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Key Found : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Key Found : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\RewardsArcade.FBApi
Key Found : HKLM\SOFTWARE\Classes\RewardsArcade.FBApi.1
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Freeze.com
Key Found : HKLM\SOFTWARE\IMVU_Inc
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMVU_Inc Toolbar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Found : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{25514C64-8321-494E-BD3E-3DBAB3F8CEBA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A19F5EBF-E163-4D4F-B7BD-33149BF756CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{056E1883-221E-40D9-BC68-158B39566CC7}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37C25524-2F46-4FFD-A6E7-4C95598DC53D}
Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A19F5EBF-E163-4D4F-B7BD-33149BF756CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{61E0EF7A-9BC0-45ea-9B2F-F3E9F02692BD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C80BDEB2-8735-44C6-BD55-A1CCD555667A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AB7104A-B71F-49AD-9154-F7F8806AE848}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{61E0EF7A-9BC0-45ea-9B2F-F3E9F02692BD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C80BDEB2-8735-44C6-BD55-A1CCD555667A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F78BF7A8-CF12-4DE7-A6DA-C463D1B539A7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A19F5EBF-E163-4D4F-B7BD-33149BF756CC}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{90B49673-5506-483E-B92B-CA0265BD9CA8}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{90B49673-5506-483E-B92B-CA0265BD9CA8}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{90B49673-5506-483E-B92B-CA0265BD9CA8}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/anyvideo2dvd/{9B6491EE-EF39-4727-BD91-8DD6DD709088}
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2612669
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://inboxtoolbar.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://isearch.avg.com/tab?cid={3BA31EE3-22D2-457E-BF30-4732C879EB1B}&mid=&lang=en&ds=ts026&pr=sa&d=2012-04-29 19:38:56&v=11.1.0.12&sap=nt

-\\ Mozilla Firefox v9.0.1 (en-US)

Profile name : default
File : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\nxko8z1y.default\prefs.js

Found : user_pref("CT2612669..clientLogIsEnabled", false);
Found : user_pref("CT2612669..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2612669..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2612669.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2612669.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2612669.BrowserCompStateIsOpen_129482420034282070", true);
Found : user_pref("CT2612669.BrowserCompStateIsOpen_129683190780749804", true);
Found : user_pref("CT2612669.CTID", "CT2612669");
Found : user_pref("CT2612669.CurrentServerDate", "16-8-2012");
Found : user_pref("CT2612669.DSChangedManually", false);
Found : user_pref("CT2612669.DSInstall", true);
Found : user_pref("CT2612669.DSProtectChoice", true);
Found : user_pref("CT2612669.DSProtectCount", 1);
Found : user_pref("CT2612669.DialogsAlignMode", "LTR");
Found : user_pref("CT2612669.DialogsGetterLastCheckTime", "Mon Aug 13 2012 06:44:28 GMT-0400 (Eastern Daylig[...]
Found : user_pref("CT2612669.DownloadReferralCookieData", "");
Found : user_pref("CT2612669.FeedLastCount129206864782289142", 40);
Found : user_pref("CT2612669.FeedPollDate129206864782914144", "Mon Aug 13 2012 06:44:17 GMT-0400 (Eastern Da[...]
Found : user_pref("CT2612669.FeedTTL129206864782914144", 40);
Found : user_pref("CT2612669.FirstServerDate", "2-7-2012");
Found : user_pref("CT2612669.FirstTime", true);
Found : user_pref("CT2612669.FirstTimeFF3", true);
Found : user_pref("CT2612669.FirstTimeHiddenVer", true);
Found : user_pref("CT2612669.FixPageNotFoundErrors", true);
Found : user_pref("CT2612669.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2612669.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2612669.HPInstall", true);
Found : user_pref("CT2612669.HPProtectChoice", true);
Found : user_pref("CT2612669.HPProtectCount", 1);
Found : user_pref("CT2612669.HasUserGlobalKeys", true);
Found : user_pref("CT2612669.HomePageProtectorEnabled", false);
Found : user_pref("CT2612669.HomepageBeforeUnload", "hxxp://isearch.avg.com?cid=%7Bc70080c1-5789-4592-b548-5[...]
Found : user_pref("CT2612669.Initialize", true);
Found : user_pref("CT2612669.InitializeCommonPrefs", true);
Found : user_pref("CT2612669.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2612669.InstallationId", "ConduitNSISIntegration");
Found : user_pref("CT2612669.InstallationType", "ConduitNSISIntegration");
Found : user_pref("CT2612669.InstalledDate", "Mon Jul 02 2012 00:49:24 GMT-0400 (Eastern Daylight Time)");
Found : user_pref("CT2612669.IsAlertDBUpdated", true);
Found : user_pref("CT2612669.IsGrouping", false);
Found : user_pref("CT2612669.IsInitSetupIni", true);
Found : user_pref("CT2612669.IsMulticommunity", false);
Found : user_pref("CT2612669.IsOpenThankYouPage", false);
Found : user_pref("CT2612669.IsOpenUninstallPage", true);
Found : user_pref("CT2612669.IsProtectorsInit", true);
Found : user_pref("CT2612669.LanguagePackLastCheckTime", "Wed Aug 15 2012 06:43:58 GMT-0400 (Eastern Dayligh[...]
Found : user_pref("CT2612669.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2612669.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2612669.LastLogin_3.13.0.6", "Mon Aug 13 2012 06:48:24 GMT-0400 (Eastern Daylight Time)[...]
Found : user_pref("CT2612669.LastLogin_3.14.1.0", "Wed Aug 15 2012 23:29:01 GMT-0400 (Eastern Daylight Time)[...]
Found : user_pref("CT2612669.LatestVersion", "3.14.1.0");
Found : user_pref("CT2612669.Locale", "en");
Found : user_pref("CT2612669.MCDetectTooltipHeight", "83");
Found : user_pref("CT2612669.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2612669.MCDetectTooltipWidth", "295");
Found : user_pref("CT2612669.MyStuffEnabledAtInstallation", false);
Found : user_pref("CT2612669.OriginalFirstVersion", "3.13.0.6");
Found : user_pref("CT2612669.SavedHomepage", "hxxp://isearch.avg.com?cid=%7Bc70080c1-5789-4592-b548-5478050f[...]
Found : user_pref("CT2612669.SearchCaption", "IMVU Inc Customized Web Search");
Found : user_pref("CT2612669.SearchEngineBeforeUnload", "AVG Secure Search");
Found : user_pref("CT2612669.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2612669.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT261[...]
Found : user_pref("CT2612669.SearchInNewTabEnabled", true);
Found : user_pref("CT2612669.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2612669.SearchInNewTabLastCheckTime", "Wed Aug 15 2012 06:43:42 GMT-0400 (Eastern Dayli[...]
Found : user_pref("CT2612669.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2612669.SearchProtectorEnabled", true);
Found : user_pref("CT2612669.SearchProtectorToolbarDisabled", false);
Found : user_pref("CT2612669.SendProtectorDataViaLogin", true);
Found : user_pref("CT2612669.ServiceMapLastCheckTime", "Wed Aug 15 2012 06:43:46 GMT-0400 (Eastern Daylight [...]
Found : user_pref("CT2612669.SettingsLastCheckTime", "Mon Aug 13 2012 15:29:26 GMT-0400 (Eastern Daylight Ti[...]
Found : user_pref("CT2612669.SettingsLastUpdate", "1344785376");
Found : user_pref("CT2612669.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2612669&SearchSource=13");
Found : user_pref("CT2612669.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2612669.ThirdPartyComponentsLastCheck", "Mon Aug 13 2012 06:44:06 GMT-0400 (Eastern Day[...]
Found : user_pref("CT2612669.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2612669.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2612669.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2612669");
Found : user_pref("CT2612669.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2612669.UserID", "UN47415005171390553");
Found : user_pref("CT2612669.alertChannelId", "1005466");
Found : user_pref("CT2612669.autoDisableScopes", -1);
Found : user_pref("CT2612669.backendstorage.2612669a129684723478947121000000paramsgk3", "7B22757064617465526[...]
Found : user_pref("CT2612669.backendstorage.cbcountry_001", "5553");
Found : user_pref("CT2612669.backendstorage.cbfirsttime", "547565204A756C20303320323031322031373A30363A34302[...]
Found : user_pref("CT2612669.backendstorage.shoppingapp.gk.exipres", "5361742041756720313820323031322030363A[...]
Found : user_pref("CT2612669.backendstorage.shoppingapp.gk.geolocation", "756E6974656420737461746573");
Found : user_pref("CT2612669.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2612669.globalFirstTimeInfoLastCheckTime", "Mon Aug 13 2012 06:44:27 GMT-0400 (Eastern [...]
Found : user_pref("CT2612669.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2612669.initDone", true);
Found : user_pref("CT2612669.isAppTrackingManagerOn", true);
Found : user_pref("CT2612669.myStuffEnabled", true);
Found : user_pref("CT2612669.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2612669.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2612669.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2612669.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2612669.navigateToUrlOnSearch", false);
Found : user_pref("CT2612669.oldAppsList", "129170380618247103,129170380618247104,111,129174085518698803,129[...]
Found : user_pref("CT2612669.revertSettingsEnabled", false);
Found : user_pref("CT2612669.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2612669.searchProtectorEnableByLogin", true);
Found : user_pref("CT2612669.testingCtid", "");
Found : user_pref("CT2612669.toolbarAppMetaDataLastCheckTime", "Wed Aug 15 2012 06:43:58 GMT-0400 (Eastern D[...]
Found : user_pref("CT2612669.toolbarContextMenuLastCheckTime", "Mon Aug 13 2012 06:44:27 GMT-0400 (Eastern D[...]
Found : user_pref("CT2612669.usagesFlag", 2);
Found : user_pref("CT2786678..clientLogIsEnabled", false);
Found : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2786678.AppTrackingLastCheckTime", "Fri Apr 08 2011 19:46:47 GMT-0400 (Eastern Daylight[...]
Found : user_pref("CT2786678.CTID", "CT2786678");
Found : user_pref("CT2786678.CurrentServerDate", "9-4-2011");
Found : user_pref("CT2786678.DialogsAlignMode", "LTR");
Found : user_pref("CT2786678.DialogsGetterLastCheckTime", "Fri Apr 08 2011 19:46:37 GMT-0400 (Eastern Daylig[...]
Found : user_pref("CT2786678.DownloadReferralCookieData", "");
Found : user_pref("CT2786678.EMailNotifierPollDate", "Fri Apr 08 2011 19:46:37 GMT-0400 (Eastern Daylight Ti[...]
Found : user_pref("CT2786678.FeedLastCount5690698542593514850", 154);
Found : user_pref("CT2786678.FeedPollDate129301619375443753", "Fri Apr 08 2011 19:46:38 GMT-0400 (Eastern Da[...]
Found : user_pref("CT2786678.FeedPollDate129301619375443759", "Fri Apr 08 2011 19:46:38 GMT-0400 (Eastern Da[...]
Found : user_pref("CT2786678.FeedPollDate129301619375444699", "Fri Apr 08 2011 19:46:37 GMT-0400 (Eastern Da[...]
Found : user_pref("CT2786678.FeedPollDate129301619375444705", "Fri Apr 08 2011 19:46:37 GMT-0400 (Eastern Da[...]
Found : user_pref("CT2786678.FeedPollDate129301619375444711", "Fri Apr 08 2011 19:46:37 GMT-0400 (Eastern Da[...]
Found : user_pref("CT2786678.FeedPollDate129301619375444717", "Fri Apr 08 2011 19:46:37 GMT-0400 (Eastern Da[...]
Found : user_pref("CT2786678.FeedPollDate129301619375444723", "Fri Apr 08 2011 19:46:37 GMT-0400 (Eastern Da[...]
Found : user_pref("CT2786678.FeedPollDate129301619375444729", "Fri Apr 08 2011 19:46:37 GMT-0400 (Eastern Da[...]
Found : user_pref("CT2786678.FeedPollDate129301619375444735", "Fri Apr 08 2011 19:46:38 GMT-0400 (Eastern Da[...]
Found : user_pref("CT2786678.FeedPollDate129301619375444741", "Fri Apr 08 2011 19:46:38 GMT-0400 (Eastern Da[...]
Found : user_pref("CT2786678.FeedPollDate129301619375444747", "Fri Apr 08 2011 19:46:38 GMT-0400 (Eastern Da[...]
Found : user_pref("CT2786678.FeedTTL129301619375444699", 10);
Found : user_pref("CT2786678.FeedTTL129301619375444723", 15);
Found : user_pref("CT2786678.FeedTTL129301619375444735", 5);
Found : user_pref("CT2786678.FeedTTL129301619375444747", 5);
Found : user_pref("CT2786678.FirstServerDate", "3-1-2011");
Found : user_pref("CT2786678.FirstTime", true);
Found : user_pref("CT2786678.FirstTimeFF3", true);
Found : user_pref("CT2786678.FixPageNotFoundErrors", false);
Found : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2786678.HasUserGlobalKeys", true);
Found : user_pref("CT2786678.Initialize", true);
Found : user_pref("CT2786678.InitializeCommonPrefs", true);
Found : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2786678.InstallationType", "UnknownIntegration");
Found : user_pref("CT2786678.InstalledDate", "Mon Jan 03 2011 15:48:30 GMT-0500 (Eastern Standard Time)");
Found : user_pref("CT2786678.IsGrouping", false);
Found : user_pref("CT2786678.IsMulticommunity", false);
Found : user_pref("CT2786678.IsOpenThankYouPage", true);
Found : user_pref("CT2786678.IsOpenUninstallPage", false);
Found : user_pref("CT2786678.LanguagePackLastCheckTime", "Fri Apr 08 2011 19:46:37 GMT-0400 (Eastern Dayligh[...]
Found : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2786678.LastLogin_3.2.5.2", "Mon Jan 03 2011 15:48:34 GMT-0500 (Eastern Standard Time)"[...]
Found : user_pref("CT2786678.LastLogin_3.3.3.2", "Fri Apr 08 2011 19:46:37 GMT-0400 (Eastern Daylight Time)"[...]
Found : user_pref("CT2786678.LatestVersion", "3.3.3.2");
Found : user_pref("CT2786678.Locale", "en");
Found : user_pref("CT2786678.MCDetectTooltipHeight", "83");
Found : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2786678.MCDetectTooltipWidth", "295");
Found : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
Found : user_pref("CT2786678.SearchInNewTabEnabled", true);
Found : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Fri Apr 08 2011 19:46:37 GMT-0400 (Eastern Dayli[...]
Found : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2786678.ServiceMapLastCheckTime", "Fri Apr 08 2011 19:46:36 GMT-0400 (Eastern Daylight [...]
Found : user_pref("CT2786678.SettingsLastCheckTime", "Fri Apr 08 2011 19:46:36 GMT-0400 (Eastern Daylight Ti[...]
Found : user_pref("CT2786678.SettingsLastUpdate", "1297856274");
Found : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Fri Apr 08 2011 19:46:36 GMT-0400 (Eastern Day[...]
Found : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
Found : user_pref("CT2786678.Uninstall", true);
Found : user_pref("CT2786678.UserID", "UN19939628658526321");
Found : user_pref("CT2786678.WeatherNetwork", "");
Found : user_pref("CT2786678.WeatherPollDate", "Fri Apr 08 2011 19:46:37 GMT-0400 (Eastern Daylight Time)");
Found : user_pref("CT2786678.WeatherUnit", "F");
Found : user_pref("CT2786678.alertChannelId", "1178763");
Found : user_pref("CT2786678.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Found : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Fri Apr 08 2011 19:46:37 GMT-0400 (Eastern [...]
Found : user_pref("CT2786678.isAppTrackingManagerOn", true);
Found : user_pref("CT2786678.myStuffEnabled", true);
Found : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,1000234,129295698017012804[...]
Found : user_pref("CT2786678.testingCtid", "");
Found : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Fri Apr 08 2011 19:46:37 GMT-0400 (Eastern D[...]
Found : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Mon Jan 03 2011 15:48:34 GMT-0500 (Eastern S[...]
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2612669&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "IMVU Inc Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2612669/CT2612669[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/US", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/US", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2612669", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2612669",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63428984078257[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/30/2[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"e2b[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20566976.xml", "\"d9c11c8150b4dd83701[...]
Found : user_pref("CommunityToolbar.EngineOwner", "CT2786678");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar");
Found : user_pref("CommunityToolbar.IsEngineShown", true);
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Shane\\Application[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.13.0.6");
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2786678,CT2612669");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2786678,CT2612669");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2612669");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Apr 08 2011 19:24:24 GMT-04[...]
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Apr 07 2011 21:06:31 GMT-0400 (Easte[...]
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Apr 08 2011 19:24:22 GMT-0400 (Eastern D[...]
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291048634");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "29736669-381b-4246-a3b1-3087aec10a90");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Apr 08 2011 19:46:37 GMT-0400 (Eas[...]
Found : user_pref("CommunityToolbar.globalUserId", "3c802cfc-b961-4215-912b-c76bf18616fd");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2612669");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Aug 13 2012 06:44:3[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Aug 13 2012 06:44:28 GMT-0400 (E[...]
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "db32bebb-1e60-46c8-b311-514fa82fae2b");
Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://isearch.avg.com?cid=%7Bc70080c1-5789-4592-b54[...]
Found : user_pref("CommunityToolbar.originalSearchEngine", "AVG Secure Search");
Found : user_pref("CommunityToolbar.twitter.user_20566976.LastCheckTime", "Mon Aug 13 2012 06:45:17 GMT-0400[...]
Found : user_pref("avg.install.installDirPath", "C:\\Documents and Settings\\All Users.WINDOWS\\Application [...]
Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Found : user_pref("browser.search.defaultthis.engineName", "IMVU Inc Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2612669&Sea[...]
Found : user_pref("browser.search.order.1", "Web Search");
Found : user_pref("extensions.Retrogamer_2z.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opens[...]
Found : user_pref("extensions.crossriderapp2258.2258.InstallationTime", 1341203458);
Found : user_pref("extensions.crossriderapp2258.2258.active", true);
Found : user_pref("extensions.crossriderapp2258.2258.addressbar", "");
Found : user_pref("extensions.crossriderapp2258.2258.affid", "0");
Found : user_pref("extensions.crossriderapp2258.2258.backgroundjs", "\n\n_GPL_PID = 21;\nfunction parse_url([...]
Found : user_pref("extensions.crossriderapp2258.2258.backgroundver", 10);
Found : user_pref("extensions.crossriderapp2258.2258.can_run_bg_code", true);
Found : user_pref("extensions.crossriderapp2258.2258.certdomaininstaller", "");
Found : user_pref("extensions.crossriderapp2258.2258.changeprevious", false);
Found : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.value", "1341203458");
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_aoi.value", "1341203458");
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_crr.value", "1344886164");
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_geo.expiration", "Mon Aug 20 2012 06:44:28 [...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_geo.value", "%7B%22geoplugin_request%22%3A%[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_hotfix20111102645.value", "%221%22");
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_parent_zoneid.value", "%2214019%22");
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_product_id.value", "%2221%22");
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Found : user_pref("extensions.crossriderapp2258.2258.cookie._GPL_zoneid.value", "%2252026%22");
Found : user_pref("extensions.crossriderapp2258.2258.description", "I Want This!");
Found : user_pref("extensions.crossriderapp2258.2258.domain", "");
Found : user_pref("extensions.crossriderapp2258.2258.emailsig", "");
Found : user_pref("extensions.crossriderapp2258.2258.enablesearch", false);
Found : user_pref("extensions.crossriderapp2258.2258.exposesites", "");
Found : user_pref("extensions.crossriderapp2258.2258.fbremoteurl", "");
Found : user_pref("extensions.crossriderapp2258.2258.group", 0);
Found : user_pref("extensions.crossriderapp2258.2258.homepage", "");
Found : user_pref("extensions.crossriderapp2258.2258.iframe", false);
Found : user_pref("extensions.crossriderapp2258.2258.js", "\nvar _GPL_PID=21,_GPL_baseCDN=\"contentcache-a.a[...]
Found : user_pref("extensions.crossriderapp2258.2258.manifesturl", "");
Found : user_pref("extensions.crossriderapp2258.2258.name", "I Want This");
Found : user_pref("extensions.crossriderapp2258.2258.newtab", "");
Found : user_pref("extensions.crossriderapp2258.2258.opensearch", "");
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.name", "CrossriderAppUtils");
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.ver", 1);
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.name", "CrossriderUtils");
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.ver", 1);
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_15.name", "FacebookFFIE");
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_15.ver", 1);
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.code", "(function(f,b){if(typeof(b)==[...]
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.name", "FFAppAPIWrapper");
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.ver", 3);
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.code", "/*!\n * jQuery JavaScript Lib[...]
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.name", "jQuery");
Found : user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.ver", 1);
Found : user_pref("extensions.crossriderapp2258.2258.plugins_lists.plugins_0", "17,14,16");
Found : user_pref("extensions.crossriderapp2258.2258.plugins_lists.plugins_1", "17,14,13,16,15");
Found : user_pref("extensions.crossriderapp2258.2258.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
Found : user_pref("extensions.crossriderapp2258.2258.pluginsversion", 4);
Found : user_pref("extensions.crossriderapp2258.2258.premium", true);
Found : user_pref("extensions.crossriderapp2258.2258.publisher", "215 Apps");
Found : user_pref("extensions.crossriderapp2258.2258.searchstatus", 0);
Found : user_pref("extensions.crossriderapp2258.2258.setnewtab", false);
Found : user_pref("extensions.crossriderapp2258.2258.settingsurl", "");
Found : user_pref("extensions.crossriderapp2258.2258.thankyou", "");
Found : user_pref("extensions.crossriderapp2258.2258.updateinterval", 360);
Found : user_pref("extensions.crossriderapp2258.2258.ver", 66);
Found : user_pref("extensions.crossriderapp2258.apps", "2258");
Found : user_pref("extensions.crossriderapp2258.bic", "13467b72d95501df24950536a8c8f59e");
Found : user_pref("extensions.crossriderapp2258.cid", 2258);
Found : user_pref("extensions.crossriderapp2258.firstrun", false);
Found : user_pref("extensions.crossriderapp2258.hadappinstalled", true);
Found : user_pref("extensions.crossriderapp2258.installationdate", 1341203458);
Found : user_pref("extensions.crossriderapp2258.lastcheck", 22414770);
Found : user_pref("extensions.crossriderapp2258.lastcheckitem", 22414829);
Found : user_pref("extensions.crossriderapp2258.modetype", "production");
Found : user_pref("extensions.crossriderapp498.bic", "13467b72d95501df24950536a8c8f59e");
Found : user_pref("extensions.crossriderapp498.firstrun", false);
Found : user_pref("extensions.crossriderapp498.installationdate", 1324589985);
Found : user_pref("extensions.crossriderapp498.jsver", 3);
Found : user_pref("extensions.crossriderapp498.lastcheck", 22126911);
Found : user_pref("extensions.crossriderapp498.lastcheckitem", 22126912);
Found : user_pref("extensions.crossriderapp498.misc.lastBgWorkerTimer", "1327618862245");
Found : user_pref("extensions.crossriderapp498.misc.lastDomWorkerTimer", "1327618862186");
Found : user_pref("extensions.enabledAddons", "[email protected]:1.0,{F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0[...]
Found : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7Bc70080c1-5789-4592-b548-5478050f3261%[...]

*************************

AdwCleaner[R1].txt - [52588 octets] - [23/08/2012 16:20:28]

########## EOF - C:\AdwCleaner[R1].txt - [52717 octets] ##########
  • 0

#6
Dakeyras
Posted 23 August 2012 - 03:42 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Please do answer my prior query:-

Have you got a copy of the XP Installation CD-ROM if we need to use it?

As I need to know this so I can begin to address the Rundll32.exe issue with your machine.

Re-scan with AdwCleaner:

Please move the executable for AdwCleaner to the desktop, it is currently residing here:-

C:\Documents and Settings\Shane\My Documents\New Folder\adwcleaner.exe

  • Double click on adwcleaner.exe to launch the application.
  • Now click on the Delete tab.
  • Please post the contents of the new log-file created in your next post.
Note: The log can also be located at C: >> AdwCleaner[XX].txt >> XX <-- denotes the number of times the application has been ran.

Next:

Reboot(restart) your machine. Post the new AdwCleaner log, the answer to my XP Installation CD-ROM query and we will go from there, thank you.
  • 0

#7
Dakeyras
Posted 27 August 2012 - 05:31 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP