Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads

User Tag List

Win32.downloader.gen found by spybot

This is a discussion on Win32.downloader.gen found by spybot within the Resolved HJT Threads forums, part of the Tech Support Forum category. Hi there, I just ran my Spybot program and it found Win32.downloader.gen. After it ran I checked fix problems button.


 
 
Thread Tools Search this Thread
Old 08-18-2013, 06:48 PM   #1
Registered Member
 
Join Date: Dec 2010
Location: Ohio
Posts: 41
OS: windows 8.1



Hi there,

I just ran my Spybot program and it found Win32.downloader.gen. After it ran I checked fix problems button. It showed that it fixed it, but I want to make sure. I have run the gmer and dds programs and will attach them for you. My computer has been running slow also.
Thank you in advance for any help.
Gerry

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.25.2
Run by Gerry at 20:43:35 on 2013-08-18
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.855 [GMT -4:00]
.
AV: Norton AntiVirus *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\CSHelper.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uURLSearchHooks: MixiDJ V30 Toolbar: {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - c:\program files\mixidj_v30\prxtbMixi.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: MixiDJ V30 Toolbar: {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - c:\program files\mixidj_v30\prxtbMixi.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: EWPBrowseObject Class: {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - c:\program files\canon\easy-webprint\EWPBrowseLoader.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton antivirus\engine\18.7.1.3\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Easy-WebPrint: {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - c:\program files\canon\easy-webprint\Toolband.dll
TB: MixiDJ V30 Toolbar: {1122b43d-30ee-403f-9bfa-3cc99b0caddd} - c:\program files\mixidj_v30\prxtbMixi.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRunOnce: [SpybotDeletingB9447] command.com /c del "c:\documents and settings\gerry\local settings\temp\ToolbarHelper.exe"
uRunOnce: [SpybotDeletingD3690] cmd.exe /c del "c:\documents and settings\gerry\local settings\temp\ToolbarHelper.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "c:\documents and settings\all users\application data\malwarebytes\malwarebytes' anti-malware\cleanup.dll",ProcessCleanupScript
mRunOnce: [SpybotDeletingA4917] command.com /c del "c:\documents and settings\gerry\local settings\temp\ToolbarHelper.exe"
mRunOnce: [SpybotDeletingC6248] cmd.exe /c del "c:\documents and settings\gerry\local settings\temp\ToolbarHelper.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Toolband.dll/RC_Print.html
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} - hxxp://webeffective.keynote.com/applications/pconnector/download/ConnectorLauncher.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341964899906
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {CEDDF50D-9FA7-41A8-BCD0-6350D1ED2306} - hxxps://care.windstream.com/lwp/static/installers/WebflowActiveXInstaller_3-0-0.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {EFD3EA56-234D-4240-90EA-CC9FA3AF5A01} - hxxps://care.windstream.com/lwp/static/installers/ALLTELControls.cab
TCP: NameServer = 192.168.254.254 192.168.1.1
TCP: Interfaces\{18E49E81-5F1A-4E1C-949A-B59A65CAF72C} : DHCPNameServer = 192.168.254.254 192.168.1.1
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: 127.0.0.1 Spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\gerry\application data\mozilla\firefox\profiles\03qrfe5i.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&CUI=UN36750579811403952&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.weather.com/weather/today/North+Ridgeville+OH+44039:4:US
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&SearchSource=2&CUI=UN36750579811403952&UM=2&q=
FF - plugin: c:\docume~1\gerry\applic~1\catali~2\npBcsKtTcHW.dll
FF - plugin: c:\documents and settings\gerry\application data\mozilla\firefox\profiles\03qrfe5i.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\mycamera download plugin\NPCIG.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-08-09 20:42; {1122b43d-30ee-403f-9bfa-3cc99b0caddd}; c:\documents and settings\gerry\application data\mozilla\firefox\profiles\03qrfe5i.default\extensions\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nav\1207010.003\symds.sys [2012-4-3 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1207010.003\symefa.sys [2012-4-3 744568]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\bashdefs\20130715.001\BHDrvx86.sys [2013-7-16 1002072]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nav\1207010.003\ironx86.sys [2012-4-3 136312]
R2 CSHelper;CopySafe Helper Service;c:\windows\system32\CSHelper.exe [2009-2-20 266240]
R2 NAV;Norton AntiVirus.;c:\program files\norton antivirus\engine\18.7.1.3\ccsvchst.exe [2012-4-3 130008]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-15 106656]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\ipsdefs\20130814.002\IDSXpx86.sys [2013-8-13 380832]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\virusdefs\20130818.004\NAVENG.SYS [2013-8-18 93272]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\definitions\virusdefs\20130818.004\NAVEX15.SYS [2013-8-18 1611992]
S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nav\1008000.029\cchpx86.sys --> c:\windows\system32\drivers\nav\1008000.029\ccHPx86.sys [?]
S1 MpKsl18f9b935;MpKsl18f9b935;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0249fe91-3df2-438e-b52e-8dff1e69f19b}\mpksl18f9b935.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0249fe91-3df2-438e-b52e-8dff1e69f19b}\MpKsl18f9b935.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Norton AntiVirus;Norton AntiVirus;"c:\program files\norton antivirus\norton antivirus\engine\16.8.0.41\ccsvchst.exe" /s "norton antivirus" /m "c:\program files\norton antivirus\norton antivirus\engine\16.8.0.41\dimaster.dll" /prefetch:1 --> c:\program files\norton antivirus\norton antivirus\engine\16.8.0.41\ccSvcHst.exe [?]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\lavasoft\ad-aware\aawservice.exe" --> c:\program files\lavasoft\ad-aware\AAWService.exe [?]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys --> c:\windows\system32\drivers\vaxscsi.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856]
.
=============== Created Last 30 ================
.
2013-08-19 00:25:35 54016 ----a-w- c:\windows\system32\drivers\qcqaqdm.sys
2013-08-10 00:43:11 -------- d-----w- c:\program files\Conduit
2013-08-10 00:43:07 -------- d-----w- c:\documents and settings\gerry\local settings\application data\MixiDJ_V30
2013-08-10 00:43:05 -------- d-----w- c:\program files\MixiDJ_V30
2013-08-10 00:42:37 770384 ----a-w- c:\windows\system32\msvcr100.dll
2013-08-10 00:42:37 421200 ----a-w- c:\windows\system32\msvcp100.dll
2013-08-03 12:38:31 2162416 ----a-w- c:\documents and settings\gerry\local settings\application data\BcsKtYcHW.dll
2013-08-03 12:38:27 45056 ----a-r- c:\documents and settings\gerry\application data\microsoft\installer\{37331c16-3e97-4a20-80d8-bfb43ab0e2fb}\UNINST_Uninstall_C_EBD1846850A64C858760A659B987DCFF.exe
2013-08-03 12:38:27 45056 ----a-r- c:\documents and settings\gerry\application data\microsoft\installer\{37331c16-3e97-4a20-80d8-bfb43ab0e2fb}\ARPPRODUCTICON.exe
2013-08-03 12:38:25 -------- d-----w- c:\documents and settings\gerry\application data\Catalina Print Savings
.
==================== Find3M ====================
.
2013-07-27 21:17:16 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-27 21:17:15 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-26 02:47:17 920064 ----a-w- c:\windows\system32\wininet.dll
2013-07-26 02:47:13 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-07-26 02:47:12 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-07-25 15:52:59 385024 ----a-w- c:\windows\system32\html.iec
2013-07-10 10:37:53 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 03:03:25 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-04 02:08:30 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-13 01:48:23 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-06-13 01:48:17 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-13 01:48:00 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-13 01:35:55 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-06-05 13:04:17 465280 ----a-r- c:\windows\system32\cpnprt2win32.cid
2013-06-04 07:23:02 562688 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 01:40:45 1876736 ----a-w- c:\windows\system32\win32k.sys
2013-05-28 01:59:37 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2013-05-28 00:41:07 6144 ----a-w- c:\windows\system32\xpsp4res.dll
.
============= FINISH: 20:44:20.82 ===============
Attached Files
File Type: zip attach.zip (4.8 KB, 56 views)
File Type: zip ark.zip (2.2 KB, 58 views)
garquillo is offline  
Sponsored Links
Advertisement
 
Old 08-21-2013, 08:48 AM   #2
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please uninstall the following via Start->(or My Computer)->Control Panel->Add or Remove Programs if it still exists:

Coupon Printer for Windows<<Please read here

If you decide to uninstall it, also delete the following Folder if it still exists:

C:\Program Files\Coupons

------------------------------------------------------

Please uninstall the following via Start->(or My Computer)->Control Panel->Add or Remove Programs if it still exists:

MixiDJ V30 Toolbar<<Please read this

Also delete the following Folder if it still exists:

C:\Program Files\MixiDJ_V30

------------------------------------------------------

Please download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Delete
  • Once done it will ask to reboot, please allow the reboot.
  • On reboot, a log will be produced. It can also be found at C:\AdwCleaner[S#].txt
  • Please copy/paste the contents of the log in your next reply.
------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 08-21-2013, 03:15 PM   #3
Registered Member
 
Join Date: Dec 2010
Location: Ohio
Posts: 41
OS: windows 8.1


Red Faced

here is the Adwcleaner log. I hope this is what you need. The program did not ask me to rebooot, although I did it anyway. The log was created before rebooting. I added another file that was in my documents folder that you may need also. It is below the purple text below.

Thank you for any help.


# AdwCleaner v3.000 - Report created21/08/2013at17:50:23
# Updated 13/08/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Gerry - DESKTOP
# Running from : C:\Documents and Settings\Gerry\My Documents\Downloads\adwcleaner.exe

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Documents and Settings\Gerry\Local Settings\Application Data\MixiDJ_V30
Folder Deleted : C:\DOCUME~1\Gerry\LOCALS~1\Temp\CT3298566
Folder Deleted : C:\Documents and Settings\Gerry\Application Data\DSite
Folder Deleted : C:\Documents and Settings\Gerry\Application Data\Mozilla\Firefox\Profiles\03qrfe5i.default\CT3298566

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0D500EE2-498F-4872-BEC1-4ED6657731F0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4325790B-3A30-4877-A3F1-7DD576B1B433}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8AAA1A4A-16B3-41EF-8903-5B136519976E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1122B43D-30EE-403F-9BFA-3CC99B0CADDD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1122B43D-30EE-403F-9BFA-3CC99B0CADDD}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1122B43D-30EE-403F-9BFA-3CC99B0CADDD}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1122B43D-30EE-403F-9BFA-3CC99B0CADDD}]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6c97a91e-4524-4019-86af-2aa2d567bf5c}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298566
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DAA6D527-6513-453E-A4E6-DA2BFA6C7A75}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DAA6D527-6513-453E-A4E6-DA2BFA6C7A75}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\MixiDJ_V30
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\MixiDJ_V30
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MixiDJ_V30 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\adawaretb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MixiDJ_V30 Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] - hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
Setting Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

-\\ Mozilla Firefox v23.0.1 (en-US)

Folder Deleted : C:\Documents and Settings\Gerry\Application Data\Mozilla\Firefox\Profiles\03qrfe5i.default\Extensions\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}
File Deleted : C:\Documents and Settings\Gerry\Application Data\Mozilla\Firefox\Profiles\03qrfe5i.default\Extensions\[email protected]

[ File : C:\Documents and Settings\Gerry\Application Data\Mozilla\Firefox\Profiles\03qrfe5i.default\prefs.js ]

Line Deleted : user_pref("CT3298566.FF19Solved", "true");
Line Deleted : user_pref("CT3298566.UserID", "UN36750579811403952");
Line Deleted : user_pref("CT3298566.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3298566.fullUserID", "UN36750579811403952.IN.20130809204214");
Line Deleted : user_pref("CT3298566.installDate", "09/08/2013 20:42:14");
Line Deleted : user_pref("CT3298566.installSessionId", "{65F6B793-1975-47BA-80C0-BC6D99716246}");
Line Deleted : user_pref("CT3298566.installSp", "TRUE");
Line Deleted : user_pref("CT3298566.installerVersion", "1.5.4.5");
Line Deleted : user_pref("CT3298566.keyword", "true");
Line Deleted : user_pref("CT3298566.originalHomepage", "hxxp://www.weather.com/weather/today/North+Ridgeville+OH+44[...]
Line Deleted : user_pref("CT3298566.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3298566.originalSearchEngine", "Bing");
Line Deleted : user_pref("CT3298566.originalSearchEngineName", "Bing");
Line Deleted : user_pref("CT3298566.searchRevert", "false");
Line Deleted : user_pref("CT3298566.searchUserMode", "2");
Line Deleted : user_pref("CT3298566.smartbar.homepage", "true");
Line Deleted : user_pref("CT3298566.versionFromInstaller", "10.16.9.6");
Line Deleted : user_pref("CT3298566.xpeMode", "0");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3298566&octid=CT329856[...]
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "MixiDJ V30 Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&CUI[...]
Line Deleted : user_pref("dom.ipc.plugins.enabled.npmywebs.dll", false);
Line Deleted : user_pref("extensions.enabledAddons", "amznUWL2%40amazon.com:1.10,%7B195A3098-0BD5-4e90-AE22-BA1C540[...]
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{BBDA0591-3099-[...]
Line Deleted : user_pref("extentions.y2layers.installId", "a54599e4-f5cf-4e77-8733-93b786558b61");
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&SearchSource=2&CU[...]
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3298566");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3298566&CUI=UN367505798[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3298566");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3298566");
Line Deleted : user_pref("smartbar.machineId", "8WL1ADH7LXKEN2RANYUUFS44CVJKSJTP3RLMENI0JH25CZJFJBFUAY0ZNC91IVUWY+T[...]
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3298566&CUI=UN367505798114[...]

*************************

AdwCleaner[0].txt - [7052 octets] - [21/08/2013 17:50:23]

########## EOF - C:\AdwCleaner\AdwCleaner[0].txt - [7111 octets] ##########

Here is the other file that was in my documents folder

================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-06-19 13:26


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-06-25 22:18


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-06-25 23:39


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-07-11 13:41


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-07-11 15:38


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-07-16 11:02


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-07-17 18:56


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-07-23 16:24


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-07-30 11:09


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-08-12 20:10
[~] Preparing to execute queued commands
[~] Deleting file: C:\WINDOWS\CouponPrinter.ocx
[~] Finished processing queued commands


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-08-13 10:46


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-08-16 19:58


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-08-16 20:13


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-08-18 07:07


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-08-22 22:43


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-08-30 12:45


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-09-10 11:05


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-09-22 16:54


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-10-16 11:39


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-11-04 00:40


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-11-04 00:59


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-11-05 12:17


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-11-06 22:47


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-11-06 22:49


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-11-07 13:13


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-11-12 12:09


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-11-25 18:29


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-11-26 12:41


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-11-26 13:41


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-11-27 12:41


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-11-27 12:56


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-11-28 19:12


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-12-09 21:47


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-12-09 23:16


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-12-10 10:53


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-12-25 18:02


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2009-12-26 02:23


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-01-14 08:19


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-01-23 08:17


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-02-06 16:34


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-02-07 21:46


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-02-07 21:57


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-02-07 22:30


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-02-11 12:24


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-02-24 17:33


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-03-10 12:45


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-03-13 12:54


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-03-24 23:47


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-04-01 11:10


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-04-13 21:48


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-04-15 10:48


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-05-12 12:06


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-05-31 23:02


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-06-06 10:34


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-06-08 20:38


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-06-10 10:55


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-06-16 11:56


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-06-23 19:26


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-06-27 22:42


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-07-03 20:09


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-07-09 19:14


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-07-09 20:06


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-07-16 12:12


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-07-20 21:22


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-07-21 14:00


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-07-21 21:32


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-07-23 10:24
[~] Preparing to execute queued commands
[~] Deleting file: C:\Documents and Settings\Gerry\Local Settings\Temp\772e0e8d.exe
[~] Finished processing queued commands


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-07-24 09:59


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-07-28 12:07


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-07-30 00:56


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-07-30 12:09
[~] Preparing to execute queued commands
[~] Deleting file: C:\Documents and Settings\Gerry\Local Settings\Temp\service.exe
[~] Finished processing queued commands


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-08-03 21:08


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-08-04 12:24


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-08-06 13:21


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-08-10 10:49
[~] Preparing to execute queued commands
[~] Deleting file: C:\Documents and Settings\Gerry\Local Settings\Temporary Internet Files\Content.IE5\ROLJ294G\exe_2[1].exe
[~] Finished processing queued commands


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-08-11 18:59


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-08-13 10:34


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-08-13 12:03


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-08-16 22:44


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-08-21 16:15


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-08-25 12:09
[~] Preparing to execute queued commands
[~] Deleting file: C:\Documents and Settings\Gerry\Local Settings\Temp\0.448485778511608.exe
[~] Finished processing queued commands


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-08-29 13:17


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-09-02 09:49


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-09-07 11:20


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-09-07 21:07


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-09-08 13:49


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-09-18 10:40


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-09-21 10:54


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-09-24 15:28


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-05 20:32


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-05 21:00


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-08 13:19


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-10 13:22


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-11 10:50


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-12 11:03


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-16 12:40


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-18 23:04


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-19 00:32


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-19 00:56


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-19 10:38


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-19 10:48


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-19 23:07


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-19 23:21


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-19 23:41


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-20 00:11


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-20 00:28


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-20 00:34


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-20 12:21


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-22 11:48


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-27 21:04


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-28 09:54


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-29 11:20


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-29 13:17


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-29 13:48


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-29 13:53


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-29 19:46


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-29 21:40


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-29 21:51


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-29 21:53


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-29 21:56


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-10-30 22:30
[~] Preparing to execute queued commands
[~] Deleting file: C:\Documents and Settings\Gerry\Local Settings\Temp\dwm.exe
[~] Deleting file: c:\windows\temp\dwm.exe
[~] Finished processing queued commands


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-11-12 22:27


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-12-09 13:45


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-12-11 20:44


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-12-22 12:48


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-12-25 02:14


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-12-26 20:05


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-12-27 11:40


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-12-27 18:44


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-12-28 23:09


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2010-12-29 11:40


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-01-01 13:26


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-01-04 00:37


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-01-04 11:49


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-01-05 23:23


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-01-05 23:35


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-01-12 16:44


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-01-12 18:09


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-01-12 18:25


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-02-09 12:50


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-02-16 19:57


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-02-18 02:15


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-02-28 11:54


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-03-05 12:09


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-03-05 12:30


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-03-17 10:50


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-03-23 11:16


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-03-27 18:09


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-03-27 18:18


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-03-27 20:19


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-04-15 11:59


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-04-15 22:53


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-04-16 11:13


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-04-28 17:46


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-05-10 21:56


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-05-25 23:19


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-05-29 23:18


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-05-29 23:30


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-06-16 10:47


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-06-29 11:28


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-07-13 09:51


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-07-13 12:27


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-07-22 11:53


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-07-27 00:29


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-08-10 23:50


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-09-01 10:54


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-09-11 20:53
[~] Preparing to execute queued commands
[~] Deleting file: C:\Program Files\Internet Explorer\stor.cfg
[~] Finished processing queued commands


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-09-14 11:36


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-09-16 11:41


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-09-16 23:44
[~] Preparing to execute queued commands
[~] Deleting file: C:\Program Files\Yontoo Layers Runtime\YontooIEClient_2.dll
[~] Finished processing queued commands


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-09-22 11:15


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-09-30 17:47


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-10-03 11:34


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-10-13 10:47


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-10-14 11:35


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-10-14 16:09


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-10-14 16:13


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-10-15 11:59


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-10-17 11:42


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-10-28 13:34


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-11-10 10:26


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-11-12 11:51


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-11-14 12:41


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-11-18 12:58


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-11-21 12:41


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-11-25 12:42


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-12-13 10:42


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-12-13 11:08


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-12-13 13:39


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-12-15 11:56


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-12-16 14:51


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-12-16 21:13


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-12-28 23:27


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-12-29 12:02


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2011-12-31 13:15


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-01-05 00:22


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-01-12 08:20


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-01-13 01:33


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-01-16 12:51


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-01-16 13:01


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-01-23 18:56


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-01-27 12:57


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-01-30 17:16


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-02-02 01:40


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-02-14 10:41


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-02-14 15:40


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-02-16 11:47


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-03-14 07:20


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-03-14 10:46


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-03-15 10:48


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-04-12 09:53


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-04-18 11:45


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-05-10 10:36


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-05-22 12:12


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-05-22 20:34


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-06-04 10:34


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-06-09 22:29


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-06-14 01:35


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-06-16 16:13


================================================================================
Boot Cleaner
================================================================================
[~] Cleaning started at 2012-07-11 00:16
garquillo is offline  
Sponsored Links
Advertisement
 
Old 08-21-2013, 03:37 PM   #4
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello Gerry.

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

If there are any personal files, pics, etc. on your computer you cannot live without, back them up now just as a precaution.

Emergency Backup Procedure - Tech Support Forum

------------------------------------------------------

Please download ComboFix and Save it to your Desktop.

**Note: It is important that it is saved directly to your desktop**

Disable all antivirus and antispyware programs. Get help here

Double-click ComboFix.exe and follow the prompts to run it.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
  • With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.
  • It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console.
  • When prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.




ComboFix will now automatically install the Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Windows Recovery Console option when you start your computer unless requested to by a helper.

Once the Recovery Console is installed, this blue window will appear:


  • Please click Yes to continue scanning for malware.
  • Your desktop may go blank. This is normal. It will return when ComboFix is done.
  • ComboFix may reboot your machine. This is normal. For some infections, it may do this multiple times.
  • When the tool is finished, it will produce a log for you.

Please post that log, C:\ComboFix.txt, in your next reply.

Please re-enable your antivirus before posting the ComboFix.txt log.

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 08-21-2013, 06:17 PM   #5
Registered Member
 
Join Date: Dec 2010
Location: Ohio
Posts: 41
OS: windows 8.1



Here is the ComboFix log, let me know what's next. I'm off-line until about 6am. I'll check in then.

Goodnite and thanks again,
Gerry

ComboFix 13-08-21.01 - Gerry 08/21/2013 20:56:11.7.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1049 [GMT -4:00]
Running from: c:\documents and settings\Gerry\Desktop\ComboFix.exe
AV: Norton AntiVirus *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Application Data\TEMP\RAIDTest
c:\documents and settings\Gerry\Local Settings\Application Data\BcsKtYcHW.dll
c:\documents and settings\Gerry\Recent\Thumbs.db
.
.
((((((((((((((((((((((((( Files Created from 2013-07-22 to 2013-08-22 )))))))))))))))))))))))))))))))
.
.
2013-08-10 00:42 . 2013-05-08 06:10 770384 ----a-w- c:\windows\system32\msvcr100.dll
2013-08-10 00:42 . 2013-05-08 06:10 421200 ----a-w- c:\windows\system32\msvcp100.dll
2013-08-03 12:38 . 2013-08-03 12:38 45056 ----a-r- c:\documents and settings\Gerry\Application Data\Microsoft\Installer\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}\UNINST_Uninstall_C_EBD1846850A64C858760A659B987DCFF.exe
2013-08-03 12:38 . 2013-08-03 12:38 45056 ----a-r- c:\documents and settings\Gerry\Application Data\Microsoft\Installer\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}\ARPPRODUCTICON.exe
2013-08-03 12:38 . 2013-08-03 12:38 -------- d-----w- c:\documents and settings\Gerry\Application Data\Catalina Print Savings
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-21 10:22 . 2012-04-12 10:00 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-21 10:22 . 2011-06-16 11:19 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-26 02:47 . 2006-03-04 03:33 920064 ----a-w- c:\windows\system32\wininet.dll
2013-07-26 02:47 . 2004-08-04 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-07-26 02:47 . 2004-08-04 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-07-25 15:52 . 2004-08-04 10:00 385024 ----a-w- c:\windows\system32\html.iec
2013-07-10 10:37 . 2004-08-04 10:00 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 03:03 . 2005-03-30 01:21 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-04 02:08 . 2005-03-30 01:01 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-13 01:48 . 2012-06-17 18:59 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-06-13 01:48 . 2011-10-15 14:59 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-13 01:48 . 2013-06-20 10:29 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-13 01:35 . 2013-06-20 10:29 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-06-04 07:23 . 2004-08-04 10:00 562688 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 01:40 . 2004-08-04 10:00 1876736 ----a-w- c:\windows\system32\win32k.sys
2013-05-28 01:59 . 2004-08-04 10:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2013-05-28 00:41 . 2009-04-16 22:28 6144 ----a-w- c:\windows\system32\xpsp4res.dll
2009-06-10 14:04 . 2013-08-17 10:47 113504 ----a-w- c:\program files\mozilla firefox\components\FFConnectorLauncher.dll
2009-06-10 14:04 . 2013-08-17 10:47 234336 ----a-w- c:\program files\mozilla firefox\components\FFSource.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-26 16132608]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-30 155648]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ImageMixer 3 SE Camera Monitor Ver.4.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\ImageMixer 3 SE Camera Monitor Ver.4.lnk
backup=c:\windows\pss\ImageMixer 3 SE Camera Monitor Ver.4.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-12 02:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
2006-09-25 13:12 90112 -c--a-w- c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2006-03-22 01:30 1191936 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
2008-03-11 16:44 16384 -c--a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2006-03-21 17:19 69632 -c--a-w- c:\program files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
2008-02-26 14:57 128296 -c--a-w- c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 07:59 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-12 11:32 253816 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2006-10-19 00:05 204288 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD DX\\PowerDVD.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD DX\\PDVDDXSrv.exe"=
"c:\\Program Files\\Kyodai Mahjongg 2006\\kmj.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1207010.003\symds.sys [4/3/2012 6:02 PM 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1207010.003\symefa.sys [4/3/2012 6:02 PM 744568]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20130715.001\BHDrvx86.sys [7/16/2013 5:07 PM 1002072]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1207010.003\ironx86.sys [4/3/2012 6:02 PM 136312]
R2 NAV;Norton AntiVirus.;c:\program files\Norton AntiVirus\Engine\18.7.1.3\ccsvchst.exe [4/3/2012 6:01 PM 130008]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [8/21/2013 9:14 AM 106656]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20130820.001\IDSXpx86.sys [8/20/2013 6:23 PM 380832]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6/18/2008 11:54 AM 716272]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\Drivers\NAV\1008000.029\ccHPx86.sys --> c:\windows\system32\Drivers\NAV\1008000.029\ccHPx86.sys [?]
S1 MpKsl18f9b935;MpKsl18f9b935;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0249FE91-3DF2-438E-B52E-8DFF1E69F19B}\MpKsl18f9b935.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0249FE91-3DF2-438E-B52E-8DFF1E69F19B}\MpKsl18f9b935.sys [?]
S2 CSHelper;CopySafe Helper Service;c:\windows\system32\CSHelper.exe [2/20/2009 8:23 PM 266240]
S2 Norton AntiVirus;Norton AntiVirus;"c:\program files\Norton AntiVirus\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe" /s "Norton AntiVirus" /m "c:\program files\Norton AntiVirus\Norton AntiVirus\Engine\16.8.0.41\diMaster.dll" /prefetch:1 --> c:\program files\Norton AntiVirus\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe [?]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\Lavasoft\Ad-Aware\AAWService.exe" --> c:\program files\Lavasoft\Ad-Aware\AAWService.exe [?]
S3 vaxscsi;vaxscsi;c:\windows\system32\Drivers\vaxscsi.sys --> c:\windows\system32\Drivers\vaxscsi.sys [?]
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 10:23]
.
2013-08-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]
.
2013-08-21 c:\windows\Tasks\Norton Security Scan for Gerry.job
- c:\progra~1\NORTON~3\Engine\301~1.8\Nss.exe [2011-01-13 07:30]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
TCP: DhcpNameServer = 192.168.254.254 192.168.1.1
FF - ProfilePath - c:\documents and settings\Gerry\Application Data\Mozilla\Firefox\Profiles\03qrfe5i.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.weather.com/weather/today/North+Ridgeville+OH+44039:4:US
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-DSite - c:\documents and settings\Gerry\Application Data\DSite\UpdateProc\UpdateTask.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2013-08-21 21:07
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NAV]
"ImagePath"="\"c:\program files\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\18.7.1.3\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton AntiVirus]
"ImagePath"="\"c:\program files\Norton AntiVirus\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe\" /s \"Norton AntiVirus\" /m \"c:\program files\Norton AntiVirus\Norton AntiVirus\Engine\16.8.0.41\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3952987630-3848762379-3781540108-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:3b,d0,96,71,f5,d1,03,49,3a,03,4e,d9,c4,35,c2,a2,9d,49,3d,7b,f0,90,a6,
30,05,7d,b0,f0,39,80,f6,a3,e3,66,c5,2c,54,db,d9,c8,c7,c3,6f,d7,0d,27,78,fb,\
"??"=hex:72,27,8c,3b,49,c3,98,be,08,e7,45,a9,b8,cb,02,7c
.
[HKEY_USERS\S-1-5-21-3952987630-3848762379-3781540108-1006\Software\SecuROM\License information*]
"datasecu"=hex:30,96,8b,a1,33,a2,51,52,77,dd,a1,06,af,59,65,d9,57,54,02,60,a4,
b8,73,b1,a0,ca,52,9a,ed,0b,cf,4a,41,3f,f1,b2,89,08,22,a8,3e,13,a8,aa,30,94,\
"rkeysecu"=hex:ce,d1,f1,0d,75,75,77,5c,1c,05,81,56,31,01,1c,1a
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1008)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2013-08-21 21:12:10
ComboFix-quarantined-files.txt 2013-08-22 01:11
ComboFix2.txt 2012-11-07 11:59
.
Pre-Run: 3,326,169,088 bytes free
Post-Run: 3,551,911,936 bytes free
.
- - End Of File - - F06597FB2A429EB9EEE79018737A4C62
8F558EB6672622401DA993E1E865C861
garquillo is offline  
Old 08-21-2013, 06:56 PM   #6
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, Gerry. Please tell us how your system is behaving.

------------------------------------------------------

Go Start > Run and copy/paste the following single-line command into the Run box and click OK:

sc delete MpKsl18f9b935

A DOS window will open and close again, this is normal.

------------------------------------------------------
  • Launch Malwarebytes' Anti-Malware
  • Under the Update tab, click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad and you may be prompted to Restart your computer.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy/Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


------------------------------------------------------

Please run this online scan to help look for remnants. Ensure your external and/or USB drives are inserted during the scan.

Go here and click 'ESET Online Scanner'.
  • If you are not using Internet Explorer, double-click esetsmartinstaller_enu.exe to install it, then click 'Run'.
  • Turn off the real-time scanner of any existing antivirus program while performing the online scan.
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • If using Internet Explorer, allow the ActiveX control to install when asked.
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Next to 'Current scan targets: Operating memory, Local drives', click the Change.. button.
  • Tick all the boxes that correspond to your external/inserted drives.
  • Click Start
  • Wait for the scan to finish, then click 'Finish'.
  • Use Notepad to open the logfile located at C:\Program Files\Eset\Eset Online Scanner\log.txt
  • Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
  • Copy/paste that log as a reply to this topic.
------------------------------------------------------

Please post the following in your next reply:

MBAM log
ESET report
report on system behavior
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 08-22-2013, 03:46 PM   #7
Registered Member
 
Join Date: Dec 2010
Location: Ohio
Posts: 41
OS: windows 8.1


Smile

The system seems to be a bit faster than before, hopefully it will continue.
Here are the logs you requested.
Let me know what's next.

[email protected] as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=41e833b36d85c74596d1bc5b249cad83
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-11-07 01:09:02
# local_time=2012-11-06 08:09:02 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1797 16774142 0 6 64631112 87841206 0 0
# compatibility_mode=3587 16777190 100 75 16576684 170315608 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=87973
# found=3
# cleaned=0
# scan_time=2721
C:\Documents and Settings\Gerry\Application Data\Mozilla\Firefox\Profiles\03qrfe5i.default\user.js JS/SecurityDisabler.A.Gen application (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Gerry\Application Data\Mozilla\Firefox\Profiles\03qrfe5i.default\extensions\[email protected]\content\overlay.js Win32/Adware.Yontoo application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\RealArcade\Installer\bin\OCSetupHlp.dll Win32/OpenCandy application (unable to clean) 00000000000000000000000000000000 I
[email protected] as downloader log:
Can not read file from [email protected] as downloader log:
Can not read file from internet.# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=41e833b36d85c74596d1bc5b249cad83
# engine=12447
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-08-22 01:42:53
# local_time=2013-08-22 09:42:53 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=2047 16777215 0 0 0 0 0 0
# compatibility_mode=3587 16777214 100 75 10613616 195246759 0 0
# scanned=106184
# found=5
# cleaned=0
# scan_time=9375
sh=CD50003C929596F318926D38BB7CF48FA726E465 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinDownloadergen5.zip"
sh=0D7A08C88ED3C217C217DD0D7FCB80A9BCB6B28E ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinDownloadergen6.zip"
sh=5C3B558DA6D82DFF69ECA7B1F1E0D91558199E10 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinDownloadergen7.zip"
sh=15D99A422074D962D05E1DAAC0B7D8929D311CE0 ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinDownloadergen8.zip"
sh=DBB0F8C710F7E8B7DF134ADE7D90697D9A5DD2AE ft=0 fh=0000000000000000 vn="Win32/Bagle.gen.zip worm" ac=I fn="C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinDownloadergen9.zip"

Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free anti-malware download

Database version: v2013.08.22.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Gerry :: DESKTOP [administrator]

8/22/2013 6:15:17 AM
mbam-log-2013-08-22 (06-15-17).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 284858
Time elapsed: 20 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
garquillo is offline  
Old 08-22-2013, 05:22 PM   #8
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, Gerry.

Open Notepad and copy/paste the entire contents of the codebox below into Notepad:

Code:
@echo off
if exist "%temp%\log.txt" del "%temp%\log.txt"

for %%g in (

"C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinDownloadergen5.zip"
"C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinDownloadergen6.zip"
"C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinDownloadergen7.zip"
"C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinDownloadergen8.zip"
"C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WinDownloadergen9.zip"

) do (
del /a/f/q %%g >nul 2>&1
if exist %%g echo.%%~g>>"%temp%\log.txt"
)


if exist "%temp%\log.txt" ( start notepad "%temp%\log.txt"
) else echo.Deleted Successfully !!

pause
del %0
Save this Notepad file as fix.bat and choose to Save as type: - All Files to your desktop then close the Notepad file.
It should look like this:

Double-click on fix.bat to run it.

Tell me what it says in your next reply. Press any key to continue.

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 08-22-2013, 05:33 PM   #9
Registered Member
 
Join Date: Dec 2010
Location: Ohio
Posts: 41
OS: windows 8.1



The little black box says:
Deleted successfully !!
Press any key to continue.
garquillo is offline  
Old 08-22-2013, 06:30 PM   #10
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Congratulations. Well done! Your logs appear clean. You should be good to go.

Please disable Norton before uninstalling ComboFix and then re-enable it after doing so.

Go to Start >> Run and Copy/Paste the following single-line command into the Run box and click OK:

combofix /uninstall

This will uninstall ComboFix and delete ComboFix's quarantine folder. It will also implement some cleanup procedures, remove old System Restore Points which contain previous infections, and create a fresh, clean System Restore Point.

Please re-enable your antivirus program and any other antispyware programs disabled earlier if you haven't already.
  • Run AdwCleaner and select Uninstall
  • Confirm by clicking Yes
------------------------------------------------------

You can safely delete any tools downloaded or any logs, files, and any shortcuts on your desktop that were created during this fix.

Empty your Recycle Bin if it does not do so automatically.

------------------------------------------------------

MICROSOFT UPDATES
It is very important that you get all of the critical updates for your Operating System and Internet Explorer. Keeping your OS and browser up to date will help make you less susceptible to attacks by Trojans and viruses. Please go to Microsoft and download all the critical updates to help prevent possible re-infection.

Also, support is ending for some versions of Windows > Support is ending for Windows XP - Microsoft Windows Help

------------------------------------------------------

Make sure all your applications and browsers are up-to-date by visiting Secunia Online Software Inspector here:

Free Online Computer Scan - Online Software Inspector (OSI) - Secunia
  • Click 'Start Scanner'
  • Wait for Status/Currently Processing: at the lower left to say 'Java Applet loaded successfully. Press "Start" to begin.'
  • Click 'Start'.
  • The scan should take less than a minute or so.
  • When done, download and install all the recommended updates.
  • This will help ensure the malware writers cannot use exploits(bugs) in older versions of your applications to infect your computer in the future.
------------------------------------------------------

Important

Due to continued exploits of zero-day vulnerabilities in Oracle's Java application, it is the recommendation of many security experts, as well as the TSF Security Team, that you disable Java in your web browsers.

Java

US-CERT Alert TA13-010A - Oracle Java 7 Security Manager Bypass Vulnerability

We recommend disabling Java in your browsers, and enabling it only when needed by certain websites.

Please disable Java in your browser(s) by following these instructions:

How do I disable Java in my web browser?

If none of your websites(banks, online games, OpenOffice, etc.) use Java, you can uninstall it via your Control Panel:

How do I uninstall Java on my Windows computer?

------------------------------------------------------

SPYWARE PREVENTION
In light of your recent problem, I'm sure you'd like to avoid any future infections. Please read this well written article: To help protect your computer in the future I recommend that you get the following free programs if you do not already have them:
  • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
    • Green to go
    • Yellow for caution
    • Red to stop
    WOT has an add-on available for IE, Firefox, and Chrome.
  • MVPS HOSTS FILE replaces your current HOSTS file with one that will restrict known ad sites from serving you unsolicited advertisements. It basically prevents your computer from connecting to those sites by redirecting the attempted connections to 127.0.0.1, which is the IP of your local computer. See guide here and for Windows Vista here
    • Download Host.zip and Save it to your Desktop.
    • Right-click hosts.zip and select 'Extract all files' or 'Extract files...'.
    • Follow the prompts and click 'Finish'.
    • This will open the newly created hosts folder on your Desktop.
    • Double-click on the included mvps.bat file, this will rename the existing HOSTS file to HOSTS.MVP, then it will copy the included updated HOSTS file to the correct location on your machine.
    • Once updated you should see another prompt that the task was completed.
Keep your antivirus program and antispyware programs updated and scan with them on a regular basis.

Please respond to this thread one more time so we can mark this thread as resolved.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 08-23-2013, 04:36 AM   #11
Registered Member
 
Join Date: Dec 2010
Location: Ohio
Posts: 41
OS: windows 8.1



I uninstalled combfix and AdwCleaner, I fixed it so Java has to ask to run. I did the MVPS HOSTS FILE thing also.
I tried to run the Secunia scanner in the lower left corner it says:
There might be problems loading the Java Applet in your browser.
I clicked start and the program seems to be scanning but it has been running for at least an hour and nothing has happened.
Is there something else I need to do?
Thanks,

Gerry
garquillo is offline  
Old 08-23-2013, 04:39 AM   #12
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Did you enable Java before running Secunia? You must wait for the Java applet to load before clicking Start in Secunia.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 08-23-2013, 07:25 AM   #13
Registered Member
 
Join Date: Dec 2010
Location: Ohio
Posts: 41
OS: windows 8.1



Sorry I can't remember if I did or not. How do I enable Java, is there an easy way?
garquillo is offline  
Old 08-23-2013, 07:37 AM   #14
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Go Start > Control Panel > Java icon(coffee cup) > Security then check 'Enable Java content in the browser' > OK.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 08-23-2013, 05:11 PM   #15
Registered Member
 
Join Date: Dec 2010
Location: Ohio
Posts: 41
OS: windows 8.1


Cry

I enabled the Java in my browser and once again I tried to run the Secunia scanner, but it still has this in the lower left corner:
There might be problems loading the Java Applet in your browser.
I tried it on both Explorer and Firefox and the same thing happens.
What's next?
garquillo is offline  
Old 08-23-2013, 06:15 PM   #16
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



How long are you waiting? It will try to load the applet 50 times before stopping. If it still won't work, it's nothing to worry about really.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 08-24-2013, 03:11 AM   #17
Registered Member
 
Join Date: Dec 2010
Location: Ohio
Posts: 41
OS: windows 8.1



It tried the 50 times and still could not load. If you think it's not important then that's okay with me.
Is there anything else that needs done?
The computer seems to be running much better.
Thanks,
Gerry
garquillo is offline  
Old 08-24-2013, 02:36 PM   #18
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, Gerry. You're very welcome.

Try Secunia after running Temp File Cleaner. If it still won't work, you should be good to go.

Please download Temp File Cleaner and save it to your desktop.
  • Save any unsaved work. TFC will close all open application windows.
  • Double-click TFC.exe to run it then click 'Run' then 'Start'.
  • Your desktop will disappear, this is normal, it will return.
  • If prompted, click "Yes" to reboot.
------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 08-24-2013, 05:07 PM   #19
Registered Member
 
Join Date: Dec 2010
Location: Ohio
Posts: 41
OS: windows 8.1


Grin

I ran the TFC program and it still says the same thing after 50 tries.
If you think I am good to go then I just need to say thank you so much, you guys are great.
Hopefully I won't be back soon.
Gerry
garquillo is offline  
Old 08-24-2013, 05:40 PM   #20
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



You're very welcome, Gerry! Glad to have helped.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
CPU at 100% most of the time.
Hi guys, Lately I have been having a problem with my PC. On several occasions my PC has slowed right down and virtually ground to a halt. When I've checked it with Task Manager, it shows that the processor is running at 100%, and that there are over 40 processes running at once. This can happen...
Hairymartin1966 Resolved HJT Threads 35 08-09-2013 11:33 AM
BING Bubbles everywhere! CONDUIT?
Help these stupid Bing Bubbles appear on every image that comes up on the web. It's very annoying as I have to click images in fear below the bubble so i wont take the BING link. How can I remove this pest! I've tried many things but Cant seem to remove this! It has attacked all my web browsers EI,...
Gween Resolved HJT Threads 16 08-02-2013 07:17 AM
[SOLVED] VGRABBER
After posting this subject in the main Forum, I followed MasterchiefXX17 instructions which I will attached the results here. Basically I first notice Vgrabber v1.5 Toolbar in my uninstall list which I was unable to remove. When I searched for Vgrabber it cannot be found but I just noticed it is...
loftytopp Virus/Trojan/Spyware Help 6 06-30-2013 05:28 AM
Please check my post for daveh41
https://www.techsupportforum.com/forums/f50/security-center-problem-665579.html I am using Windows 7 64-bit and Opera browser which does not seem affected, however Chrome browser constantly redirects to ads after first item. have not tested IE or Firefox windows security center keeps turning...
Nistlerooy Resolved Back Me Up Threads 35 09-22-2012 05:21 AM
no internet access after virus
recently had win 7 2012 virus, removed virus, now cannot connect to any internet. troubleshooting states can not detect networks proxy settings. i dont know what any of following report means, but thought it might help. Farbar Service Scanner Ran by haley (administrator) on 09-01-2012...
cody7880 Resolved HJT Threads 65 01-18-2012 10:32 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 11:48 AM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts