Dear Dr. Inferno,
I bow to your greatness. I plead for your assistance. I accidentally downloaded some fkd up program and now my internet protocols are being blocked and there are rogue search bar type programs programs turning up. I have run adw, Malware, etc but the program seems to dodge these and replicate itself after startup. I am posting logs below. Please help!
# AdwCleaner v3.212 - Report created 07/06/2014 at 09:32:45
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Anthony X - ANTHONYX
# Running from : C:\Users\Anthony X\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrowserSafeguard
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\uTorrentControl_v6
Folder Deleted : C:\Users\Anthony X\AppData\Local\BrowserSafeguard
Folder Deleted : C:\Users\Anthony X\AppData\Local\Conduit
Folder Deleted : C:\Users\Anthony X\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\ANTHON~1\AppData\Local\Temp\CT3289847
Folder Deleted : C:\Users\ANTHON~1\AppData\Local\Temp\CT3289075
Folder Deleted : C:\Users\Anthony X\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Anthony X\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Anthony X\AppData\LocalLow\uTorrentControl_v6
Folder Deleted : C:\Users\Anthony X\AppData\Roaming\Mozilla\Firefox\Profiles\rxw6nnwi.default\CT3289847
Folder Deleted : C:\Users\Anthony X\AppData\Roaming\Mozilla\Firefox\Profiles\rxw6nnwi.default\CT3289075
Folder Deleted : C:\Users\Anthony X\AppData\Roaming\Mozilla\Firefox\Profiles\rxw6nnwi.default\Extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
Folder Deleted : C:\Users\Anthony X\AppData\Roaming\Mozilla\Firefox\Profiles\rxw6nnwi.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla Firefox\nsprotector.js
File Deleted : C:\Users\Anthony X\AppData\Roaming\Mozilla\Firefox\Profiles\rxw6nnwi.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Anthony X\AppData\Roaming\Mozilla\Firefox\Profiles\rxw6nnwi.default\searchplugins\trovi-search.xml
File Deleted : C:\Windows\System32\Tasks\BrowserSafeguard Update Task
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289075
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD90659F-D5B2-4104-9504-7CA36E6532DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CD90659F-D5B2-4104-9504-7CA36E6532DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BDD9801-C928-47A3-89A6-D1D010274FF7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07308663-E77A-4B70-8684-08260BDE1BC1}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v6
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\uTorrentControl_v6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v6 Toolbar
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v13.0.1 (en-US)
[ File : C:\Users\Anthony X\AppData\Roaming\Mozilla\Firefox\Profiles\rxw6nnwi.default\prefs.js ]
Line Deleted : user_pref("CT3289075.FF19Solved", "true");
Line Deleted : user_pref("CT3289075.UserID", "UN22667055591281762");
Line Deleted : user_pref("CT3289075.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3289075.fullUserID", "UN22667055591281762.IN.20130803160714");
Line Deleted : user_pref("CT3289075.installDate", "03/08/2013 16:07:14");
Line Deleted : user_pref("CT3289075.installSessionId", "-1");
Line Deleted : user_pref("CT3289075.installSp", "TRUE");
Line Deleted : user_pref("CT3289075.installerVersion", "1.5.4.4");
Line Deleted : user_pref("CT3289075.keyword", "true");
Line Deleted : user_pref("CT3289075.originalHomepage", "hxxp://www.yahoo.com/");
Line Deleted : user_pref("CT3289075.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3289075.originalSearchEngine", "");
Line Deleted : user_pref("CT3289075.originalSearchEngineName", "");
Line Deleted : user_pref("CT3289075.searchRevert", "FALSE");
Line Deleted : user_pref("CT3289075.searchUserMode", "2");
Line Deleted : user_pref("CT3289075.smartbar.homepage", "true");
Line Deleted : user_pref("CT3289075.versionFromInstaller", "10.16.70.7");
Line Deleted : user_pref("CT3289075.xpeMode", "0");
Line Deleted : user_pref("CT3289847.FF19Solved", "true");
Line Deleted : user_pref("CT3289847.UserID", "UN20871659092384527");
Line Deleted : user_pref("CT3289847.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3289847.fullUserID", "UN20871659092384527.IN.20130820092119");
Line Deleted : user_pref("CT3289847.installDate", "20/08/2013 09:21:19");
Line Deleted : user_pref("CT3289847.installSessionId", "{FFCDBAF7-643B-41BD-A6BA-43AA84021BA3}");
Line Deleted : user_pref("CT3289847.installSp", "false");
Line Deleted : user_pref("CT3289847.installerVersion", "1.5.4.5");
Line Deleted : user_pref("CT3289847.keyword", "true");
Line Deleted : user_pref("CT3289847.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3289075&CUI=UN22667055591281762&UM=2&SearchSource=13&sspv=SSPV_AB_FF_2");
Line Deleted : user_pref("CT3289847.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289075&SearchSource=2&CUI=UN22667055591281762&UM=2&sspv=SSPV_AB_FF_2&q=");
Line Deleted : user_pref("CT3289847.originalSearchEngine", "uTorrentControl_v6 Customized Web Search");
Line Deleted : user_pref("CT3289847.originalSearchEngineName", "uTorrentControl_v6 Customized Web Search");
Line Deleted : user_pref("CT3289847.searchRevert", "true");
Line Deleted : user_pref("CT3289847.searchUserMode", "2");
Line Deleted : user_pref("CT3289847.smartbar.homepage", "true");
Line Deleted : user_pref("CT3289847.versionFromInstaller", "10.16.9.6");
Line Deleted : user_pref("CT3289847.xpeMode", "0");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289075&SearchSource=2&CUI=UN22667055591281762&UM=2&sspv=SSPV_AB_FF_2&q=");
Line Deleted : user_pref("browser.search.defaultenginename", "WhiteSmoke New Customized Web Search");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke New Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI=UN20871659092384527&UM=2&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("browser.search.selectedEngine", "WhiteSmoke New Customized Web Search");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN20871659092384527&UM=2&SearchSource=13");
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN20871659092384527&UM=2&q=");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3289847");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3289075&CUI=UN22667055591281762&UM=2&SearchSource=13&sspv=SSPV_AB_FF_2,hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN2087[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289075&SearchSource=2&CUI=UN22667055591281762&UM=2&sspv=SSPV_AB_FF_2&q=,hxxp://search.conduit.com/R[...]
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3289847");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3289847");
Line Deleted : user_pref("smartbar.machineId", "KRB2TSNBD5EBMC7Y5DEORACV5RN7Q0MMEO1O5ALWK5WZNKO5XDNZMSERDW0OCLDCDLZDMCII67BODXV/2CWDUG");
*************************
AdwCleaner[R0].txt - [10194 octets] - [07/06/2014 09:13:39]
AdwCleaner[S0].txt - [10246 octets] - [07/06/2014 09:32:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10307 octets] ##########
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2014.06.07.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17107
Anthony X :: ANTHONYX [administrator]
6/7/2014 10:02:51 AM
mbam-log-2014-06-07 (10-02-51).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 527705
Time elapsed: 2 hour(s), 36 minute(s), 8 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKLM\SOFTWARE\BROWSERSAFEGUARD (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
Registry Values Detected: 1
HKLM\SOFTWARE\Browsersafeguard|sourceid (PUP.Optional.BrowserSafeGuard.A) -> Data: google_zoomdownloadmngr-display-US-728x90-23609154882 -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Results of screen317's Security Check version 0.99.83
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Adobe Flash Player 13.0.0.214
Adobe Reader 10.1.10 Adobe Reader out of Date!
Mozilla Firefox 13.0.1 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
AVAST Software Avast afwServ.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
I bow to your greatness. I plead for your assistance. I accidentally downloaded some fkd up program and now my internet protocols are being blocked and there are rogue search bar type programs programs turning up. I have run adw, Malware, etc but the program seems to dodge these and replicate itself after startup. I am posting logs below. Please help!
# AdwCleaner v3.212 - Report created 07/06/2014 at 09:32:45
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Anthony X - ANTHONYX
# Running from : C:\Users\Anthony X\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrowserSafeguard
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\uTorrentControl_v6
Folder Deleted : C:\Users\Anthony X\AppData\Local\BrowserSafeguard
Folder Deleted : C:\Users\Anthony X\AppData\Local\Conduit
Folder Deleted : C:\Users\Anthony X\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\ANTHON~1\AppData\Local\Temp\CT3289847
Folder Deleted : C:\Users\ANTHON~1\AppData\Local\Temp\CT3289075
Folder Deleted : C:\Users\Anthony X\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Anthony X\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Anthony X\AppData\LocalLow\uTorrentControl_v6
Folder Deleted : C:\Users\Anthony X\AppData\Roaming\Mozilla\Firefox\Profiles\rxw6nnwi.default\CT3289847
Folder Deleted : C:\Users\Anthony X\AppData\Roaming\Mozilla\Firefox\Profiles\rxw6nnwi.default\CT3289075
Folder Deleted : C:\Users\Anthony X\AppData\Roaming\Mozilla\Firefox\Profiles\rxw6nnwi.default\Extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
Folder Deleted : C:\Users\Anthony X\AppData\Roaming\Mozilla\Firefox\Profiles\rxw6nnwi.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla Firefox\nsprotector.js
File Deleted : C:\Users\Anthony X\AppData\Roaming\Mozilla\Firefox\Profiles\rxw6nnwi.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Anthony X\AppData\Roaming\Mozilla\Firefox\Profiles\rxw6nnwi.default\searchplugins\trovi-search.xml
File Deleted : C:\Windows\System32\Tasks\BrowserSafeguard Update Task
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289075
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD90659F-D5B2-4104-9504-7CA36E6532DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CD90659F-D5B2-4104-9504-7CA36E6532DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BDD9801-C928-47A3-89A6-D1D010274FF7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07308663-E77A-4B70-8684-08260BDE1BC1}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v6
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\uTorrentControl_v6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v6 Toolbar
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v13.0.1 (en-US)
[ File : C:\Users\Anthony X\AppData\Roaming\Mozilla\Firefox\Profiles\rxw6nnwi.default\prefs.js ]
Line Deleted : user_pref("CT3289075.FF19Solved", "true");
Line Deleted : user_pref("CT3289075.UserID", "UN22667055591281762");
Line Deleted : user_pref("CT3289075.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3289075.fullUserID", "UN22667055591281762.IN.20130803160714");
Line Deleted : user_pref("CT3289075.installDate", "03/08/2013 16:07:14");
Line Deleted : user_pref("CT3289075.installSessionId", "-1");
Line Deleted : user_pref("CT3289075.installSp", "TRUE");
Line Deleted : user_pref("CT3289075.installerVersion", "1.5.4.4");
Line Deleted : user_pref("CT3289075.keyword", "true");
Line Deleted : user_pref("CT3289075.originalHomepage", "hxxp://www.yahoo.com/");
Line Deleted : user_pref("CT3289075.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3289075.originalSearchEngine", "");
Line Deleted : user_pref("CT3289075.originalSearchEngineName", "");
Line Deleted : user_pref("CT3289075.searchRevert", "FALSE");
Line Deleted : user_pref("CT3289075.searchUserMode", "2");
Line Deleted : user_pref("CT3289075.smartbar.homepage", "true");
Line Deleted : user_pref("CT3289075.versionFromInstaller", "10.16.70.7");
Line Deleted : user_pref("CT3289075.xpeMode", "0");
Line Deleted : user_pref("CT3289847.FF19Solved", "true");
Line Deleted : user_pref("CT3289847.UserID", "UN20871659092384527");
Line Deleted : user_pref("CT3289847.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3289847.fullUserID", "UN20871659092384527.IN.20130820092119");
Line Deleted : user_pref("CT3289847.installDate", "20/08/2013 09:21:19");
Line Deleted : user_pref("CT3289847.installSessionId", "{FFCDBAF7-643B-41BD-A6BA-43AA84021BA3}");
Line Deleted : user_pref("CT3289847.installSp", "false");
Line Deleted : user_pref("CT3289847.installerVersion", "1.5.4.5");
Line Deleted : user_pref("CT3289847.keyword", "true");
Line Deleted : user_pref("CT3289847.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3289075&CUI=UN22667055591281762&UM=2&SearchSource=13&sspv=SSPV_AB_FF_2");
Line Deleted : user_pref("CT3289847.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289075&SearchSource=2&CUI=UN22667055591281762&UM=2&sspv=SSPV_AB_FF_2&q=");
Line Deleted : user_pref("CT3289847.originalSearchEngine", "uTorrentControl_v6 Customized Web Search");
Line Deleted : user_pref("CT3289847.originalSearchEngineName", "uTorrentControl_v6 Customized Web Search");
Line Deleted : user_pref("CT3289847.searchRevert", "true");
Line Deleted : user_pref("CT3289847.searchUserMode", "2");
Line Deleted : user_pref("CT3289847.smartbar.homepage", "true");
Line Deleted : user_pref("CT3289847.versionFromInstaller", "10.16.9.6");
Line Deleted : user_pref("CT3289847.xpeMode", "0");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289075&SearchSource=2&CUI=UN22667055591281762&UM=2&sspv=SSPV_AB_FF_2&q=");
Line Deleted : user_pref("browser.search.defaultenginename", "WhiteSmoke New Customized Web Search");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke New Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI=UN20871659092384527&UM=2&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("browser.search.selectedEngine", "WhiteSmoke New Customized Web Search");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN20871659092384527&UM=2&SearchSource=13");
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&SearchSource=2&CUI=UN20871659092384527&UM=2&q=");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3289847");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3289075&CUI=UN22667055591281762&UM=2&SearchSource=13&sspv=SSPV_AB_FF_2,hxxp://search.conduit.com/?ctid=CT3289847&CUI=UN2087[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289075&SearchSource=2&CUI=UN22667055591281762&UM=2&sspv=SSPV_AB_FF_2&q=,hxxp://search.conduit.com/R[...]
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3289847");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3289847");
Line Deleted : user_pref("smartbar.machineId", "KRB2TSNBD5EBMC7Y5DEORACV5RN7Q0MMEO1O5ALWK5WZNKO5XDNZMSERDW0OCLDCDLZDMCII67BODXV/2CWDUG");
*************************
AdwCleaner[R0].txt - [10194 octets] - [07/06/2014 09:13:39]
AdwCleaner[S0].txt - [10246 octets] - [07/06/2014 09:32:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10307 octets] ##########
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2014.06.07.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17107
Anthony X :: ANTHONYX [administrator]
6/7/2014 10:02:51 AM
mbam-log-2014-06-07 (10-02-51).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 527705
Time elapsed: 2 hour(s), 36 minute(s), 8 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKLM\SOFTWARE\BROWSERSAFEGUARD (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
Registry Values Detected: 1
HKLM\SOFTWARE\Browsersafeguard|sourceid (PUP.Optional.BrowserSafeGuard.A) -> Data: google_zoomdownloadmngr-display-US-728x90-23609154882 -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Results of screen317's Security Check version 0.99.83
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Adobe Flash Player 13.0.0.214
Adobe Reader 10.1.10 Adobe Reader out of Date!
Mozilla Firefox 13.0.1 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
AVAST Software Avast afwServ.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````