1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Virus problem - please help !

Discussion in 'Windows - Virus and spyware problems' started by dweb175, Feb 26, 2013.

  1. dweb175

    dweb175 Member

    Joined:
    Mar 29, 2011
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    16
    Thanks for posting all these programs and I'LL try to run them tonight after I come home from work because I don't have time now . I'll continue to try to look for that red folder as well .
     
  2. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    LMAO! It's NOT RED! it looks just like any other folders....

    These programs will take some time to run but, when finished you will be on the way to an exceptionally clean computer and you may learn enough that you can start your journey to approaching the rank of "Geek", a noble position LOL.

    Let me know when you finish and please post the Logs....

    2oG
     
  3. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,153
    Likes Received:
    134
    Trophy Points:
    143
    he is a novice.
     
  4. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    aaaah, who let that cat out of the bag?
     
  5. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,153
    Likes Received:
    134
    Trophy Points:
    143
    you did with the red highlites, you naughty boy!!!!
     
  6. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    Yeah, I know..... :(

    But some of those little tricks let me know where the edge of the learning curve is and where I must do a little patronizing... :)
     
  7. DADEO1

    DADEO1 Regular member

    Joined:
    Nov 19, 2004
    Messages:
    108
    Likes Received:
    0
    Trophy Points:
    26
    I've been following these posts as they could help me sometime down the road. I would like to commend 2oldGeek for his patience and assistance in helping this fellow.
    Well done sir.
     
  8. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    Thanks for the flowers, DADEO.

    After over 50 years working on computers and 3 heart attacks I try my best to stay as calm as possible.

    2oG
     
  9. dweb175

    dweb175 Member

    Joined:
    Mar 29, 2011
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    16
    Results of screen317's Security Check version 0.99.60
    Windows XP Service Pack 3 x86
    Internet Explorer 8
    ``````````````Antivirus/Firewall Check:``````````````
    avast! Free Antivirus
    ZoneAlarm Free Firewall
    ZoneAlarm Firewall
    ZoneAlarm LTD Toolbar
    ZoneAlarm Security
    `````````Anti-malware/Other Utilities Check:`````````
    Malwarebytes Anti-Malware version 1.70.0.1100
    CCleaner
    Adobe Flash Player 11.6.602.171
    ````````Process Check: objlist.exe by Laurent````````
    Malwarebytes Anti-Malware mbamservice.exe
    Malwarebytes Anti-Malware mbamgui.exe
    AVAST Software Avast AvastSvc.exe
    CheckPoint ZoneAlarm vsmon.exe
    CheckPoint ZoneAlarm zatray.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C:: 1%
    ````````````````````End of Log``````````````````````





    # AdwCleaner v2.113 - Logfile created 03/01/2013 at 23:14:06
    # Updated 23/02/2013 by Xplode
    # Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
    # User : Andy - YOUR-613C368C53
    # Boot Mode : Normal
    # Running from : C:\Documents and Settings\Andy\My Documents\Downloads\adwcleaner.exe
    # Option [Search]


    ***** [Services] *****


    ***** [Files / Folders] *****

    File Found : C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\djjsybuj.default\searchplugins\Askcom.xml
    File Found : C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\djjsybuj.default\searchplugins\funmoods.xml
    File Found : C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\djjsybuj.default\searchplugins\Search_Results.xml
    File Found : C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\djjsybuj.default\searchplugins\zonealarm.xml
    Folder Found : C:\DOCUME~1\Andy\LOCALS~1\Temp\boost_interprocess
    Folder Found : C:\Documents and Settings\All Users.WINDOWS\Application Data\APN
    Folder Found : C:\Documents and Settings\Andy\Application Data\Babylon
    Folder Found : C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\djjsybuj.default\ConduitCommon
    Folder Found : C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\djjsybuj.default\extensions\crossriderapp5060@crossrider.com
    Folder Found : C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\djjsybuj.default\FCTB
    Folder Found : C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\djjsybuj.default\jetpack
    Folder Found : C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\djjsybuj.default\Searchqutoolbar
    Folder Found : C:\Documents and Settings\Andy\Application Data\OpenCandy
    Folder Found : C:\Documents and Settings\Andy\Application Data\yourfiledownloader
    Folder Found : C:\Documents and Settings\Andy\Local Settings\Application Data\Babylon
    Folder Found : C:\Documents and Settings\Andy\Local Settings\Application Data\Conduit
    Folder Found : C:\Documents and Settings\Andy\Local Settings\Application Data\Ilivid Player
    Folder Found : C:\Documents and Settings\Andy\Start Menu\Programs\TornTV.com
    Folder Found : C:\Program Files\Conduit

    ***** [Registry] *****

    Key Found : HKCU\Software\1ClickDownload
    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\ConduitSearchScopes
    Key Found : HKCU\Software\DataMngr
    Key Found : HKCU\Software\IGearSettings
    Key Found : HKCU\Software\ilivid
    Key Found : HKCU\Software\IM
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB536AF2-E422-402D-B7FD-887297F1A198}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{520BD054-EEEE-487C-84E8-D5B2DFFE5C18}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB536AF2-E422-402D-B7FD-887297F1A198}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
    Key Found : HKCU\Software\PriceGong
    Key Found : HKCU\Software\Smart Suggestor
    Key Found : HKCU\Software\SmartBar
    Key Found : HKCU\Software\YourFileDownloader
    Key Found : HKLM\Software\AVG Secure Search
    Key Found : HKLM\Software\Babylon
    Key Found : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
    Key Found : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
    Key Found : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
    Key Found : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
    Key Found : HKLM\SOFTWARE\Classes\ilivid
    Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{E2C1A522-B8E1-45D1-B316-F5625004A28C}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
    Key Found : HKLM\SOFTWARE\Classes\Prod.cap
    Key Found : HKLM\SOFTWARE\Classes\QwiklinxBHO
    Key Found : HKLM\SOFTWARE\Classes\QwiklinxBHO.1
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{204C0025-C26A-43E2-853C-D8A8EB1BCE51}
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\Software\Default Tab
    Key Found : HKLM\Software\Freeze.com
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\demmlacpnijjgliknaehpamnnbncnodb
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
    Key Found : HKLM\Software\ilivid
    Key Found : HKLM\Software\Iminent
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Key Found : HKLM\Software\YourFileDownloader
    Key Found : HKU\S-1-5-21-299502267-261903793-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
    Key Found : HKU\S-1-5-21-299502267-261903793-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Key Found : HKU\S-1-5-21-299502267-261903793-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKU\S-1-5-21-299502267-261903793-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v8.0.6001.18702

    [OK] Registry is clean.

    -\\ Mozilla Firefox v [Unable to get version]

    File : C:\Documents and Settings\Andy\Application Data\Mozilla\Firefox\Profiles\djjsybuj.default\prefs.js

    Found : user_pref("CT2786678..clientLogIsEnabled", false);
    Found : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
    Found : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
    Found : user_pref("CT2786678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
    Found : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
    Found : user_pref("CT2786678.AppTrackingLastCheckTime", "Sat Jun 09 2012 21:57:14 GMT-0400 (Eastern Standard[...]
    Found : user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);
    Found : user_pref("CT2786678.CTID", "CT2786678");
    Found : user_pref("CT2786678.CurrentServerDate", "19-7-2012");
    Found : user_pref("CT2786678.DSInstall", false);
    Found : user_pref("CT2786678.DialogsAlignMode", "LTR");
    Found : user_pref("CT2786678.DialogsGetterLastCheckTime", "Wed Jul 18 2012 19:52:26 GMT-0400 (Eastern Standa[...]
    Found : user_pref("CT2786678.DownloadReferralCookieData", "");
    Found : user_pref("CT2786678.EMailNotifierPollDate", "Tue Jun 26 2012 22:11:34 GMT-0400 (Eastern Standard Ti[...]
    Found : user_pref("CT2786678.FeedLastCount5690698542593514850", 501);
    Found : user_pref("CT2786678.FeedPollDate2429156812186649977", "Tue Jun 26 2012 21:26:25 GMT-0400 (Eastern S[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813040823546", "Tue Jun 26 2012 21:26:24 GMT-0400 (Eastern S[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813130095866", "Tue Jun 26 2012 21:26:24 GMT-0400 (Eastern S[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813224203613", "Tue Jun 26 2012 21:26:24 GMT-0400 (Eastern S[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813230837251", "Tue Jun 26 2012 21:26:25 GMT-0400 (Eastern S[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813454291735", "Tue Jun 26 2012 21:26:24 GMT-0400 (Eastern S[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813729834876", "Tue Jun 26 2012 21:26:24 GMT-0400 (Eastern S[...]
    Found : user_pref("CT2786678.FeedPollDate2429156813860870021", "Tue Jun 26 2012 21:26:25 GMT-0400 (Eastern S[...]
    Found : user_pref("CT2786678.FeedPollDate2429156814264681793", "Tue Jun 26 2012 21:26:25 GMT-0400 (Eastern S[...]
    Found : user_pref("CT2786678.FeedPollDate2429156814863075366", "Tue Jun 26 2012 21:26:24 GMT-0400 (Eastern S[...]
    Found : user_pref("CT2786678.FeedPollDate2429156815257761081", "Tue Jun 26 2012 21:26:24 GMT-0400 (Eastern S[...]
    Found : user_pref("CT2786678.FeedTTL2429156813040823546", 15);
    Found : user_pref("CT2786678.FeedTTL2429156813130095866", 10);
    Found : user_pref("CT2786678.FeedTTL2429156813454291735", 5);
    Found : user_pref("CT2786678.FeedTTL2429156814264681793", 5);
    Found : user_pref("CT2786678.FirstServerDate", "15-1-2012");
    Found : user_pref("CT2786678.FirstTime", true);
    Found : user_pref("CT2786678.FirstTimeFF3", true);
    Found : user_pref("CT2786678.FixPageNotFoundErrors", true);
    Found : user_pref("CT2786678.GroupingServerCheckInterval", 1440);
    Found : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
    Found : user_pref("CT2786678.HPInstall", false);
    Found : user_pref("CT2786678.HasUserGlobalKeys", true);
    Found : user_pref("CT2786678.HomePageProtectorEnabled", false);
    Found : user_pref("CT2786678.HomepageBeforeUnload", "hxxp://www.google.com/");
    Found : user_pref("CT2786678.Initialize", true);
    Found : user_pref("CT2786678.InitializeCommonPrefs", true);
    Found : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);
    Found : user_pref("CT2786678.InstallationId", "ConduitXPEIntegration");
    Found : user_pref("CT2786678.InstallationType", "ConduitXPEIntegration");
    Found : user_pref("CT2786678.InstalledDate", "Sat Jan 14 2012 18:04:52 GMT-0500 (Eastern Standard Time)");
    Found : user_pref("CT2786678.IsAlertDBUpdated", true);
    Found : user_pref("CT2786678.IsGrouping", false);
    Found : user_pref("CT2786678.IsInitSetupIni", true);
    Found : user_pref("CT2786678.IsMulticommunity", false);
    Found : user_pref("CT2786678.IsOpenThankYouPage", true);
    Found : user_pref("CT2786678.IsOpenUninstallPage", false);
    Found : user_pref("CT2786678.LanguagePackLastCheckTime", "Tue Jul 17 2012 22:52:29 GMT-0400 (Eastern Standar[...]
    Found : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);
    Found : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
    Found : user_pref("CT2786678.LastLogin_3.10.0.1", "Wed Apr 18 2012 02:13:15 GMT-0400 (Eastern Standard Time)[...]
    Found : user_pref("CT2786678.LastLogin_3.12.0.7", "Tue Apr 24 2012 20:20:47 GMT-0400 (Eastern Standard Time)[...]
    Found : user_pref("CT2786678.LastLogin_3.12.2.3", "Thu May 31 2012 01:09:54 GMT-0400 (Eastern Standard Time)[...]
    Found : user_pref("CT2786678.LastLogin_3.13.0.6", "Mon Jul 16 2012 15:02:47 GMT-0400 (Eastern Standard Time)[...]
    Found : user_pref("CT2786678.LastLogin_3.14.1.0", "Wed Jul 18 2012 19:52:26 GMT-0400 (Eastern Standard Time)[...]
    Found : user_pref("CT2786678.LastLogin_3.8.1.0", "Sat Jan 14 2012 22:35:48 GMT-0500 (Eastern Standard Time)"[...]
    Found : user_pref("CT2786678.LastLogin_3.9.0.3", "Fri Mar 09 2012 07:41:18 GMT-0500 (Eastern Standard Time)"[...]
    Found : user_pref("CT2786678.LatestVersion", "3.13.0.6");
    Found : user_pref("CT2786678.Locale", "en");
    Found : user_pref("CT2786678.MCDetectTooltipHeight", "83");
    Found : user_pref("CT2786678.MCDetectTooltipShow", false);
    Found : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
    Found : user_pref("CT2786678.MCDetectTooltipWidth", "295");
    Found : user_pref("CT2786678.MyStuffEnabledAtInstallation", true);
    Found : user_pref("CT2786678.OriginalFirstVersion", "3.8.1.0");
    Found : user_pref("CT2786678.SHRINK_TOOLBAR", 1);
    Found : user_pref("CT2786678.SearchBoxWidth", 150);
    Found : user_pref("CT2786678.SearchCaption", "uTorrentBar Customized Web Search");
    Found : user_pref("CT2786678.SearchEngineBeforeUnload", "chrome://browser-region/locale/region.properties");
    Found : user_pref("CT2786678.SearchFromAddressBarIsInit", true);
    Found : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...]
    Found : user_pref("CT2786678.SearchInNewTabEnabled", true);
    Found : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);
    Found : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Tue Jul 17 2012 22:52:21 GMT-0400 (Eastern Stand[...]
    Found : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
    Found : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
    Found : user_pref("CT2786678.SearchProtectorEnabled", false);
    Found : user_pref("CT2786678.SearchProtectorToolbarDisabled", false);
    Found : user_pref("CT2786678.SendProtectorDataViaLogin", true);
    Found : user_pref("CT2786678.ServiceMapLastCheckTime", "Tue Jul 17 2012 22:52:25 GMT-0400 (Eastern Standard [...]
    Found : user_pref("CT2786678.SettingsLastCheckTime", "Wed Jul 18 2012 19:52:21 GMT-0400 (Eastern Standard Ti[...]
    Found : user_pref("CT2786678.SettingsLastUpdate", "1340118047");
    Found : user_pref("CT2786678.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2786678&SearchSource=13");
    Found : user_pref("CT2786678.ThirdPartyComponentsInterval", 504);
    Found : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Mon Jun 11 2012 14:27:08 GMT-0400 (Eastern Sta[...]
    Found : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1331805997");
    Found : user_pref("CT2786678.ToolbarShrinkedFromSetup", false);
    Found : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2786678");
    Found : user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
    Found : user_pref("CT2786678.UserID", "UN29763875286892894");
    Found : user_pref("CT2786678.ValidationData_Search", 2);
    Found : user_pref("CT2786678.ValidationData_Toolbar", 2);
    Found : user_pref("CT2786678.WeatherNetwork", "");
    Found : user_pref("CT2786678.WeatherPollDate", "Tue Jun 26 2012 22:11:34 GMT-0400 (Eastern Standard Time)");
    Found : user_pref("CT2786678.WeatherUnit", "C");
    Found : user_pref("CT2786678.alertChannelId", "1178763");
    Found : user_pref("CT2786678.approveUntrustedApps", false);
    Found : user_pref("CT2786678.autoDisableScopes", -1);
    Found : user_pref("CT2786678.backendstorage.cb_experience_000", "37");
    Found : user_pref("CT2786678.backendstorage.cb_firstuse0100", "31");
    Found : user_pref("CT2786678.backendstorage.cb_user_id_000", "43423532363437343634373931385F46697265666F78")[...]
    Found : user_pref("CT2786678.backendstorage.cbcountry_000", "5553");
    Found : user_pref("CT2786678.backendstorage.cbcountry_001", "5553");
    Found : user_pref("CT2786678.backendstorage.cbfirsttime", "536174204A616E20313420323031322031383A30353A33392[...]
    Found : user_pref("CT2786678.backendstorage.pairingkey", "39444342304645443037323833424345303031353044333236[...]
    Found : user_pref("CT2786678.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
    Found : user_pref("CT2786678.backendstorage.url_history", "687474703A2F2F7777772E6D7573636C65646973637573736[...]
    Found : user_pref("CT2786678.backendstorage.url_history0001", "687474703A2F2F7777772E6D7573636C6564697363757[...]
    Found : user_pref("CT2786678.backendstorage.url_history_time", "31333236353832353236393135");
    Found : user_pref("CT2786678.backendstorage.uttorrents", "7B226275696C64223A32373230372C226C6162656C223A5B5D[...]
    Found : user_pref("CT2786678.components.129526967958500204", false);
    Found : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
    Found : user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Wed Jun 06 2012 13:57:34 GMT-0400 (Eastern [...]
    Found : user_pref("CT2786678.homepageProtectorEnableByLogin", true);
    Found : user_pref("CT2786678.initDone", true);
    Found : user_pref("CT2786678.isAppTrackingManagerOn", true);
    Found : user_pref("CT2786678.myStuffEnabled", true);
    Found : user_pref("CT2786678.myStuffPublihserMinWidth", 400);
    Found : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
    Found : user_pref("CT2786678.myStuffServiceIntervalMM", 1440);
    Found : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
    Found : user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,1000234,129789450454597254[...]
    Found : user_pref("CT2786678.revertSettingsEnabled", false);
    Found : user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);
    Found : user_pref("CT2786678.searchProtectorEnableByLogin", true);
    Found : user_pref("CT2786678.testingCtid", "");
    Found : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Tue Jul 17 2012 22:52:26 GMT-0400 (Eastern S[...]
    Found : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Sat Jun 02 2012 23:30:49 GMT-0400 (Eastern S[...]
    Found : user_pref("CT2786678.usagesFlag", 2);
    Found : user_pref("CT2790392..clientLogIsEnabled", false);
    Found : user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
    Found : user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
    Found : user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
    Found : user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
    Found : user_pref("CT2790392.AppTrackingLastCheckTime", "Fri Jun 08 2012 23:50:43 GMT-0400 (Eastern Standard[...]
    Found : user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
    Found : user_pref("CT2790392.CTID", "CT2790392");
    Found : user_pref("CT2790392.CurrentServerDate", "19-7-2012");
    Found : user_pref("CT2790392.DSInstall", false);
    Found : user_pref("CT2790392.DialogsAlignMode", "LTR");
    Found : user_pref("CT2790392.DialogsGetterLastCheckTime", "Wed Jul 18 2012 01:50:49 GMT-0400 (Eastern Standa[...]
    Found : user_pref("CT2790392.DownloadReferralCookieData", "");
    Found : user_pref("CT2790392.EMailNotifierPollDate", "Thu Jun 14 2012 15:56:30 GMT-0400 (Eastern Standard Ti[...]
    Found : user_pref("CT2790392.FeedLastCount129313977501788460", 474);
    Found : user_pref("CT2790392.FeedPollDate129313974171006416", "Thu Jun 14 2012 14:24:33 GMT-0400 (Eastern St[...]
    Found : user_pref("CT2790392.FeedPollDate129313975698350231", "Thu Jun 14 2012 14:24:33 GMT-0400 (Eastern St[...]
    Found : user_pref("CT2790392.FeedPollDate129313976370850190", "Thu Jun 14 2012 14:24:33 GMT-0400 (Eastern St[...]
    Found : user_pref("CT2790392.FeedPollDate129313976648818968", "Thu Jun 14 2012 14:24:33 GMT-0400 (Eastern St[...]
    Found : user_pref("CT2790392.FeedPollDate129313977444757117", "Thu Jun 14 2012 14:24:34 GMT-0400 (Eastern St[...]
    Found : user_pref("CT2790392.FeedPollDate129313980389131455", "Thu Jun 14 2012 14:24:34 GMT-0400 (Eastern St[...]
    Found : user_pref("CT2790392.FeedPollDate129313980655381977", "Thu Jun 14 2012 14:24:34 GMT-0400 (Eastern St[...]
    Found : user_pref("CT2790392.FeedPollDate129313980886163259", "Thu Jun 14 2012 14:24:34 GMT-0400 (Eastern St[...]
    Found : user_pref("CT2790392.FeedPollDate129313981234756535", "Thu Jun 14 2012 14:24:34 GMT-0400 (Eastern St[...]
    Found : user_pref("CT2790392.FeedPollDate129313983226631720", "Thu Jun 14 2012 14:24:34 GMT-0400 (Eastern St[...]
    Found : user_pref("CT2790392.FeedPollDate129313983607725691", "Thu Jun 14 2012 14:24:35 GMT-0400 (Eastern St[...]
    Found : user_pref("CT2790392.FeedTTL129313974171006416", 10);
    Found : user_pref("CT2790392.FeedTTL129313977444757117", 15);
    Found : user_pref("CT2790392.FeedTTL129313980655381977", 5);
    Found : user_pref("CT2790392.FeedTTL129313981234756535", 5);
    Found : user_pref("CT2790392.FirstServerDate", "6-6-2012");
    Found : user_pref("CT2790392.FirstTime", true);
    Found : user_pref("CT2790392.FirstTimeFF3", true);
    Found : user_pref("CT2790392.FixPageNotFoundErrors", true);
    Found : user_pref("CT2790392.GroupingServerCheckInterval", 1440);
    Found : user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
    Found : user_pref("CT2790392.HPInstall", false);
    Found : user_pref("CT2790392.HasUserGlobalKeys", true);
    Found : user_pref("CT2790392.HomePageProtectorEnabled", false);
    Found : user_pref("CT2790392.HomepageBeforeUnload", "hxxp://search.babylon.com/?affID=109928&babsrc=HP_ss&mn[...]
    Found : user_pref("CT2790392.Initialize", true);
    Found : user_pref("CT2790392.InitializeCommonPrefs", true);
    Found : user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
    Found : user_pref("CT2790392.InstallationId", "fft305A.tmp.exe");
    Found : user_pref("CT2790392.InstallationType", "XPE");
    Found : user_pref("CT2790392.InstalledDate", "Tue Jun 05 2012 23:45:01 GMT-0400 (Eastern Standard Time)");
    Found : user_pref("CT2790392.IsAlertDBUpdated", true);
    Found : user_pref("CT2790392.IsGrouping", false);
    Found : user_pref("CT2790392.IsInitSetupIni", true);
    Found : user_pref("CT2790392.IsMulticommunity", false);
    Found : user_pref("CT2790392.IsOpenThankYouPage", true);
    Found : user_pref("CT2790392.IsOpenUninstallPage", false);
    Found : user_pref("CT2790392.LanguagePackLastCheckTime", "Tue Jul 17 2012 23:28:58 GMT-0400 (Eastern Standar[...]
    Found : user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
    Found : user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
    Found : user_pref("CT2790392.LastLogin_3.12.0.8", "Tue Jun 05 2012 23:45:09 GMT-0400 (Eastern Standard Time)[...]
    Found : user_pref("CT2790392.LastLogin_3.13.0.6", "Mon Jul 16 2012 15:03:16 GMT-0400 (Eastern Standard Time)[...]
    Found : user_pref("CT2790392.LastLogin_3.14.1.0", "Wed Jul 18 2012 19:52:39 GMT-0400 (Eastern Standard Time)[...]
    Found : user_pref("CT2790392.LatestVersion", "3.13.0.6");
    Found : user_pref("CT2790392.Locale", "en");
    Found : user_pref("CT2790392.MCDetectTooltipHeight", "83");
    Found : user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
    Found : user_pref("CT2790392.MCDetectTooltipWidth", "295");
    Found : user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
    Found : user_pref("CT2790392.OriginalFirstVersion", "3.12.0.8");
    Found : user_pref("CT2790392.SHRINK_TOOLBAR", 1);
    Found : user_pref("CT2790392.SearchCaption", "BitTorrentBar Customized Web Search");
    Found : user_pref("CT2790392.SearchEngineBeforeUnload", "Search the web (Babylon)");
    Found : user_pref("CT2790392.SearchFromAddressBarIsInit", true);
    Found : user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT279[...]
    Found : user_pref("CT2790392.SearchInNewTabEnabled", true);
    Found : user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
    Found : user_pref("CT2790392.SearchInNewTabLastCheckTime", "Tue Jul 17 2012 23:28:43 GMT-0400 (Eastern Stand[...]
    Found : user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
    Found : user_pref("CT2790392.SearchProtectorEnabled", false);
    Found : user_pref("CT2790392.SearchProtectorToolbarDisabled", false);
    Found : user_pref("CT2790392.SendProtectorDataViaLogin", true);
    Found : user_pref("CT2790392.ServiceMapLastCheckTime", "Tue Jul 17 2012 23:29:00 GMT-0400 (Eastern Standard [...]
    Found : user_pref("CT2790392.SettingsLastCheckTime", "Wed Jul 18 2012 19:52:33 GMT-0400 (Eastern Standard Ti[...]
    Found : user_pref("CT2790392.SettingsLastUpdate", "1340177243");
    Found : user_pref("CT2790392.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2790392&SearchSource=13");
    Found : user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
    Found : user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Tue Jun 05 2012 23:44:58 GMT-0400 (Eastern Sta[...]
    Found : user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1331805997");
    Found : user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
    Found : user_pref("CT2790392.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2790392");
    Found : user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
    Found : user_pref("CT2790392.UserID", "UN66168736286820146");
    Found : user_pref("CT2790392.ValidationData_Search", 2);
    Found : user_pref("CT2790392.ValidationData_Toolbar", 2);
    Found : user_pref("CT2790392.WeatherNetwork", "");
    Found : user_pref("CT2790392.WeatherPollDate", "Thu Jun 14 2012 15:39:25 GMT-0400 (Eastern Standard Time)");
    Found : user_pref("CT2790392.WeatherUnit", "F");
    Found : user_pref("CT2790392.alertChannelId", "1182482");
    Found : user_pref("CT2790392.autoDisableScopes", 14);
    Found : user_pref("CT2790392.backendstorage.cbcountry_000", "5553");
    Found : user_pref("CT2790392.backendstorage.cbcountry_001", "5553");
    Found : user_pref("CT2790392.backendstorage.cbfirsttime", "547565204A756E20303520323031322032333A34353A31322[...]
    Found : user_pref("CT2790392.backendstorage.facebook_mode", "32");
    Found : user_pref("CT2790392.backendstorage.facebook_user_locale", "656E");
    Found : user_pref("CT2790392.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F67[...]
    Found : user_pref("CT2790392.backendstorage.url_history0001", "687474703A2F2F7777772E6D7573636C6564697363757[...]
    Found : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
    Found : user_pref("CT2790392.globalFirstTimeInfoLastCheckTime", "Tue Jun 05 2012 23:45:00 GMT-0400 (Eastern [...]
    Found : user_pref("CT2790392.homepageProtectorEnableByLogin", true);
    Found : user_pref("CT2790392.initDone", true);
    Found : user_pref("CT2790392.isAppTrackingManagerOn", true);
    Found : user_pref("CT2790392.myStuffEnabled", true);
    Found : user_pref("CT2790392.myStuffPublihserMinWidth", 400);
    Found : user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
    Found : user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
    Found : user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
    Found : user_pref("CT2790392.navigateToUrlOnSearch", false);
    Found : user_pref("CT2790392.revertSettingsEnabled", false);
    Found : user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
    Found : user_pref("CT2790392.searchProtectorEnableByLogin", true);
    Found : user_pref("CT2790392.testingCtid", "");
    Found : user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Tue Jul 17 2012 23:29:00 GMT-0400 (Eastern S[...]
    Found : user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Tue Jun 05 2012 23:45:10 GMT-0400 (Eastern S[...]
    Found : user_pref("CT2790392.usagesFlag", 2);
    Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2790392/CT2790392[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/US", "\"0\"[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", [...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392",[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]
    Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"229[...]
    Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Andy\\Application [...]
    Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.13.0.6");
    Found : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://listen.grooveshark.com/ ", "-88x124");
    Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://cdn.triplegames.com/shared/apps/gamearcade/ar[...]
    Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://facebook.conduitapps.com/v3.13/gadget.html", [...]
    Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://listen.grooveshark.com/ ", "800x592");
    Found : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://youtube.conduitapps.com/v115/gadget.php?appMo[...]
    Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
    Found : user_pref("CommunityToolbar.ToolbarsList", "CT2786678,CT2790392");
    Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2786678,CT2790392");
    Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2786678,CT2790392");
    Found : user_pref("CommunityToolbar.facebook.alerts.enabled", true);
    Found : user_pref("CommunityToolbar.facebook.alerts.eventsEnabled", true);
    Found : user_pref("CommunityToolbar.facebook.alerts.friendReqEnabled", true);
    Found : user_pref("CommunityToolbar.facebook.alerts.groupsEnabled", true);
    Found : user_pref("CommunityToolbar.facebook.alerts.inboxEnabled", true);
    Found : user_pref("CommunityToolbar.facebook.alerts.newsFeedsEnabled", false);
    Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Apr 14 2012 23:59:47 GMT-0400 (Eas[...]
    Found : user_pref("CommunityToolbar.globalUserId", "20ff9bbd-fe64-4cb5-91b2-b74aef6dd329");
    Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
    Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
    Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2790392");
    Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Jun 26 2012 21:26:2[...]
    Found : user_pref("CommunityToolbar.notifications.alertEnabled", false);
    Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
    Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Tue Jun 05 2012 22:57:56 GMT-040[...]
    Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Found : user_pref("CommunityToolbar.notifications.locale", "en");
    Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
    Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Jun 26 2012 21:26:26 GMT-0400 (E[...]
    Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
    Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
    Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
    Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
    Found : user_pref("CommunityToolbar.notifications.userId", "4bbac332-e87f-46e4-baa7-99f578e30945");
    Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.com/");
    Found : user_pref("CommunityToolbar.originalSearchEngine", "chrome://browser-region/locale/region.properties[...]
    Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
    Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");
    Found : user_pref("browser.search.order.1", "Search Results");
    Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
    Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
    Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109928");
    Found : user_pref("extensions.BabylonToolbar_i.hardId", "1cac6a810000000000000016767a09ba");
    Found : user_pref("extensions.BabylonToolbar_i.id", "1cac6a810000000000000016767a09ba");
    Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15458");
    Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
    Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
    Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=109928&babsrc=N[...]
    Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
    Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
    Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
    Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
    Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
    Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
    Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1717:43:21");
    Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
    Found : user_pref("extensions.funmoods_i.aflt", "nv1");
    Found : user_pref("extensions.funmoods_i.dfltLng", "");
    Found : user_pref("extensions.funmoods_i.dfltSrch", true);
    Found : user_pref("extensions.funmoods_i.dnsErr", true);
    Found : user_pref("extensions.funmoods_i.excTlbr", false);
    Found : user_pref("extensions.funmoods_i.hmpg", true);
    Found : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=nv1");
    Found : user_pref("extensions.funmoods_i.id", "1cac6a810000000000000016767a09ba");
    Found : user_pref("extensions.funmoods_i.instlDay", "15382");
    Found : user_pref("extensions.funmoods_i.instlRef", "");
    Found : user_pref("extensions.funmoods_i.newTab", true);
    Found : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=nv1");
    Found : user_pref("extensions.funmoods_i.prdct", "funmoods");
    Found : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
    Found : user_pref("extensions.funmoods_i.smplGrp", "none");
    Found : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
    Found : user_pref("extensions.funmoods_i.tlbrId", "base");
    Found : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=nv1&q=")[...]
    Found : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
    Found : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1619:02:39");
    Found : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.AutoSearchEventData", "auto%20search");
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.ClearCacheDate", 18);
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.DNSCatch", true);
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.DisplayEULA", true);
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.DnsCatchEventData", "dns%20catch");
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.EBOMode", true);
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.FirstLaunchShown", true);
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.InstallDomain", "freecause.com");
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.InstallType", "standard");
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.LoadLayoutDate.100815", 18);
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.NewTabSearchEventData", "tab%20search");
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.ShowRecommendedOptions", true);
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.StateReportDate", "1342638711197");
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.TopRightSearchEventData", "top%20right%20search[...]
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.beforeInstallSaved", true);
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.beforeinstall.homepage", "www.yahoo.com");
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.beforeinstall.search", "Search%20Results");
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.customNewTab", true);
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.helpUsImprove", true);
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.hideOthers", true);
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.partnerauth", false);
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.processAddrBar", true);
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.restoreSearch", false);
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.runcmd.", "bb_acct_status_1342662775");
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.searchHistory", true);
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.session", "25512BD3FC86027C23434A7098F80E0B9617[...]
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.showFirstLaunchOptions", false);
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.tb_lang", "en");
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.tool_id", "100815");
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.user_id", "115697134");
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.user_key", "6509f3f570212a38f999d681bfbb8ca58ec[...]
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.user_layouts", "100815");
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.user_lnames", "fcreward.100815.b");
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.xml_service_url", "6bb94bbf55fe2f255901a560824a[...]
    Found : user_pref("freecause758d6aeb75e49f24fd4951b640add07f.yahooSearch", true);
    Found : user_pref("extensions.SmartSuggestor.aid", "10036");

    -\\ Google Chrome v25.0.1364.97

    File : C:\Documents and Settings\Andy\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    Found [l.1609] : homepage = "hxxp://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=E723415B2DAB5AE81BBEFC5052C48BC9&tbp=homepage",

    -\\ Opera v [Unable to get version]

    File : C:\Documents and Settings\Andy\Application Data\Opera\Opera\operaprefs.ini

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [43433 octets] - [01/03/2013 23:14:06]

    ########## EOF - C:\AdwCleaner[R1].txt - [43494 octets] ##########


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:22:52 PM, on 3/1/2013
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
    O23 - Service: GoToMyPC - Unknown owner - C:\Program Files\Citrix\GoToMyPC\g2svc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\pev.3XE
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe

    --
    End of file - 2662 bytes

    Here are the logs of #1 - security check #2-adware cleaner # 3 hijackthis ... junkwear removal was looked at as being a malware when downloading the link so I never ran it . I went into ducuments and settings and clicked on all users- windows , application data and found the yellow folder that says strong vault online backup and can't delete it .I receive a message stating " cannot delete ctxmenu.dll explorer exe log . It is being used by another person or program . Close any programs that might be using the file and try again .
     
  10. dweb175

    dweb175 Member

    Joined:
    Mar 29, 2011
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    16
    I didn't think they had computers 50 years ago . We never used them when I was in school and I graduated high school in 1990 .
     
  11. DADEO1

    DADEO1 Regular member

    Joined:
    Nov 19, 2004
    Messages:
    108
    Likes Received:
    0
    Trophy Points:
    26
    I did notice Torn TV. Here's a little bit about it. What do you think?

    "TornTV is a free software that let's it's users watch TV using their computers. On it's own this program is not a virus or malware, however it's developers are using deceptive monetization methods - they bundle their free software with various browser plug-ins which changes user's Internet browsers settings and causes redirect problems. Majority of free software developers bundle their programs with one toolbar or pug-in, but TornTV developers have bundled their software with several. When computer users install TornTV on their computers they will also install Babylon toolbar and Yontoo adware on their machines.

    These additionally installed browser add-ons will cause browser redirects and unwanted ads appear while browsing the Internet. Furthermore these browser add-ons will cause Internet browser slowdowns. To avoid such problems computer users should closely inspect every free software installation window, uncheck any ticks which asks you to install additional browser add-ons or to change your Internet browser settings (homepage, default search engine). While TornTV is not a computer virus or malware it's an unwanted application which installs additional adware on users computer."
    FROM : http://www.pcrisk.com/removal-guides/6908-remove-torntv-adware
     
  12. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    @DADEO1, you tagged it!

    @dweb175, that’s looking better but still some work to be done.

    Sometimes malware removal software is looked at as malware by an antivirus scanner. That’s because it has to use the same kind of routines to remove the malware as the malware used to infect you. It’s safe! So, please let the junkwear removal tool run and post the Log.
    Also, the Log from HJT looks way too short as if there are missing lines. Please re-run the HijackThis and post another Log.


    Since Andy (you?) is the administrator, instead of going to all users, go to Andy and see if you can find it there. You may not be able to delete because something else is using the files in it so, what you need to do is go to Safe Mode and delete it from there. Do you know how to use Safe Mode? If not, let me know..

    Do you live under a rock? We had computers in the 1940’s, they just weren’t desktops or laptops, they took up whole buildings. Check this out: http://www.computerhistory.org/revolution/mainframe-computers/7/161/565
    This is one of the computers I worked with in 1965.

    Post a jrt Log and a new HJT log and let me know how it's running. any problems?
    2oG
    ________________________________________
     
  13. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,153
    Likes Received:
    134
    Trophy Points:
    143
    dweb, had computers at my school as i finished there in june 1980. weren't pc's as were 1 of the tandy model series, model 1 i think.
     
  14. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    I was computer marketing manager for Tandy/Radio Shack in 1980 - the computer was TRS-80 Model I with a Intel Z-80 processor running at 1.44 MHz and 16 kB of ram unless it had the expansion interface on it and you could get 48 kB of ram.. No HD it used 5.25" floppy disks or a portable tape recorder to save programs. Speed, speed, speed... LMAO
     
  15. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,153
    Likes Received:
    134
    Trophy Points:
    143
    my stepfather had the model 4 which i had to resolder all the solder points on the floppy disk controller so it would boot.
     
  16. DADEO1

    DADEO1 Regular member

    Joined:
    Nov 19, 2004
    Messages:
    108
    Likes Received:
    0
    Trophy Points:
    26
    Hey, we bought a Tandy computer at Radio Shack. Wow, it seems like a long time ago. My one big project was putting a parts cross reference and prices in alphabetical order.
     
  17. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    yeah, Model 4 they took the 16k ROM Basic interpreter out of the Model III so us Geeks could have a 64k machine that we could program in machine code languages and have a little more room.
     
  18. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    in the 80's, I taught computer literacy at an Education Service Center to teachers so they could teach the kids and it was a hoot. back then No one knew anything about computers it was all new ground..
     
  19. dweb175

    dweb175 Member

    Joined:
    Mar 29, 2011
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    16
    Junkware Removal Tool (JRT) by Thisisu
    Version: 4.6.6 (02.27.2013:1)
    OS: Microsoft Windows XP x86
    Ran by Andy on Sat 03/02/2013 at 15:24:09.34
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
    Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] hkey_local_machine\software\babylon
    Successfully deleted: [Registry Key] hkey_current_user\software\conduit
    Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
    Successfully deleted: [Registry Key] hkey_current_user\software\datamngr
    Successfully deleted: [Registry Key] hkey_local_machine\software\default tab
    Successfully deleted: [Registry Key] hkey_local_machine\software\freeze.com
    Successfully deleted: [Registry Key] hkey_current_user\software\igearsettings
    Successfully deleted: [Registry Key] hkey_current_user\software\ilivid
    Successfully deleted: [Registry Key] hkey_local_machine\software\ilivid
    Successfully deleted: [Registry Key] hkey_current_user\software\im
    Successfully deleted: [Registry Key] hkey_local_machine\software\iminent
    Successfully deleted: [Registry Key] hkey_current_user\software\pricegong
    Successfully deleted: [Registry Key] hkey_current_user\software\smartbar
    Successfully deleted: [Registry Key] hkey_current_user\software\sweetim
    Successfully deleted: [Registry Key] hkey_local_machine\software\sweetim
    Successfully deleted: [Registry Key] hkey_current_user\software\yourfiledownloader
    Successfully deleted: [Registry Key] hkey_local_machine\software\yourfiledownloader
    Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
    Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\browserconnection.dll
    Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\discoveryhelper.dll
    Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\dnsbho.dll
    Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\gifanimator.dll
    Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\imtrprogress.dll
    Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\imweb.dll
    Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\wmhelper.dll
    Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\yontooieclient.dll
    Successfully deleted: [Registry Key] hkey_local_machine\software\classes\prod.cap
    Successfully deleted: [Registry Key] hkey_local_machine\software\classes\qwiklinxbho
    Successfully deleted: [Registry Key] hkey_local_machine\software\classes\qwiklinxbho.1
    Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{171debeb-c3d4-40b7-ac73-056a5eba4a7e}
    Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{3bd44f0e-0596-4008-aee0-45d47e3a8f0e}
    Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
    Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}
    Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{95b7759c-8c7f-4bf1-b163-73684a933233}
    Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}



    ~~~ Files



    ~~~ Folders

    Successfully deleted: [Folder] "C:\Documents and Settings\All Users.WINDOWS\application data\strongvault online backup"
    Successfully deleted: [Folder] "C:\Documents and Settings\Andy\Application Data\babylon"
    Successfully deleted: [Folder] "C:\Documents and Settings\Andy\Application Data\drivercure"
    Successfully deleted: [Folder] "C:\Documents and Settings\Andy\Application Data\fighters"
    Successfully deleted: [Folder] "C:\Documents and Settings\Andy\Application Data\opencandy"
    Successfully deleted: [Folder] "C:\Documents and Settings\Andy\Application Data\pc cleaners"
    Successfully deleted: [Folder] "C:\Documents and Settings\Andy\Application Data\yourfiledownloader"
    Successfully deleted: [Folder] "C:\Documents and Settings\Andy\appdata\locallow\datamngr"
    Successfully deleted: [Folder] "C:\Documents and Settings\Andy\Local Settings\Application Data\babylon"
    Successfully deleted: [Folder] "C:\Documents and Settings\Andy\Local Settings\Application Data\blekkotb_031"
    Successfully deleted: [Folder] "C:\Documents and Settings\Andy\Local Settings\Application Data\conduit"
    Successfully deleted: [Folder] "C:\Documents and Settings\Andy\Local Settings\Application Data\ilivid player"
    Successfully deleted: [Folder] "C:\Documents and Settings\Andy\Local Settings\Application Data\stronghold_llc"
    Successfully deleted: [Folder] "C:\Documents and Settings\Andy\Local Settings\Application Data\strongvault online backup"
    Successfully deleted: [Folder] "C:\Program Files\conduit"
    Successfully deleted: [Folder] "C:\WINDOWS\system32\ai_recyclebin"



    ~~~ Chrome

    Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\jplinpmadfkdgipabgcdchbdikologlh
    Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\niapdbllcanepiiimjjndipklodoedlc





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sat 03/02/2013 at 15:38:59.43
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 3:40:46 PM, on 3/2/2013
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
    C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
    O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
    O23 - Service: GoToMyPC - Unknown owner - C:\Program Files\Citrix\GoToMyPC\g2svc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\pev.3XE
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe

    --
    End of file - 2714 bytes

    Here are the logs and I went back to documents and settings and checked both folders including the one you told me to and I can't find strong vult and it's still on my pc . Maybe it's hiding somewhere else .
     
  20. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,658
    Likes Received:
    38
    Trophy Points:
    78
    Strong vault was deleted by jrt:
    What leads you to believe it's still there?


    2oG
     

Share This Page