Live Search Redirect

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Heron51585

Thread Starter
Joined
Jan 20, 2013
Messages
1
I've read a few of the other posts about this and I'm just trying to get help removing the redirect.

I am currently running windows 7 64bit and the redirect is effecting all the browsers. I downloaded combofix after reading one of the other threads. here is the log:

ComboFix 13-01-17.04 - Tony 01/20/2013 12:18:59.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3838.1929 [GMT -5:00]
Running from: c:\users\Tony\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Tony\AppData\Local\Conduit\Adobe\aubraurtg.dll
c:\windows\Downloaded Program Files\popcaploader.dll
c:\windows\Downloaded Program Files\popcaploader.inf
c:\windows\SysWow64\SET2BA5.tmp
c:\windows\SysWow64\SET38A6.tmp
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-12-20 to 2013-01-20 )))))))))))))))))))))))))))))))
.
.
2013-01-20 17:24 . 2013-01-20 17:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-20 13:38 . 2013-01-20 13:44 -------- d-----w- c:\windows\LastGood
2013-01-19 09:21 . 2013-01-19 09:21 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0D8C666D-D04C-4D43-9F3A-28C6E1E2F882}\offreg.dll
2013-01-18 13:43 . 2013-01-08 05:32 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0D8C666D-D04C-4D43-9F3A-28C6E1E2F882}\mpengine.dll
2013-01-16 19:52 . 2013-01-16 22:07 -------- d-----w- c:\users\Tony\AppData\Roaming\Dwarfs
2013-01-16 19:51 . 2013-01-16 19:51 -------- d-----w- c:\program files (x86)\Microsoft XNA
2013-01-16 18:16 . 2008-12-27 06:01 310208 ----a-w- c:\windows\system32\drivers\OA007Vid.sys
2013-01-16 18:16 . 2008-09-01 06:00 40960 ----a-w- c:\windows\SysWow64\OA007Pin.dll
2013-01-16 18:16 . 2008-09-01 06:00 35328 ----a-w- c:\windows\system32\OA007Pin.dll
2013-01-16 18:16 . 2008-08-01 22:21 102912 ----a-w- c:\windows\CtDrvIns.exe
2013-01-16 18:16 . 2008-07-28 06:00 24576 ----a-w- c:\windows\SysWow64\OA007Pin.crl
2013-01-16 18:16 . 2008-07-28 06:00 15360 ----a-w- c:\windows\system32\OA007Pin.crl
2013-01-16 18:11 . 2013-01-16 18:11 -------- d-----w- c:\users\Tony\AppData\Roaming\U3
2013-01-16 17:49 . 2013-01-16 17:49 -------- d-----w- c:\program files (x86)\Creative
2013-01-16 17:11 . 2013-01-16 17:11 -------- d-----w- c:\users\Tony\AppData\Local\Akamai
2013-01-15 14:55 . 2013-01-15 14:55 -------- d-----w- c:\windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2013-01-15 14:53 . 2010-06-28 15:51 490600 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-01-15 14:53 . 2010-06-28 15:51 429672 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-01-15 14:53 . 2010-06-28 15:51 113768 ----a-w- c:\windows\system32\nvinitx.dll
2013-01-15 14:53 . 2010-06-28 15:51 101992 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-01-15 14:53 . 2010-06-28 15:51 408680 ----a-w- c:\windows\system32\nvdecodemft.dll
2013-01-15 14:53 . 2010-06-28 15:51 335464 ----a-w- c:\windows\SysWow64\nvdecodemft.dll
2013-01-15 14:53 . 2010-06-28 15:51 255592 ----a-w- c:\windows\system32\nvcod1922.dll
2013-01-15 14:53 . 2010-06-28 15:51 255592 ----a-w- c:\windows\system32\nvcod.dll
2013-01-15 14:53 . 2011-03-17 09:38 1965672 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-01-15 14:53 . 2010-06-28 15:51 930272 ----a-w- c:\windows\system32\dpinst.exe
2013-01-15 01:39 . 2013-01-15 01:39 -------- d-----w- c:\users\Tony\AppData\Roaming\Dell
2013-01-15 01:39 . 2013-01-15 01:39 -------- d-----w- c:\programdata\PC-Doctor for Windows
2013-01-15 01:39 . 2013-01-15 01:39 -------- d-----w- c:\programdata\PCDr
2013-01-15 01:38 . 2013-01-15 02:02 -------- d-----w- c:\program files\AlienAutopsy
2013-01-15 01:36 . 2013-01-15 01:36 -------- d-----w- c:\users\Tony\AppData\Roaming\PCDr
2013-01-15 01:36 . 2013-01-15 02:03 -------- d-----w- C:\temp
2013-01-15 01:28 . 2013-01-15 01:28 74703 ----a-w- c:\windows\SysWow64\mfc45.dll
2013-01-15 01:28 . 2013-01-20 13:41 -------- d-----w- c:\programdata\iolo
2013-01-15 01:28 . 2013-01-15 01:28 -------- d-----w- c:\program files (x86)\iolo
2013-01-14 19:38 . 2013-01-15 00:50 -------- d-----w- c:\program files (x86)\osu!
2013-01-14 19:25 . 2013-01-14 19:25 -------- d-----w- c:\users\Tony\AppData\Roaming\Downloaded Installations
2013-01-09 20:34 . 2013-01-09 20:34 -------- d-----w- c:\programdata\Alienware
2013-01-09 20:12 . 2013-01-09 20:12 -------- d-----w- c:\program files\Alienware
2013-01-09 20:08 . 2003-11-10 23:14 729088 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2013-01-09 20:08 . 2003-11-10 23:13 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2013-01-09 20:08 . 2003-11-10 23:12 266240 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2013-01-09 20:08 . 2003-11-10 23:12 192512 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2013-01-09 20:08 . 2003-11-10 23:11 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2013-01-09 20:08 . 2003-11-10 23:10 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2013-01-09 20:08 . 2013-01-09 20:08 311428 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2013-01-09 20:08 . 2013-01-09 20:08 188548 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2013-01-09 20:06 . 2013-01-09 20:06 -------- d-----w- c:\users\Tony\Bluetooth Software
2013-01-09 20:06 . 2008-01-29 23:46 36392 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2013-01-09 20:06 . 2008-01-29 22:53 120872 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2013-01-09 20:06 . 2008-01-29 22:53 92200 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2013-01-09 20:06 . 2008-01-29 22:53 19880 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2013-01-09 20:06 . 2008-06-06 05:05 296960 ----a-w- c:\windows\system32\BtwRSupport.dll
2013-01-09 20:06 . 2007-04-16 08:24 23752 ----a-w- c:\windows\system32\providers.bin
2013-01-09 20:05 . 2013-01-09 20:05 -------- d-----w- c:\windows\system32\es-MX
2013-01-09 20:05 . 2013-01-09 20:05 -------- d-----w- c:\windows\system32\es-AR
2013-01-09 20:05 . 2013-01-09 20:05 -------- d-----w- c:\windows\SysWow64\es-MX
2013-01-09 20:05 . 2013-01-09 20:05 -------- d-----w- c:\windows\SysWow64\es-AR
2013-01-09 20:05 . 2013-01-09 20:05 -------- d-----w- c:\program files\WIDCOMM
2013-01-09 20:01 . 2013-01-09 20:01 -------- d-----w- c:\program files (x86)\Cisco
2013-01-09 20:01 . 2013-01-09 20:01 95472 ----a-w- c:\windows\system32\bcmwlcoi.dll
2013-01-09 20:01 . 2013-01-16 17:41 3877888 ----a-w- c:\windows\system32\bcmihvsrv64.dll
2013-01-09 20:01 . 2013-01-16 17:41 3541504 ----a-w- c:\windows\system32\bcmihvui64.dll
2013-01-09 20:01 . 2013-01-16 17:41 2042872 ----a-w- c:\windows\system32\drivers\BCMWL664.SYS
2013-01-09 20:01 . 2013-01-09 20:01 -------- d-----w- c:\program files\Broadcom
2013-01-09 20:01 . 2013-01-09 20:01 -------- d-----w- c:\users\Tony\AppData\Roaming\InstallShield
2013-01-09 19:55 . 2013-01-09 20:07 -------- d-----w- c:\users\Tony\Drivers
2013-01-09 15:14 . 2013-01-09 15:14 -------- d-----w- c:\users\Tony\AppData\Roaming\RealNetworks
2013-01-09 12:25 . 2013-01-09 12:25 -------- d-----w- c:\program files (x86)\RealNetworks
2013-01-09 12:25 . 2013-01-09 12:25 -------- d-----w- c:\programdata\RealNetworks
2013-01-09 12:24 . 2013-01-09 12:24 -------- d-----w- c:\program files (x86)\Common Files\xing shared
2013-01-09 12:24 . 2013-01-09 12:24 153296 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppl3260.dll
2013-01-09 12:24 . 2013-01-09 12:24 124056 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
2013-01-09 12:24 . 2013-01-09 12:24 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2013-01-09 12:24 . 2013-01-09 12:24 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2013-01-09 02:56 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 02:56 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-09 02:54 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-09 02:53 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-09 02:53 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 18:52 . 2013-01-02 18:53 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-01-02 18:52 . 2013-01-02 18:53 -------- d-----w- c:\program files\iTunes
2013-01-02 18:52 . 2013-01-02 18:53 -------- d-----w- c:\program files (x86)\iTunes
2013-01-02 18:52 . 2013-01-02 18:52 -------- d-----w- c:\program files\iPod
2012-12-28 01:03 . 2012-12-28 01:03 -------- d-sh--w- c:\programdata\SecuROM
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-16 13:45 . 2012-04-07 22:13 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-16 13:45 . 2012-01-10 14:53 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 08:03 . 2011-03-09 17:39 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-16 17:11 . 2012-12-21 08:01 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 08:00 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 08:00 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 08:01 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-11-30 04:45 . 2013-01-09 02:54 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-18 17:48 . 2011-09-08 20:17 800824 ----a-w- c:\users\Default\AppData\Roaming\DPInst.exe
2012-11-18 17:48 . 2011-09-08 20:17 36352 ----a-w- c:\users\Default\AppData\Roaming\PnPutil.exe
2012-11-18 17:48 . 2011-09-08 20:17 106496 ----a-w- c:\users\Default\AppData\Roaming\gacutil.exe
2012-11-14 07:06 . 2012-12-12 08:02 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-12 08:02 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-12 08:02 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-12 08:02 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-12 08:02 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-12 08:02 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-12 08:02 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-12 08:02 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-12 08:02 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-12 08:02 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-12 08:02 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-12 08:02 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-12 08:02 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-12 08:02 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-12 08:02 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-12 08:02 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-12 08:02 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-12 08:02 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 08:02 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-12 08:02 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 08:02 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-12 08:02 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-12 03:29 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 03:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-12 03:28 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-12 03:28 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-10-30 23:51 . 2011-03-09 18:22 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 23:51 . 2011-03-09 18:22 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 23:51 . 2011-03-09 18:22 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 23:51 . 2011-03-09 18:22 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 23:51 . 2011-03-09 18:22 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 23:51 . 2011-03-09 18:21 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 23:50 . 2011-03-09 18:21 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-30 23:50 . 2011-03-09 17:52 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-25 08:12 . 2012-10-25 08:12 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 08:12 . 2012-10-25 08:12 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{7b13ec3e-999a-4b70-b9cb-2617b8323822}"= "c:\program files (x86)\Zynga\prxtbZyng.dll" [2011-05-09 176936]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll" [2011-03-16 214840]
.
[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\Zynga\prxtbZyng.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{7b13ec3e-999a-4b70-b9cb-2617b8323822}"= "c:\program files (x86)\Zynga\prxtbZyng.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Facebook Update"="c:\users\Tony\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-13 138096]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\MESSEN~1\YahooMessenger.exe" [2012-05-25 6595928]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-08-28 247768]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-12-17 1354736]
"Akamai NetSession Interface"="c:\users\Tony\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"masqform.exe"="c:\program files (x86)\PureEdge\Viewer 6.5\masqform.exe" [2005-07-04 643072]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2012-10-15 2844608]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2013-01-09 295072]
"FATrayAlert"="c:\program files\Alienware\Command Center\AlienSense\FATrayMon.exe" [2010-04-04 95560]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="c:\program files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2012-10-19 2235840]
.
c:\users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Tony\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-12-28 28539392]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ActivClient Agent.lnk - c:\program files\ActivIdentity\ActivClient\acsagent.exe [2009-6-3 164904]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-6-5 1025576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FastAccess]
2010-04-04 18:43 144712 ----a-w- c:\program files\Alienware\Command Center\AlienSense\FALogNot.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli FAPassSync
.
R0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [2008-09-25 238848]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 S3XXx64;SCR3xx USB SmartCardReader64;c:\windows\system32\DRIVERS\S3XXx64.sys [2011-06-16 69888]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ac576d174925c1c6\AESTSr64.exe [2009-03-03 89600]
S2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe [2010-05-21 14648]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 FAService;FAService;c:\program files\Alienware\Command Center\AlienSense\FAService.exe [2010-04-04 2409800]
S2 FreeAgentGoFlex Service;Seagate Drive Settings Service;c:\program files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe [2011-02-10 91432]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2012-10-19 395200]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2012-10-15 779200]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-30 38608]
S2 SpyroService;Spyro Portal Service;c:\program files (x86)\FS\Spyro Portal\FlashPortal.exe [2011-09-09 48128]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-08-28 92632]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 36392]
S3 ITECIRfilter;ITECIR Filter Driver;c:\windows\system32\DRIVERS\ITECIRfilter.sys [2011-03-22 28264]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2011-08-19 22408]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2011-08-19 16008]
S3 OA007Vid;Creative Camera OA007 Function Driver;c:\windows\system32\DRIVERS\OA007Vid.sys [2008-12-27 310208]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 13:45]
.
2013-01-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1058525360-2672619816-1123526767-1000Core.job
- c:\users\Tony\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-01 23:42]
.
2013-01-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1058525360-2672619816-1123526767-1000UA.job
- c:\users\Tony\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-01 23:42]
.
2013-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-05 02:31]
.
2013-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-05 02:31]
.
2013-01-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1058525360-2672619816-1123526767-1000Core.job
- c:\users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-18 13:45]
.
2013-01-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1058525360-2672619816-1123526767-1000UA.job
- c:\users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-18 13:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Tony\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" [2009-06-03 196648]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2009-06-03 483880]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-06-15 110360]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2012-10-08 3182080]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-08-26 487424]
"AlienFX Controller"="c:\program files\Alienware\Command Center\AlienwareAlienFXController.exe" [2010-05-21 63304]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:tabs
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
Trusted Zone: dell.com
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\onydrbnu.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://start.pogo.iplay.com/?o=shp
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-01-09 07:25; {34712C68-7391-4c47-94F3-8F88D49AD632}; c:\programdata\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-DW6 - c:\program files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe
Wow6432Node-HKLM-Run-Conime - c:\windows\system32\conime.exe
Wow6432Node-HKLM-Run-ShopAtHomeWatcher - c:\users\Tony\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
Wow6432Node-HKLM-Run-FAStartup - (no file)
WebBrowser-{7B13EC3E-999A-4B70-B9CB-2617B8323822} - (no file)
AddRemove-{09760D42-E223-42AD-8C3E-55B47D0DDAC3} - c:\programdata\Uninstall\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-01-20 12:27:37
ComboFix-quarantined-files.txt 2013-01-20 17:27
.
Pre-Run: 408,360,984,576 bytes free
Post-Run: 408,536,170,496 bytes free
.
- - End Of File - - F22A5A34AFD556B1B02612D91910DC48

It seems to have fixed it so I would like to thank you. And if you see anything in the log that says it might still be there but hiding please let me know.
 

Attachments

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top