1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Niece's Netbook is sluggish

Discussion in 'Virus & Other Malware Removal' started by JPSeabury, Apr 8, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. JPSeabury

    JPSeabury Thread Starter

    Joined:
    Mar 7, 2012
    Messages:
    33
    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Starter, Service Pack 1, 32 bit
    Processor: Intel(R) Atom(TM) CPU Z530 @ 1.60GHz, x86 Family 6 Model 28 Stepping 2
    Processor Count: 2
    RAM: 1014 Mb
    Graphics Card: Intel(R) Graphics Media Accelerator 500
    Hard Drives: C: Total - 137586 MB, Free - 61772 MB;
    Motherboard: Dell Inc., 0P374N
    Antivirus: AVG Anti-Virus Free Edition 2011, Updated and Enabled

    HIJACK THIS LOGS:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 3:27:53 PM, on 3/31/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16470)
    Boot mode: Normal
    Running processes:
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Elantech\ETDCtrl.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\WSED\WSED.exe
    C:\Program Files\Battery Meter\BTMeter.exe
    C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
    C:\Program Files\Dell\DellDock\DellDock.exe
    C:\Program Files\CapsLKNotify\CapsLKNotify.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\AVG\AVG10\avgtray.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\Windows ilivid Toolbar\Datamngr\datamngrUI.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\AVG\AVG10\avgui.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Users\Sara\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\03ZH7U4W\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/?ref=hp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - (no file)
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Freecause Shopping BHO - {20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA} - C:\Program Files\Shop to Win 2\Shop to Win 2.dll (file missing)
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WIC55D~1\ToolBar\searchqudtx.dll
    O2 - BHO: UrlHelper Class - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~1\WIC55D~1\Datamngr\IEBHO.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers\YontooIEClient.dll
    O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WIC55D~1\ToolBar\searchqudtx.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [IgfxExt] C:\Windows\system32\IgfxExt.exe /RegServer
    O4 - HKLM\..\Run: [WSED] C:\Program Files\WSED\WSED.exe
    O4 - HKLM\..\Run: [BTMeter] C:\Program Files\Battery Meter\BTMeter.exe
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe
    O4 - HKLM\..\Run: [CapsLKNotify] C:\Program Files\CapsLKNotify\CapsLKNotify.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
    O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
    O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\WIC55D~1\Datamngr\DATAMN~1.EXE
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
    O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
    O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll C:\PROGRA~1\WIC55D~1\Datamngr\IEBHO.dll
    O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
    O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
    O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
    O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\Dell\Digital TV\Kernel\TV\TVECapSvc.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
    --
    End of file - 11159 bytes



    DDS LOG
    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16470
    Run by Sara at 15:34:47 on 2013-03-31
    Microsoft Windows 7 Starter 6.1.7601.1.1252.1.1033.18.1014.109 [GMT -4:00]
    .
    AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ================
    .
    C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Program Files\Dell\DellDock\DockLogin.exe
    C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Dell\Digital TV\Kernel\TV\TVECapSvc.exe
    C:\Program Files\AVG\AVG10\avgnsx.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Elantech\ETDCtrl.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\WSED\WSED.exe
    C:\Program Files\Battery Meter\BTMeter.exe
    C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
    C:\Program Files\Dell\DellDock\DellDock.exe
    C:\Program Files\CapsLKNotify\CapsLKNotify.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\Windows ilivid Toolbar\Datamngr\datamngrUI.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\AVG\AVG10\avgrsx.exe
    C:\Program Files\AVG\AVG10\avgcsrvx.exe
    C:\Program Files\AVG\AVG10\avgscanx.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\AVG\AVG10\avgcsrvx.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\Program Files\AVG\AVG10\avgui.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\svchost.exe -k HPService
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.facebook.com/?ref=hp
    uURLSearchHooks: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - <orphaned>
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Shop to Win 2: {20FEC4E7-F7B7-438B-8191-33D2EFC5EBEA} -
    BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg10\avgssie.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\program files\windows ilivid toolbar\toolbar\searchqudtx.dll
    BHO: UrlHelper Class: {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - c:\program files\windows ilivid toolbar\datamngr\IEBHO.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files\yontoo layers\YontooIEClient.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\program files\windows ilivid toolbar\toolbar\searchqudtx.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    mRun: [ETDWare] c:\program files\elantech\ETDCtrl.exe
    mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [IgfxExt] c:\windows\system32\IgfxExt.exe /RegServer
    mRun: [WSED] c:\program files\wsed\WSED.exe
    mRun: [BTMeter] c:\program files\battery meter\BTMeter.exe
    mRun: [Broadcom Wireless Manager UI] c:\program files\dell\dell wireless wlan card\WLTRAY.exe
    mRun: [CapsLKNotify] c:\program files\capslknotify\CapsLKNotify.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
    mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
    mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
    mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    mRun: [DATAMNGR] c:\progra~1\wic55d~1\datamngr\DATAMN~1.EXE
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    StartupFolder: c:\users\sara\appdata\roaming\micros~1\windows\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe
    StartupFolder: c:\users\sara\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{1C6646A1-4AE0-4384-ADE4-1E12BB484ED8} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{1C6646A1-4AE0-4384-ADE4-1E12BB484ED8}\2456C6B696E6F5E4F575962756C6563737F5231363242364 : DHCPNameServer = 192.168.2.1
    TCP: Interfaces\{1C6646A1-4AE0-4384-ADE4-1E12BB484ED8}\24F65727175756F584F6D656 : DHCPNameServer = 192.168.2.1
    TCP: Interfaces\{1C6646A1-4AE0-4384-ADE4-1E12BB484ED8}\943745865694E6475627E6564775F627B696E676 : DHCPNameServer = 192.168.1.1
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
    AppInit_DLLs= c:\progra~1\wic55d~1\datamngr\datamngr.dll c:\progra~1\wic55d~1\datamngr\IEBHO.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
    R0 EMSC;COMPAL Embedded System Control;c:\windows\system32\drivers\EMSC.sys [2009-6-26 13680]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-11-12 255968]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168]
    R2 AERTFilters;Andrea RT Filters Service;c:\program files\realtek\audio\hda\AERTSrv.exe [2009-11-18 81920]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2012-1-31 7391072]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
    R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-12-18 155648]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-5-27 134480]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 21968]
    R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2009-11-18 143840]
    R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2009-11-18 94720]
    R3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\drivers\hcw95bda.sys [2009-11-18 573440]
    R3 igd;igd;c:\windows\system32\drivers\igdkmd32.sys [2009-11-18 635168]
    R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-11-18 122880]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-11-18 165888]
    R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-11-18 167936]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
    S3 SNDP610;Dual Mode Camera;c:\windows\system32\drivers\sndp610.sys [2005-10-11 220032]
    S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-3 52224]
    .
    =============== Created Last 30 ================
    .
    2013-03-22 02:46:33 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
    .
    ==================== Find3M ====================
    .
    2013-02-12 04:48:31 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
    2013-02-12 04:48:26 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
    2013-02-02 03:38:35 1800704 ----a-w- c:\windows\system32\jscript9.dll
    2013-02-02 03:30:32 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
    2013-02-02 03:30:21 1129472 ----a-w- c:\windows\system32\wininet.dll
    2013-02-02 03:26:47 142848 ----a-w- c:\windows\system32\ieUnatt.exe
    2013-02-02 03:26:21 420864 ----a-w- c:\windows\system32\vbscript.dll
    2013-02-02 03:23:28 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2013-01-05 05:00:15 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2013-01-05 05:00:11 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
    2013-01-04 04:50:52 169984 ----a-w- c:\windows\system32\winsrv.dll
    2013-01-04 03:00:29 2347008 ----a-w- c:\windows\system32\win32k.sys
    2013-01-03 05:05:20 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2013-01-03 05:04:43 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
    .
    ============= FINISH: 15:39:07.38 ===============


    ATTACH.TXT LOG
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Starter
    Boot Device: \Device\HarddiskVolume2
    Install Date: 6/4/2010 3:53:52 PM
    System Uptime: 3/31/2013 2:49:03 PM (1 hours ago)
    .
    Motherboard: Dell Inc. | | 0P374N
    Processor: Intel(R) Atom(TM) CPU Z530 @ 1.60GHz | U3E1 | 1600/mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 134 GiB total, 57.387 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    32 Bit HP CIO Components Installer
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.1.2
    Advanced Audio FX Engine
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    AVG 2011
    Battery Meter
    Bonjour
    CapsLKNotify
    Cars2_MissionImpossible_Screensaver
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco PEAP Module
    Compatibility Pack for the 2007 Office system
    Dell Digital TV
    Dell Dock
    Dell Edoc Viewer
    Dell Support Center (Support Software)
    Dell Webcam Central
    Dell Wireless WLAN Card Utility
    Download Updater (AOL LLC)
    EMSC
    ETDWare PS/2-x86 7.0.4.11_WHQL
    Function Keys
    Google Toolbar for Internet Explorer
    Google Update Helper
    GoToAssist 8.0.0.514
    HP Photosmart Plus B209a-m All-in-One Driver 14.0 Rel. 6
    iCloud
    iTunes
    Java(TM) 6 Update 14
    Junk Mail filter update
    Live! Cam Avatar Creator
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft IntelliPoint 8.0
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Enterprise 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Groove MUI (English) 2007
    Microsoft Office Groove Setup Metadata MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Works
    MobileMe Control Panel
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Network
    OGA Notifier 2.0.0048.0
    PS_AIO_06_B209a-m_SW_Min
    QuickTime
    Realtek High Definition Audio Driver
    Scan
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
    Shop To Win
    Skype Toolbars
    Skype™ 5.10
    TI-83 Plus Flash Debugger
    Toolbox
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
    Update for Microsoft Office Access 2007 Help (KB963663)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Infopath 2007 Help (KB963662)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    VirtualDub (remove only)
    Windows ilivid Toolbar
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Mail
    Windows Live Messenger
    Windows Live Movie Maker
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Sync
    Windows Live Upload Tool
    Windows Live Writer
    WSED
    Yontoo Layers 1.10.01
    .
    ==== End Of File ===========================


    GMER LOG:
    GMER 2.1.19155 - http://www.gmer.net
    Rootkit scan 2013-03-31 18:38:51
    Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HM160HI rev.HH100-15 149.05GB
    Running: wxns484d.exe; Driver: C:\Users\Sara\AppData\Local\Temp\fwlciuod.sys

    ---- System - GMER 2.1 ----
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys ZwOpenProcess [0x9E17A7A0]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys ZwTerminateProcess [0x9E17A848]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys ZwTerminateThread [0x9E17A8E4]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys ZwWriteVirtualMemory [0x9E17A980]
    ---- Kernel code sections - GMER 2.1 ----
    .text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 81A8C9E9 1 Byte [06]
    .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 81AC61C2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
    .text ntkrnlpa.exe!KeRemoveQueueEx + 139F 81ACD4B4 4 Bytes [A0, A7, 17, 9E]
    .text ntkrnlpa.exe!KeRemoveQueueEx + 166F 81ACD784 8 Bytes [48, A8, 17, 9E, E4, A8, 17, ...] {DEC EAX; TEST AL, 0x17; SAHF ; IN AL, 0xa8; POP SS; SAHF }
    .text ntkrnlpa.exe!KeRemoveQueueEx + 16E3 81ACD7F8 4 Bytes [80, A9, 17, 9E]
    ? C:\Users\Sara\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !
    ---- User code sections - GMER 2.1 ----
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] ntdll.dll!NtClose 77B354C8 5 Bytes JMP 10047D70 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] ntdll.dll!NtCreateKey 77B35608 5 Bytes JMP 10047CF0 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] ntdll.dll!NtDeleteKey 77B35818 5 Bytes JMP 10047D90 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] ntdll.dll!NtDeleteValueKey 77B35848 5 Bytes JMP 10047DB0 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] ntdll.dll!NtOpenKey 77B35D08 5 Bytes JMP 10047D20 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] ntdll.dll!NtOpenKeyEx 77B35D18 5 Bytes JMP 10047D40 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] ntdll.dll!NtQueryValueKey 77B36248 5 Bytes JMP 10047C90 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] ntdll.dll!NtSetValueKey 77B36808 5 Bytes JMP 10047CC0 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] ntdll.dll!LdrLoadDll 77B5223E 5 Bytes JMP 013A0780 C:\PROGRA~1\WIC55D~1\Datamngr\IEBHO.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] kernel32.dll!CreateThread 76B7DCC2 5 Bytes JMP 68A575E3 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] USER32.dll!EnableWindow 76888D02 5 Bytes JMP 68A99EBC C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] USER32.dll!CallNextHookEx 7688ABE1 5 Bytes JMP 68AB7FF1 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] USER32.dll!UnhookWindowsHookEx 7688ADF9 5 Bytes JMP 68ADED14 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] USER32.dll!DefWindowProcA 7688BB1C 7 Bytes JMP 68A5980D C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] USER32.dll!CreateWindowExA 7688BF40 5 Bytes JMP 68A63643 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] USER32.dll!SetWindowsHookExW 7688E30C 5 Bytes JMP 68A925B4 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] USER32.dll!CreateWindowExW 7688EC7C 5 Bytes JMP 68AC03DF C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] USER32.dll!DefWindowProcW 7689507D 7 Bytes JMP 68AB8054 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] USER32.dll!DialogBoxParamW 768A3B9B 5 Bytes JMP 689F1893 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] USER32.dll!DialogBoxIndirectParamW 768B3B7F 5 Bytes JMP 68BE8F36 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] USER32.dll!DialogBoxParamA 768CCF42 5 Bytes JMP 68BE8ED1 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] USER32.dll!DialogBoxIndirectParamA 768CD274 5 Bytes JMP 68BE8F9B C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] USER32.dll!MessageBoxIndirectA 768DE869 5 Bytes JMP 68BE8E58 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] USER32.dll!MessageBoxIndirectW 768DE963 5 Bytes JMP 68BE8DDF C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] USER32.dll!MessageBoxExA 768DE9C9 5 Bytes JMP 68BE8D7B C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] USER32.dll!MessageBoxExW 768DE9ED 5 Bytes JMP 68BE8D17 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] ole32.dll!OleLoadFromStream 757C6143 5 Bytes JMP 68BE9704 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[2536] ole32.dll!CoCreateInstance 75809D0B 5 Bytes JMP 013A2C50 C:\PROGRA~1\WIC55D~1\Datamngr\IEBHO.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] ntdll.dll!NtClose 77B354C8 5 Bytes JMP 10047D70 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] ntdll.dll!NtCreateKey 77B35608 5 Bytes JMP 10047CF0 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] ntdll.dll!NtDeleteKey 77B35818 5 Bytes JMP 10047D90 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] ntdll.dll!NtDeleteValueKey 77B35848 5 Bytes JMP 10047DB0 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] ntdll.dll!NtOpenKey 77B35D08 5 Bytes JMP 10047D20 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] ntdll.dll!NtOpenKeyEx 77B35D18 5 Bytes JMP 10047D40 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] ntdll.dll!NtQueryValueKey 77B36248 5 Bytes JMP 10047C90 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] ntdll.dll!NtSetValueKey 77B36808 5 Bytes JMP 10047CC0 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] ntdll.dll!LdrLoadDll 77B5223E 5 Bytes JMP 00590780 C:\PROGRA~1\WIC55D~1\Datamngr\IEBHO.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] USER32.dll!EnableWindow 76888D02 5 Bytes JMP 68A99EBC C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] USER32.dll!DialogBoxParamW 768A3B9B 5 Bytes JMP 689F1893 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] USER32.dll!DialogBoxIndirectParamW 768B3B7F 5 Bytes JMP 68BE8F36 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] USER32.dll!DialogBoxParamA 768CCF42 5 Bytes JMP 68BE8ED1 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] USER32.dll!DialogBoxIndirectParamA 768CD274 5 Bytes JMP 68BE8F9B C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] USER32.dll!MessageBoxIndirectA 768DE869 5 Bytes JMP 68BE8E58 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] USER32.dll!MessageBoxIndirectW 768DE963 5 Bytes JMP 68BE8DDF C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] USER32.dll!MessageBoxExA 768DE9C9 5 Bytes JMP 68BE8D7B C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] USER32.dll!MessageBoxExW 768DE9ED 5 Bytes JMP 68BE8D17 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3788] ole32.dll!CoCreateInstance 75809D0B 5 Bytes JMP 00592C50 C:\PROGRA~1\WIC55D~1\Datamngr\IEBHO.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] ntdll.dll!NtClose 77B354C8 5 Bytes JMP 10047D70 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] ntdll.dll!NtCreateKey 77B35608 5 Bytes JMP 10047CF0 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] ntdll.dll!NtDeleteKey 77B35818 5 Bytes JMP 10047D90 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] ntdll.dll!NtDeleteValueKey 77B35848 5 Bytes JMP 10047DB0 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] ntdll.dll!NtOpenKey 77B35D08 5 Bytes JMP 10047D20 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] ntdll.dll!NtOpenKeyEx 77B35D18 5 Bytes JMP 10047D40 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] ntdll.dll!NtQueryValueKey 77B36248 5 Bytes JMP 10047C90 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] ntdll.dll!NtSetValueKey 77B36808 5 Bytes JMP 10047CC0 C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] ntdll.dll!LdrLoadDll 77B5223E 5 Bytes JMP 004C0780 C:\PROGRA~1\WIC55D~1\Datamngr\IEBHO.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] kernel32.dll!CreateThread 76B7DCC2 5 Bytes JMP 68A575E3 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!EnableWindow 76888D02 5 Bytes JMP 68A99EBC C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!GetAsyncKeyState 7688A256 5 Bytes JMP 68A3DEDD C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!CallNextHookEx 7688ABE1 5 Bytes JMP 68AB7FF1 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!UnhookWindowsHookEx 7688ADF9 5 Bytes JMP 68ADED14 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!DefWindowProcA 7688BB1C 7 Bytes JMP 68A5980D C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!CreateWindowExA 7688BF40 5 Bytes JMP 68A63643 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!SetWindowsHookExW 7688E30C 5 Bytes JMP 68A925B4 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!CreateWindowExW 7688EC7C 5 Bytes JMP 68AC03DF C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!GetKeyState 76892B4D 5 Bytes JMP 68A3DDB3 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!IsDialogMessageW 76894104 5 Bytes JMP 68BE99FA C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!DefWindowProcW 7689507D 7 Bytes JMP 68AB8054 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!CreateDialogParamA 768A1F42 5 Bytes JMP 68BE9268 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!IsDialogMessage 768A2019 5 Bytes JMP 68BE99D2 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!DialogBoxParamW 768A3B9B 5 Bytes JMP 689F1893 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!CreateDialogIndirectParamA 768A721D 5 Bytes JMP 68BE92D8 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!CreateDialogIndirectParamW 768AEA10 5 Bytes JMP 68BE9310 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!DialogBoxIndirectParamW 768B3B7F 5 Bytes JMP 68BE8F36 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!EndDialog 768B3BA3 5 Bytes JMP 68BE9CA6 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!CreateDialogParamW 768B5630 5 Bytes JMP 68BE92A0 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!SetKeyboardState 768B695A 5 Bytes JMP 68BEA2C1 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!SendInput 768B7019 5 Bytes JMP 68BEA269 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!SetCursorPos 768CC1B0 5 Bytes JMP 68BEA342 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!DialogBoxParamA 768CCF42 5 Bytes JMP 68BE8ED1 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!DialogBoxIndirectParamA 768CD274 5 Bytes JMP 68BE8F9B C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!MessageBoxIndirectA 768DE869 5 Bytes JMP 68BE8E58 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!MessageBoxIndirectW 768DE963 5 Bytes JMP 68BE8DDF C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!MessageBoxExA 768DE9C9 5 Bytes JMP 68BE8D7B C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!MessageBoxExW 768DE9ED 5 Bytes JMP 68BE8D17 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] USER32.dll!keybd_event 768DEC3B 5 Bytes JMP 68BEA226 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] SHELL32.dll!RealDriveType + 173D 75CCFE30 4 Bytes [CF, 01, 1D, 67]
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] SHELL32.dll!RealDriveType + 1745 75CCFE38 8 Bytes [E0, 61, 1C, 67, 79, F7, 1C, ...] {LOOPNZ 0x63; SBB AL, 0x67; JNS 0xfffffffd; SBB AL, 0x67}
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] ole32.dll!OleLoadFromStream 757C6143 5 Bytes JMP 68BE9704 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[5832] ole32.dll!CoCreateInstance 75809D0B 5 Bytes JMP 004C2C50 C:\PROGRA~1\WIC55D~1\Datamngr\IEBHO.dll
    ---- Devices - GMER 2.1 ----
    AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys
    AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys
    AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys
    AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys
    AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
    AttachedDevice \FileSystem\fastfat \Fat AVGIDSFilter.Sys
    ---- Registry - GMER 2.1 ----
    Reg HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\[email protected]{059407B0-D479-11DE-ADDE-806E6F6E6963} 1885768120
    ---- EOF - GMER 2.1 ----
     
  2. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Please download AdwCleaner to your desktop: http://www.bleepingcomputer.com/download/adwcleaner/

    • Double click the adwcleaner.exe to run the tool.
    • Click Search.
    • When the scan finished, a notepad window will be opened.
    • Please post the contents here in your topic.
    • The logfile will also be saved in C:\AdwCleaner[R1].txt.
     
  3. JPSeabury

    JPSeabury Thread Starter

    Joined:
    Mar 7, 2012
    Messages:
    33
    # AdwCleaner v2.200 - Logfile created 04/11/2013 at 00:55:25
    # Updated 02/04/2013 by Xplode
    # Operating system : Windows 7 Starter Service Pack 1 (32 bits)
    # User : Sara - DELL-MINI-1010
    # Boot Mode : Normal
    # Running from : C:\Users\Sara\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JFJNP3BT\AdwCleaner.exe
    # Option [Search]

    ***** [Services] *****

    ***** [Files / Folders] *****
    Folder Found : C:\Program Files\Common Files\Software Update Utility
    Folder Found : C:\Program Files\Free Offers from Freeze.com
    Folder Found : C:\Program Files\Shop To Win
    Folder Found : C:\Program Files\Windows iLivid Toolbar
    Folder Found : C:\ProgramData\Tarma Installer
    Folder Found : C:\Users\Sara\AppData\Local\Ilivid Player
    Folder Found : C:\Users\Sara\AppData\Local\PackageAware
    Folder Found : C:\Users\Sara\AppData\LocalLow\searchquband
    Folder Found : C:\Users\Sara\AppData\LocalLow\Searchqutoolbar
    ***** [Registry] *****
    Data Found : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~1\WIC55D~1\Datamngr\datamngr.dll
    Data Found : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~1\WIC55D~1\Datamngr\IEBHO.dll
    Key Found : HKCU\Software\AppDataLow\Software\Freecause
    Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar
    Key Found : HKCU\Software\DataMngr
    Key Found : HKCU\Software\DataMngr_Toolbar
    Key Found : HKCU\Software\ilivid
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA7406}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    Key Found : HKCU\Software\ShopToWin
    Key Found : HKLM\Software\AVG Secure Search
    Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{EB583FE1-9458-4EDA-AC68-24D24F17C70F}
    Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
    Key Found : HKLM\SOFTWARE\Classes\AppID\ShoppingBHO.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
    Key Found : HKLM\SOFTWARE\Classes\dnUpdate
    Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
    Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
    Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
    Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
    Key Found : HKLM\SOFTWARE\Classes\FCSB000062035.JSOptionsImpl
    Key Found : HKLM\SOFTWARE\Classes\FCSB000062035.JSOptionsImpl.1
    Key Found : HKLM\SOFTWARE\Classes\FCSB000062035.Shopping
    Key Found : HKLM\SOFTWARE\Classes\FCSB000062035.Shopping.1
    Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
    Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
    Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
    Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
    Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
    Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
    Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
    Key Found : HKLM\Software\DataMngr
    Key Found : HKLM\Software\Freeze.com
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA7406}
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6EFDBA50-4ABE-4194-86F7-F3BD0A011F5B}_is1
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 406 MediaBar
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
    Key Found : HKLM\Software\SearchquMediabarTb
    Key Found : HKLM\Software\Tarma Installer
    Key Found : HKU\S-1-5-21-976973251-1295100334-1196084293-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA7406}
    Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
    Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [DataMngr]
    ***** [Internet Browsers] *****
    -\\ Internet Explorer v10.0.9200.16521
    [OK] Registry is clean.
    *************************
    AdwCleaner[R1].txt - [8633 octets] - [11/04/2013 00:55:25]
    ########## EOF - C:\AdwCleaner[R1].txt - [8693 octets] ##########
     
  4. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
    Please run AdwCleaner again.
    This time press Delete.
    It will clear the problems, then offer to reboot.
    Let the computer reboot and then post the log it makes.
    The logfile will also be saved in C:\AdwCleaner[R1].txt
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1095590

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice