[RESOLVED] Conduit - Visual Bee Search
Page 1 of 4 123 ... LastLast
Results 1 to 15 of 51

Thread: [RESOLVED] Conduit - Visual Bee Search

Hybrid View

  1. #1
    Join Date
    Sep 2001
    Location
    Toronto, Ontario, Canada
    Posts
    216

    Resolved [RESOLVED] Conduit - Visual Bee Search

    The Chrome, Internet Explorer and Firefox browers on my WinXP computer have suddenly show up with the Conduit Toolbar and Visual Bee Search page instead of my usual default 'Google' search.

    I have looked into this problem and had followed several suggestions on how to remove them, including the following:-
    - removing the Conduit components using the Add/Remove Programs
    - removing the Conduit apps from Chrome
    - removing the Trusted Toolbar component using the Add/Remove Program

    I do not think this hated Conduit stuff had been totally eradicated using the above methods; and sadly the System Restore function does not work** (cannot restore to a previous state no matter which restore point I choose). [** this problem had not been resolved, and I am not thinking of doing anything about it because I am thinking of moving to Win 7, although I like Win XP].

    Firefox - I do not use it often. My most-often used browser is IE (Version 8.0.6001.18702).

    The priority right now for me is to get rid of this hated Conduit and Visual Bee thing.

    Please help. I appreciate your help.
    Newbie

  2. #2
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Please, complete all steps listed here: http://discussions.virtualdr.com/sho...d.php?t=167915

    Please, observe following rules:

    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

  3. #3
    Join Date
    Sep 2001
    Location
    Toronto, Ontario, Canada
    Posts
    216
    Hi Broni
    Thank you very much.
    Here is the MalwareBytes scan log.

    Malwarebytes Anti-Malware 1.70.0.1100
    www.malwarebytes.org

    Database version: v2013.04.01.03

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    ADMIN :: TEST-0EDA6CF69E [administrator]

    4/1/2013 4:53:22 PM
    MBAM-log-2013-04-01 (17-47-07).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 239588
    Time elapsed: 52 minute(s), 7 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 19
    HKCR\AppID\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (PUP.Funshion) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (PUP.Funshion) -> No action taken.
    HKCR\CLSID\{91878E42-FC03-4785-B513-1F9E613D1027} (PUP.Funshion) -> No action taken.
    HKCR\TypeLib\{D02E3AB9-7796-40CB-BDFC-20D834FE1F75} (PUP.Funshion) -> No action taken.
    HKCR\Interface\{FCB380C4-D350-44BE-8791-50216F4747AC} (PUP.Funshion) -> No action taken.
    HKCR\ASBarBroker.BDBroker.1 (PUP.Funshion) -> No action taken.
    HKCR\ASBarBroker.BDBroker (PUP.Funshion) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{77FEF28E-EB96-44FF-B511-3185DEA48697} (Trojan.Cinmus) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{77FEF28E-EB96-44FF-B511-3185DEA48697} (Trojan.Cinmus) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B580CF65-E151-49C3-B73F-70B13FCA8E86} (Trojan.Cinmus) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B580CF65-E151-49C3-B73F-70B13FCA8E86} (Trojan.Cinmus) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11CC93E4-0BE6-4F8F-82AA-D577FB955B05} (PUP.Funshion) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A7F05EE4-0426-454F-8013-C41E3596E9E9} (Trojan.Cinmus) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E5D5D4A1-17F0-41D7-B1C6-0979F91E6F46} (Adware.BDSearch) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.BundleInstaller.VG) -> No action taken.
    HKCR\SogouExplorerHTML (Adware.Sogou) -> No action taken.
    HKCR\thunder (Trojan.Agent) -> No action taken.
    HKCU\Software\SogouExplorer (Adware.Sogou) -> No action taken.
    HKLM\SOFTWARE\Clients\StartMenuInternet\SogouExplorer.exe (Adware.Sogou) -> No action taken.

    Registry Values Detected: 2
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{B580CF65-E151-49C3-B73F-70B13FCA8E86} (Trojan.Cinmus) -> Data: eÏ€µQáÃI·?p±?ÊŽ† -> No action taken.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{B580CF65-E151-49C3-B73F-70B13FCA8E86} (Trojan.Cinmus) -> Data: -> No action taken.

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 20
    C:\Program Files\Coopen (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\conf (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009 (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675 (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Photo (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Photo\local Photo (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Share (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Share\coopen share (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Share\coopen share\image_100 (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Wallpaper (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Wallpaper\coopen wallpaper (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Wallpaper\local wallpaper (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\res (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\res\BMP (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Templete (Trojan.Agent) -> No action taken.

    Files Detected: 186
    C:\Program Files\Baidu\{17C2069B-BBFB-D78F-E94E-D089291F2150}\ASBarBroker.exe (PUP.Funshion) -> No action taken.
    C:\Documents and Settings\ADMIN\Application Data\SogouExplorer\sogou_explorer_silent_3.2.0.4716_2170.exe (Adware.Sogou) -> No action taken.
    C:\Documents and Settings\ADMIN\My Documents\Downloads\setup.exe (PUP.BundleInstaller.VG) -> No action taken.
    C:\Documents and Settings\ADMIN\Local Settings\Temp\12740125.Uninstall\Uninstall.exe (Adware.Agent) -> No action taken.
    C:\Documents and Settings\ADMIN\Local Settings\Temp\coopen_setup_100155.exe (Adware.Coopen) -> No action taken.
    C:\Documents and Settings\ADMIN\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> No action taken.
    C:\Program Files\Coopen\CoopenModeB.cop (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\CoopenClient.cop (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\CoopenDeskIcon.cop (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\CoopenDownloader.cop (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\CoopenModeA.cop (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\CoopenModeC.cop (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\CoopenModeD.cop (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\CoopenPlayer.cop (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\CoopenUI.cop (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\CoopenUpdate.cop (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\licence.txt (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\temp.html (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\conf\ChannelListReal.txt (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\conf\ChannelListReal.txt.bak (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\conf\Debug (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\conf\DownImageList (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\conf\Log.txt (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\conf\MainParams (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\conf\ModeAChannelList.txt (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\conf\ModeAChannelList.txt.bak (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\conf\ModeAChannelListReal.txt (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\conf\ModeAChannelSetup.txt (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\conf\ModeASelectChannel.txt (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\conf\ServerList.txt (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\CoopenWallpaper.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746959926.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926646.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926646.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926726.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926726.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926796.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926796.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926886.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926886.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926976.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926976.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746927056.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746927056.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746959766.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746959766.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746959846.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746959846.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746959926.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\212.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\226.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\2472.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\252.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\255.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\258.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\259.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\p-100009-326.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\p-100009-330.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\p-100009-331.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\p-100009-332.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\p-100009-333.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\p-100009-334.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746960016.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746960016.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746960106.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746960106.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746960206.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746960206.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961096.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961096.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961386.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961386.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961596.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961596.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961676.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961676.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961766.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961766.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746963546.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746963556.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12523977442.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12523977612.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12523977622.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12523977952.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765092.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765122.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765152.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765182.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765202.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765272.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765302.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562092.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562122.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562152.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562202.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562232.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562412.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562442.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562462.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562522.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562552.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\20090925172908.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\20090925174025.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\633880229608750000ad.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\633880237512812500ad.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\633880250656875000ad.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\633891499670468750ad.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\633894300871406250ad.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\633894965225781250ad.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765352.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765382.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765412.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765432.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765462.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765492.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765522.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765542.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765612.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765632.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765662.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765692.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765722.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765752.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\125308966416.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12531742162.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12531789482.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12536031572.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12536031602.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12536031652.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12536909952.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12536909972.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538559422.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538559452.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538559472.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538559502.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538559522.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538559582.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538561942.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538561972.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562002.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562012.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562032.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765322.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562062.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\633894972007656250ad.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\8573320090924225316.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\8580720090921110242.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\8586220090921110524.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\8651920090924230156.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\8702220090926224733.xml (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\DefaultCoopenWallpaper.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Photo\local Photo\B_0.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Photo\local Photo\B_1.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Share\coopen share\image_100\B_0.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Share\coopen share\image_100\B_1.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Wallpaper\coopen wallpaper\DefaultCoopenWallpaper.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\image\Wallpaper\local wallpaper\DefaultCoopenWallpaper.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\res\BMP\cancel.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\res\BMP\close.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\res\BMP\Myphoto.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\res\BMP\MyShare.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\res\BMP\MyWallpaper.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\res\BMP\play.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_Play.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal\Background.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_Close.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_IconHide.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_IconShow.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_ModeMenu.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_ModeSel.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_next.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_Pause.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_Prev.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_ScreenSaver.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_Setting.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_Weblogo.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal\Notify_BG.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal\Notify_Close.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal\Progress_download.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal\Progress_download1.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Resource\SkinNormal\Separator.bmp (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Templete\CoopenPhoto.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Templete\DefaultCoopenWallpaper.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Templete\ModeB.tpl (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Templete\ModeB_logo.jpg (Trojan.Agent) -> No action taken.
    C:\Program Files\Coopen\Templete\ModeC.tpl (Trojan.Agent) -> No action taken.

    (end)
    Newbie

  4. #4
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Your MBAM logs says "No action taken".
    Re-run MBAM, fix all issues and post new log.

  5. #5
    Join Date
    Sep 2001
    Location
    Toronto, Ontario, Canada
    Posts
    216

    Conduit - Visual Bee Search

    Hi Broni,

    I have used the "Remove Selected" after scanning. Here is the log.
    =======

    Malwarebytes Anti-Malware 1.70.0.1100
    www.malwarebytes.org

    Database version: v2013.04.01.03

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    ADMIN :: TEST-0EDA6CF69E [administrator]

    4/2/2013 7:50:01 AM
    mbam-log-2013-04-02 (07-50-01).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 239934
    Time elapsed: 47 minute(s), 51 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 19
    HKCR\AppID\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (PUP.Funshion) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (PUP.Funshion) -> No action taken.
    HKCR\CLSID\{91878E42-FC03-4785-B513-1F9E613D1027} (PUP.Funshion) -> No action taken.
    HKCR\TypeLib\{D02E3AB9-7796-40CB-BDFC-20D834FE1F75} (PUP.Funshion) -> No action taken.
    HKCR\Interface\{FCB380C4-D350-44BE-8791-50216F4747AC} (PUP.Funshion) -> No action taken.
    HKCR\ASBarBroker.BDBroker.1 (PUP.Funshion) -> No action taken.
    HKCR\ASBarBroker.BDBroker (PUP.Funshion) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11CC93E4-0BE6-4F8F-82AA-D577FB955B05} (PUP.Funshion) -> No action taken.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.BundleInstaller.VG) -> No action taken.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{77FEF28E-EB96-44FF-B511-3185DEA48697} (Trojan.Cinmus) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{77FEF28E-EB96-44FF-B511-3185DEA48697} (Trojan.Cinmus) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B580CF65-E151-49C3-B73F-70B13FCA8E86} (Trojan.Cinmus) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B580CF65-E151-49C3-B73F-70B13FCA8E86} (Trojan.Cinmus) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A7F05EE4-0426-454F-8013-C41E3596E9E9} (Trojan.Cinmus) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E5D5D4A1-17F0-41D7-B1C6-0979F91E6F46} (Adware.BDSearch) -> Quarantined and deleted successfully.
    HKCR\SogouExplorerHTML (Adware.Sogou) -> Delete on reboot.
    HKCR\thunder (Trojan.Agent) -> Quarantined and deleted successfully.
    HKCU\Software\SogouExplorer (Adware.Sogou) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Clients\StartMenuInternet\SogouExplorer.exe (Adware.Sogou) -> Quarantined and deleted successfully.

    Registry Values Detected: 2
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{B580CF65-E151-49C3-B73F-70B13FCA8E86} (Trojan.Cinmus) -> Data: eÏ€µQáÃI·?p±?ÊŽ* -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{B580CF65-E151-49C3-B73F-70B13FCA8E86} (Trojan.Cinmus) -> Data: -> Quarantined and deleted successfully.

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 20
    C:\Program Files\Coopen (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\conf (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009 (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675 (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Photo (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Photo\local Photo (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Share (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Share\coopen share (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Share\coopen share\image_100 (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Wallpaper (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Wallpaper\coopen wallpaper (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Wallpaper\local wallpaper (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\res (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\res\BMP (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Templete (Trojan.Agent) -> Quarantined and deleted successfully.

    Files Detected: 186
    C:\Program Files\Baidu\{17C2069B-BBFB-D78F-E94E-D089291F2150}\ASBarBroker.exe (PUP.Funshion) -> No action taken.
    C:\Documents and Settings\ADMIN\My Documents\Downloads\setup.exe (PUP.BundleInstaller.VG) -> No action taken.
    C:\Documents and Settings\ADMIN\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> No action taken.
    C:\Documents and Settings\ADMIN\Application Data\SogouExplorer\sogou_explorer_silent_3.2.0.4716_2170.exe (Adware.Sogou) -> Quarantined and deleted successfully.
    C:\Documents and Settings\ADMIN\Local Settings\Temp\12740125.Uninstall\Uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\ADMIN\Local Settings\Temp\coopen_setup_100155.exe (Adware.Coopen) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\CoopenModeB.cop (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\CoopenClient.cop (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\CoopenDeskIcon.cop (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\CoopenDownloader.cop (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\CoopenModeA.cop (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\CoopenModeC.cop (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\CoopenModeD.cop (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\CoopenPlayer.cop (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\CoopenUI.cop (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\CoopenUpdate.cop (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\licence.txt (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\temp.html (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\conf\ChannelListReal.txt (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\conf\ChannelListReal.txt.bak (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\conf\Debug (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\conf\DownImageList (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\conf\Log.txt (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\conf\MainParams (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\conf\ModeAChannelList.txt (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\conf\ModeAChannelList.txt.bak (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\conf\ModeAChannelListReal.txt (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\conf\ModeAChannelSetup.txt (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\conf\ModeASelectChannel.txt (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\conf\ServerList.txt (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\CoopenWallpaper.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746959926.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926646.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926646.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926726.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926726.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926796.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926796.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926886.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926886.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926976.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746926976.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746927056.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746927056.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746959766.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746959766.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746959846.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746959846.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746959926.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\212.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\226.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\2472.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\252.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\255.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\258.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\259.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\p-100009-326.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\p-100009-330.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\p-100009-331.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\p-100009-332.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\p-100009-333.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\p-100009-334.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746960016.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746960016.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746960106.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746960106.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746960206.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746960206.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961096.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961096.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961386.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961386.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961596.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961596.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961676.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961676.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961766.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746961766.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746963546.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_100009\12746963556.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12523977442.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12523977612.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12523977622.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12523977952.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765092.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765122.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765152.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765182.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765202.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765272.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765302.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562092.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562122.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562152.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562202.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562232.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562412.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562442.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562462.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562522.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562552.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\20090925172908.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\20090925174025.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\633880229608750000ad.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\633880237512812500ad.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\633880250656875000ad.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\633891499670468750ad.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\633894300871406250ad.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\633894965225781250ad.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765352.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765382.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765412.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765432.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765462.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765492.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765522.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765542.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765612.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765632.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765662.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765692.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765722.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765752.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\125308966416.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12531742162.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12531789482.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12536031572.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12536031602.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12536031652.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12536909952.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12536909972.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538559422.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538559452.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538559472.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538559502.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538559522.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538559582.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538561942.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538561972.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562002.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562012.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562032.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12524765322.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\12538562062.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\633894972007656250ad.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\8573320090924225316.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\8580720090921110242.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\8586220090921110524.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\8651920090924230156.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\8702220090926224733.xml (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Illustrated\coopen illustrated\image_109675\DefaultCoopenWallpaper.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Photo\local Photo\B_0.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Photo\local Photo\B_1.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Share\coopen share\image_100\B_0.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Share\coopen share\image_100\B_1.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Wallpaper\coopen wallpaper\DefaultCoopenWallpaper.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\image\Wallpaper\local wallpaper\DefaultCoopenWallpaper.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\res\BMP\cancel.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\res\BMP\close.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\res\BMP\Myphoto.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\res\BMP\MyShare.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\res\BMP\MyWallpaper.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\res\BMP\play.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_Play.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal\Background.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_Close.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_IconHide.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_IconShow.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_ModeMenu.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_ModeSel.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_next.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_Pause.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_Prev.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_ScreenSaver.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_Setting.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal\Button_Weblogo.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal\Notify_BG.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal\Notify_Close.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal\Progress_download.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal\Progress_download1.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Resource\SkinNormal\Separator.bmp (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Templete\CoopenPhoto.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Templete\DefaultCoopenWallpaper.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Templete\ModeB.tpl (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Templete\ModeB_logo.jpg (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\Coopen\Templete\ModeC.tpl (Trojan.Agent) -> Quarantined and deleted successfully.

    (end)
    ======
    Newbie

  6. #6
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    You need to select ALL items and fix them.
    Please redo.

  7. #7
    Join Date
    Sep 2001
    Location
    Toronto, Ontario, Canada
    Posts
    216

    Conduit - Visual Bee Search

    Hi Broni,
    All highlighted items in the Scan had been removed.
    Here is the log.
    = = = =
    Malwarebytes Anti-Malware 1.70.0.1100
    www.malwarebytes.org

    Database version: v2013.04.01.03

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    ADMIN :: TEST-0EDA6CF69E [administrator]

    4/2/2013 5:46:32 PM
    mbam-log-2013-04-02 (17-46-32).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 239459
    Time elapsed: 37 minute(s), 51 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 9
    HKCR\AppID\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (PUP.Funshion) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (PUP.Funshion) -> Quarantined and

    deleted successfully.
    HKCR\CLSID\{91878E42-FC03-4785-B513-1F9E613D1027} (PUP.Funshion) -> Quarantined and deleted successfully.
    HKCR\TypeLib\{D02E3AB9-7796-40CB-BDFC-20D834FE1F75} (PUP.Funshion) -> Quarantined and deleted successfully.
    HKCR\Interface\{FCB380C4-D350-44BE-8791-50216F4747AC} (PUP.Funshion) -> Quarantined and deleted successfully.
    HKCR\ASBarBroker.BDBroker.1 (PUP.Funshion) -> Quarantined and deleted successfully.
    HKCR\ASBarBroker.BDBroker (PUP.Funshion) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11CC93E4-0BE6-4F8F-82AA-D577FB955B05} (PUP.Funshion) -> Quarantined and deleted

    successfully.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.BundleInstaller.VG) -> Quarantined and deleted

    successfully.

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 3
    C:\Program Files\Baidu\{17C2069B-BBFB-D78F-E94E-D089291F2150}\ASBarBroker.exe (PUP.Funshion) -> Quarantined and deleted successfully.
    C:\Documents and Settings\ADMIN\My Documents\Downloads\setup.exe (PUP.BundleInstaller.VG) -> Quarantined and deleted successfully.
    C:\Documents and Settings\ADMIN\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Quarantined and deleted successfully.

    (end)
    = = = =
    Newbie

  8. #8
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    OK.
    Go ahead with other scans.

  9. #9
    Join Date
    Sep 2001
    Location
    Toronto, Ontario, Canada
    Posts
    216
    Hi Broni,
    aswMBR.exe Scan done.
    Here is the Scan Log. I also have a MBR.dat file saved on my desktop, which is not sent to you.
    ====
    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2013-04-03 08:07:39
    -----------------------------
    08:07:39.843 OS Version: Windows 5.1.2600 Service Pack 3
    08:07:39.843 Number of processors: 2 586 0x401
    08:07:39.843 ComputerName: TEST-0EDA6CF69E UserName: ADMIN
    08:07:41.109 Initialize success
    08:10:16.015 AVAST engine defs: 13040300
    08:10:22.640 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
    08:10:22.640 Disk 0 Vendor: SAMSUNG_SP0812C SU100-32 Size: 76319MB BusType: 3
    08:10:22.640 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-1a
    08:10:22.656 Disk 1 Vendor: ST2000DM001-9YN164 CC4C Size: 1907729MB BusType: 3
    08:10:22.656 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T1L0-22
    08:10:22.656 Disk 2 Vendor: WDC_WD5000AAKS-00A7B0 01.03B01 Size: 476940MB BusType: 3
    08:10:22.750 Disk 0 MBR read successfully
    08:10:22.750 Disk 0 MBR scan
    08:10:22.796 Disk 0 Windows XP default MBR code
    08:10:22.812 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76316 MB offset 63
    08:10:22.828 Disk 0 scanning sectors +156296385
    08:10:22.890 Disk 0 scanning C:\WINDOWS\system32\drivers
    08:10:38.453 Service scanning
    08:11:04.593 Modules scanning
    08:11:11.593 Disk 0 trace - called modules:
    08:11:11.609 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS
    08:11:11.609 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ad7aab8]
    08:11:11.609 3 CLASSPNP.SYS[f7657fd7] -> nt!IofCallDriver -> \Device\00000074[0x8add89e8]
    08:11:11.609 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x8adfad98]
    08:11:12.546 AVAST engine scan C:\WINDOWS
    08:11:29.593 AVAST engine scan C:\WINDOWS\system32
    08:15:50.750 AVAST engine scan C:\WINDOWS\system32\drivers
    08:16:15.093 AVAST engine scan C:\Documents and Settings\ADMIN
    09:13:45.437 AVAST engine scan C:\Documents and Settings\All Users
    09:24:15.593 Scan finished successfully
    09:35:29.171 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\ADMIN\Desktop\MBR.dat"
    09:35:29.218 The log file has been saved successfully to "C:\Documents and Settings\ADMIN\Desktop\aswMBR.txt"
    09:37:10.921 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\ADMIN\Desktop\MBR.dat"
    09:37:10.937 The log file has been saved successfully to "C:\Documents and Settings\ADMIN\Desktop\aswMBR 2013-04-03 9.35 AM finished.txt"
    ====
    Newbie

  10. #10
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550

  11. #11
    Join Date
    Sep 2001
    Location
    Toronto, Ontario, Canada
    Posts
    216
    Hi Broni,
    Here is the DDS.txt and Attach.txt

    = DDS.txt =

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.17.2
    Run by ADMIN at 0:19:55 on 2013-04-04
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3191.2342 [GMT -4:00]
    .
    AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    .
    ============== Running Processes ================
    .
    C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\QQPCRtp.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Application Updater\ApplicationUpdater.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
    C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe
    C:\Program Files\AVG Secure Search\vprot.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Hewlett-Packard\HP Mouse Suite\hpMonitor.exe
    C:\Documents and Settings\All Users\Application Data\HP Mouse Suite Config\hpwjd.exe
    C:\Documents and Settings\All Users\Application Data\HP Mouse Suite Config\hpwmsd.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
    C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.ca/
    uSearch Bar = hxxp://www.google.com/ie
    uSearch Page = hxxp://www.google.com
    mStart Page = www.hao123.com/?tn=29065018_49_hao_pg
    mDefault_Page_URL = www.hao123.com/?tn=29065018_49_hao_pg
    uInternet Connection Wizard,ShellNext = iexplore
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mSearchAssistant = hxxp://www.google.com/ie
    uURLSearchHooks: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\ytd toolbar\ie\7.0\ytdToolbarIE.dll
    uURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
    uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned>
    dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
    BHO: HelperObject Class: {00C6482D-C502-44C8-8409-FCE54AD9C208} - c:\program files\techsmith\snagit 7\SnagItBHO.dll
    BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: {889D2FEB-5411-4565-8998-1DD2C5261283} - <orphaned>
    BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.2.0.1\AVG Secure Search_toolbar.dll
    BHO: DealPly: {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - c:\program files\dealply\DealPlyIE.dll
    BHO: QvodExtend: {A8502600-B272-4F68-A67B-A0305D46D297} - c:\program files\qvodplayer\QvodExtend.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
    BHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    BHO: YouTube to MP3 Converter: {E71596B0-A83B-453D-82C1-4BE99947C65F} - c:\documents and settings\admin\local settings\application data\sevas-s\youtube to mp3 converter\browserextensions\ie\YouTubeDownloaderExtension.dll
    BHO: GretechBHO Class: {F0181C6E-9218-4792-9F3C-E8DF52B2F1AC} - c:\program files\gretech\gompicker\GomPickerBHO1.dll
    BHO: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\ytd toolbar\ie\7.0\ytdToolbarIE.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
    TB: SnagIt: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - c:\program files\techsmith\snagit 7\SnagItIEAddin.dll
    TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.2.0.1\AVG Secure Search_toolbar.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: YTD Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\ytd toolbar\ie\7.0\ytdToolbarIE.dll
    uRun: [Google Update] "c:\documents and settings\admin\local settings\application data\google\update\GoogleUpdate.exe" /c
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
    mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
    mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
    mRun: [Linksys Wireless Manager] "c:\program files\linksys\linksys wireless manager\LinksysWirelessManager.exe" /cm /min /lcid 1033
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [Nitro PDF Printer Monitor] "c:\program files\nitro pdf\professional\NitroPDFPrinterMonitor.exe"
    mRun: [WinampAgent] "c:\program files\winamp\Winampa.exe"
    mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
    mRun: [Sevas-SSoftwareDefender] c:\documents and settings\admin\local settings\application data\sevas-s\defender\defender.exe
    mRun: [Sevas-SSoftwareUpdater] c:\documents and settings\admin\local settings\application data\sevas-s\updater\updater.exe
    mRun: [ QQPCTray] "c:\program files\tencent\qqpcmgr\7.3.8099.213\QQPCTray.exe" /regrun
    mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [SearchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
    dRun: [PPS Accelerator] c:\program files\ppstream\PPSKernel.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpmoni~1.lnk - c:\program files\hewlett-packard\hp mouse suite\hpMonitor.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpwjde~1.lnk - c:\documents and settings\all users\application data\hp mouse suite config\hpwjd.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpwmsd~1.lnk - c:\documents and settings\all users\application data\hp mouse suite config\hpwmsd.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: Free YouTube Download - c:\documents and settings\admin\application data\dvdvideosoftiehelpers\freeyoutubedownload.htm
    IE: Free YouTube to MP3 Converter - c:\documents and settings\admin\application data\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: HighSpeedDownloadIE - hxxp://st1.dbank.com/netdisk/plugin/1031/DBankPlugin.CAB
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 204.197.191.194 38.117.85.2
    TCP: Interfaces\{ECE18B44-B075-4E67-9D65-BBC70BFDC123} : DHCPNameServer = 204.197.191.194 38.117.85.2
    Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} -
    Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\14.2.0\ViProtocol.dll
    Notify: igfxcui - igfxdev.dll
    AppInit_DLLs= c:\progra~1\google\google~2\GOEC62~1.DLL
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Eudora's Shell Extension - {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} -
    mASetup: Nitro PDF Professional - cscript //B "c:\program files\nitro pdf\professional\RemoveOldAddins.vbs"
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.43\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\admin\application data\mozilla\firefox\profiles\1scr8ssh.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2998365&CUI=UN18541191321461118&UM=2&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.search.selectedEngine - Trustworthy Customized Web Search
    FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2998365&CUI=UN18541191321461118&UM=2&SearchSource=13
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3268494&SearchSource=2&CUI=UN11138640747109460&q=
    FF - plugin: c:\documents and settings\admin\application data\mozilla\firefox\profiles\1scr8ssh.default\extensions\{7aeae561-714b-45f6-ace3-4a8aed6e227b}\plugins\np-mswmp.dll
    FF - plugin: c:\documents and settings\admin\application data\mozilla\firefox\profiles\1scr8ssh.default\extensions\{7aeae561-714b-45f6-ace3-4a8aed6e227b}\plugins\npConduitFirefoxPlugin.dll
    FF - plugin: c:\documents and settings\admin\application data\mozilla\firefox\profiles\1scr8ssh.default\extensions\{ad32743c-16ef-46ec-977b-dce0c3c85b20}\plugins\np-mswmp.dll
    FF - plugin: c:\documents and settings\admin\application data\mozilla\firefox\profiles\1scr8ssh.default\extensions\{ad32743c-16ef-46ec-977b-dce0c3c85b20}\plugins\npConduitFirefoxPlugin.dll
    FF - plugin: c:\documents and settings\admin\application data\mozilla\plugins\npgoogletalk.dll
    FF - plugin: c:\documents and settings\admin\application data\mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: c:\documents and settings\admin\application data\mozilla\plugins\npo1d.dll
    FF - plugin: c:\documents and settings\admin\local settings\application data\google\update\1.3.21.135\npGoogleUpdate3.dll
    FF - plugin: c:\documents and settings\admin\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
    FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\14.2.0\npsitesafety.dll
    FF - plugin: c:\program files\common files\tencent\txsso\1.2.1.42\bin\npSSOAxCtrlForPTLogin.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
    FF - plugin: c:\program files\qvodplayer\npQvodInsert.dll
    FF - plugin: c:\program files\qvodplayer\npShareModule.dll
    FF - plugin: c:\program files\tencent\qqmusic\npQzoneMusic.dll
    FF - plugin: c:\windows\downloaded program files\61669843\npxbdsetup.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll
    FF - plugin: c:\windows\system32\npdeployJava1.dll
    FF - plugin: c:\windows\system32\npptools.dll
    FF - ExtSQL: 2013-02-05 10:14; extension21804@extension21804.com; c:\documents and settings\admin\application data\mozilla\firefox\profiles\1scr8ssh.default\extensions\extension21804@extension21804.com
    FF - ExtSQL: 2013-03-31 07:49; {ad32743c-16ef-46ec-977b-dce0c3c85b20}; c:\documents and settings\admin\application data\mozilla\firefox\profiles\1scr8ssh.default\extensions\{ad32743c-16ef-46ec-977b-dce0c3c85b20}
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: extensions.autoDisableScopes - 14
    FF - user.js: security.csp.enable - false
    .
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 55776]
    R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-8-9 177376]
    R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 94048]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 35552]
    R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2012-12-23 65848]
    R0 TsFltMgr;TsFltMgr;c:\windows\system32\drivers\TsFltMgr.sys [2012-11-16 73024]
    R0 TSysCare;TSysCare;c:\windows\system32\drivers\TSysCare.sys [2012-11-8 24824]
    R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 179936]
    R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 19936]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 159712]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-12 164832]
    R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-4 33112]
    R1 RapportCerberus_43926;RapportCerberus_43926;c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportcerberus\43926\RapportCerberus32_43926.sys [2012-10-30 272216]
    R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2012-12-23 71480]
    R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2012-12-23 166840]
    R1 TSDefenseBt;TSDefenseBt;c:\windows\system32\drivers\TSDefenseBt.sys [2012-11-16 60448]
    R1 TSKSP;TSKSP;c:\program files\tencent\qqpcmgr\7.3.8099.213\TSKsp.sys [2012-11-16 166112]
    R1 TSSysKit;TSSysKit;c:\program files\tencent\qqpcmgr\7.3.8099.213\TSSysKit.sys [2012-11-16 92832]
    R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2013-2-23 805752]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-16 5814904]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
    R2 OkiPar;OkiPar;c:\windows\system32\drivers\OkiPar.sys [2011-12-23 43656]
    R2 QQPCRTP;QQPCMgr RTP Service;c:\program files\tencent\qqpcmgr\7.3.8099.213\qqpcrtp.exe -r --> c:\program files\tencent\qqpcmgr\7.3.8099.213\QQPCRtp.exe -r [?]
    R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2012-12-23 976728]
    R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2013-1-31 3289208]
    R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\14.2.0\ToolbarUpdater.exe [2013-2-19 968880]
    R2 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\western digital\wd drive manager\WDBtnMgrSvc.exe [2008-1-30 106496]
    R3 HP8207_8307;HP-HP8207_8307;c:\windows\system32\drivers\HP8207_8307.sys [2011-12-16 13952]
    R3 RapportIaso;RapportIaso;c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\39624\RapportIaso.sys [2012-5-28 21520]
    R3 TcHardWare;TcHardWare;c:\program files\tencent\qqpcmgr\7.3.8099.213\QQPCHW.sys [2012-11-16 28280]
    R3 TFsFlt;TFsFlt;c:\windows\system32\drivers\TFsFlt.sys [2012-11-16 117920]
    S0 ElbyVCD;ElbyVCD;c:\windows\system32\drivers\elbyvcd.sys --> c:\windows\system32\drivers\ElbyVCD.sys [?]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
    S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-7-15 167264]
    S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-2-3 30192]
    S3 WUSB54GCv3;Compact Wireless-G USB Network Adapter;c:\windows\system32\drivers\WUSB54GCv3.sys [2011-1-19 627072]
    .
    =============== Created Last 30 ================
    .
    .
    ==================== Find3M ====================
    .
    2013-03-13 15:55:46 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-03-13 15:55:46 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-03-07 09:49:32 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
    2013-03-07 09:49:32 782240 ----a-w- c:\windows\system32\deployJava1.dll
    2013-02-19 10:10:51 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
    2013-02-12 00:32:23 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
    2013-02-12 00:32:23 12928 ------w- c:\windows\system32\drivers\usb8023x.sys
    2013-02-05 20:05:47 916480 ----a-w- c:\windows\system32\wininet.dll
    2013-02-05 20:05:46 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2013-02-05 20:05:46 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
    2013-02-05 05:53:57 385024 ----a-w- c:\windows\system32\html.iec
    2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll
    2013-01-07 01:19:45 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
    2013-01-07 00:37:01 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2004-10-01 19:00:16 40960 ----a-w- c:\program files\Uninstall_CDS.exe
    .
    ============= FINISH: 0:21:20.64 ===============


    = attach.txt =

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 7/11/2008 4:34:14 PM
    System Uptime: 4/3/2013 11:53:15 PM (1 hours ago)
    .
    Motherboard: Hewlett-Packard | | 0968h
    Processor: Intel(R) Pentium(R) 4 CPU 3.40GHz | XU1 PROCESSOR | 3391/800mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 75 GiB total, 37.518 GiB free.
    D: is CDROM ()
    E: is FIXED (NTFS) - 1863 GiB total, 1050.248 GiB free.
    F: is FIXED (NTFS) - 466 GiB total, 463.209 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
    Description: PS/2 Compatible Mouse
    Device ID: ACPI\PNP0F13\4&1117367&0
    Manufacturer: Microsoft
    Name: PS/2 Compatible Mouse
    PNP Device ID: ACPI\PNP0F13\4&1117367&0
    Service: i8042prt
    .
    Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}
    Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
    Device ID: ACPI\PNP0303\4&1117367&0
    Manufacturer: (Standard keyboards)
    Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
    PNP Device ID: ACPI\PNP0303\4&1117367&0
    Service: i8042prt
    .
    ==== System Restore Points ===================
    .
    RP76: 2/8/2013 6:10:24 PM - System Checkpoint
    RP77: 2/9/2013 6:28:43 PM - System Checkpoint
    RP78: 2/10/2013 7:26:33 PM - System Checkpoint
    RP79: 2/12/2013 6:21:01 AM - System Checkpoint
    RP80: 2/13/2013 5:20:45 AM - Software Distribution Service 3.0
    RP81: 2/13/2013 8:54:05 PM - Software Distribution Service 3.0
    RP82: 2/14/2013 7:56:54 AM - Software Distribution Service 3.0
    RP83: 2/15/2013 8:27:51 AM - System Checkpoint
    RP84: 2/16/2013 8:45:36 AM - System Checkpoint
    RP85: 2/17/2013 9:11:26 AM - System Checkpoint
    RP86: 2/18/2013 9:54:43 AM - System Checkpoint
    RP87: 2/19/2013 11:03:38 AM - System Checkpoint
    RP88: 2/20/2013 12:09:52 PM - System Checkpoint
    RP89: 2/21/2013 1:28:38 PM - System Checkpoint
    RP90: 2/22/2013 3:06:54 PM - System Checkpoint
    RP91: 2/23/2013 3:44:15 PM - System Checkpoint
    RP92: 2/24/2013 5:36:50 AM - Removed Java(TM) 6 Update 33
    RP93: 2/24/2013 5:37:46 AM - Installed Java 7 Update 15
    RP94: 2/25/2013 5:56:33 AM - System Checkpoint
    RP95: 2/26/2013 6:16:09 AM - System Checkpoint
    RP96: 2/27/2013 6:23:27 AM - System Checkpoint
    RP97: 2/28/2013 6:37:59 AM - System Checkpoint
    RP98: 3/1/2013 8:40:43 AM - Installed TaxFreeway 2012.
    RP99: 3/2/2013 9:52:33 AM - System Checkpoint
    RP100: 3/2/2013 8:45:20 PM - Software Distribution Service 3.0
    RP101: 3/3/2013 8:49:08 PM - Software Distribution Service 3.0
    RP102: 3/5/2013 6:02:46 AM - System Checkpoint
    RP103: 3/6/2013 6:21:57 AM - System Checkpoint
    RP104: 3/7/2013 4:48:44 AM - Removed Java 7 Update 15
    RP105: 3/7/2013 4:49:25 AM - Installed Java 7 Update 17
    RP106: 3/8/2013 5:32:56 AM - System Checkpoint
    RP107: 3/8/2013 8:04:34 AM - Installed StudioTax 2012
    RP108: 3/9/2013 9:06:08 AM - System Checkpoint
    RP109: 3/10/2013 11:15:20 AM - System Checkpoint
    RP110: 3/11/2013 12:26:47 PM - System Checkpoint
    RP111: 3/12/2013 2:17:40 PM - System Checkpoint
    RP112: 3/12/2013 5:54:27 PM - Printer Driver doPDF 7 Printer Driver Installed
    RP113: 3/13/2013 7:28:15 PM - System Checkpoint
    RP114: 3/13/2013 8:14:04 PM - Software Distribution Service 3.0
    RP115: 3/14/2013 8:37:37 PM - System Checkpoint
    RP116: 3/16/2013 5:57:49 AM - System Checkpoint
    RP117: 3/17/2013 7:18:09 AM - System Checkpoint
    RP118: 3/18/2013 9:41:51 AM - System Checkpoint
    RP119: 3/19/2013 1:14:31 PM - System Checkpoint
    RP120: 3/20/2013 10:05:15 AM - Installed QuickTime
    RP121: 3/21/2013 10:24:23 AM - System Checkpoint
    RP122: 3/21/2013 8:25:19 PM - Software Distribution Service 3.0
    RP123: 3/23/2013 8:24:25 AM - System Checkpoint
    RP124: 3/24/2013 9:35:05 AM - System Checkpoint
    RP125: 3/25/2013 10:33:00 AM - System Checkpoint
    RP126: 3/25/2013 7:11:42 PM - Installed AVG 2013
    RP127: 3/25/2013 7:11:56 PM - Removed AVG 2013
    RP128: 3/26/2013 9:42:08 AM - Installed AVG 2013
    RP129: 3/27/2013 11:30:12 AM - System Checkpoint
    RP130: 3/28/2013 12:50:54 PM - System Checkpoint
    RP131: 3/29/2013 1:37:58 PM - System Checkpoint
    RP132: 3/30/2013 1:59:29 PM - System Checkpoint
    RP133: 4/1/2013 6:19:44 AM - System Checkpoint
    RP134: 4/2/2013 6:23:43 AM - System Checkpoint
    RP135: 4/3/2013 10:02:41 AM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    ?????
    ??????? 6.5???
    ????2?1???
    µTorrent
    7-zip v9.20
    Acrobat.com
    Adobe AIR
    Adobe Digital Editions
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader 9
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    AVG 2013
    AVG Security Toolbar
    AviSubtitler v2.02
    B410 420 430 UserGuide
    Belarc Advisor 7.2
    Broadcom NetXtreme Ethernet Controller
    Canon Camera Access Library
    Canon CanoScan Toolbox 4.5
    Canon DIGITAL CAMERA Solution Disk Software Guide
    Canon MOV Decoder
    Canon MOV Encoder
    Canon MovieEdit Task for ZoomBrowser EX
    Canon PowerShot A1200 Camera User Guide
    Canon Utilities CameraWindow DC 8
    Canon Utilities CameraWindow Launcher
    Canon Utilities Movie Uploader for YouTube
    Canon Utilities MyCamera
    Canon Utilities PhotoStitch
    Canon Utilities ZoomBrowser EX
    Canon ZoomBrowser EX Memory Card Utility
    CCleaner
    CD+G Disc Player Plug-In for Winamp
    CDRWIN
    CloneCD
    Compatibility Pack for the 2007 Office system
    Convert PDF To Image
    CoreAAC
    CPUID CPU-Z 1.61.3
    DealPly
    Dia (remove only)
    doPDF 7.3 printer
    DVD Solution
    EvilLyrics
    FLAC 1.2.1b (remove only)
    FLV to MP3 Converter
    Free CD Ripper 3.1
    Free FLV to MP4 Converter
    Free MP4 Video Converter version 5.0.20.1031
    Free Sound Recorder 2010 v9.2.1
    Free Studio version 5.3.3
    Free Word/Doc Txt to Image Jpg/Jpeg Bmp Tiff Png Converter 5.1
    FreeRIP3 3.70
    GoldWave v5.14
    GOM PICKER
    GOM Player
    GOM Video Converter
    Google Chrome
    Google Desktop
    Google Earth Plug-in
    Google Talk Plugin
    Google Toolbar for Internet Explorer
    Google Update Helper
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB2756822)
    Hotfix for Windows XP (KB2779562)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    HP Mouse Suite
    iLivid
    Intel(R) Graphics Media Accelerator Driver
    InterActual Player
    IrfanView (remove only)
    IsoBuster 2.4
    iTunes
    Japanese Fonts Support For Adobe Reader 9
    Java 7 Update 17
    Java Auto Updater
    K-Lite Codec Pack 2.72 Full
    Karaoke Builder Studio 3.x
    Karaoke for DirectX (remove only)
    LAME v3.98.3 for Audacity
    Linksys Wireless Manager
    Malwarebytes Anti-Malware version 1.70.0.1100
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2698023)
    Microsoft .NET Framework 1.1 Security Update (KB2742597)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    Microsoft Office Professional Edition 2003
    Microsoft Office Visio Professional 2003
    Microsoft Silverlight
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Works 6-9 Converter
    Monkey's Audio
    Mozilla Firefox 12.0 (x86 en-US)
    Mozilla Maintenance Service
    MP3+G Toolz
    MPEG2 Codec(libmpeg2/mad)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 6.0 Parser (KB933579)
    Multimedia Launcher
    Nero 7 Premium
    Nitro PDF Professional
    OKI B410 Printer Menu Setup Tool
    PCFriendly
    Picasa 2
    Power CD+G Burner 2
    Power CD+G to Video Karaoke Converter 2
    PowerDVD
    PowerProducer
    PPSGame V1.0.1.466
    PPStream V2.7.0.1512 Final
    QQ??8.5
    QuickTime
    QuickWordtoPDF
    Rapport
    Samsung_MonSetup
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2530548)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2647516)
    Security Update for Windows Internet Explorer 8 (KB2675157)
    Security Update for Windows Internet Explorer 8 (KB2699988)
    Security Update for Windows Internet Explorer 8 (KB2722913)
    Security Update for Windows Internet Explorer 8 (KB2744842)
    Security Update for Windows Internet Explorer 8 (KB2761465)
    Security Update for Windows Internet Explorer 8 (KB2792100)
    Security Update for Windows Internet Explorer 8 (KB2797052)
    Security Update for Windows Internet Explorer 8 (KB2799329)
    Security Update for Windows Internet Explorer 8 (KB2809289)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player (KB979402)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2482017)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2655992)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2691442)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2698365)
    Security Update for Windows XP (KB2705219)
    Security Update for Windows XP (KB2707511)
    Security Update for Windows XP (KB2709162)
    Security Update for Windows XP (KB2712808)
    Security Update for Windows XP (KB2718523)
    Security Update for Windows XP (KB2719985)
    Security Update for Windows XP (KB2723135)
    Security Update for Windows XP (KB2724197)
    Security Update for Windows XP (KB2727528)
    Security Update for Windows XP (KB2731847)
    Security Update for Windows XP (KB2753842-v2)
    Security Update for Windows XP (KB2753842)
    Security Update for Windows XP (KB2757638)
    Security Update for Windows XP (KB2758857)
    Security Update for Windows XP (KB2761226)
    Security Update for Windows XP (KB2770660)
    Security Update for Windows XP (KB2778344)
    Security Update for Windows XP (KB2779030)
    Security Update for Windows XP (KB2780091)
    Security Update for Windows XP (KB2799494)
    Security Update for Windows XP (KB2802968)
    Security Update for Windows XP (KB2807986)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950759)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB963027)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969897)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981349)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982381)
    Security Update for Windows XP (KB982665)
    Siglos Karaoke Professional
    Skype Click to Call
    Skype™ 6.1
    SnagIt 7
    SoundMAX
    StudioTax 2012
    TaxFreeway 2012
    Unity Web Player
    Update for Windows Internet Explorer 8 (KB2447568)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2661254-v2)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB2736233)
    Update for Windows XP (KB2749655)
    Update for Windows XP (KB942763)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update for Windows XP (KB980182)
    WD Diagnostics
    WD Drive Manager (x86)
    WebFldrs XP
    Winamp (remove only)
    Windows Driver Package - Hewlett-Packard (HidUsb) HIDClass (01/26/2010 1.12.7600.16385)
    Windows Driver Package - Hewlett - Packard (HidUsb) HIDClass (01/26/2010 1.12.7600.16385)
    Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Imaging Component
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Service Pack 3
    WinRAR archiver
    YouTube to MP3 Converter
    YTD Toolbar v7.0
    YTD Video Downloader 3.9.6
    .
    ==== Event Viewer Messages From Past Week ========
    .
    4/3/2013 8:47:54 AM, error: atapi [9] - The device, \Device\Ide\IdePort2, did not respond within the timeout period.
    4/3/2013 8:05:53 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
    4/3/2013 7:29:55 PM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
    4/3/2013 10:27:06 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\QQPCFileOpen.exe. Reference error message: The operation completed successfully. .
    4/2/2013 8:42:22 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt PCIIde
    3/31/2013 5:17:06 AM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.MFC. Reference error message: The referenced assembly is not installed on your system. .
    3/31/2013 5:17:06 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\QQPCTray.exe. Reference error message: The operation completed successfully. .
    3/31/2013 5:17:06 AM, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.MFC could not be found and Last Error was The referenced assembly is not installed on your system.
    3/31/2013 5:16:56 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt
    3/31/2013 5:16:55 AM, error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error 3758213659 (0xE001CA1B).
    3/31/2013 5:16:55 AM, error: Service Control Manager [7024] - The AVG WatchDog service terminated with service-specific error 3758198278 (0xE0018E06).
    3/31/2013 5:16:07 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\plugins\QMSafeboxPlugin.dll. Reference error message: The operation completed successfully. .
    3/31/2013 5:16:07 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\plugins\QMHipsEngine.dll. Reference error message: The operation completed successfully. .
    3/31/2013 5:16:07 AM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\plugins\QMHips.dll. Reference error message: The operation completed successfully. .
    .
    ==== End Of File ===========================
    Newbie

  12. #12
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Download RogueKiller on the desktop

    • Close all the running programs
    • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again



    Download Malwarebytes Anti-Rootkit (MBAR) from HERE

    • Unzip downloaded file.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    • Wait while the system shuts down and the cleanup process is performed.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt

  13. #13
    Join Date
    Sep 2001
    Location
    Toronto, Ontario, Canada
    Posts
    216
    Hi Broni,
    I have run RogueKiller (one time), and Malwarebytes Anti Rootkit - MBAR (several times because I could not find the two text files that you want me to post back). Every time I run MBAR, it says "Scan Finished: No malware found!" and "Cleanup: Congratulations, no cleanup is required!". I could find the RKreport text file (posted below), but I could not find MBAR's log and MBAR's system log anywhere. I unzipped MBAR in a special folder, and I have been looking for these two files throughout my computer, please advise me what to do.

    = = = RKreport text file = = =

    RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.geekstogo.com/forum/files...3-roguekiller/
    Website : http://tigzy.geekstogo.com/roguekiller.php
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Started in : Normal mode
    User : ADMIN [Admin rights]
    Mode : Scan -- Date : 04/04/2013 20:07:22
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 3 ¤¤¤
    [DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\ADMIN\Local Settings\Application Data\Sevas-S\YouTube to MP3 Converter\BrowserExtensions\IE\YouTubeDownloaderExtension.dll [x] -> UNLOADED
    [SUSP PATH] hpwjd.exe -- C:\Documents and Settings\All Users\Application Data\HP Mouse Suite Config\hpwjd.exe [7] -> KILLED [TermProc]
    [SUSP PATH] hpwmsd.exe -- C:\Documents and Settings\All Users\Application Data\HP Mouse Suite Config\hpwmsd.exe [7] -> KILLED [TermProc]

    ¤¤¤ Registry Entries : 9 ¤¤¤
    [RUN][SUSP PATH] HKLM\[...]\Run : Sevas-SSoftwareDefender (C:\Documents and Settings\ADMIN\Local Settings\Application Data\Sevas-S\Defender\defender.exe) -> FOUND
    [RUN][SUSP PATH] HKLM\[...]\Run : Sevas-SSoftwareUpdater (C:\Documents and Settings\ADMIN\Local Settings\Application Data\Sevas-S\Updater\updater.exe) [7] -> FOUND
    [TASK][SUSP PATH] At2.job : C:\Documents and Settings\NetworkService\Application Data\DealPly\UpdateProc\UpdateTask.exe /Check [7] -> FOUND
    [TASK][SUSP PATH] At1.job : C:\Documents and Settings\ADMIN\Application Data\DealPly\UpdateProc\UpdateTask.exe /Check [7] -> FOUND
    [STARTUP][SUSP PATH] hpwjd.exe.lnk @All Users : C:\Documents and Settings\All Users\Application Data\HP Mouse Suite Config\hpwjd.exe [7] -> FOUND
    [STARTUP][SUSP PATH] hpwmsd.exe.lnk @All Users : C:\Documents and Settings\All Users\Application Data\HP Mouse Suite Config\hpwmsd.exe [7] -> FOUND
    [STARTUP][SUSP PATH] hpwjd.exe.lnk @Common : C:\Documents and Settings\All Users\Application Data\HP Mouse Suite Config\hpwjd.exe [7] -> FOUND
    [STARTUP][SUSP PATH] hpwmsd.exe.lnk @Common : C:\Documents and Settings\All Users\Application Data\HP Mouse Suite Config\hpwmsd.exe [7] -> FOUND
    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [LOADED] ¤¤¤
    SSDT[41] : NtCreateKey @ 0x80578ABE -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA9092BB0)
    SSDT[50] : NtCreateSection @ 0x8056DB66 -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA9096A2A)
    SSDT[53] : NtCreateThread @ 0x805860C0 -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA9094B48)
    SSDT[66] : NtDeviceIoControlFile @ 0x80588ABD -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA909A28C)
    SSDT[68] : NtDuplicateObject @ 0x8057DDAF -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA9088A52)
    SSDT[73] : NtEnumerateValueKey @ 0x8059003A -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA908F17C)
    SSDT[97] : NtLoadDriver @ 0x805B06F6 -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA909A492)
    SSDT[125] : NtOpenSection @ 0x8057B96A -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA9096CE9)
    SSDT[180] : NtQueueApcThread @ 0x8059A8E8 -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA9097ED7)
    SSDT[200] : NtRequestWaitReplyPort @ 0x8057D89E -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA9093FA7)
    SSDT[237] : NtSetSecurityObject @ 0x8059EC29 -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA909AC54)
    SSDT[240] : NtSetSystemInformation @ 0x805B2328 -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA909B28F)
    SSDT[255] : NtSystemDebugControl @ 0x80651B27 -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA909A8A7)
    SSDT[274] : NtWriteFile @ 0x8058342D -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA9089372)

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\WINDOWS\system32\drivers\etc\hosts

    127.0.0.1 localhost


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: SAMSUNG SP0812C +++++
    --- User ---
    [MBR] 47b7733e2ebb66704334197371dfeb60
    [BSP] 4d1738d29bd56e11f363b58923c9ebc7 : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76316 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive1: ST2000DM001-9YN164 +++++
    --- User ---
    [MBR] 1d9d93e3957e9ad32111a8887c533393
    [BSP] fc1c3f54a420a9c310c529f5a8f7f443 : Windows XP MBR Code
    Partition table:
    0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 1907726 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive2: +++++
    --- User ---
    [MBR] a0804512606de9ebcd08edf18f8bee5e
    [BSP] 0d5cd987dd27d007ebfb056aad1bc943 : Windows XP MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476929 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[1]_S_04042013_02d2007.txt >>
    RKreport[1]_S_04042013_02d2007.txt

    = = =
    Newbie

  14. #14
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    You're fine with MBAR but RK should produce another file (after cleaning).

  15. #15
    Join Date
    Sep 2001
    Location
    Toronto, Ontario, Canada
    Posts
    216
    Hi Broni,

    I got this RKreport after cleaning.

    RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://www.geekstogo.com/forum/files...3-roguekiller/
    Website : http://tigzy.geekstogo.com/roguekiller.php
    Blog : http://tigzyrk.blogspot.com/

    Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Started in : Normal mode
    User : ADMIN [Admin rights]
    Mode : Remove -- Date : 04/04/2013 20:08:19
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 3 ¤¤¤
    [DLL] explorer.exe -- C:\WINDOWS\explorer.exe : C:\Documents and Settings\ADMIN\Local Settings\Application Data\Sevas-S\YouTube to MP3 Converter\BrowserExtensions\IE\YouTubeDownloaderExtension.dll [x] -> UNLOADED
    [SUSP PATH] hpwjd.exe -- C:\Documents and Settings\All Users\Application Data\HP Mouse Suite Config\hpwjd.exe [7] -> KILLED [TermProc]
    [SUSP PATH] hpwmsd.exe -- C:\Documents and Settings\All Users\Application Data\HP Mouse Suite Config\hpwmsd.exe [7] -> KILLED [TermProc]

    ¤¤¤ Registry Entries : 7 ¤¤¤
    [RUN][SUSP PATH] HKLM\[...]\Run : Sevas-SSoftwareDefender (C:\Documents and Settings\ADMIN\Local Settings\Application Data\Sevas-S\Defender\defender.exe) -> DELETED
    [RUN][SUSP PATH] HKLM\[...]\Run : Sevas-SSoftwareUpdater (C:\Documents and Settings\ADMIN\Local Settings\Application Data\Sevas-S\Updater\updater.exe) [7] -> DELETED
    [TASK][SUSP PATH] At2.job : C:\Documents and Settings\NetworkService\Application Data\DealPly\UpdateProc\UpdateTask.exe /Check [7] -> DELETED
    [TASK][SUSP PATH] At1.job : C:\Documents and Settings\ADMIN\Application Data\DealPly\UpdateProc\UpdateTask.exe /Check [7] -> DELETED
    [STARTUP][SUSP PATH] hpwjd.exe.lnk @All Users : C:\Documents and Settings\All Users\Application Data\HP Mouse Suite Config\hpwjd.exe [7] -> DELETED
    [STARTUP][SUSP PATH] hpwmsd.exe.lnk @All Users : C:\Documents and Settings\All Users\Application Data\HP Mouse Suite Config\hpwmsd.exe [7] -> DELETED
    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [LOADED] ¤¤¤
    SSDT[41] : NtCreateKey @ 0x80578ABE -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA9092BB0)
    SSDT[50] : NtCreateSection @ 0x8056DB66 -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA9096A2A)
    SSDT[53] : NtCreateThread @ 0x805860C0 -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA9094B48)
    SSDT[66] : NtDeviceIoControlFile @ 0x80588ABD -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA909A28C)
    SSDT[68] : NtDuplicateObject @ 0x8057DDAF -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA9088A52)
    SSDT[73] : NtEnumerateValueKey @ 0x8059003A -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA908F17C)
    SSDT[97] : NtLoadDriver @ 0x805B06F6 -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA909A492)
    SSDT[125] : NtOpenSection @ 0x8057B96A -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA9096CE9)
    SSDT[180] : NtQueueApcThread @ 0x8059A8E8 -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA9097ED7)
    SSDT[200] : NtRequestWaitReplyPort @ 0x8057D89E -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA9093FA7)
    SSDT[237] : NtSetSecurityObject @ 0x8059EC29 -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA909AC54)
    SSDT[240] : NtSetSystemInformation @ 0x805B2328 -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA909B28F)
    SSDT[255] : NtSystemDebugControl @ 0x80651B27 -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA909A8A7)
    SSDT[274] : NtWriteFile @ 0x8058342D -> HOOKED (\??\C:\Program Files\Tencent\QQPCMgr\7.3.8099.213\TSKsp.sys @ 0xA9089372)

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\WINDOWS\system32\drivers\etc\hosts

    127.0.0.1 localhost


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: SAMSUNG SP0812C +++++
    --- User ---
    [MBR] 47b7733e2ebb66704334197371dfeb60
    [BSP] 4d1738d29bd56e11f363b58923c9ebc7 : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76316 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive1: ST2000DM001-9YN164 +++++
    --- User ---
    [MBR] 1d9d93e3957e9ad32111a8887c533393
    [BSP] fc1c3f54a420a9c310c529f5a8f7f443 : Windows XP MBR Code
    Partition table:
    0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 1907726 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive2: +++++
    --- User ---
    [MBR] a0804512606de9ebcd08edf18f8bee5e
    [BSP] 0d5cd987dd27d007ebfb056aad1bc943 : Windows XP MBR Code
    Partition table:
    0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 476929 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[2]_D_04042013_02d2008.txt >>
    RKreport[1]_S_04042013_02d2007.txt ; RKreport[2]_D_04042013_02d2008.txt

    = = =

    But now I opened Chrome (Web-browser), Conduit - Visual Bee search is still in 2nd tab. First tab uses Google (as intended).

    This is showing in the URL line of the 2nd tab>>
    http://search.conduit.com/?ctid=CT29...402319515&UM=2

    = = =
    Newbie

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •