Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Help with iLividSetupV1 removal cleanly and safely

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Help with iLividSetupV1 removal cleanly and safely

Unread postby Deeply_confused » June 22nd, 2012, 6:30 am

Hi there. I accidentally download iLividSetupV1 from Bandoo Media using Firefox 6 and after a few seconds stopped the installation but damaged has been done. I do not appear to have the searchqu or searchnu toolbar in firefox or chrome. Can you please help me remove/uninstall the iLividSetupV1 safely as I noticed this program only appears under download folder (at least one that I know of)? Any help would be appreciated. Thank you kindly.

DDS.txt log below:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19272 BrowserJavaVersion: 1.6.0_31
Run by Yaya at 22:11:22 on 2012-06-22
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2045.794 [GMT 12:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\aestsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\SetPoint\SetPoint.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource= ... =CT2269050
uWindow Title = Internet Explorer provided by Dell
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\19.7.1.5\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\19.7.1.5\ips\IPSBHO.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\datamngr\toolbar\searchqudtx.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\19.7.1.5\coIEPlg.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mRun: [Logitech Hardware Abstraction Layer] "c:\program files\common files\logitech\khalshared\KHALMNPR.EXE"
mRun: [<NO NAME>]
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [(default)]
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\setpoint.lnk - c:\program files\setpoint\SetPoint.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Save YouTube Video as MP3
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{4ADCE050-274D-4518-8282-259B9B6BD40E} : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
AppInit_DLLs:
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\yaya\appdata\roaming\mozilla\firefox\profiles\4nvjcpsz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?=q
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\coffplgn_2011_7_1_3\components\coFFPlgn.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\ipsffplgn\components\IPSFFPl.dll
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\yaya\appdata\roaming\mozilla\firefox\profiles\4nvjcpsz.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}

\components\FFExternalAlert.dll
FF - component: c:\users\yaya\appdata\roaming\mozilla\firefox\profiles\4nvjcpsz.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}

\components\RadioWMPCore.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\np32asw.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_257.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1307010.005\symds.sys [2012-5-18 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1307010.005\symefa.sys [2012-5-18 905336]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.6.2.10\definitions\bashdefs\20120619.001\BHDrvx86.sys [2012-6-19

821920]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1307010.005\ccsetx86.sys [2012-5-18 132744]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.6.2.10\definitions\ipsdefs\20120618.004\IDSvix86.sys [2012-6-15

382624]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1307010.005\ironx86.sys [2012-5-18 149624]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1307010.005\symtdiv.sys [2012-5-18 345208]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-4 63928]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-6-7 73728]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-8-10 21504]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-2 654408]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.7.1.5\ccsvchst.exe [2012-5-18 138232]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-5-31 106656]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-2 22344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-11 136176]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-5 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-25 257696]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-9-11 136176]
S3 IdcPHid;IdeaCom HID Touch Screen Driver (PS/2);c:\windows\system32\drivers\idcphid.sys [2008-12-11 16256]
S3 IpwP;IPWireless 3G Network Adapter;c:\windows\system32\drivers\ipw3gnet.sys [2008-6-19 51040]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18

753504]
.
=============== Created Last 30 ================
.
2012-06-22 03:21:50 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{af453b8a-8b51-4d7b-8a0d-d1cca0bdf950}

\offreg.dll
2012-06-22 02:59:51 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 02:59:06 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-22 02:59:06 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 02:44:39 -------- d-----w- c:\users\yaya\appdata\local\Macromedia
2012-06-20 02:33:34 6762896 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{af453b8a-8b51-4d7b-8a0d-d1cca0bdf950}

\mpengine.dll
2012-06-14 01:51:34 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-14 01:51:31 2045440 ----a-w- c:\windows\system32\win32k.sys
.
==================== Find3M ====================
.
2012-06-21 02:35:54 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-21 02:35:54 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-15 06:37:49 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 06:32:25 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-15 06:32:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-15 06:31:44 109056 ----a-w- c:\windows\system32\iesysprep.dll
2012-05-15 06:31:43 71680 ----a-w- c:\windows\system32\iesetup.dll
2012-05-15 05:01:56 385024 ----a-w- c:\windows\system32\html.iec
2012-05-15 03:26:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2012-05-15 03:23:41 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-04-23 16:00:53 984064 ----a-w- c:\windows\system32\crypt32.dll
2012-04-23 16:00:53 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-23 16:00:53 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-12 06:39:28 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-04-04 03:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-03 08:16:12 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-03 08:16:11 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-30 12:39:11 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-29 06:28:38 318584 ----a-w- c:\windows\system32\drivers\nis\1307010.005\symnets.sys
2012-03-29 06:28:37 345208 ----a-w- c:\windows\system32\drivers\nis\1307010.005\symtdiv.sys
2012-03-29 06:28:30 905336 ----a-w- c:\windows\system32\drivers\nis\1307010.005\symefa.sys
2012-03-29 06:06:25 149624 ----a-w- c:\windows\system32\drivers\nis\1307010.005\ironx86.sys
2012-03-29 06:03:27 574072 ----a-w- c:\windows\system32\drivers\nis\1307010.005\srtsp.sys
2012-03-29 06:03:27 32888 ----a-w- c:\windows\system32\drivers\nis\1307010.005\srtspx.sys
.
============= FINISH: 22:13:18.10 ===============

Attach.txt log below:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 6/7/2008 6:07:12 AM
System Uptime: 6/22/2012 2:50:30 PM (8 hours ago)
.
Motherboard: Dell Inc. | | 0KY768
Processor: Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz | Microprocessor | 1833/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 220 GiB total, 157.084 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.561 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0002
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #3
PNP Device ID: ROOT\*ISATAP\0002
Service: tunnel
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Advanced Audio FX Engine
Advanced Video FX Engine
Apple Application Support
Apple Software Update
Broadcom 440x 10/100 Integrated Controller
Broadcom Management Programs
Browser Address Error Redirector
CDDRV_Installer
Compatibility Pack for the 2007 Office system
Conexant HDA D330 MDC V.92 Modem
Dell Driver Download Manager
Dell Getting Started Guide
Dell Support Center (Support Software)
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
Digital Line Detect
EDocs
Google Chrome
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) PROSet/Wireless Software
iTunes
Java Auto Updater
Java(TM) 6 Update 31
KhalSetup
Laptop Integrated Webcam Driver (1.04.01.1011)
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
Malwarebytes Anti-Malware version 1.61.0.1400
mCore
MediaDirect
mHelp
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
mMHouse
Modem Diagnostic Tool
Mozilla Firefox 6.0.2 (x86 en-US)
mPfMgr
mWMI
NetWaiting
Norton Internet Security
NVIDIA Drivers
OGA Notifier 2.0.0048.0
ooVoo
OutlookAddinSetup
QuickSet
QuickTime
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
SetPoint
SigmaTel Audio
Skype Click to Call
Skype™ 5.9
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WIDCOMM Bluetooth Software 6.0.1.3100
.
==== Event Viewer Messages From Past Week ========
.
6/22/2012 8:02:28 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.10 for the

Network Card with network address 001F3BBA8053 has been denied by the DHCP server 0.0.0.0 (The DHCP Server

sent a DHCPNACK message).
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-zh-tw-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-zh-hk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-zh-cn-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-uk-ua-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-tr-tr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-th-th-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-sv-se-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-sr-latn-cs-LP-Toplevel from package KBWUClient-SelfUpdate-

Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-sl-si-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-sk-sk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-ru-ru-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-ro-ro-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-pt-pt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-pt-br-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-ps-ps-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-pl-pl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-nl-nl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-Neutral from package KBWUClient-SelfUpdate-Aux(Feature

Pack) into Staged(Staged) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-nb-no-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-lv-lv-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-lt-lt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-ko-kr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-ja-jp-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-it-it-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-hu-hu-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-hr-hr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-he-il-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-fr-fr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-fi-fi-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-et-ee-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-es-es-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-en-us-LP from package WUClient-SelfUpdate-Aux-Package-en-

us-MiniLP(Feature Pack) into Staged(Staged) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-en-us-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Staged(Staged) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-el-gr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-de-de-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-da-dk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-cs-cz-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-bg-bg-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update WUClient-SelfUpdate-Aux-ar-sa-LP-Toplevel from package KBWUClient-SelfUpdate-Aux

(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update AuxResourcesLP from package WindowsUpdateClient-SelfUpdate-Aux-Package(Language

Pack) into Staged(Staged) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update AuxComp from package WindowsUpdateClient-SelfUpdate-Aux-Package(Update) into

Staged(Staged) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US(Language

Pack) into Staged(Staged) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the

process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package(Update) into

Staged(Staged) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the

process of setting package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP (Feature Pack) into Install Requested

(Install Requested) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the

process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Update) into Install Requested(Install

Requested) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the

process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Language Pack) into Install Requested

(Install Requested) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the

process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US (Language Pack) into

Install Requested(Install Requested) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the

process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package (Update) into Install Requested

(Install Requested) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the

process of setting package KBWUClient-SelfUpdate-Aux (Feature Pack) into Install Requested(Install Requested)

state
6/17/2012 1:53:03 PM, Error: EventLog [6008] - The previous system shutdown at 1:58:59 AM on 6/17/2012 was

unexpected.
6/16/2012 9:53:36 PM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner

and will not be used. The driver has been unloaded.
.
==== End Of File ===========================
Deeply_confused
Active Member
 
Posts: 9
Joined: June 22nd, 2012, 6:01 am
Advertisement
Register to Remove

Re: Help with iLividSetupV1 removal cleanly and safely

Unread postby Blade81 » June 24th, 2012, 1:48 pm

Hi,

Disable word wrap in Notepad to make further logs appear in more readable format. Then re-run DDS and post back its logs' contents. Also, update Malwarebytes' Anti-Malware and run a scan with it. Post back its report.
User avatar
Blade81
Admin/Teacher
Admin/Teacher
 
Posts: 5245
Joined: July 17th, 2006, 3:36 am
Location: Finland

Re: Help with iLividSetupV1 removal cleanly and safely

Unread postby Deeply_confused » June 25th, 2012, 1:49 am

Hi there,

Thanks for the reply. I think I have disabled the word wrap in Notepad.

Re-run of DDS log is below:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19272 BrowserJavaVersion: 1.6.0_31
Run by Yaya at 16:15:01 on 2012-06-25
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2045.771 [GMT 12:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\aestsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\SetPoint\SetPoint.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource= ... =CT2269050
uWindow Title = Internet Explorer provided by Dell
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\19.7.1.5\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\19.7.1.5\ips\IPSBHO.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\datamngr\toolbar\searchqudtx.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\19.7.1.5\coIEPlg.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mRun: [Logitech Hardware Abstraction Layer] "c:\program files\common files\logitech\khalshared\KHALMNPR.EXE"
mRun: [<NO NAME>]
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [(default)]
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\setpoint.lnk - c:\program files\setpoint\SetPoint.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Save YouTube Video as MP3
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{4ADCE050-274D-4518-8282-259B9B6BD40E} : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
AppInit_DLLs:
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\yaya\appdata\roaming\mozilla\firefox\profiles\4nvjcpsz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?=q
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\coffplgn_2011_7_1_3\components\coFFPlgn.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\ipsffplgn\components\IPSFFPl.dll
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\yaya\appdata\roaming\mozilla\firefox\profiles\4nvjcpsz.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\FFExternalAlert.dll
FF - component: c:\users\yaya\appdata\roaming\mozilla\firefox\profiles\4nvjcpsz.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\RadioWMPCore.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\np32asw.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_257.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1307010.005\symds.sys [2012-5-18 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1307010.005\symefa.sys [2012-5-18 905336]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.6.2.10\definitions\bashdefs\20120619.001\BHDrvx86.sys [2012-6-19 821920]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1307010.005\ccsetx86.sys [2012-5-18 132744]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.6.2.10\definitions\ipsdefs\20120622.001\IDSvix86.sys [2012-6-23 382624]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1307010.005\ironx86.sys [2012-5-18 149624]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1307010.005\symtdiv.sys [2012-5-18 345208]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-4 63928]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-6-7 73728]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-8-10 21504]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-2 654408]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.7.1.5\ccsvchst.exe [2012-5-18 138232]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-5-31 106656]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-2 22344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-11 136176]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-5 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-25 250056]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-9-11 136176]
S3 IdcPHid;IdeaCom HID Touch Screen Driver (PS/2);c:\windows\system32\drivers\idcphid.sys [2008-12-11 16256]
S3 IpwP;IPWireless 3G Network Adapter;c:\windows\system32\drivers\ipw3gnet.sys [2008-6-19 51040]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-06-23 03:14:29 6762896 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{206ec232-315c-4612-9a09-30b30a34ad40}\mpengine.dll
2012-06-22 02:59:51 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 02:59:25 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 02:59:06 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-22 02:59:06 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 02:44:39 -------- d-----w- c:\users\yaya\appdata\local\Macromedia
2012-06-14 01:51:34 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-14 01:51:31 2045440 ----a-w- c:\windows\system32\win32k.sys
.
==================== Find3M ====================
.
2012-06-23 10:39:43 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-23 10:39:43 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-15 06:37:49 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 06:32:25 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-15 06:32:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-15 06:31:44 109056 ----a-w- c:\windows\system32\iesysprep.dll
2012-05-15 06:31:43 71680 ----a-w- c:\windows\system32\iesetup.dll
2012-05-15 05:01:56 385024 ----a-w- c:\windows\system32\html.iec
2012-05-15 03:26:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2012-05-15 03:23:41 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-04-23 16:00:53 984064 ----a-w- c:\windows\system32\crypt32.dll
2012-04-23 16:00:53 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-23 16:00:53 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-12 06:39:28 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-04-04 03:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-03 08:16:12 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-03 08:16:11 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-30 12:39:11 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-29 06:28:38 318584 ----a-w- c:\windows\system32\drivers\nis\1307010.005\symnets.sys
2012-03-29 06:28:37 345208 ----a-w- c:\windows\system32\drivers\nis\1307010.005\symtdiv.sys
2012-03-29 06:28:30 905336 ----a-w- c:\windows\system32\drivers\nis\1307010.005\symefa.sys
2012-03-29 06:06:25 149624 ----a-w- c:\windows\system32\drivers\nis\1307010.005\ironx86.sys
2012-03-29 06:03:27 574072 ----a-w- c:\windows\system32\drivers\nis\1307010.005\srtsp.sys
2012-03-29 06:03:27 32888 ----a-w- c:\windows\system32\drivers\nis\1307010.005\srtspx.sys
.
============= FINISH: 16:17:17.07 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 6/7/2008 6:07:12 AM
System Uptime: 6/25/2012 4:06:10 PM (0 hours ago)
.
Motherboard: Dell Inc. | | 0KY768
Processor: Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz | Microprocessor | 1833/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 220 GiB total, 156.01 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.561 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0002
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #3
PNP Device ID: ROOT\*ISATAP\0002
Service: tunnel
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Advanced Audio FX Engine
Advanced Video FX Engine
Apple Application Support
Apple Software Update
Broadcom 440x 10/100 Integrated Controller
Broadcom Management Programs
Browser Address Error Redirector
CDDRV_Installer
Compatibility Pack for the 2007 Office system
Conexant HDA D330 MDC V.92 Modem
Dell Driver Download Manager
Dell Getting Started Guide
Dell Support Center (Support Software)
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
Digital Line Detect
EDocs
Google Chrome
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) PROSet/Wireless Software
iTunes
Java Auto Updater
Java(TM) 6 Update 31
KhalSetup
Laptop Integrated Webcam Driver (1.04.01.1011)
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
Malwarebytes Anti-Malware version 1.61.0.1400
mCore
MediaDirect
mHelp
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
mMHouse
Modem Diagnostic Tool
Mozilla Firefox 6.0.2 (x86 en-US)
mPfMgr
mWMI
NetWaiting
Norton Internet Security
NVIDIA Drivers
OGA Notifier 2.0.0048.0
ooVoo
OutlookAddinSetup
QuickSet
QuickTime
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
SetPoint
SigmaTel Audio
Skype Click to Call
Skype™ 5.9
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WIDCOMM Bluetooth Software 6.0.1.3100
.
==== Event Viewer Messages From Past Week ========
.
6/24/2012 1:55:57 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.10 for the Network Card with network address 001F3BBA8053 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
6/23/2012 3:01:19 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.11 for the Network Card with network address 001F3BBA8053 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-tw-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-hk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-cn-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-uk-ua-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-tr-tr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-th-th-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sv-se-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sr-latn-cs-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sl-si-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sk-sk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ru-ru-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ro-ro-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pt-pt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pt-br-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ps-ps-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pl-pl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-nl-nl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-Neutral from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-nb-no-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-lv-lv-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-lt-lt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ko-kr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ja-jp-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-it-it-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-hu-hu-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-hr-hr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-he-il-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-fr-fr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-fi-fi-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-et-ee-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-es-es-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-en-us-LP from package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP(Feature Pack) into Staged(Staged) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-en-us-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-el-gr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-de-de-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-da-dk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-cs-cz-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-bg-bg-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ar-sa-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update AuxResourcesLP from package WindowsUpdateClient-SelfUpdate-Aux-Package(Language Pack) into Staged(Staged) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update AuxComp from package WindowsUpdateClient-SelfUpdate-Aux-Package(Update) into Staged(Staged) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US(Language Pack) into Staged(Staged) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package(Update) into Staged(Staged) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP (Feature Pack) into Install Requested(Install Requested) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Update) into Install Requested(Install Requested) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Language Pack) into Install Requested(Install Requested) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US (Language Pack) into Install Requested(Install Requested) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package (Update) into Install Requested(Install Requested) state
6/22/2012 3:00:37 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KBWUClient-SelfUpdate-Aux (Feature Pack) into Install Requested(Install Requested) state
.
==== End Of File ===========================

Updated Malwarebytes' Antimalware and full scan log is below:
Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.25.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19272
Yaya :: YAYA-PC [administrator]

Protection: Enabled

6/25/2012 4:28:30 PM
mbam-log-2012-06-25 (16-28-30).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 361134
Time elapsed: 1 hour(s), 16 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
Deeply_confused
Active Member
 
Posts: 9
Joined: June 22nd, 2012, 6:01 am

Re: Help with iLividSetupV1 removal cleanly and safely

Unread postby Blade81 » June 26th, 2012, 4:09 am

Hi


Please visit this webpage for download links, and instructions for running ComboFix tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please ensure you read this guide carefully first.

Please continue as follows:

  1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link
    Remember to re-enable them afterwards.

  2. Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New dds log.


A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.
User avatar
Blade81
Admin/Teacher
Admin/Teacher
 
Posts: 5245
Joined: July 17th, 2006, 3:36 am
Location: Finland

Re: Help with iLividSetupV1 removal cleanly and safely

Unread postby Deeply_confused » June 26th, 2012, 5:19 am

Hi.

I got several questions before downloading and running ComboFix as you said it is a powerful tool. Can I disable/close antivirus and anti-malware programs just before running a scan? And when running a scan in ComboFix can I disconnected from internet to prevent malwares/viruses coming in or does ComboFix acts antivirus/antimalware? Then, when ComboFix attempts to create Microsoft Recovery Console, turn my internet back on, is this posssible? Thank you in advance.
Deeply_confused
Active Member
 
Posts: 9
Joined: June 22nd, 2012, 6:01 am

Re: Help with iLividSetupV1 removal cleanly and safely

Unread postby Blade81 » June 26th, 2012, 1:26 pm

Hi,
Can I disable/close antivirus and anti-malware programs just before running a scan?

Yes unless Norton prevents downloading ComboFix (some antivirus programs falsely detect it as malicious and won't even let the download complete).

And when running a scan in ComboFix can I disconnected from internet to prevent malwares/viruses coming in or does ComboFix acts antivirus/antimalware?

It's recommended to keep connection on during the ComboFix scan if possible.

Then, when ComboFix attempts to create Microsoft Recovery Console, turn my internet back on, is this posssible?

Recovery Console thing applies only to Windows XP.
User avatar
Blade81
Admin/Teacher
Admin/Teacher
 
Posts: 5245
Joined: July 17th, 2006, 3:36 am
Location: Finland

Re: Help with iLividSetupV1 removal cleanly and safely

Unread postby Deeply_confused » June 27th, 2012, 3:53 am

Hi there, thank you for the reply.
Are you saying that I do NOT need to create Windows Recovery Console from ComboFix just before scanning since that step is only for XP? Since I don't think I have backup or recovery original CD from the manufacturer (i.e. cannot remember) , do I need to create Vista Backup & Restore Utility (in case something bad happens) like the one stated on this thread: http://www.bleepingcomputer.com/tutoria ... pc-backup/

I'm afraid of running ComboFix just yet - what if I do not get my internet connection back as this is the only computer I have? I have read from other malware thread that after running ComboFix, it's unable to load the computer properly after reboot (e.g. missing registry, won't load internet connection back on, etc). Do you see any potential infection/malware or anything from the logs above so far? Is ComboFix the only and best recommended option? Sorry for the delay, just wanting to make sure fully before proceeding. Thank you.
Deeply_confused
Active Member
 
Posts: 9
Joined: June 22nd, 2012, 6:01 am

Re: Help with iLividSetupV1 removal cleanly and safely

Unread postby Blade81 » June 27th, 2012, 11:40 am

Hi,

Are you saying that I do NOT need to create Windows Recovery Console from ComboFix just before scanning since that step is only for XP?

Yes, and if it was XP ComboFix would automatically do the recovery console installing if allowed.

Anyway, before using ComboFix we could try one other tool instead.


Please right-click on the filename link below and select "Save target as..." or "Save Link as...", choose the Desktop location, and choose to save as the filename: Fix.txt
Vista or Win 7, 32 bit: SQW7-Vista_x32.TXT

---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.
----------------------------------------------
Perform a Custom Fix with OTL
Double Click the OTL icon (Right click and choose "Run as administrator" in Vista/Win7)
  • Click the Run Fix button at the top.
  • You will see a popup dialog reporting "No fix has been provided. Click OK to load from a file or Cancel". Click on OK
  • When the Open dialog comes up, Navigate to the Desktop, scroll to find the file named Fix.txt and click Open
  • Some text will appear in the Custom scans/Fixes box.
  • Click the Run Fix button.
  • Let the program run unhindered and reboot the PC when it is done.
    When the computer Reboots, and you start your usual account, a Notepad text file will appear.
  • Copy the contents of that file and post it in your next reply. The file will also appear on your desktop as OTL.txt
User avatar
Blade81
Admin/Teacher
Admin/Teacher
 
Posts: 5245
Joined: July 17th, 2006, 3:36 am
Location: Finland

Re: Help with iLividSetupV1 removal cleanly and safely

Unread postby Deeply_confused » June 30th, 2012, 12:42 am

Hi there,

Thank you very much for an alternative route to Combo Fix. After the OTL runs, I no longer have the ilividsetupv1 under my the Windows search button, does that mean my system is clean? What does OTL log below means? Also, I seem to have Windows hang upon shutting down recently - it takes such a long time to shut down and I would need to manually press the power button, is that because of the ilividsetupv1 or something else?

OTL log below:

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll deleted successfully.
File C:\Program Files\Searchqu Toolbar\Datamngr\datamngr.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll deleted successfully.
File C:\Program Files\Searchqu Toolbar\Datamngr\IEBHO.dll not found.
========== REGISTRY ==========
Registry key hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\products\2b1e51d87b2d71a44bb42ddd5e894160\installproperties\ not found.
Registry key hkey_local_machine\software\microsoft\windows\currentversion\uninstall\ilivid\ not found.
Registry key hkey_local_machine\software\microsoft\windows\currentversion\uninstall\windows searchqu toolbar\ not found.
Registry key hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{8d15e1b2-d2b7-4a17-b44b-d2dde5981406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8d15e1b2-d2b7-4a17-b44b-d2dde5981406}\ not found.
Registry key hkey_current_user\software\microsoft\windows\currentversion\app management\arpcache\windows searchqu toolbar\ not found.
Registry key hkey_current_user\software\microsoft\windows\currentversion\app management\arpcache\ilivid\ not found.
Registry key hkey_local_machine\software\classes\ilivid\ not found.
Registry key hkey_local_machine\software\classes\installer\products\2b1e51d87b2d71a44bb42ddd5e894160\ not found.
Registry key hkey_local_machine\software\ilivid\ not found.
Registry key hkey_local_machine\software\ilivid\player\hosts\ilivid.com\ not found.
Registry key hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{949d2c04-d3c1-490a-8a03-440b5c32b5f2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{949d2c04-d3c1-490a-8a03-440b5c32b5f2}\ not found.
Registry key hkey_current_user\software\datamngr_toolbar\ not found.
Registry key hkey_local_machine\software\classes\browserconnection.loader\ not found.
Registry key hkey_local_machine\software\classes\browserconnection.loader.1\ not found.
Registry key hkey_local_machine\software\classes\clsid\{9d717f81-9148-4f12-8568-69135f087db0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9d717f81-9148-4f12-8568-69135f087db0}\ not found.
Registry key hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{69cf75c1-35ab-4de5-a51f-662c9020ad4a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69cf75c1-35ab-4de5-a51f-662c9020ad4a}\ not found.
Registry key hkey_current_user\software\appdatalow\software\searchqutoolbar\ not found.
Registry key hkey_current_user\software\datamngr\ deleted successfully.
Registry key hkey_current_user\software\microsoft\internet explorer\searchscopes\{8a96af9e-4074-43b7-bea3-87217bda7406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8a96af9e-4074-43b7-bea3-87217bda7406}\ not found.
Registry key hkey_current_user\software\microsoft\windows\currentversion\app management\arpcache\bandoo\ not found.
Registry key hkey_current_user\software\microsoft\windows\currentversion\app management\arpcache\searchqu 406 mediabar\ not found.
Registry key hkey_current_user\software\microsoft\windows\currentversion\explorer\menuorder\start menu2\programs\bandoo\ not found.
Registry key hkey_current_user\software\trolltech\ deleted successfully.
Registry key hkey_current_user\software\ilivid\ not found.
Registry key hkey_current_user\software\searchqutoolbar\ not found.
Registry key hkey_local_machine\software\datamngr\ not found.
Registry key hkey_local_machine\software\bandoo\ not found.
Registry key hkey_local_machine\software\classes\appid\bandoocore.exe\ not found.
Registry key hkey_local_machine\software\classes\appid\{1301a8a5-3dfb-4731-a162-b357d00c9644}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1301a8a5-3dfb-4731-a162-b357d00c9644}\ not found.
Registry key hkey_local_machine\software\classes\applications\ilividsetupv1.exe\ not found.
Registry key hkey_local_machine\software\classes\bandoocore.bandoocore.1\ not found.
Registry key hkey_local_machine\software\classes\bandoocore.bandoocore\ not found.
Registry key hkey_local_machine\software\classes\bandoocore.resourcesmngr.1\ not found.
Registry key hkey_local_machine\software\classes\bandoocore.resourcesmngr\ not found.
Registry key hkey_local_machine\software\classes\bandoocore.settingsmngr.1\ not found.
Registry key hkey_local_machine\software\classes\bandoocore.settingsmngr\ not found.
Registry key hkey_local_machine\software\classes\bandoocore.statisticmngr.1\ not found.
Registry key hkey_local_machine\software\classes\bandoocore.statisticmngr\ not found.
Registry key hkey_local_machine\software\classes\clsid\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key hkey_local_machine\software\classes\clsid\{a40dc6c5-79d0-4ca8-a185-8ff989af1115}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a40dc6c5-79d0-4ca8-a185-8ff989af1115}\ not found.
Registry key hkey_local_machine\software\classes\clsid\{b543ef05-9758-464e-9f37-4c28525b4a4c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b543ef05-9758-464e-9f37-4c28525b4a4c}\ not found.
Registry key hkey_local_machine\software\classes\clsid\{bb76a90b-2b4c-4378-8506-9a2b6e16943c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bb76a90b-2b4c-4378-8506-9a2b6e16943c}\ not found.
Registry key hkey_local_machine\software\classes\clsid\{c3ab94a4-bfd0-4bba-a331-de504f07d2db}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c3ab94a4-bfd0-4bba-a331-de504f07d2db}\ not found.
Registry key hkey_local_machine\software\classes\interface\{477f210a-2a86-4666-9c4b-1189634d2c84}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{477f210a-2a86-4666-9c4b-1189634d2c84}\ not found.
Registry key hkey_local_machine\software\classes\interface\{ff871e51-2655-4d06-aed5-745962a96b32}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ff871e51-2655-4d06-aed5-745962a96b32}\ not found.
Registry key hkey_local_machine\software\classes\searchquiehelper.dnsguard.1\ not found.
Registry key hkey_local_machine\software\classes\searchquiehelper.dnsguard\ not found.
Registry key hkey_local_machine\software\classes\typelib\{6a4bcaba-c437-4c76-a54e-af31b8a76cb9}\1.0\ not found.
Registry key hkey_local_machine\software\classes\typelib\{8f5f1cb6-ea9e-40af-a5ca-c7fd63cc1971\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8f5f1cb6-ea9e-40af-a5ca-c7fd63cc1971\ not found.
Registry key hkey_local_machine\software\microsoft\windows\currentversion\uninstall\searchqu toolbar\ not found.
Registry key hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{424624f4-c5dd-4e1d-bdd0-1e9c9b7799cc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{424624f4-c5dd-4e1d-bdd0-1e9c9b7799cc}\ not found.
Registry key hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7f000001-db8e-f89c-2fec-49bf726f8c12}\ not found.
Registry key hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{9c8a3ca5-889e-4554-beec-ec0876e4e96a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9c8a3ca5-889e-4554-beec-ec0876e4e96a}\ not found.
Registry key hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{f9189560-573a-4fde-b055-ae7b0f4cf080}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f9189560-573a-4fde-b055-ae7b0f4cf080}\ not found.
Registry key hkey_local_machine\software\microsoft\internet explorer\searchscopes\{8a96af9e-4074-43b7-bea3-87217bda7406}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8a96af9e-4074-43b7-bea3-87217bda7406}\ not found.
Registry key hkey_local_machine\software\microsoft\radar\heapleakdetection\diagnosedapplications\ilivid.exe\ not found.
Registry key hkey_local_machine\software\microsoft\tracing\searchqumediabar_rasapi32\ not found.
Registry key hkey_local_machine\software\microsoft\tracing\searchqumediabar_rasmancs\ not found.
Registry key hkey_local_machine\software\microsoft\tracing\setupdatamngr_searchqu_rasapi32\ not found.
Registry key hkey_local_machine\software\microsoft\tracing\setupdatamngr_searchqu_rasmancs\ not found.
Registry key hkey_local_machine\software\microsoft\tracing\ilividsetupv1_rasapi32\ not found.
Registry key hkey_local_machine\software\microsoft\tracing\ilividsetupv1_rasmancs\ not found.
Registry key hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key hkey_local_machine\software\microsoft\windows\currentversion\uninstall\searchqu 406 mediabar\ not found.
Registry key hkey_local_machine\software\searchqumediabartb\ not found.
Registry key hkey_local_machine\software\classes\clsid\{27f69c85-64e1-43ce-98b5-3c9f22fb408e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27f69c85-64e1-43ce-98b5-3c9f22fb408e}\ not found.
Registry key hkey_local_machine\software\classes\typelib\{8f5f1cb6-ea9e-40af-a5ca-c7fd63cc1971}\1.0\ not found.
Registry key hkey_local_machine\software\microsoft\windows\currentversion\app management\arpcache\searchqu 406 mediabar\ not found.
Registry key hkey_local_machine\software\classes\clsid\{a40dc6c5-79d0-4ca8-a185-8ff989af1115}\inprocserver32\ not found.
Registry key hkey_local_machine\software\classes\clsid\{cc1ac828-bb47-4361-afb5-96eee259dd87}\inprocserver32\ not found.
Registry key hkey_local_machine\software\classes\clsid\{fefd3af5-a346-4451-aa23-a3ad54915515}\inprocserver32\ not found.
Registry key hkey_local_machine\software\classes\clsid\{9d717f81-9148-4f12-8568-69135f087db0}\inprocserver32\ not found.
Registry key hkey_local_machine\software\classes\typelib\{5b4144e1-b61d-495a-9a50-cd1a95d86d15}\1.0\ not found.
Registry key hkey_local_machine\software\classes\typelib\{841d5a49-e48d-413c-9c28-eb3d9081d705}\1.0\ not found.
Registry key hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry key hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{d0a4be92-2216-42db-ab35-d72efb9f0176}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d0a4be92-2216-42db-ab35-d72efb9f0176}\ not found.
Registry key hkey_local_machine\software\microsoft\shared tools\msconfig\startupreg\datamngr\ not found.
Registry key hkey_current_user\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2102}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9bb47c17-9c68-4bb3-b188-dd9af0fd2102}\ not found.
Registry key hkey_current_user\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9bb47c17-9c68-4bb3-b188-dd9af0fd2406}\ not found.
Registry key hkey_local_machine\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2102}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9bb47c17-9c68-4bb3-b188-dd9af0fd2102}\ not found.
Registry key hkey_local_machine\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9bb47c17-9c68-4bb3-b188-dd9af0fd2406}\ not found.
Registry key hkey_current_user\software\microsoft\internet explorer\searchscopes\{e1e743b1-dff5-4dcf-8cd5-9aafd552b290}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e1e743b1-dff5-4dcf-8cd5-9aafd552b290}\ not found.
Registry key hkey_local_machine\software\microsoft\internet explorer\searchscopes\{e1e743b1-dff5-4dcf-8cd5-9aafd552b290}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e1e743b1-dff5-4dcf-8cd5-9aafd552b290}\ not found.
Registry value hkey_current_user\software\microsoft\internet explorer\main\\start page deleted successfully.
Registry value hkey_local_machine\software\microsoft\internet explorer\toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry value hkey_current_user\software\classes\local settings\software\microsoft\windows\shell\muicache\\c:\program files\ilivid\ilivid.exe not found.
Registry value hkey_current_user\software\classes\local settings\software\microsoft\windows\shell\muicache\\c:\program files\ilivid\vlc\vlc.exe not found.
Registry value hkey_local_machine\software\microsoft\windows\currentversion\installer\folders\\c:\programdata\microsoft\windows\start menu\programs\ilivid\ not found.
Registry value hkey_local_machine\software\microsoft\windows\currentversion\run\\datamngr not found.
Registry value hkey_local_machine\system\controlset001\services\sharedaccess\parameters\firewallpolicy\firewallrules\\{b9c9d25e-1fba-484c-b5fe-0c6d07ae555d} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b9c9d25e-1fba-484c-b5fe-0c6d07ae555d}\ not found.
Registry value hkey_local_machine\system\controlset001\services\sharedaccess\parameters\firewallpolicy\firewallrules\\{924eb14a-495b-49f3-b558-a7c81e88c85d} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{924eb14a-495b-49f3-b558-a7c81e88c85d}\ not found.
Registry value hkey_local_machine\system\controlset001\services\sharedaccess\parameters\firewallpolicy\firewallrules\\{6d11a718-4174-474f-a0a4-08d56b03bfeb} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d11a718-4174-474f-a0a4-08d56b03bfeb}\ not found.
Registry value hkey_local_machine\system\controlset001\services\sharedaccess\parameters\firewallpolicy\firewallrules\\{ec25043d-aac6-416f-ba2d-c44e34fb533b} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec25043d-aac6-416f-ba2d-c44e34fb533b}\ not found.
Registry key hkey_local_machine\system\controlset002\services\sharedaccess\parameters\firewallpolicy\firewallrules not found.
Registry key hkey_local_machine\system\controlset002\services\sharedaccess\parameters\firewallpolicy\firewallrules not found.
Registry key hkey_local_machine\system\controlset002\services\sharedaccess\parameters\firewallpolicy\firewallrules not found.
Registry key hkey_local_machine\system\controlset002\services\sharedaccess\parameters\firewallpolicy\firewallrules not found.
Registry value hkey_local_machine\system\controlset003\services\sharedaccess\parameters\firewallpolicy\firewallrules\\{924eb14a-495b-49f3-b558-a7c81e88c85d} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{924eb14a-495b-49f3-b558-a7c81e88c85d}\ not found.
Registry value hkey_local_machine\system\controlset003\services\sharedaccess\parameters\firewallpolicy\firewallrules\\{6d11a718-4174-474f-a0a4-08d56b03bfeb} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d11a718-4174-474f-a0a4-08d56b03bfeb}\ not found.
Registry value hkey_local_machine\system\controlset003\services\sharedaccess\parameters\firewallpolicy\firewallrules\\{ec25043d-aac6-416f-ba2d-c44e34fb533b} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec25043d-aac6-416f-ba2d-c44e34fb533b}\ not found.
Registry value hkey_local_machine\system\controlset003\services\sharedaccess\parameters\firewallpolicy\firewallrules\\{b9c9d25e-1fba-484c-b5fe-0c6d07ae555d} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b9c9d25e-1fba-484c-b5fe-0c6d07ae555d}\ not found.
Registry value hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallrules\\{ec25043d-aac6-416f-ba2d-c44e34fb533b} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ec25043d-aac6-416f-ba2d-c44e34fb533b}\ not found.
Registry value hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallrules\\{b9c9d25e-1fba-484c-b5fe-0c6d07ae555d} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b9c9d25e-1fba-484c-b5fe-0c6d07ae555d}\ not found.
Registry value hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallrules\\{924eb14a-495b-49f3-b558-a7c81e88c85d} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{924eb14a-495b-49f3-b558-a7c81e88c85d}\ not found.
Registry value hkey_local_machine\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallrules\\{6d11a718-4174-474f-a0a4-08d56b03bfeb} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d11a718-4174-474f-a0a4-08d56b03bfeb}\ not found.
========== FILES ==========
File/Folder C:\Users\Yaya\AppData\Roaming\mozilla\firefox\profiles\searchquwebsearch.xml not found.
File/Folder C:\Users\Yaya\AppData\Roaming\mozilla\firefox\profiles\searchqutoolbar not found.
File/Folder C:\Users\Yaya\AppData\Roaming\mozilla\firefox\profiles\{99079a25-328f-4bd4-be04-00955acaa0a7} not found.
File/Folder C:\Users\Yaya\AppData\Roaming\microsoft\windows\cookies\*@sweetim[1].txt not found.
File/Folder C:\Users\Yaya\AppData\Roaming\microsoft\windows\cookies\low\*@ilivid[1].txt not found.
File/Folder C:\Users\Yaya\AppData\Roaming\microsoft\windows\cookies\low\*@ilivid[2].txt not found.
File/Folder C:\Users\Yaya\AppData\Roaming\microsoft\windows\cookies\low\*@searchqu[1].txt not found.
File/Folder C:\Users\Yaya\AppData\Roaming\microsoft\windows\cookies\low\*@searchqu[2].txt not found.
File/Folder C:\Users\Yaya\AppData\Roaming\microsoft\windows\cookies\low\*@stats.ilivid[1].txt not found.
File/Folder C:\Users\Yaya\AppData\Roaming\microsoft\windows\cookies\low\*@sweetim[1].txt not found.
File/Folder C:\Users\Yaya\AppData\Roaming\microsoft\windows\cookies\low\*@www.sweetim[2].txt not found.
File/Folder C:\Users\Yaya\AppData\Roaming\microsoft\windows\cookies\low\*@www.sweetim[3].txt not found.
File/Folder C:\Users\Yaya\AppData\Local\ilivid player not found.
File/Folder C:\Users\Yaya\AppData\Local\microsoft\windows\temporary internet files\content.ie5\ilividsetupv1.exe not found.
File/Folder C:\Users\Yaya\AppData\Local\microsoft\windows\temporary internet files\content.ie5\ilivid[1].7z not found.
File/Folder C:\Users\Yaya\AppData\Local\microsoft\windows\temporary internet files\content.ie5\setupdatamngr_searchqu[1].exe not found.
File/Folder C:\Users\Yaya\AppData\Local\microsoft\windows\temporary internet files\content.ie5\sweetimsetup.exe not found.
File/Folder C:\Users\Yaya\AppData\Local\microsoft\windows\temporary internet files\content.ie5\bandoov6[1].exe not found.
File/Folder C:\Users\Yaya\AppData\Local\microsoft\windows\temporary internet files\low\content.ie5\searchqu_net[1].htm not found.
File/Folder C:\Users\Yaya\AppData\Local\Temp\bandoofiles not found.
File/Folder C:\Users\Yaya\AppData\Local\Temp\bandoov6.exe not found.
File/Folder C:\Users\Yaya\AppData\Local\Temp\setupdatamngr_searchqu.exe not found.
File/Folder C:\Users\Yaya\AppData\Local\Temp\sweetimreinstall not found.
File/Folder C:\Users\Yaya\AppData\Local\Temp\sweetimreinstall\sweetimsetup.exe not found.
File/Folder C:\Users\Yaya\AppData\Local\Temp\ilivid.7z not found.
File/Folder C:\Users\Yaya\AppData\Local\Temp\searchqu.ini not found.
File/Folder C:\Users\Yaya\AppData\Local\Temp\searchqutoolbar-manifest.xml not found.
File/Folder C:\Users\Yaya\appdata\locallow\searchquband not found.
File/Folder C:\Users\Yaya\appdata\locallow\searchqutoolbar not found.
File/Folder C:\Users\Yaya\downloads\sweetimsetup.exe not found.
C:\Users\Yaya\downloads\iLividSetupV1.exe moved successfully.
File\Folder c:\programdata\microsoft\windows\start menu\programs\ilivid not found.
File\Folder c:\users\all users\microsoft\windows\start menu\programs\ilivid not found.
File\Folder c:\program files\windows searchqu toolbar not found.
File\Folder c:\program files\windows ilivid toolbar not found.
File\Folder c:\program files\ilivid not found.
File\Folder c:\windows\prefetch\ilivid* not found.
File\Folder c:\windows\prefetch\searchqumediabar* not found.
File\Folder c:\windows\prefetch\setupdatamngr* not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 239223 bytes
->Temporary Internet Files folder emptied: 65543 bytes

User: Public

User: Yaya
->Temp folder emptied: 122709654 bytes
->Temporary Internet Files folder emptied: 126592898 bytes
->Java cache emptied: 15731611 bytes
->FireFox cache emptied: 53199920 bytes
->Google Chrome cache emptied: 421062617 bytes
->Flash cache emptied: 538159 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1090064 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 189477740 bytes
RecycleBin emptied: 335713940 bytes

Total Files Cleaned = 1,208.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.53.0 log created on 06302012_161626

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Deeply_confused
Active Member
 
Posts: 9
Joined: June 22nd, 2012, 6:01 am

Re: Help with iLividSetupV1 removal cleanly and safely

Unread postby Blade81 » July 1st, 2012, 1:28 pm

Hi,

After the OTL runs, I no longer have the ilividsetupv1 under my the Windows search button, does that mean my system is clean?

Things look good now.

Please post fresh DDS logs.
User avatar
Blade81
Admin/Teacher
Admin/Teacher
 
Posts: 5245
Joined: July 17th, 2006, 3:36 am
Location: Finland

Re: Help with iLividSetupV1 removal cleanly and safely

Unread postby Deeply_confused » July 2nd, 2012, 2:11 am

Thank you for your help. How does the logs look to you, is it ok now?

Below are the DDS logs:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19272 BrowserJavaVersion: 1.6.0_33
Run by Yaya at 18:01:40 on 2012-07-02
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2045.928 [GMT 12:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\aestsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\Update\1.3.21.111\GoogleCrashHandler.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer provided by Dell
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\19.7.1.5\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\19.7.1.5\ips\IPSBHO.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\19.7.1.5\coIEPlg.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mRun: [Logitech Hardware Abstraction Layer] "c:\program files\common files\logitech\khalshared\KHALMNPR.EXE"
mRun: [<NO NAME>]
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [(default)]
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\setpoint.lnk - c:\program files\setpoint\SetPoint.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Save YouTube Video as MP3
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{4ADCE050-274D-4518-8282-259B9B6BD40E} : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
AppInit_DLLs:
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\yaya\appdata\roaming\mozilla\firefox\profiles\4nvjcpsz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?=q
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\coffplgn_2011_7_1_3\components\coFFPlgn.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\ipsffplgn\components\IPSFFPl.dll
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\yaya\appdata\roaming\mozilla\firefox\profiles\4nvjcpsz.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\FFExternalAlert.dll
FF - component: c:\users\yaya\appdata\roaming\mozilla\firefox\profiles\4nvjcpsz.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\RadioWMPCore.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\np32asw.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_262.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1307010.005\symds.sys [2012-5-18 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1307010.005\symefa.sys [2012-5-18 905336]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.6.2.10\definitions\bashdefs\20120619.001\BHDrvx86.sys [2012-6-19 821920]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1307010.005\ccsetx86.sys [2012-5-18 132744]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.6.2.10\definitions\ipsdefs\20120629.001\IDSvix86.sys [2012-6-30 382624]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1307010.005\ironx86.sys [2012-5-18 149624]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1307010.005\symtdiv.sys [2012-5-18 345208]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-4 63928]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-6-7 73728]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-8-10 21504]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-2 654408]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.7.1.5\ccsvchst.exe [2012-5-18 138232]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-5-31 106656]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-2 22344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-11 136176]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-5 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-25 250056]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-9-11 136176]
S3 IdcPHid;IdeaCom HID Touch Screen Driver (PS/2);c:\windows\system32\drivers\idcphid.sys [2008-12-11 16256]
S3 IpwP;IPWireless 3G Network Adapter;c:\windows\system32\drivers\ipw3gnet.sys [2008-6-19 51040]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-06-30 04:16:26 -------- d-----w- C:\_OTL
2012-06-30 02:22:59 6762896 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{3bf9a343-71ff-4bc6-800b-44d39f1db8f3}\mpengine.dll
2012-06-26 08:28:25 476936 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-22 02:59:51 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-22 02:59:25 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-22 02:59:06 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-22 02:59:06 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 02:44:39 -------- d-----w- c:\users\yaya\appdata\local\Macromedia
2012-06-14 01:51:34 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-14 01:51:31 2045440 ----a-w- c:\windows\system32\win32k.sys
.
==================== Find3M ====================
.
2012-06-26 08:28:09 472840 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-23 10:39:43 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-23 10:39:43 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-15 06:37:49 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 06:32:25 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-15 06:32:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-15 06:31:44 109056 ----a-w- c:\windows\system32\iesysprep.dll
2012-05-15 06:31:43 71680 ----a-w- c:\windows\system32\iesetup.dll
2012-05-15 05:01:56 385024 ----a-w- c:\windows\system32\html.iec
2012-05-15 03:26:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2012-05-15 03:23:41 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-04-23 16:00:53 984064 ----a-w- c:\windows\system32\crypt32.dll
2012-04-23 16:00:53 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-23 16:00:53 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-12 06:39:28 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-04-04 03:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-03 08:16:12 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-03 08:16:11 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
.
============= FINISH: 18:04:09.54 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 6/7/2008 6:07:12 AM
System Uptime: 7/2/2012 5:46:27 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0KY768
Processor: Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz | Microprocessor | 1000/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 220 GiB total, 157.221 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.561 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0002
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #3
PNP Device ID: ROOT\*ISATAP\0002
Service: tunnel
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3)
Advanced Audio FX Engine
Advanced Video FX Engine
Apple Application Support
Apple Software Update
Broadcom 440x 10/100 Integrated Controller
Broadcom Management Programs
Browser Address Error Redirector
CDDRV_Installer
Compatibility Pack for the 2007 Office system
Conexant HDA D330 MDC V.92 Modem
Dell Driver Download Manager
Dell Getting Started Guide
Dell Support Center (Support Software)
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
Digital Line Detect
EDocs
Google Chrome
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) PROSet/Wireless Software
iTunes
Java Auto Updater
Java(TM) 6 Update 33
KhalSetup
Laptop Integrated Webcam Driver (1.04.01.1011)
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
Malwarebytes Anti-Malware version 1.61.0.1400
mCore
MediaDirect
mHelp
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
mMHouse
Modem Diagnostic Tool
Mozilla Firefox 6.0.2 (x86 en-US)
mPfMgr
mWMI
NetWaiting
Norton Internet Security
NVIDIA Drivers
OGA Notifier 2.0.0048.0
ooVoo
OutlookAddinSetup
QuickSet
QuickTime
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
SetPoint
SigmaTel Audio
Skype Click to Call
Skype™ 5.9
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WIDCOMM Bluetooth Software 6.0.1.3100
.
==== Event Viewer Messages From Past Week ========
.
7/1/2012 2:01:35 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.10 for the Network Card with network address 001F3BBA8053 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
6/30/2012 4:16:27 PM, Error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
Deeply_confused
Active Member
 
Posts: 9
Joined: June 22nd, 2012, 6:01 am

Re: Help with iLividSetupV1 removal cleanly and safely

Unread postby Blade81 » July 2nd, 2012, 4:52 am

Hi,

Logs look ok. Did slower shutdown occur before Norton was present?
User avatar
Blade81
Admin/Teacher
Admin/Teacher
 
Posts: 5245
Joined: July 17th, 2006, 3:36 am
Location: Finland

Re: Help with iLividSetupV1 removal cleanly and safely

Unread postby Deeply_confused » July 3rd, 2012, 3:41 am

Hi. Thank you for your reply. Slower shutdown occured when I still have the iLividSetupV1 I think - it would just hangs, but it seems like my computer is running much better/faster - no hanging on shutdown yet after the OTL fix run. I did not do anything to Norton Internet security, afraid to do anything.
Deeply_confused
Active Member
 
Posts: 9
Joined: June 22nd, 2012, 6:01 am

Re: Help with iLividSetupV1 removal cleanly and safely

Unread postby Blade81 » July 3rd, 2012, 6:58 am

Hi,

If no issues left, it's time to secure your system to prevent against further intrusions.


THESE STEPS ARE VERY IMPORTANT

Let's reset system restore
Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: You will lose all previous restore points which are likely to be infected. Please note you need Administrator Access to do clean the restore points.

A To disable the System Restore feature:

1. Click on the Start button.
2. Hover over the Computer option, right click on it and then click Properties.
3. On the left hand side, click Advanced Settings.
4. If asked to permit the action, click on Allow.
5. Click on the System Protection tab.
6. Uncheck any checkboxes listed for your hard drives.
7. Press OK.


B. Reboot.

C Turn ON System Restore.
Follow the steps like you did when disabling system restore but on step 6. check any checkboxes listed for your hard drives.


  • Double-click OTL.exe.
  • Click the CleanUp! button.
  • Select Yes when the
    Begin cleanup Process?
    prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes, if not delete it by yourself.

Note: If you receive a warning from your firewall or other security programs regarding OTL attempting to contact the internet, please allow it to do so.


UPDATING WINDOWS AND INTERNET EXPLORER

IMPORTANT: You Need to Update Windows and Internet Explorer to protect your computer from the malware that is around on the Internet. Please go to the windows update site to get the critical updates.


Download and run Secunia Personal Software Inspector (PSI) and fix its findings. Leave the program installed so you'll stay alarmed about vulnerable components in future too.


Just a final reminder for you. I am trying to stress these two points.
UPDATE UPDATE UPDATE!!! Make sure you do this about every 1-2 weeks.
Make sure all of your security programs are up to date.
Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.


Once again, please post and tell me how things are going with your system... problems etc.

Have a great day,
Blade 8)
User avatar
Blade81
Admin/Teacher
Admin/Teacher
 
Posts: 5245
Joined: July 17th, 2006, 3:36 am
Location: Finland

Re: Help with iLividSetupV1 removal cleanly and safely

Unread postby Deeply_confused » July 5th, 2012, 8:26 am

Hi Blade,

Thank you very much for the info above. I have cleaned up OTL and will download PSI tomorrow. Is it okay to not update IE or Firefox, since I do not use IE anymore and I don't intend to upgrade FF to above 6, since last time I upgrade to FF7 it has error? Currently I only use Chrome. Also, I noticed that my Norton Internet Security has been blocking OTL.exe saying that it has medium threat. I think Norton has in fact deleted OTL.exe from desktop once and I had to download a new OTL, should I be concern about this? Other medium threat levels identified by NIS are:C:\Windows\System32\SVCHOST.EXE , C:\Windows\System32\SERVICES.EXE , MBAM.EXE, GOOGLEUPDATE.EXE. Should I be worried about it? Thank you.
Deeply_confused
Active Member
 
Posts: 9
Joined: June 22nd, 2012, 6:01 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 57 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware