denisz12
Members-
Posts
13 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by denisz12
-
I decided to attach all three files in question. I hope someone knowledgeable will be able to check what they do and if I should risk installing this game. I will have a lot of free time in the next couple of weeks due to an injury and would like to revisit this game and play it. Thanks! Project IGI.rar
-
I appreciate you taking the time to help. One of my concerns regarding the VBE file is that when I click on the Relations tab, it shows PE Resource Parents and two win32.exe files that have big detection rates. 54/65 and 56/67. I am not sure exactly what this means. Does it mean that the VBE file downloads these two files to my system? This is what I mean: https://www.virustotal.com/gui/file/9505901ddf7ebffcac87a5a03307527c6fea7311e841f69c5abb65ba30cb6119/relations Would it help if I attached the files here? Thanks
-
Yes, that is right. It is from the game Project IGI, an old game from 2000. So what you are saying is that installing this I would be bombarded with ads and/or unwanted applications also being installed on my system? Is that a treat that I should avoid and can it lead to any serious infections?
-
Hello, I would appreciate if someone could take a look at the results of these 3 files and tell me if these are actual malware or not. They are all part of the same software. https://www.virustotal.com/gui/file/9505901ddf7ebffcac87a5a03307527c6fea7311e841f69c5abb65ba30cb6119/detection https://www.virustotal.com/gui/file/3bb8c347e69876b9076a9453ce3e2dbb435f4f330fb07a8455e9c8b0646eb9b0/detection https://www.virustotal.com/gui/file/3f460b89495b5b9112447e453332258950d106874738f3efb2aa6d617eb5b26b/detection Thanks in advance.
-
Thanks MrCharlie. I will try my luck at the tech forum you suggested.
-
I have done everything you have suggested but unfortunately it didnt help much. Thank you for trying! So you think that it might be a hardware issue? What i your opinion of Hitman Pro? http://www.surfright.nl/en I was thinking of installing it to see if it can help me further.
-
OK Here is it Results of screen317's Security Check version 0.99.73 Windows 7 Service Pack 1 x64 Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! Windows Firewall Disabled! Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 25 Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 11.8.800.94 Adobe Reader XI Mozilla Firefox (23.0) Google Chrome 28.0.1500.95 Google Chrome 29.0.1547.66 Google Chrome plugins... ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log`````````````````````` Thanks, Denis
-
And here is the log by malvarebytes: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.09.13.11 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Owner :: OWNER-HP [administrator] 9/13/2013 11:51:54 PM mbam-log-2013-09-13 (23-51-54).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 223422 Time elapsed: 7 minute(s), 48 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) The download speed is still the same. It hasnt improved. Please Advice. Thanks in Advance, Denis
-
And here is the log of JRT: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.0 (09.12.2013:1) OS: Windows 7 Home Premium x64 Ran by Owner on Fri 09/13/2013 at 23:25:45.92 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Failed to stop: [service] hshld Successfully stopped: [service] hsstrayservice Successfully deleted: [service] hsstrayservice Successfully stopped: [service] hsswd Successfully deleted: [service] hsswd ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\hotspotshield Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F0C07441-FD14-4F34-9C4C-A673AFE4ADE0} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{F0C07441-FD14-4F34-9C4C-A673AFE4ADE0} ~~~ Files Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npcouponprinter.dll" Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npmozcouponprinter.dll" ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\apn" Successfully deleted: [Folder] "C:\ProgramData\hotspot shield" Successfully deleted: [Folder] "C:\Program Files (x86)\coupons" Failed to delete: [Folder] "C:\Program Files (x86)\hotspot shield" Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{01FB67AB-1E19-479D-94B7-9F2712DB291A} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{02368F78-CA4A-4C6F-BE22-D1DA80B135AD} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0725ACDF-12E7-4280-A270-49EBB5A295C2} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0918118E-112A-407B-8DE1-0FA5E1174776} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{092DA9C2-D4A5-44E9-A71D-13376AC34D67} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0944D29A-35C2-454F-A327-DA5E68B87F7C} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0AED1789-BE02-4524-B633-BE94559DA196} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0D7BBCC0-1249-4A1E-82B4-FD6FF6104031} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0DC50098-1C0D-4243-B942-021BD8999FAA} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{134F059A-8217-43BF-865E-EB2475894DE6} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1350F778-46C5-4492-9AE0-10D9C838976B} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{16395E93-9A43-43A2-B831-7BB38B689136} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{18CA4DEB-786E-4138-B909-382772955B8D} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{18E6EF79-67B9-4630-A214-7EC632D75DAB} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1905B576-7B87-4154-AE70-7026DC0B51E9} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1B37188C-3DE7-4273-A504-48D78946FB0B} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1BE330CC-81B3-4B59-BD81-A74F2FD88FB9} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1F4F906D-0245-4D5E-A7B2-E9A7399A6EBB} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{20DCCE46-C9E5-44EE-9F73-D2A658013166} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2106213C-57A5-4ACF-84A8-D8F8747FB7C9} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{214854BD-ADE3-4F85-B637-FB78F448FB74} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{215F6723-F20A-48F4-8C04-718A3B2846F7} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{22345A1E-729E-4552-B85D-ED3AF24DA37D} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{24DFDEB9-2987-41A2-B4D5-D69642D7C2BA} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{28697D35-24BF-4ACF-AEB2-246070EDE436} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{29CB9C46-8CD9-4635-95D1-F52979972ECF} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2F504231-205F-4229-A919-5D26CA1CEF7A} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{30C9567D-ED78-4BAB-BD92-FAB1D9D1300C} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3757C954-24C2-435F-83D0-146B983CD0D5} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3AF53D27-927E-4073-9FF2-50ECCC2A5C70} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3DD00D36-7BE5-40F9-A15E-D4825DCC15EC} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3F5A3372-F3D3-4CCC-8F28-BB5DC0451CCD} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{464E296C-8158-459E-A5B4-BDDFE1901F66} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{467E6091-B626-451B-A57D-D80289DF87BC} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{476A7E74-DA2F-4D32-82E8-DEC9627114DB} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{49602266-0297-4243-8081-8AB45D3E66EF} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{49B61AE5-5C29-44F1-8A95-4DB9BB19ABA4} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4B312402-742D-4F8B-8E68-6F6A3E437C77} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4E8C77AE-D52C-44E4-84C7-19B66CA22684} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4FA922C3-4A52-4DE6-9081-C431010C0EC8} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5246CEDC-A370-41F6-BF8C-F2E7407B0D69} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{547BD4EA-A68F-4E57-8918-357015313587} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{54A2E0C5-8377-46D0-AF62-9FBAFD6493FF} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{54B8C2D4-9C1C-4EA6-82E5-EEF43C082DCA} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{55A57181-94E6-4F06-ADE7-ABCF501C19A1} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{570582FF-9CE4-46B6-9706-969F9E65F6D1} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5740BA14-E19C-4FD2-9029-61FD235A851F} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{58CAEBD0-3052-490E-B4C7-89A0201302A6} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5C48DAE2-E7F1-4FF2-A8BF-03A7829F136D} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5D4C235C-DA7F-4B76-804F-DCC5551A3A9D} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5D989C77-D0FD-4106-856C-6930335A1C1C} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{60420708-FE7B-4FDA-84C2-D80B99D26EF0} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{60C0F3CF-A63E-452C-BEA4-CA3C2683433C} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{60F8520A-D10B-4CED-9278-ADB617FB8B1C} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6426E3C5-778C-4C1B-9469-180C9BD52B5A} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{672A7216-F618-4FC8-A760-23AF15E2A3E7} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{68592B8F-B696-43AE-A781-9AB38B0289D9} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{68F1873F-DCCE-4B94-8B18-E12BBC4C1A34} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{69653307-1F4C-4F68-A279-7DC920CB0FB5} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6A38ED58-7BF7-4C92-83DD-2679D644A9AB} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6B64B4D0-E4CA-4C7B-8877-0177FBC547F0} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6DADBC16-C35E-43BF-846E-CCF8F6171C81} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6DF56363-E5BC-4B8E-8765-B329884352EF} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{710B5ED2-E919-4C92-8F4A-6A8F1F364A5A} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{71F215E7-C19B-4124-979C-9F6289289685} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{723E6A65-67B2-4521-B139-DFAF96C8791D} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{76551361-6FC6-4E27-9F87-522304290F31} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{77157F0E-8E55-4E29-87E1-031316B67915} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{781CA371-3335-4707-924A-2A0F6A4B8D49} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{795B0B20-6DB3-49F1-8E19-4E61913A522A} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{79D6D023-00C6-4607-8D47-B4F6D3DD1E47} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7A85BA1B-684F-44D0-9FB1-D9CB33F64A04} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7B5D4705-F791-4EBA-BA41-87E08B05AC68} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7E6F0496-944B-4C85-82A9-0934327B546E} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{81E1BBC8-4940-4CF1-B3B5-669B1C692C7A} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{849F37EC-30CC-4801-A2C2-9AB2874591FB} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{85107622-9374-4DEF-AE89-77E9C530D3D9} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8808ADB4-D18F-46A1-9B7A-A91638747DE0} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{88A3CC04-CBAA-474F-9085-E215A9472F54} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8CDBB33B-35A8-415F-8C1C-C067ACD36286} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8E860668-168D-463F-9F46-92D82BF7F25D} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8FD0DF51-224D-4CFD-B3AB-EBB6701B09F3} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{90FA9FD3-B834-4D43-8DBE-CFD0947236A2} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{95D81BF9-A562-47D8-B8D5-AE21E42D5A14} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{96BDDD23-AB1C-43E8-AB47-7D76191CC2C5} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{98E714D0-AD08-4FC7-B0F3-D376288D1A7C} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A2E75DD8-C51E-4A69-B0DD-0730D039DF7A} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A5EF77B4-11C7-4F7B-8578-288328550FCF} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AB57ACBA-1F1C-44EE-A5FC-4A34BBDF5E2D} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B0D39B78-8EC5-4EB5-B651-2D1773929218} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B105F0A0-B5AA-4F06-BD38-CDCABC8A2804} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B135ADF0-D862-4380-A48D-32EF3001C433} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B7619CC1-CF2B-438F-89BD-7CDCEFF80927} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B7B1D3A4-6E67-4F2C-9DB6-8D6FDDC454E0} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B923EA1F-D34D-4E76-B3AA-312617FC8F2D} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BD76545F-3584-4514-B943-1CF59C584056} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BD90E21D-988E-4CA9-AC6C-36E862307C18} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C08677EF-F9E4-4424-9087-5A2F4D196AFA} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C34C2737-6578-45E4-A9F2-EFD884123ACD} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C6823F3A-32EB-45BA-8BD8-2883AB5F82F4} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C70D111A-ED40-44B1-96CA-6F3D2017B687} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C75E7291-A5E1-440C-85A3-AA20F4B99625} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C7ED31CA-4A8F-46DA-A4BA-05590D5A63C8} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C8F41444-AC7E-4C5C-A5F6-4F24F3FFF181} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CA1ECE6B-D934-4FB9-8100-85DB616210DF} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CE981D37-59B4-499F-A18F-DB07A63F3735} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D0D0A9CD-1FBB-4887-8CD0-983742B426E3} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D3F28FD0-B7C0-4C25-BA4D-33C114630B52} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DA5C384B-AAA7-45B1-8D39-E2ED1BDFA750} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DE87B5E1-B10D-4FAE-9E85-0155DD9B81C3} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DF186E35-360D-450D-99D2-2D0B7FC524C2} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E579D7C0-F270-4EBA-8547-B7BFC3C4C318} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E63167F2-7E9C-4F3C-83FF-A8AA12838164} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EAF3F4EA-87B3-4247-96AF-D234D82ECC13} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F08B7AEE-6E17-4F19-8F67-F10CAD8BE7C9} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F31E2A7D-91CF-49A2-A2BF-8356FC7B0090} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F7123723-9707-467B-8082-D40E222F31E7} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FB9455D8-8E96-496B-A598-F88D42AA98B1} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FEA0B7CD-BB9A-4408-AE80-FEC1CB28C880} ~~~ FireFox Successfully deleted: [File] C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\077hasot.default\extensions\toolbar_avira-v7@apn.ask.com.xpi Emptied folder: C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\077hasot.default\minidumps [406 files] ~~~ Chrome Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Fri 09/13/2013 at 23:41:43.79 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Thanks in Advance, Denis
-
Thanks for the tip. Here is the logfile created after reboot of Adwcleaner. # AdwCleaner v3.003 - Report created 13/09/2013 at 23:15:43 # Updated 07/09/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Owner - OWNER-HP # Running from : C:\Users\Owner\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Program Files (x86)\Conduit Folder Deleted : C:\Program Files (x86)\ConduitEngine Folder Deleted : C:\Program Files (x86)\MyAshampoo Folder Deleted : C:\Users\Owner\AppData\Local\Conduit Folder Deleted : C:\Users\Owner\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Owner\AppData\LocalLow\ConduitEngine Folder Deleted : C:\Users\Owner\AppData\LocalLow\MyAshampoo Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\077hasot.default\Extensions\engine@conduit.com Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\077hasot.default\Extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2475029 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_msn-messenger_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_msn-messenger_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7A5A3284-8111-4A4C-A80F-B149639F2A50} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7A5A3284-8111-4A4C-A80F-B149639F2A50} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDF7B971-E9CC-432D-A559-5669E5B7B899} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3A06BA5-93C7-421C-ACB2-271F0D969125} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6239DC69-54D1-4005-A015-C14BFEEA2905} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine Key Deleted : HKCU\Software\AppDataLow\Software\MyAshampoo\toolbar Key Deleted : HKCU\Software\AppDataLow\Software\MyAshampoo Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\conduitEngine Key Deleted : HKLM\Software\MyAshampoo\toolbar Key Deleted : HKLM\Software\PIP Key Deleted : HKLM\Software\MyAshampoo Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyAshampoo Toolbar ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16421 -\\ Mozilla Firefox v23.0 (en-US) [ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\077hasot.default\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [9657 octets] - [13/09/2013 22:05:47] AdwCleaner[s0].txt - [7703 octets] - [13/09/2013 23:15:43] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [7763 octets] ########## I will now proceed with the other steps you suggested. Thanks in Advance, Denis
-
Here is the log of Adwcleaner. I have not removed anything yet as I wanted you to take a look at it first and see what is safe to leave and what to remove. # AdwCleaner v3.003 - Report created 13/09/2013 at 22:05:47 # Updated 07/09/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Owner - OWNER-HP # Running from : C:\Users\Owner\Desktop\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com Folder Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\077hasot.default\Extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} Folder Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\077hasot.default\Extensions\engine@conduit.com Folder Found C:\Program Files (x86)\Conduit Folder Found C:\Program Files (x86)\ConduitEngine Folder Found C:\Program Files (x86)\MyAshampoo Folder Found C:\Users\Owner\AppData\Local\Conduit Folder Found C:\Users\Owner\AppData\LocalLow\Conduit Folder Found C:\Users\Owner\AppData\LocalLow\ConduitEngine Folder Found C:\Users\Owner\AppData\LocalLow\MyAshampoo ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\APN PIP Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\conduitEngine Key Found : HKCU\Software\AppDataLow\Software\conduitEngine Key Found : HKCU\Software\AppDataLow\Software\MyAshampoo Key Found : HKCU\Software\AppDataLow\Software\MyAshampoo\toolbar Key Found : HKCU\Software\AppDataLow\Toolbar Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Found : HKCU\Software\Softonic Key Found : [x64] HKCU\Software\APN PIP Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : [x64] HKCU\Software\Softonic Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{7A5A3284-8111-4A4C-A80F-B149639F2A50} Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2475029 Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\conduitEngine Key Found : HKLM\Software\conduitEngine Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6239DC69-54D1-4005-A015-C14BFEEA2905} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3A06BA5-93C7-421C-ACB2-271F0D969125} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDF7B971-E9CC-432D-A559-5669E5B7B899} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_msn-messenger_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_msn-messenger_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7A5A3284-8111-4A4C-A80F-B149639F2A50} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyAshampoo Toolbar Key Found : HKLM\Software\MyAshampoo Key Found : HKLM\Software\MyAshampoo\toolbar Key Found : HKLM\Software\PIP Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16421 -\\ Mozilla Firefox v23.0 (en-US) [ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\077hasot.default\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [9473 octets] - [13/09/2013 22:05:47] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9533 octets] ########## Thanks in Advance, Denis
-
Hello MrCharlie, Thanks for helping me out. I have removed utorrent after making the scan with dds and it is no longer on my system. Here is the report from RogueKiller: RogueKiller V8.6.11 _x64_ [sep 11 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Owner [Admin rights] Mode : Scan -- Date : 09/13/2013 18:08:50 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 8 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : Google Update ("C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-2298283884-3492489201-1133014622-1001\[...]\Run : Google Update ("C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> FOUND [DNS] HKLM\[...]\CCSet\[...]\{C20082A1-5D3D-40DA-A2FD-F8FAAC5A35FD} : NameServer (77.239.1.5,77.239.1.4) -> FOUND [DNS] HKLM\[...]\CS001\[...]\{C20082A1-5D3D-40DA-A2FD-F8FAAC5A35FD} : NameServer (77.239.1.5,77.239.1.4) -> FOUND [DNS] HKLM\[...]\CS002\[...]\{C20082A1-5D3D-40DA-A2FD-F8FAAC5A35FD} : NameServer (77.239.1.5,77.239.1.4) -> FOUND [HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 4 ¤¤¤ [V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2298283884-3492489201-1133014622-1001UA.job : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND [V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2298283884-3492489201-1133014622-1001Core.job : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND [V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2298283884-3492489201-1133014622-1001Core : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND [V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2298283884-3492489201-1133014622-1001UA : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK6476GSX SATA Disk Device +++++ --- User --- [MBR] 8e962ac7d968a16b1b48b3a114a246fe [bSP] df2c1c2e7bbff6bdec1ef9d26964e6b2 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 595238 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1219457024 | Size: 14938 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1250050048 | Size: 103 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] c6a45de37da3e0338231e05937094ca6 [bSP] df2c1c2e7bbff6bdec1ef9d26964e6b2 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 Mo 1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 Mo Finished : << RKreport[0]_S_09132013_180850.txt >> Thanks in Advance, Denis
-
Hello guys and first of all thanks for having a place where we can post malware issues like this. In the last 2 weeks I have noticed that my internet speed is quite slow. Ive had the maintenence guy come by today and test the speed and it seems like there is a problem with my laptop. I am thinking there is some kind of malware since it has always worked fine up until 2 weeks ago. I tried to do a system restore but it didnt change anything. Usually my speed is 15mb/s but it has dropped to 6-8mb/s every time I test the speed. The maintenence guy connected his laptop to my router and got the full speed of 15 mb/s while I am only getting the half of it. I use my laptop mostly for work but I also watch movies on it and browse the Internet. I have used utorrent in the past and removed it after reading the post on your forum. Here are the logs made with dds DDS Attach . Thanks in Advance, Denis