Jump to content

denisz12

Members
  • Posts

    13
  • Joined

  • Last visited

Everything posted by denisz12

  1. I decided to attach all three files in question. I hope someone knowledgeable will be able to check what they do and if I should risk installing this game. I will have a lot of free time in the next couple of weeks due to an injury and would like to revisit this game and play it. Thanks! Project IGI.rar
  2. I appreciate you taking the time to help. One of my concerns regarding the VBE file is that when I click on the Relations tab, it shows PE Resource Parents and two win32.exe files that have big detection rates. 54/65 and 56/67. I am not sure exactly what this means. Does it mean that the VBE file downloads these two files to my system? This is what I mean: https://www.virustotal.com/gui/file/9505901ddf7ebffcac87a5a03307527c6fea7311e841f69c5abb65ba30cb6119/relations Would it help if I attached the files here? Thanks
  3. Yes, that is right. It is from the game Project IGI, an old game from 2000. So what you are saying is that installing this I would be bombarded with ads and/or unwanted applications also being installed on my system? Is that a treat that I should avoid and can it lead to any serious infections?
  4. Hello, I would appreciate if someone could take a look at the results of these 3 files and tell me if these are actual malware or not. They are all part of the same software. https://www.virustotal.com/gui/file/9505901ddf7ebffcac87a5a03307527c6fea7311e841f69c5abb65ba30cb6119/detection https://www.virustotal.com/gui/file/3bb8c347e69876b9076a9453ce3e2dbb435f4f330fb07a8455e9c8b0646eb9b0/detection https://www.virustotal.com/gui/file/3f460b89495b5b9112447e453332258950d106874738f3efb2aa6d617eb5b26b/detection Thanks in advance.
  5. Thanks MrCharlie. I will try my luck at the tech forum you suggested.
  6. I have done everything you have suggested but unfortunately it didnt help much. Thank you for trying! So you think that it might be a hardware issue? What i your opinion of Hitman Pro? http://www.surfright.nl/en I was thinking of installing it to see if it can help me further.
  7. OK Here is it Results of screen317's Security Check version 0.99.73 Windows 7 Service Pack 1 x64 Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! Windows Firewall Disabled! Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 25 Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 11.8.800.94 Adobe Reader XI Mozilla Firefox (23.0) Google Chrome 28.0.1500.95 Google Chrome 29.0.1547.66 Google Chrome plugins... ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log`````````````````````` Thanks, Denis
  8. And here is the log by malvarebytes: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.09.13.11 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Owner :: OWNER-HP [administrator] 9/13/2013 11:51:54 PM mbam-log-2013-09-13 (23-51-54).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 223422 Time elapsed: 7 minute(s), 48 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) The download speed is still the same. It hasnt improved. Please Advice. Thanks in Advance, Denis
  9. And here is the log of JRT: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.0 (09.12.2013:1) OS: Windows 7 Home Premium x64 Ran by Owner on Fri 09/13/2013 at 23:25:45.92 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Failed to stop: [service] hshld Successfully stopped: [service] hsstrayservice Successfully deleted: [service] hsstrayservice Successfully stopped: [service] hsswd Successfully deleted: [service] hsswd ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\hotspotshield Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F0C07441-FD14-4F34-9C4C-A673AFE4ADE0} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{F0C07441-FD14-4F34-9C4C-A673AFE4ADE0} ~~~ Files Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npcouponprinter.dll" Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npmozcouponprinter.dll" ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\apn" Successfully deleted: [Folder] "C:\ProgramData\hotspot shield" Successfully deleted: [Folder] "C:\Program Files (x86)\coupons" Failed to delete: [Folder] "C:\Program Files (x86)\hotspot shield" Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{01FB67AB-1E19-479D-94B7-9F2712DB291A} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{02368F78-CA4A-4C6F-BE22-D1DA80B135AD} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0725ACDF-12E7-4280-A270-49EBB5A295C2} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0918118E-112A-407B-8DE1-0FA5E1174776} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{092DA9C2-D4A5-44E9-A71D-13376AC34D67} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0944D29A-35C2-454F-A327-DA5E68B87F7C} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0AED1789-BE02-4524-B633-BE94559DA196} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0D7BBCC0-1249-4A1E-82B4-FD6FF6104031} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0DC50098-1C0D-4243-B942-021BD8999FAA} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{134F059A-8217-43BF-865E-EB2475894DE6} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1350F778-46C5-4492-9AE0-10D9C838976B} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{16395E93-9A43-43A2-B831-7BB38B689136} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{18CA4DEB-786E-4138-B909-382772955B8D} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{18E6EF79-67B9-4630-A214-7EC632D75DAB} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1905B576-7B87-4154-AE70-7026DC0B51E9} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1B37188C-3DE7-4273-A504-48D78946FB0B} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1BE330CC-81B3-4B59-BD81-A74F2FD88FB9} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1F4F906D-0245-4D5E-A7B2-E9A7399A6EBB} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{20DCCE46-C9E5-44EE-9F73-D2A658013166} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2106213C-57A5-4ACF-84A8-D8F8747FB7C9} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{214854BD-ADE3-4F85-B637-FB78F448FB74} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{215F6723-F20A-48F4-8C04-718A3B2846F7} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{22345A1E-729E-4552-B85D-ED3AF24DA37D} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{24DFDEB9-2987-41A2-B4D5-D69642D7C2BA} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{28697D35-24BF-4ACF-AEB2-246070EDE436} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{29CB9C46-8CD9-4635-95D1-F52979972ECF} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2F504231-205F-4229-A919-5D26CA1CEF7A} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{30C9567D-ED78-4BAB-BD92-FAB1D9D1300C} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3757C954-24C2-435F-83D0-146B983CD0D5} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3AF53D27-927E-4073-9FF2-50ECCC2A5C70} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3DD00D36-7BE5-40F9-A15E-D4825DCC15EC} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3F5A3372-F3D3-4CCC-8F28-BB5DC0451CCD} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{464E296C-8158-459E-A5B4-BDDFE1901F66} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{467E6091-B626-451B-A57D-D80289DF87BC} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{476A7E74-DA2F-4D32-82E8-DEC9627114DB} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{49602266-0297-4243-8081-8AB45D3E66EF} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{49B61AE5-5C29-44F1-8A95-4DB9BB19ABA4} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4B312402-742D-4F8B-8E68-6F6A3E437C77} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4E8C77AE-D52C-44E4-84C7-19B66CA22684} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4FA922C3-4A52-4DE6-9081-C431010C0EC8} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5246CEDC-A370-41F6-BF8C-F2E7407B0D69} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{547BD4EA-A68F-4E57-8918-357015313587} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{54A2E0C5-8377-46D0-AF62-9FBAFD6493FF} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{54B8C2D4-9C1C-4EA6-82E5-EEF43C082DCA} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{55A57181-94E6-4F06-ADE7-ABCF501C19A1} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{570582FF-9CE4-46B6-9706-969F9E65F6D1} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5740BA14-E19C-4FD2-9029-61FD235A851F} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{58CAEBD0-3052-490E-B4C7-89A0201302A6} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5C48DAE2-E7F1-4FF2-A8BF-03A7829F136D} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5D4C235C-DA7F-4B76-804F-DCC5551A3A9D} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5D989C77-D0FD-4106-856C-6930335A1C1C} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{60420708-FE7B-4FDA-84C2-D80B99D26EF0} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{60C0F3CF-A63E-452C-BEA4-CA3C2683433C} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{60F8520A-D10B-4CED-9278-ADB617FB8B1C} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6426E3C5-778C-4C1B-9469-180C9BD52B5A} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{672A7216-F618-4FC8-A760-23AF15E2A3E7} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{68592B8F-B696-43AE-A781-9AB38B0289D9} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{68F1873F-DCCE-4B94-8B18-E12BBC4C1A34} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{69653307-1F4C-4F68-A279-7DC920CB0FB5} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6A38ED58-7BF7-4C92-83DD-2679D644A9AB} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6B64B4D0-E4CA-4C7B-8877-0177FBC547F0} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6DADBC16-C35E-43BF-846E-CCF8F6171C81} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6DF56363-E5BC-4B8E-8765-B329884352EF} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{710B5ED2-E919-4C92-8F4A-6A8F1F364A5A} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{71F215E7-C19B-4124-979C-9F6289289685} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{723E6A65-67B2-4521-B139-DFAF96C8791D} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{76551361-6FC6-4E27-9F87-522304290F31} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{77157F0E-8E55-4E29-87E1-031316B67915} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{781CA371-3335-4707-924A-2A0F6A4B8D49} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{795B0B20-6DB3-49F1-8E19-4E61913A522A} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{79D6D023-00C6-4607-8D47-B4F6D3DD1E47} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7A85BA1B-684F-44D0-9FB1-D9CB33F64A04} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7B5D4705-F791-4EBA-BA41-87E08B05AC68} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7E6F0496-944B-4C85-82A9-0934327B546E} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{81E1BBC8-4940-4CF1-B3B5-669B1C692C7A} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{849F37EC-30CC-4801-A2C2-9AB2874591FB} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{85107622-9374-4DEF-AE89-77E9C530D3D9} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8808ADB4-D18F-46A1-9B7A-A91638747DE0} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{88A3CC04-CBAA-474F-9085-E215A9472F54} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8CDBB33B-35A8-415F-8C1C-C067ACD36286} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8E860668-168D-463F-9F46-92D82BF7F25D} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8FD0DF51-224D-4CFD-B3AB-EBB6701B09F3} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{90FA9FD3-B834-4D43-8DBE-CFD0947236A2} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{95D81BF9-A562-47D8-B8D5-AE21E42D5A14} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{96BDDD23-AB1C-43E8-AB47-7D76191CC2C5} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{98E714D0-AD08-4FC7-B0F3-D376288D1A7C} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A2E75DD8-C51E-4A69-B0DD-0730D039DF7A} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A5EF77B4-11C7-4F7B-8578-288328550FCF} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AB57ACBA-1F1C-44EE-A5FC-4A34BBDF5E2D} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B0D39B78-8EC5-4EB5-B651-2D1773929218} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B105F0A0-B5AA-4F06-BD38-CDCABC8A2804} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B135ADF0-D862-4380-A48D-32EF3001C433} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B7619CC1-CF2B-438F-89BD-7CDCEFF80927} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B7B1D3A4-6E67-4F2C-9DB6-8D6FDDC454E0} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B923EA1F-D34D-4E76-B3AA-312617FC8F2D} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BD76545F-3584-4514-B943-1CF59C584056} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BD90E21D-988E-4CA9-AC6C-36E862307C18} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C08677EF-F9E4-4424-9087-5A2F4D196AFA} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C34C2737-6578-45E4-A9F2-EFD884123ACD} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C6823F3A-32EB-45BA-8BD8-2883AB5F82F4} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C70D111A-ED40-44B1-96CA-6F3D2017B687} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C75E7291-A5E1-440C-85A3-AA20F4B99625} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C7ED31CA-4A8F-46DA-A4BA-05590D5A63C8} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C8F41444-AC7E-4C5C-A5F6-4F24F3FFF181} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CA1ECE6B-D934-4FB9-8100-85DB616210DF} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CE981D37-59B4-499F-A18F-DB07A63F3735} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D0D0A9CD-1FBB-4887-8CD0-983742B426E3} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D3F28FD0-B7C0-4C25-BA4D-33C114630B52} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DA5C384B-AAA7-45B1-8D39-E2ED1BDFA750} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DE87B5E1-B10D-4FAE-9E85-0155DD9B81C3} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DF186E35-360D-450D-99D2-2D0B7FC524C2} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E579D7C0-F270-4EBA-8547-B7BFC3C4C318} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E63167F2-7E9C-4F3C-83FF-A8AA12838164} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EAF3F4EA-87B3-4247-96AF-D234D82ECC13} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F08B7AEE-6E17-4F19-8F67-F10CAD8BE7C9} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F31E2A7D-91CF-49A2-A2BF-8356FC7B0090} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F7123723-9707-467B-8082-D40E222F31E7} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FB9455D8-8E96-496B-A598-F88D42AA98B1} Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FEA0B7CD-BB9A-4408-AE80-FEC1CB28C880} ~~~ FireFox Successfully deleted: [File] C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\077hasot.default\extensions\toolbar_avira-v7@apn.ask.com.xpi Emptied folder: C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\077hasot.default\minidumps [406 files] ~~~ Chrome Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Fri 09/13/2013 at 23:41:43.79 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Thanks in Advance, Denis
  10. Thanks for the tip. Here is the logfile created after reboot of Adwcleaner. # AdwCleaner v3.003 - Report created 13/09/2013 at 23:15:43 # Updated 07/09/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Owner - OWNER-HP # Running from : C:\Users\Owner\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Program Files (x86)\Conduit Folder Deleted : C:\Program Files (x86)\ConduitEngine Folder Deleted : C:\Program Files (x86)\MyAshampoo Folder Deleted : C:\Users\Owner\AppData\Local\Conduit Folder Deleted : C:\Users\Owner\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Owner\AppData\LocalLow\ConduitEngine Folder Deleted : C:\Users\Owner\AppData\LocalLow\MyAshampoo Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\077hasot.default\Extensions\engine@conduit.com Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\077hasot.default\Extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2475029 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_msn-messenger_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_msn-messenger_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7A5A3284-8111-4A4C-A80F-B149639F2A50} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7A5A3284-8111-4A4C-A80F-B149639F2A50} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDF7B971-E9CC-432D-A559-5669E5B7B899} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3A06BA5-93C7-421C-ACB2-271F0D969125} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6239DC69-54D1-4005-A015-C14BFEEA2905} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine Key Deleted : HKCU\Software\AppDataLow\Software\MyAshampoo\toolbar Key Deleted : HKCU\Software\AppDataLow\Software\MyAshampoo Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\conduitEngine Key Deleted : HKLM\Software\MyAshampoo\toolbar Key Deleted : HKLM\Software\PIP Key Deleted : HKLM\Software\MyAshampoo Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyAshampoo Toolbar ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16421 -\\ Mozilla Firefox v23.0 (en-US) [ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\077hasot.default\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [9657 octets] - [13/09/2013 22:05:47] AdwCleaner[s0].txt - [7703 octets] - [13/09/2013 23:15:43] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [7763 octets] ########## I will now proceed with the other steps you suggested. Thanks in Advance, Denis
  11. Here is the log of Adwcleaner. I have not removed anything yet as I wanted you to take a look at it first and see what is safe to leave and what to remove. # AdwCleaner v3.003 - Report created 13/09/2013 at 22:05:47 # Updated 07/09/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Owner - OWNER-HP # Running from : C:\Users\Owner\Desktop\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com Folder Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\077hasot.default\Extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} Folder Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\077hasot.default\Extensions\engine@conduit.com Folder Found C:\Program Files (x86)\Conduit Folder Found C:\Program Files (x86)\ConduitEngine Folder Found C:\Program Files (x86)\MyAshampoo Folder Found C:\Users\Owner\AppData\Local\Conduit Folder Found C:\Users\Owner\AppData\LocalLow\Conduit Folder Found C:\Users\Owner\AppData\LocalLow\ConduitEngine Folder Found C:\Users\Owner\AppData\LocalLow\MyAshampoo ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\APN PIP Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\conduitEngine Key Found : HKCU\Software\AppDataLow\Software\conduitEngine Key Found : HKCU\Software\AppDataLow\Software\MyAshampoo Key Found : HKCU\Software\AppDataLow\Software\MyAshampoo\toolbar Key Found : HKCU\Software\AppDataLow\Toolbar Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Found : HKCU\Software\Softonic Key Found : [x64] HKCU\Software\APN PIP Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : [x64] HKCU\Software\Softonic Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{7A5A3284-8111-4A4C-A80F-B149639F2A50} Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2475029 Key Found : HKLM\Software\Conduit Key Found : HKLM\Software\conduitEngine Key Found : HKLM\Software\conduitEngine Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6239DC69-54D1-4005-A015-C14BFEEA2905} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3A06BA5-93C7-421C-ACB2-271F0D969125} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDF7B971-E9CC-432D-A559-5669E5B7B899} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_msn-messenger_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_msn-messenger_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7A5A3284-8111-4A4C-A80F-B149639F2A50} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyAshampoo Toolbar Key Found : HKLM\Software\MyAshampoo Key Found : HKLM\Software\MyAshampoo\toolbar Key Found : HKLM\Software\PIP Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}] ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16421 -\\ Mozilla Firefox v23.0 (en-US) [ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\077hasot.default\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [9473 octets] - [13/09/2013 22:05:47] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9533 octets] ########## Thanks in Advance, Denis
  12. Hello MrCharlie, Thanks for helping me out. I have removed utorrent after making the scan with dds and it is no longer on my system. Here is the report from RogueKiller: RogueKiller V8.6.11 _x64_ [sep 11 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Owner [Admin rights] Mode : Scan -- Date : 09/13/2013 18:08:50 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 8 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : Google Update ("C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-2298283884-3492489201-1133014622-1001\[...]\Run : Google Update ("C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> FOUND [DNS] HKLM\[...]\CCSet\[...]\{C20082A1-5D3D-40DA-A2FD-F8FAAC5A35FD} : NameServer (77.239.1.5,77.239.1.4) -> FOUND [DNS] HKLM\[...]\CS001\[...]\{C20082A1-5D3D-40DA-A2FD-F8FAAC5A35FD} : NameServer (77.239.1.5,77.239.1.4) -> FOUND [DNS] HKLM\[...]\CS002\[...]\{C20082A1-5D3D-40DA-A2FD-F8FAAC5A35FD} : NameServer (77.239.1.5,77.239.1.4) -> FOUND [HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 4 ¤¤¤ [V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2298283884-3492489201-1133014622-1001UA.job : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND [V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2298283884-3492489201-1133014622-1001Core.job : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND [V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2298283884-3492489201-1133014622-1001Core : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND [V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-2298283884-3492489201-1133014622-1001UA : C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK6476GSX SATA Disk Device +++++ --- User --- [MBR] 8e962ac7d968a16b1b48b3a114a246fe [bSP] df2c1c2e7bbff6bdec1ef9d26964e6b2 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 595238 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1219457024 | Size: 14938 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1250050048 | Size: 103 Mo User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] c6a45de37da3e0338231e05937094ca6 [bSP] df2c1c2e7bbff6bdec1ef9d26964e6b2 : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 Mo 1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 Mo Finished : << RKreport[0]_S_09132013_180850.txt >> Thanks in Advance, Denis
  13. Hello guys and first of all thanks for having a place where we can post malware issues like this. In the last 2 weeks I have noticed that my internet speed is quite slow. Ive had the maintenence guy come by today and test the speed and it seems like there is a problem with my laptop. I am thinking there is some kind of malware since it has always worked fine up until 2 weeks ago. I tried to do a system restore but it didnt change anything. Usually my speed is 15mb/s but it has dropped to 6-8mb/s every time I test the speed. The maintenence guy connected his laptop to my router and got the full speed of 15 mb/s while I am only getting the half of it. I use my laptop mostly for work but I also watch movies on it and browse the Internet. I have used utorrent in the past and removed it after reading the post on your forum. Here are the logs made with dds DDS Attach . Thanks in Advance, Denis
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.