>>>>>>>>>>>>>>Fixlist.txt>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-09-2013 Ran by Owner at 2013-09-22 19:49:15 Run:1 Running from C:\Users\Owner\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** Start C:\ProgramData\Tempmozy-update-1f7fe3012a1778a4fc7c5075f2f61812.exe C:\ProgramData\Tempmozy-update-a31217e595a1463492ad999467f8f0a1.exe AlternateDataStreams: C:\ProgramData\Temp:08948D52 AlternateDataStreams: C:\ProgramData\Temp:98781370 AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 AlternateDataStreams: C:\ProgramData\Temp:D287FACF AlternateDataStreams: C:\ProgramData\Temp:DED17083 End ***************** C:\ProgramData\Tempmozy-update-1f7fe3012a1778a4fc7c5075f2f61812.exe => Moved successfully. C:\ProgramData\Tempmozy-update-a31217e595a1463492ad999467f8f0a1.exe => Moved successfully. C:\ProgramData\Temp => ":08948D52" ADS removed successfully. C:\ProgramData\Temp => ":98781370" ADS removed successfully. C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully. C:\ProgramData\Temp => ":D287FACF" ADS removed successfully. C:\ProgramData\Temp => ":DED17083" ADS removed successfully. ==== End of Fixlog ==== >>>>>>>>>>>>>>>AdwCleaner .txt starts here >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> # AdwCleaner v3.004 - Report created 22/09/2013 at 19:59:44 # Updated 15/09/2013 by Xplode # Operating System : Windows Vista Home Premium Service Pack 2 (64 bits) # Username : Owner - OWNER-PC # Running from : C:\Users\Owner\Downloads\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** Service Deleted : APNMCP ***** [ Files / Folders ] ***** [!] Folder Deleted : C:\ProgramData\apn [!] Folder Deleted : C:\ProgramData\AskPartnerNetwork [!] Folder Deleted : C:\ProgramData\AVG Secure Search [!] Folder Deleted : C:\ProgramData\StarApp [!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro [!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\registry mechanic [!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freecorder [!] Folder Deleted : C:\Program Files (x86)\1ClickDownload [!] Folder Deleted : C:\Program Files (x86)\Ask.com [!] Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork [!] Folder Deleted : C:\Program Files (x86)\AVG Secure Search [!] Folder Deleted : C:\Program Files (x86)\Conduit [!] Folder Deleted : C:\Program Files (x86)\LyricsPal [!] Folder Deleted : C:\Program Files (x86)\Minibar [!] Folder Deleted : C:\Program Files (x86)\optimizer pro [!] Folder Deleted : C:\Program Files (x86)\registry mechanic [!] Folder Deleted : C:\Program Files (x86)\Splashtop [!] Folder Deleted : C:\Program Files (x86)\BitTorrentBar [!] Folder Deleted : C:\Program Files (x86)\Freecorder [!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro [!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\registry mechanic [!] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freecorder [!] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search [!] Folder Deleted : C:\Users\Owner\AppData\Local\AVG Secure Search [!] Folder Deleted : C:\Users\Owner\AppData\Local\Bundled software uninstaller [!] Folder Deleted : C:\Users\Owner\AppData\Local\Conduit [!] Folder Deleted : C:\Users\Owner\AppData\Local\FilesFrog Update Checker [!] Folder Deleted : C:\Users\Owner\AppData\Local\Minibar [!] Folder Deleted : C:\Users\Owner\AppData\Local\OpenCandy [!] Folder Deleted : C:\Users\Owner\AppData\Local\Splashtop [!] Folder Deleted : C:\Users\Owner\AppData\Local\TempDir [!] Folder Deleted : C:\Users\Owner\AppData\Local\Temp\apn [!] Folder Deleted : C:\Users\Owner\AppData\LocalLow\AskToolbar [!] Folder Deleted : C:\Users\Owner\AppData\LocalLow\AVG Secure Search [!] Folder Deleted : C:\Users\Owner\AppData\LocalLow\Conduit [!] Folder Deleted : C:\Users\Owner\AppData\LocalLow\ConduitEngine [!] Folder Deleted : C:\Users\Owner\AppData\LocalLow\Minibar [!] Folder Deleted : C:\Users\Owner\AppData\LocalLow\PriceGong [!] Folder Deleted : C:\Users\Owner\AppData\LocalLow\BitTorrentBar [!] Folder Deleted : C:\Users\Owner\AppData\LocalLow\Freecorder [!] Folder Deleted : C:\Users\Owner\AppData\Roaming\OpenCandy [!] Folder Deleted : C:\Users\Owner\AppData\Roaming\optimizer pro [!] Folder Deleted : C:\Users\Owner\AppData\Roaming\registry mechanic [!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker [!] Folder Deleted : C:\Users\Owner\Documents\Freecorder [!] Folder Deleted : C:\Users\ikem\AppData\Local\AVG Secure Search [!] Folder Deleted : C:\Users\ikem\AppData\LocalLow\AVG Secure Search [!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\3gdervhp.default\Conduit [!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\3gdervhp.default\ConduitCommon [!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\3gdervhp.default\ConduitEngine [!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\3gdervhp.default\CT2790392 [!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\3gdervhp.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\3gdervhp.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF} [!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\3gdervhp.default\Extensions\engine@conduit.com [!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\3gdervhp.default\Extensions\toolbar@ask.com [!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\3gdervhp.default\Extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\3gdervhp.default\\invalidprefs.js File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\3gdervhp.default\searchplugins\Askcom.xml File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\3gdervhp.default\searchplugins\Conduit.xml File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\3gdervhp.default\user.js File Deleted : C:\Windows\Tasks\Lyrics-Pal Update.job File Deleted : C:\Windows\System32\Tasks\Lyrics-Pal Update File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pnbbffeddnekkhjmokkhdebbfbibbflc Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0027126.BHO Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0027126.BHO.1 Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0027126.Sandbox Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0027126.Sandbox.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1060933 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B54E96C1-85C3-410A-8DB1-C276BC3535C4} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{71F29921-5F36-4F9B-8192-A253F970391B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1392B8D2-5C05-419F-A8F6-B9F15A596612} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9E92257F-3F0A-451D-B231-6E2DB60CDC71} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110211711126} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B54E96C1-85C3-410A-8DB1-C276BC3535C4} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211711126} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B54E96C1-85C3-410A-8DB1-C276BC3535C4} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71F29921-5F36-4F9B-8192-A253F970391B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1392B8D2-5C05-419F-A8F6-B9F15A596612} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E92257F-3F0A-451D-B231-6E2DB60CDC71} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211711126} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B54E96C1-85C3-410A-8DB1-C276BC3535C4} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1392B8D2-5C05-419F-A8F6-B9F15A596612} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211711126} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71F29921-5F36-4F9B-8192-A253F970391B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9E92257F-3F0A-451D-B231-6E2DB60CDC71} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211711126} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6BFD4AE0-5CB3-4B43-B338-2ED6DC704502} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0FC0FE5-4CD1-4CBC-B69D-42A1173FF5C2} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F13C1399-3037-4426-841F-658146D33870} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26781A06-5DC6-4FA5-95D2-6A2CC5760BF4} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211711126} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211711126} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1392B8D2-5C05-419F-A8F6-B9F15A596612}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1392B8D2-5C05-419F-A8F6-B9F15A596612}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{539F76FD-084E-4858-86D5-62F02F54AE86}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1392B8D2-5C05-419F-A8F6-B9F15A596612}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{1392B8D2-5C05-419F-A8F6-B9F15A596612}] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\1ClickDownload Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\APN Key Deleted : HKCU\Software\Ask&Record Key Deleted : HKCU\Software\Ask.com Key Deleted : HKCU\Software\AskPartnerNetwork Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\BI Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Headlight Key Deleted : HKCU\Software\Optimizer Pro Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\Somoto Key Deleted : HKCU\Software\Webplayer Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\Headlight Key Deleted : HKCU\Software\AppDataLow\Software\lyricspal Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\BitTorrentBar Key Deleted : HKCU\Software\AppDataLow\Software\Freecorder Key Deleted : HKLM\Software\APN Key Deleted : HKLM\Software\AskPartnerNetwork Key Deleted : HKLM\Software\AskToolbar Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\Headlight Key Deleted : HKLM\Software\Minibar Key Deleted : HKLM\Software\PIP Key Deleted : HKLM\Software\SimplyGen Key Deleted : HKLM\Software\BitTorrentBar Key Deleted : HKLM\Software\Freecorder Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentBar Toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Freecorder Toolbar Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bi_uninstaller Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FilesFrog Update Checker Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\lrcspal@lyricspal.co Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Optimizer Pro_is1 Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Splashtop Software Updater Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BitTorrentBar Toolbar Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Freecorder Toolbar ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16506 Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page] -\\ Mozilla Firefox v23.0.1 (en-US) [ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\3gdervhp.default\prefs.js ] Line Deleted : user_pref("bettergmail2.enabled.inboxcountfirst", true); Line Deleted : user_pref("extensions.50e0eeda7ce3c.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self==window.top){var script=document.createElement(\"script\");[...] Line Deleted : user_pref("extensions.50e0ef03596fb.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.location.hostname)>-1) return;}c[...] Line Deleted : user_pref("extensions.ATU4-V7.domain", "\"www.search.ask.com\""); Line Deleted : user_pref("extensions.a90f0c3bb03224184bf7ffe36e81df678bdd9e2d988a24c07abf71073ebd471fdcom27126.27126.backgroundjs", "\n\n/*****************************************************************************[...] Line Deleted : user_pref("extensions.a90f0c3bb03224184bf7ffe36e81df678bdd9e2d988a24c07abf71073ebd471fdcom27126.27126.js", "\n\n /************************************************************************************\[...] Line Deleted : user_pref("extensions.a90f0c3bb03224184bf7ffe36e81df678bdd9e2d988a24c07abf71073ebd471fdcom27126.27126.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return app[...] Line Deleted : user_pref("extensions.a90f0c3bb03224184bf7ffe36e81df678bdd9e2d988a24c07abf71073ebd471fdcom27126.27126.plugins.plugin_13.name", "CrossriderAppUtils"); Line Deleted : user_pref("extensions.a90f0c3bb03224184bf7ffe36e81df678bdd9e2d988a24c07abf71073ebd471fdcom27126.27126.plugins.plugin_14.name", "CrossriderUtils"); Line Deleted : user_pref("extensions.a90f0c3bb03224184bf7ffe36e81df678bdd9e2d988a24c07abf71073ebd471fdcom27126.27126.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _[...] Line Deleted : user_pref("extensions.a90f0c3bb03224184bf7ffe36e81df678bdd9e2d988a24c07abf71073ebd471fdcom27126.27126.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1[...] Line Deleted : user_pref("extensions.a90f0c3bb03224184bf7ffe36e81df678bdd9e2d988a24c07abf71073ebd471fdcom27126.27126.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.a[...] Line Deleted : user_pref("extensions.a90f0c3bb03224184bf7ffe36e81df678bdd9e2d988a24c07abf71073ebd471fdcom27126.27126.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.que[...] Line Deleted : user_pref("extensions.a90f0c3bb03224184bf7ffe36e81df678bdd9e2d988a24c07abf71073ebd471fdcom27126.27126.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_con[...] Line Deleted : user_pref("extensions.a90f0c3bb03224184bf7ffe36e81df678bdd9e2d988a24c07abf71073ebd471fdcom27126.27126.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());[...] Line Deleted : user_pref("extensions.a90f0c3bb03224184bf7ffe36e81df678bdd9e2d988a24c07abf71073ebd471fdcom27126.27126.plugins.plugin_78.name", "CrossriderInfo"); Line Deleted : user_pref("extensions.crossrider.bic", "13e86a6772974f02778d022ce531e759"); Line Deleted : user_pref("extensions.enabledAddons", "bettergmail2%40ginatrapani.org:1.2,%7B2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9%7D:2.3.4,%7B37E4D8EA-8BDA-4831-8EA1-89053939A250%7D:3.0.0.2,%7B582195F5-92E7-40a0-A127[...] Line Deleted : user_pref("extensions.engine@conduit.com.install-event-fired", true); Line Deleted : user_pref("extensions.kango.storage.m2_k1", "1"); Line Deleted : user_pref("extensions.kango.storage.m2_k2", "60"); Line Deleted : user_pref("extensions.kango.storage.m2_k3", "1377940298157"); Line Deleted : user_pref("extensions.kango.storage.m2_k4", "0"); Line Deleted : user_pref("extensions.kango.storage.m2_k5", "1377940302638"); Line Deleted : user_pref("extensions.kango.storage.nero_options", "\"{\\\"m1\\\":{\\\"ads\\\":{\\\"n1\\\":{\\\"url\\\":\\\"//ulayout.com/nero/hatter/google_post_results_728x90.html?aff_slug=appshat\\\",\\\"width\\\"[...] Line Deleted : user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANUPYjoHDClvqAoZ04gpqsZKmrUV[...] Line Deleted : user_pref("extensions.toolbar@ask.com.install-event-fired", true); Line Deleted : user_pref("extensions.toolbar_ATU4-V7@apn.ask.com.install-event-fired", true); [ File : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\psrc56ue.default\prefs.js ] ************************* AdwCleaner[R0].txt - [23757 octets] - [22/09/2013 19:52:38] AdwCleaner[s0].txt - [23627 octets] - [22/09/2013 19:59:44] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [23688 octets] ########## >>>>>>>>>>>MBAM Report Starts Here >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Malwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.09.22.04 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 9.0.8112.16421 Owner :: OWNER-PC [administrator] Protection: Enabled 22-09-2013 8:46:05 PM mbam-log-2013-09-22 (20-46-05).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 274766 Time elapsed: 13 minute(s), 56 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 12 HKCR\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB} (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps (PUP.Optional.Somoto.A) -> Quarantined and deleted successfully. HKCR\CLSID\{CAC42510-9B41-42c1-9DCD-7282A2D07C61} (Trojan.BHO) -> Quarantined and deleted successfully. HKCR\TypeLib\{3AC7D000-0444-4011-A43C-D7796E97E0D1} (Trojan.BHO) -> Quarantined and deleted successfully. HKCR\Interface\{334C6DE3-3FE2-4ED4-9D51-538C3A55E706} (Trojan.BHO) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC42510-9B41-42C1-9DCD-7282A2D07C61} (Trojan.BHO) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CAC42510-9B41-42C1-9DCD-7282A2D07C61} (Trojan.BHO) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAC42510-9B41-42C1-9DCD-7282A2D07C61} (Trojan.BHO) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ebcafb3f-5032-49f2-bf60-b99beef14b5c} (PUP.Optional.LyricsAd.Gen) -> Quarantined and deleted successfully. HKCR\CLSID\{ebcafb3f-5032-49f2-bf60-b99beef14b5c} (PUP.Optional.LyricsAd.Gen) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBCAFB3F-5032-49F2-BF60-B99BEEF14B5C} (PUP.Optional.LyricsAd.Gen) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBCAFB3F-5032-49F2-BF60-B99BEEF14B5C} (PUP.Optional.LyricsAd.Gen) -> Quarantined and deleted successfully. Registry Values Detected: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations|bak_Application (Hijacker.Application) -> Data: http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s -> Quarantined and deleted successfully. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 1 C:\Program Files (x86)\BitAccelerator (Trojan.BHO) -> Quarantined and deleted successfully. Files Detected: 18 C:\ProgramData\InstallMate\{BE965872-CB40-4A63-A888-836265757A84}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\ProgramData\InstallMate\{BE965872-CB40-4A63-A888-836265757A84}\TsuDll.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\ProgramData\InstallMate\{EF967BC2-5447-4B19-A9F2-1C6534755934}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\ProgramData\InstallMate\{EF967BC2-5447-4B19-A9F2-1C6534755934}\TsuDll.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\Users\Owner\Downloads\aTubeCatcher.exe (PUP.Optional.BundledToolBar.A) -> Quarantined and deleted successfully. C:\Users\Owner\Downloads\FLVPlayerSetup-7TZ8j8z.exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Owner\Downloads\rpc412_setup (1).exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Owner\Downloads\rpc412_setup.exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Owner\Downloads\setup.exe (PUP.Optional.Installex) -> Quarantined and deleted successfully. C:\Users\Owner\Downloads\sketchup-pro-2013-13-0-build-3689-cracked-files-chingliu.exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully. C:\Users\Owner\Downloads\SoftonicDownloader_for_google-sketchup.exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully. C:\Users\Owner\Downloads\YouTube_Downloader_Converter.exe (PUP.Optional.Ibryte) -> Quarantined and deleted successfully. C:\Users\Owner\Downloads\~Google_SketchUp_Pro_2013_v13.0.exe (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully. C:\Users\Owner\AppData\Local\AppsHat Mobile Apps\Uninstall.exe (PUP.Optional.Somoto.A) -> Quarantined and deleted successfully. C:\Users\Owner\AppData\Local\DirectDownloader\DirectDownloader.exe (Adware.DirectDownloader) -> Quarantined and deleted successfully. C:\Users\Owner\AppData\Local\DirectDownloader\updateRunner.exe (Adware.DirectDownloader) -> Quarantined and deleted successfully. C:\Users\Public\Desktop\MP3 Downloader.lnk (Rogue.Link) -> Quarantined and deleted successfully. C:\Program Files (x86)\BitAccelerator\BitAccelerator.dll (Trojan.BHO) -> Quarantined and deleted successfully. (end)