Jump to content

System Check

Guest Sigon

By Guest Sigon
in Resolved Malware Removal Logs

 Share

Recommended Posts

Maniac

Maniac

Posted
Posted

Hello Sigon and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Do you experience a specific problem?

Step 1

Please uninstall the following applications:

DAEMON Tools Toolbar

Hola Chrome Toolbar

holasearch toolbar

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 3

Run OTL

Note: A copy of an OTL fix log is saved in a text file at C:\_OTL\MovedFiles

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • OTL Fix log

Link to post
Share on other sites
Guest Sigon

Guest Sigon

Posted
Posted

OTL Fix log:

All processes killed

========== OTL ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}\ not found.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\bProtector Start Page| /E : value set successfully!

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}\ not found.

Use Chrome's Settings page to change the HomePage.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DFF9B2DA-EF99-4B26-83CB-7058299999D8}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFF9B2DA-EF99-4B26-83CB-7058299999D8}\ not found.

File C:\Program Files (x86)\holasearch\holasearch\1.8.16.16\bh\holasearch.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{C510DFFB-0AFE-484C-BA40-CED5B74C4EEF} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C510DFFB-0AFE-484C-BA40-CED5B74C4EEF}\ not found.

File C:\Program Files (x86)\holasearch\holasearch\1.8.16.16\holasearchTlbr.dll not found.

64bit-Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.

File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.

File C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}\ not found.

File C:\Program Files (x86)\StartSearch plugin\ssBarLcher.dll not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~3\browse~1\261125~1.80\{c16c1~1\browse~1.dll deleted successfully.

File c:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll not found.

C:\Windows\SysWow64\searchplugins folder moved successfully.

C:\Windows\SysWow64\Extensions folder moved successfully.

Folder C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect\ not found.

Folder C:\ProgramData\BrowserProtect\ not found.

Folder C:\Users\user\AppData\Roaming\BabSolution\ not found.

Folder C:\Program Files (x86)\holasearch\ not found.

Folder C:\Users\user\AppData\Roaming\holasearch\ not found.

Folder C:\Users\user\AppData\Roaming\File Scout\ not found.

Folder C:\ProgramData\IBUpdaterService\ not found.

Folder C:\Users\user\AppData\Roaming\BabSolution\ not found.

Folder C:\Users\user\AppData\Roaming\Babylon\ not found.

Folder C:\Users\user\AppData\Roaming\File Scout\ not found.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\_userdata\skins\system2 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\_userdata\skins\system1 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\_userdata\skins folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\_userdata folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\35018758\webkit\prepared folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\35018758\webkit\http folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\35018758\webkit folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\35018758\UserbarCache folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\35018758\Skins\6aca35b6b56b848963670de8b0293a15 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\35018758\Skins folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\35018758\Scripts folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\35018758\ImgCache folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\35018758\AvatarCache folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\35018758\AdStatus folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\35018758 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\webkit\prepared folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\webkit\http folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\webkit folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\UserbarCache folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\fcc3fdd7680cce25db8ceb26c7633cee folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\fbf6dcd57dab541ae2b52bde22e1eaf2 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\f0d4e98127f95bca050fc530add3f142 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\ee723143b176ea125c838e513446ee04 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\ed4dd6cc118ab2500715cbd23b054573 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\e9b4279a958eb733b970de5b6668ae82 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\e0e95c02ef7aeef1c53d7bac3f98aafb folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\d5211ea8082fa3205b9c54ab3c95330b folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\d2e0de6a1298e1f1e4c6e2a1c712cc30 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\c963cb5d095496659c264ad682ab7867 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\c48f00103b8247d5d299ef98d4492311 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\ab84e7518a2b1540a23f98d35f674da9 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\a6c2524bb9bb8fc440b5cc2d7f432e1a folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\a379028afc942e2e852f1a52a47a4867 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\8fa488afb3c03022892f70a4181854b8 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\8da1bdf8beddfc60bad4485b862a2b73 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\8bbca50ba35ed364eaac31f23e62fbae folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\89e5f729ccd36c783bff4c68d626ec87 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\889ddfd47b104d263089d593f0048c0f folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\8504781cef9a5339945247ba1a49db6a folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\7e3c73fb18841988b0defc2d548bda7f folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\7d3545e36dc237858ba6ca72fa096f97 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\7144d572c4c2985126121b86ec4f8528 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\6aca35b6b56b848963670de8b0293a15 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\674aad925f12b2300024d5054255cfff folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\65d4807030f160b6d14c8799dd0ca0d3 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\595f4308503d2cd9806e38e83e9a74ea folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\52b1c2d911f2c0f9c7f048522aff6683 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\51f2b7b14433aa22c67d1f4fc18943cd folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\4edffc937470dac55538639ebb718500 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\42b0225aa1481b3d841b2fd5a61d382a folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\3da8d4b23e0d9dd8bc88d5f68d45a040 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\3bf99d9b7476fa9f8d74ccb7322229ca folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\3aeafa6c08047998004c05522f30b06b folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\3668d1bef60c9aa0726b368b62000442 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\2fa884e7b57127f40ae184070d9e640c folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\1c72cd78f4cb651c854c25ac96109a66 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\1a086b419d05d33408310694b45f7158 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\0d07ae659149fcd6811dc5f319e2d39a folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\08755b55149979e5c0b2c0f9ac735a8b folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\077a5b2f26088839dc15f07105b3abed folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins\068034424698f39fa82c070bf1445b24 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Skins folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\Scripts folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\ImgCache folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\AvatarCache folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257\AdStatus folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10\2821257 folder moved successfully.

C:\Users\user\AppData\Roaming\Gadu-Gadu 10 folder moved successfully.

Folder C:\Users\user\AppData\Roaming\holasearch\ not found.

========== FILES ==========

< ipconfig /flushdns /c >

Konfiguracja IP systemu Windows

Pomylnie opr˘ľniono pami©† podr©cznĄ programu rozpoznawania nazw DNS.

C:\Users\user\Desktop\cmd.bat deleted successfully.

C:\Users\user\Desktop\cmd.txt deleted successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Public

User: user

->Temp folder emptied: 52163 bytes

->Temporary Internet Files folder emptied: 34557 bytes

->Java cache emptied: 0 bytes

->Google Chrome cache emptied: 31873396 bytes

->Opera cache emptied: 0 bytes

->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 4206 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 30,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 03312013_184903

Files\Folders moved on Reboot...

C:\Users\user\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Junkware Removal Tool log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.7.8 (03.31.2013:1)

OS: Windows 7 Professional x64

Ran by user on 2013-03-31 at 18:40:36,44

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 2013-03-31 at 18:47:32,64

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Thanks for helping me :)

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Please download AdwCleaner from here and save it on your Desktop.

  1. Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
  2. Now click on the Search tab.
  3. Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.