qv06 virus

maiduguri · August 19, 2013

The above virus has got into my computer in the past few days, and no matter what I try I have not been able to remove it.

I researched this on google and learnt that it is extremely difficult to remove, but there were many suggestions that Malwarebytes would remove qv06 from my system. Having downloaded your software and scanned my computer, many threats were found, and subsequently removed, but not qv06. Can anyone please advise how to achieve complete removal?

MrCharlie · August 19, 2013

Welcome to the forum, please start HERE

Post back the 2 logs here.....DDS.txt and Attach.txt

(please don't put logs in code or quotes)

P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
2. If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Failure to remove such software will result in your topic being closed and no further assistance being provided.

<====><====><====><====><====><====><====><====>

Next................

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes)

MrC

Note:

Please read all of my instructions completely including these.

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

maiduguri · August 19, 2013

Hi MrCharlie

I was not able to copy and paste in a folder, so I had to copy the entire text. Hope this will be of help.

Maiduguri

RogueKiller V8.6.6 _x64_ [Aug 19 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Graham [Admin rights]
Mode : Scan -- Date : 08/19/2013 17:45:34
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 9 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:8877;hxxps=127.0.0.1:8877) -> FOUND
[PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (1) -> FOUND
[HJ POL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[APPINIT][sUSP PATH] HKLM\[...]\Windows : AppInit_DLLs (C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\SEARCH~2\Datamngr\x64\mgrldr.dll [-][x]) -> FOUND

¤¤¤ Scheduled tasks : 6 ¤¤¤
[V1][sUSP PATH] MySearchDial.job : C:\Users\Graham\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND
[V1][sUSP PATH] DSite.job : C:\Users\Graham\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND
[V1][sUSP PATH] Dealply.job : C:\Users\Graham\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND
[V2][sUSP PATH] Dealply : C:\Users\Graham\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND
[V2][sUSP PATH] DSite : C:\Users\Graham\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND
[V2][sUSP PATH] MySearchDial : C:\Users\Graham\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[FF][PROXY] qlduj3p9.default-1371034330804 : user_pref("network.proxy.type", 2); -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BPVT-75ZEST0 ATA Device +++++
--- User ---
[MBR] ebf54d5438519b3b7374c5f74356a198
[bSP] dcc41f796c074ce294de96e542a755a2 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 305143 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_08192013_174534.txt >>

MrCharlie · August 19, 2013

I need to see the logs from DDS:

DDS.txt and Attach.txt

MrC

maiduguri · August 19, 2013

I'm sorry but I don't see anything about DDS. Where do I find the two files you mentioned?

MrCharlie · August 19, 2013

Here you go:

http://forums.malwarebytes.org/index.php?showtopic=9573

MrC

maiduguri · August 20, 2013

MrC

I may be in my 70's, but everythings still works, including my brain, but I just can't find a way to copy the two files you want from my desktop and paste and post it here.

MrCharlie · August 20, 2013

Well if you have located the 2 files......DDS.txt and Attach.txt

Double click on DDS.txt to open it

Go to Edit on top and choose Select all

Then back to Edit > choose Copy

Now back to the forum at the bottom you'll see ----->> Reply to this topic

Right click in the box and choose Paste

The DDS.txt should now have been copied into the box

Now click Post on the bottom right of the window.

Repeat for Attach.txt

MrC

maiduguri · August 20, 2013

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 1.6.0_18
Run by Graham at 12:35:45 on 2013-08-20
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.1911.188 [GMT 2:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsService.exe
C:\Program Files\Macrium\Reflect\ReflectService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\sysTPL\sysTPLMonitor.exe
C:\Program Files (x86)\sysTPL\sysTPLService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
C:\Program Files (x86)\JRT Studio\iSyncr\iSyncr.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Everything\Everything.exe
C:\Program Files\McAfee\MAT\McPvTray.exe
C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\DeviceDisplayObjectProvider.exe
C:\Windows\system32\DXPServer.exe
c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

uWindow Title = Internet Explorer, enhanced for Bing and MSN

uProxyServer = hxxp=127.0.0.1:8877;https=127.0.0.1:8877

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: mixidj Helper Object: {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: MixiDJ Toolbar: {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [iMesh] "C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe" --lightmode
uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [bingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Everything] "C:\Program Files (x86)\Everything\Everything.exe" -startup
mRun: [tuto4pc_fr_53] <no file>
StartupFolder: C:\Users\Graham\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\NOVABA~1.LNK - C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsCtrl.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\iSyncr.lnk - C:\Windows\Installer\{8D061AA0-3612-4F54-A105-5DA809D4B2EA}\_8041A96F4907AC943CB7DC.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:253
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Trusted Zone: google-analytics.com
Trusted Zone: novastor.com
Trusted Zone: novastor.com

TCP: NameServer = 192.168.1.1
TCP: Interfaces\{331650E7-0FC5-47DF-B2CF-7CBB01ED6B76} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{331650E7-0FC5-47DF-B2CF-7CBB01ED6B76}\77966696F527463613F523 : DHCPNameServer = 8.8.8.8 8.8.4.4
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\
FF - prefs.js: browser.search.selectedEngine - qvo6

FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dll
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - ExtSQL: 2013-07-31 14:30; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; C:\Program Files (x86)\McAfee\SiteAdvisor
FF - ExtSQL: 2013-08-01 20:15; jid1-4P0kohSJxU1qGg@jetpack; C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\extensions\jid1-4P0kohSJxU1qGg@jetpack.xpi
FF - ExtSQL: 2013-08-02 16:45; webbooster@iminent.com; C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\extensions\webbooster@iminent.com.xpi
FF - ExtSQL: 2013-08-06 14:45; s3google@translator; C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\extensions\s3google@translator.xpi
FF - ExtSQL: !HIDDEN! 2013-06-06 19:33; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.mysearchdial.hmpg - true

FF - user.js: extensions.mysearchdial.dfltSrch - true
FF - user.js: extensions.mysearchdial.srchPrvdr - Mysearchdial
FF - user.js: extensions.mysearchdial.dnsErr - true
FF - user.js: extensions.mysearchdial_i.newTab - false

FF - user.js: extensions.mysearchdial.id - 1C659D5CCC29E50E
FF - user.js: extensions.mysearchdial.instlDay - 15912
FF - user.js: extensions.mysearchdial.vrsn -
FF - user.js: extensions.mysearchdial.vrsni -
FF - user.js: extensions.mysearchdial_i.vrsnTs - 16:42:16
FF - user.js: extensions.mysearchdial.prtnrId - mysearchdial
FF - user.js: extensions.mysearchdial.prdct - mysearchdial
FF - user.js: extensions.mysearchdial.aflt - dnldmsd
FF - user.js: extensions.mysearchdial_i.smplGrp - none
FF - user.js: extensions.mysearchdial.tlbrId - base
FF - user.js: extensions.mysearchdial.instlRef -
FF - user.js: extensions.mysearchdial.dfltLng -
FF - user.js: extensions.mysearchdial.appId - {CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
FF - user.js: extensions.mysearchdial.excTlbr - false
FF - user.js: extensions.mysearchdial_i.hmpg - true
FF - user.js: extensions.mysearchdial.cr - 1289528298
FF - user.js: extensions.mysearchdial.cd - 2XzuyEtN2Y1L1QzutC0CyCyDzy0DyD0C0C0CtBzy0EyDtD0EtN0D0Tzu0CyDyBtAtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q
FF - user.js: extensions.irmysearch.aflt - dnldmsd
FF - user.js: extensions.irmysearch.instlRef -
FF - user.js: extensions.irmysearch.cr - 1289528298
FF - user.js: extensions.irmysearch.cd - 2XzuyEtN2Y1L1QzutC0CyCyDzy0DyD0C0C0CtBzy0EyDtD0EtN0D0Tzu0CyDyBtAtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 08e7e50e0000000000001c659d5ccc29
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15933
FF - user.js: extensions.delta.vrsn - 1.8.24.5
FF - user.js: extensions.delta.vrsni - 1.8.24.5
FF - user.js: extensions.delta.vrsnTs - 1.8.24.517:39:02
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119357&tsp=4976
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2012-12-26 772944]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-12-26 342416]
R1 MOBKFilter;MOBKFilter;C:\Windows\System32\drivers\MOBK.sys [2013-5-6 66040]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 McPvDrv;McPvDrv Driver;C:\Windows\System32\drivers\McPvDrv.sys [2013-8-10 74560]
R2 supersafer64;supersafer64;C:\Windows\SysWOW64\drivers\supersafer64.sys [2013-5-7 238072]
R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2013-5-6 20984]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2012-12-26 70112]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-8-18 25928]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-12-26 309968]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-12-26 516608]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2013-2-18 337120]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-5-6 325152]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-5-27 57840]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2013-8-10 197264]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2013-2-18 95856]
S3 PSMounterEx;Macrium Reflect Image Explorer Driver;C:\Windows\System32\drivers\psmounterex.sys [2013-7-26 79992]
S3 PSVolAcc;PSVolAcc;C:\Windows\System32\drivers\PSVolAcc.sys [2013-6-28 13944]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-6-6 19456]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2013-7-26 31800]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-6-6 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-6-6 30208]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== File Associations ===============
.
.chm: <filetype is not registered>
.
=============== Created Last 30 ================
.
2013-08-19 09:04:16    76232    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EED8CBFE-5D5E-4C64-B5AF-379893F48C95}\offreg.dll
2013-08-19 08:33:35    --------    d-----w-    C:\Users\Graham\AppData\Roaming\SUPERAntiSpyware.com
2013-08-19 08:33:11    --------    d-----w-    C:\ProgramData\SUPERAntiSpyware.com
2013-08-19 08:33:11    --------    d-----w-    C:\Program Files\SUPERAntiSpyware
2013-08-18 15:04:36    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2013-08-18 15:04:35    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-18 12:14:09    --------    d-----w-    C:\Program Files\Enigma Software Group
2013-08-18 12:12:56    --------    d-----w-    C:\Windows\67E1227ED5534A6A96CD40CCBBC705D8.TMP
2013-08-18 12:12:53    --------    d-----w-    C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-08-17 16:12:57    --------    d-----w-    C:\ProgramData\391B7
2013-08-17 12:36:55    --------    d-----w-    C:\Windows\en-gb
2013-08-16 18:09:37    --------    d-----w-    C:\Users\Graham\AppData\Roaming\MusicNet
2013-08-16 18:07:15    --------    d-----w-    C:\Users\Graham\AppData\Local\iMesh
2013-08-16 18:06:23    --------    d-----w-    C:\Program Files (x86)\iMesh Applications
2013-08-16 17:37:46    --------    d-----w-    C:\ProgramData\eSafe
2013-08-16 17:37:30    --------    d-----w-    C:\Users\Graham\AppData\Local\DealPlyLive
2013-08-16 17:36:51    --------    d-----w-    C:\Program Files (x86)\tuto4pc_fr_53
2013-08-16 17:36:41    --------    d-----w-    C:\Program Files (x86)\DealPly
2013-08-16 17:36:36    --------    d-----w-    C:\Users\Graham\AppData\Roaming\eIntaller
2013-08-16 15:41:52    --------    d-----w-    C:\Users\Graham\Qtrax
2013-08-16 15:38:08    --------    d-----w-    C:\Users\Graham\AppData\Local\eorezo
2013-08-16 15:18:36    --------    d-----w-    C:\Users\Graham\AppData\Roaming\DSite
2013-08-16 14:47:15    9460976    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EED8CBFE-5D5E-4C64-B5AF-379893F48C95}\mpengine.dll
2013-08-14 19:49:37    1472512    ----a-w-    C:\Windows\System32\crypt32.dll
2013-08-14 19:49:37    1166848    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-08-14 19:49:36    224256    ----a-w-    C:\Windows\System32\wintrust.dll
2013-08-14 19:49:36    175104    ----a-w-    C:\Windows\SysWow64\wintrust.dll
2013-08-14 19:49:35    184320    ----a-w-    C:\Windows\System32\cryptsvc.dll
2013-08-14 19:49:35    140288    ----a-w-    C:\Windows\SysWow64\cryptsvc.dll
2013-08-14 19:49:34    139776    ----a-w-    C:\Windows\System32\cryptnet.dll
2013-08-14 19:49:34    103936    ----a-w-    C:\Windows\SysWow64\cryptnet.dll
2013-08-14 19:48:25    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2013-08-14 19:48:25    2048    ----a-w-    C:\Windows\System32\tzres.dll
2013-08-10 15:35:15    74560    ----a-w-    C:\Windows\System32\drivers\McPvDrv.sys
2013-08-10 15:34:13    197264    ----a-w-    C:\Windows\System32\drivers\HipShieldK.sys
2013-08-02 01:21:05    --------    d-----w-    C:\Windows\System32\MRT
2013-07-31 12:45:18    --------    d-----w-    C:\Program Files (x86)\stinger
2013-07-27 08:08:46    9460976    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-07-26 15:00:28    31800    ----a-w-    C:\Windows\System32\drivers\revoflt.sys
2013-07-26 15:00:28    --------    d-----w-    C:\ProgramData\VS Revo Group
2013-07-26 15:00:22    --------    d-----w-    C:\Program Files\VS Revo Group
2013-07-26 14:42:55    --------    d-----w-    C:\Program Files (x86)\Everything
2013-07-26 14:25:01    --------    d-----w-    C:\Stinger_Quarantine
2013-07-26 14:24:07    --------    d-----w-    C:\Program Files\stinger
2013-07-26 11:32:51    --------    d-----w-    C:\Users\Graham\AppData\Roaming\JRT Studio
2013-07-26 11:32:39    --------    d-----w-    C:\Program Files (x86)\JRT Studio
2013-07-25 23:01:11    79992    ----a-w-    C:\Windows\System32\drivers\psmounterex.sys
2013-07-25 19:51:34    --------    d-----w-    C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-07-25 19:31:04    --------    d-----w-    C:\Program Files\iPod
2013-07-25 19:30:46    --------    d-----w-    C:\Program Files\iTunes
2013-07-25 18:58:46    571904    ----a-w-    C:\Program Files\Windows Defender\MpClient.dll
2013-07-25 18:58:46    392704    ----a-w-    C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-25 18:58:46    314880    ----a-w-    C:\Program Files\Windows Defender\MpCommu.dll
2013-07-25 18:58:46    1011712    ----a-w-    C:\Program Files\Windows Defender\MpSvc.dll
2013-07-25 18:58:45    9216    ----a-w-    C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-25 18:58:45    54784    ----a-w-    C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-25 18:58:45    4608    ----a-w-    C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-25 18:56:24    624128    ----a-w-    C:\Windows\System32\qedit.dll
2013-07-25 18:56:24    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
2013-07-25 18:41:15    1732608    ----a-w-    C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-25 18:41:15    1393152    ----a-w-    C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-25 18:41:15    1367040    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-25 18:41:14    1402880    ----a-w-    C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-25 18:41:13    936448    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-25 18:40:12    3153920    ----a-w-    C:\Windows\System32\win32k.sys
2013-07-25 18:39:42    1643520    ----a-w-    C:\Windows\System32\DWrite.dll
2013-07-25 18:39:41    1247744    ----a-w-    C:\Windows\SysWow64\DWrite.dll
2013-07-25 18:03:37    --------    d-----w-    C:\0623fe9094bc586ff9206f8e703907
2013-07-25 17:32:33    4188160    ----a-w-    C:\Program Files (x86)\GUT4559.tmp
2013-07-25 17:32:33    --------    d-----w-    C:\Program Files (x86)\GUM4558.tmp
.
==================== Find3M ====================
.
2013-08-12 06:45:08    117439456    ----a-w-    C:\Users\Graham\AppData\Roaming\hkey_local_machine.reg
2013-07-26 10:09:53    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-26 10:09:53    692104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-26 05:13:37    2241024    ----a-w-    C:\Windows\System32\wininet.dll
2013-07-26 05:12:08    3958784    ----a-w-    C:\Windows\System32\jscript9.dll
2013-07-26 05:12:04    136704    ----a-w-    C:\Windows\System32\iesysprep.dll
2013-07-26 05:12:03    67072    ----a-w-    C:\Windows\System32\iesetup.dll
2013-07-26 03:35:08    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-07-26 03:13:24    1767936    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-07-26 03:12:04    2877440    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-07-26 03:12:00    61440    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2013-07-26 03:12:00    109056    ----a-w-    C:\Windows\SysWow64\iesysprep.dll
2013-07-26 02:49:14    2706432    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-07-26 02:39:38    89600    ----a-w-    C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-26 01:59:38    71680    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-07-25 09:25:54    1888768    ----a-w-    C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27    1620992    ----a-w-    C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-09 06:03:30    5550528    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2013-07-09 05:54:22    1732032    ----a-w-    C:\Windows\System32\ntdll.dll
2013-07-09 05:53:12    243712    ----a-w-    C:\Windows\System32\wow64.dll
2013-07-09 05:51:16    1217024    ----a-w-    C:\Windows\System32\rpcrt4.dll
2013-07-09 05:03:34    3968960    ----a-w-    C:\Windows\SysWow64\ntkrnlpa.exe
2013-07-09 05:03:34    3913664    ----a-w-    C:\Windows\SysWow64\ntoskrnl.exe
2013-07-09 04:53:47    1292192    ----a-w-    C:\Windows\SysWow64\ntdll.dll
2013-07-09 04:52:33    663552    ----a-w-    C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:33    5120    ----a-w-    C:\Windows\SysWow64\wow32.dll
2013-07-09 04:45:07    44032    ----a-w-    C:\Windows\apppatch\acwow64.dll
2013-07-09 02:49:42    25600    ----a-w-    C:\Windows\SysWow64\setup16.exe
2013-07-09 02:49:41    7680    ----a-w-    C:\Windows\SysWow64\instnm.exe
2013-07-09 02:49:39    14336    ----a-w-    C:\Windows\SysWow64\ntvdm64.dll
2013-07-09 02:49:38    2048    ----a-w-    C:\Windows\SysWow64\user.exe
2013-07-06 06:03:53    1910208    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-06-28 14:55:56    13944    ----a-w-    C:\Windows\System32\drivers\PSVolAcc.sys
2013-06-15 04:32:16    39936    ----a-w-    C:\Windows\System32\drivers\tssecsrv.sys
2013-06-12 12:05:17    9089416    ----a-w-    C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-06-04 17:55:57    86720    ----a-w-    C:\Windows\System32\drivers\hola_mon_drv.sys
2013-06-04 17:55:57    571072    ----a-w-    C:\Windows\System32\drivers\hola_drv.sys
2013-06-04 17:47:03    86976    ----a-w-    C:\Windows\System32\drivers\hola_net.sys
2013-05-24 16:23:48    411368    ----a-w-    C:\Windows\SysWow64\deploytk.dll
.
============= FINISH: 12:39:19.48 ===============
And attach.txt

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 06/05/2013 16:11:17
System Uptime: 19/08/2013 10:48:05 (26 hours ago)
.
Motherboard: Dell Inc. | | 0WXY9J
Processor: Intel® Pentium® CPU P6000 @ 1.87GHz | CPU 1 | 931/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 78.654 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP121: 12/08/2013 19:21:01 - TuneUp360's restore point
RP122: 13/08/2013 09:45:09 - Windows Update
RP123: 16/08/2013 09:23:01 - Windows Update
RP125: 16/08/2013 19:39:17 - Windows Defender Checkpoint
RP127: 17/08/2013 13:43:59 - Revo Uninstaller Pro's restore point - windows photo gallery
RP128: 17/08/2013 14:29:21 - Windows Live Essentials
RP129: 17/08/2013 14:31:26 - Installed DirectX
RP130: 17/08/2013 14:33:03 - Installed DirectX
RP131: 17/08/2013 14:33:59 - Installed DirectX
RP132: 17/08/2013 14:35:11 - WLSetup
RP133: 17/08/2013 16:16:06 - Windows Update
RP134: 17/08/2013 17:46:59 - Restore Operation
RP135: 18/08/2013 14:13:06 - Installed SpyHunter
RP136: 18/08/2013 16:54:59 - Removed SpyHunter
RP137: 18/08/2013 16:55:59 - Removed SpyHunter
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
AIO_CDB_ProductContext
AIO_CDB_Software
AIO_Scan
Any Video Converter 5.0.5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Awesome Duplicate Photo Finder v. 1.1
Bing Desktop
Bonjour
BufferChm
Byki
Byki Deluxe
CCleaner
Copy
D3DX10
Destinations
DeviceDiscovery
DocProc
DW WLAN Card Utility
Everything 1.2.1.371
Fax
File Uploader
FTDownloader
Google Chrome
Google Update Helper
GPBaseService2
HP Customer Participation Program 13.0
HP Imaging Device Functions 13.0
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
HP Smart Web Printing 4.51
HP Solution Center 13.0
HP Update
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
iMesh
Iminent
Iminent Toolbar For Internet Explorer
Intel PROSet Wireless
Intel® PROSet/Wireless WiFi Software
IrfanView (remove only)
iSyncr
iTunes
Java 7 Update 21 (64-bit)
Java 6 Update 18
Junk Mail filter update
Macrium Reflect Standard Edition
Malwarebytes Anti-Malware version 1.75.0.1300
MarketResearch
McAfee Online Backup
McAfee Security Scan Plus
McAfee Total Protection
McAfee Virtual Technician
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MixiDJ Toolbar
Modem Diagnostic Tool
Movie Maker
Mozilla Firefox 23.0.1 (x86 en-GB)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
Nero Audio Pack 1
Nero Blu-ray Player
Nero Blu-ray Player Help (CHM)
Nero Core Components
Nero Kwik Media
Nero Kwik Media Help (CHM)
Nero Kwik Themes Basic
Nero SharedVideoCodecs
Nero Update
Netwaiting
Network64
Nikon Message Center
Nikon RAW Codec
Nikon Transfer
NovaBACKUP
OCR Software by I.R.I.S. 13.0
OpenOffice.org 3.2
Photo Common
Photo Gallery
Picasa 3
Picture Control Utility
Prerequisite installer
Realtek Ethernet Controller Driver For Windows 7
Revo Uninstaller Pro 3.0.7
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Shared C Run-time for x64
Shop for HP Supplies
Skype Click to Call
Skype™ 6.7
SloMoDirector
SmartWebPrinting
SolutionCenter
Spotmau PowerSuite Golden 2012 (build 7.0.1)
Status
SUPERAntiSpyware
sysTPL
TEFView 2.73
TempoPerfect Metronome Software
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
ViewNX
VLC media player 2.0.7
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
.
==== Event Viewer Messages From Past Week ========
.
20/08/2013 12:27:13, Error: Service Control Manager [7023] - The HP Network Devices Support service terminated with the following error: The specified module could not be found.
20/08/2013 12:24:55, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
20/08/2013 12:24:55, Error: Service Control Manager [7000] - The TCP/IP NetBIOS Helper service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19/08/2013 10:08:21, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
19/08/2013 10:08:21, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
19/08/2013 10:08:21, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
19/08/2013 05:25:19, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
18/08/2013 20:00:39, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McProxy service.
18/08/2013 20:00:09, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mcpltsvc service.
18/08/2013 19:59:39, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McNaiAnn service.
18/08/2013 19:59:09, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McMPFSvc service.
18/08/2013 19:58:09, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HomeNetSvc service.
18/08/2013 15:26:46, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {D4583E73-8C3A-4850-A60F-71363527B0FB}. The error: "740" Happened while starting this command: "C:\Program Files (x86)\McAfee\Supportability\MVT\MvtApp.exe" -Embedding
18/08/2013 14:15:12, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 2 time(s).
18/08/2013 14:11:47, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).
18/08/2013 14:11:47, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).
18/08/2013 10:26:35, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: hola_net
18/08/2013 10:24:53, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
17/08/2013 21:00:04, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: %%-2147467243
17/08/2013 20:59:39, Error: Service Control Manager [7023] - The Security Center service terminated with the following error: The authentication service is unknown.
17/08/2013 19:26:17, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
17/08/2013 19:04:56, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
17/08/2013 19:04:55, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
17/08/2013 19:04:55, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
17/08/2013 19:04:39, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
17/08/2013 19:04:30, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
17/08/2013 18:57:41, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
17/08/2013 18:57:41, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}
17/08/2013 18:55:55, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21
17/08/2013 18:55:38, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache hola_net MOBKFilter spldr Wanarpv6
17/08/2013 18:43:14, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
17/08/2013 16:16:46, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f020b: Realtek - Network - Realtek PCIe FE Family Controller.
17/08/2013 14:11:59, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service stisvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
17/08/2013 04:37:55, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
16/08/2013 21:05:29, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR6.
16/08/2013 20:47:28, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR3.
16/08/2013 18:54:15, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service mcpltsvc with arguments "" in order to run the server: {20966775-18A4-4299-B8E3-772C336B52A7}
16/08/2013 18:54:14, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Platform Services service to connect.
16/08/2013 18:54:14, Error: Service Control Manager [7000] - The McAfee Platform Services service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
16/08/2013 10:21:05, Error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
16/08/2013 10:21:05, Error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
16/08/2013 10:21:05, Error: Service Control Manager [7031] - The McAfee Platform Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
16/08/2013 10:21:05, Error: Service Control Manager [7031] - The McAfee Personal Firewall service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
16/08/2013 10:21:05, Error: Service Control Manager [7031] - The McAfee Anti-Spam Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
16/08/2013 10:21:04, Error: Service Control Manager [7031] - The McAfee Home Network service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
15/08/2013 18:25:22, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McAfee SiteAdvisor Service service.
15/08/2013 09:14:32, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
14/08/2013 21:38:25, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service HPSLPSVC with arguments "" in order to run the server: {10DA4F3C-CC99-4190-BE4D-58330754E882}
14/08/2013 21:38:24, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Network Devices Support service to connect.
14/08/2013 21:38:24, Error: Service Control Manager [7000] - The HP Network Devices Support service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
ch.txt

MrCharlie · August 20, 2013

Run RogueKiller again and click Scan

When the scan completes > click on the Registry tab

Put a check next to all of these and uncheck the rest: (if found)

[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:8877;hxxps=127.0.0.1:8877) -> FOUND
[PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (1) -> FOUND
[APPINIT][sUSP PATH] HKLM\[...]\Windows : AppInit_DLLs (C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\SEARCH~2\Datamngr\x64\mgrldr.dll [-][x]) -> FOUND

Now click Delete on the right hand column under Options

-------------

Then click on "Fix proxy" on the right hand column under Options

-------------------------------------------------------------------------------

Please uninstall ----------->MixiDJ Toolbar from your add/remove programs:

http://www.systemlookup.com/CLSID/77445-mixidjTlbr_dll.html

----------------------------------------------------------------------------------

There's lots of adware in the logs......lets get rid of it:

Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator

Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
MrC

maiduguri · August 21, 2013

MrCharlie

I downloaded AdwCleaned but there was no "scan" button, only a "clean" button. So I took that option and it seems to have removed qv06 from my computer.

I attach below the AdwCleaner report, which is in two parts because my laptop shut down half way through the firect clean:

# AdwCleaner v3.000 - Report created20/08/2013at22:19:48
# Updated 13/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Graham - GRAHAM-PC
# Running from : C:\Users\Graham\Downloads\adwcleaner.exe

***** [ Services ] *****

Service Deleted : BrowserDefendert

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
[#] Folder Deleted : C:\ProgramData\Browser Manager
[!] Folder Deleted : C:\ProgramData\BrowserDefender
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\Iminent
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\Program Files (x86)\DealPly
Folder Deleted : C:\Program Files (x86)\delta
Folder Deleted : C:\Program Files (x86)\FTDownloader.com
Folder Deleted : C:\Program Files (x86)\iMesh Applications
Folder Deleted : C:\Program Files (x86)\mixidj
Folder Deleted : C:\Program Files (x86)\Mysearchdial
Folder Deleted : C:\Program Files (x86)\Search Results Toolbar
Folder Deleted : C:\Program Files (x86)\Searchqu Toolbar
Folder Deleted : C:\Program Files (x86)\SearchYa!
Folder Deleted : C:\Program Files (x86)\Common Files\Umbrella
Folder Deleted : C:\Users\Graham\AppData\Local\blekkotb
Folder Deleted : C:\Users\Graham\AppData\Local\Conduit
Folder Deleted : C:\Users\Graham\AppData\Local\DealPlyLive
Folder Deleted : C:\Users\Graham\AppData\Local\EoRezo
Folder Deleted : C:\Users\Graham\AppData\Local\iMesh
Folder Deleted : C:\Users\Graham\AppData\Local\jZip
Folder Deleted : C:\Users\Graham\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\Graham\AppData\Local\Temp\Iminent
Folder Deleted : C:\Users\Graham\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Graham\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Graham\AppData\LocalLow\blekkotb
Folder Deleted : C:\Users\Graham\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Graham\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Graham\AppData\LocalLow\Dealio
Folder Deleted : C:\Users\Graham\AppData\LocalLow\jZip
Folder Deleted : C:\Users\Graham\AppData\LocalLow\koyotesofttoolbarnew
Folder Deleted : C:\Users\Graham\AppData\LocalLow\Mysearchdial
Folder Deleted : C:\Users\Graham\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Graham\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Graham\AppData\LocalLow\Searchqutoolbar
Folder Deleted : C:\Users\Graham\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Graham\AppData\LocalLow\Vuze_Remote
Folder Deleted : C:\Users\Graham\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Graham\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Graham\AppData\Roaming\delta
Folder Deleted : C:\Users\Graham\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Graham\AppData\Roaming\DSite
Folder Deleted : C:\Users\Graham\AppData\Roaming\eIntaller
Folder Deleted : C:\Users\Graham\AppData\Roaming\ExpressFiles
Folder Deleted : C:\Users\Graham\AppData\Roaming\Iminent
Folder Deleted : C:\Users\Graham\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\Graham\AppData\Roaming\mixidj
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mysearchdial
Folder Deleted : C:\Users\Graham\AppData\Roaming\OfferBox
Folder Deleted : C:\Users\Graham\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Graham\AppData\Roaming\SearchYa
Folder Deleted : C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Folder Deleted : C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\blekkotb
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\ConduitCommon
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\jetpack
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\Searchqutoolbar
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\jetpack
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
File Deleted : C:\Users\Public\Desktop\MySearchDial.url
File Deleted : C:\Windows\System32\Tasks\BrowserDefendert
File Deleted : C:\Windows\Tasks\Dealply.job
File Deleted : C:\Windows\System32\Tasks\Dealply
File Deleted : C:\Windows\Tasks\DSite.job
File Deleted : C:\Windows\System32\Tasks\DSite
File Deleted : C:\Windows\System32\Tasks\EPUpdater
File Deleted : C:\Windows\Tasks\MySearchDial.job
File Deleted : C:\Windows\System32\Tasks\MySearchDial

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Graham\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Graham\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Graham\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registry ] *****

Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\browse~1\261519~1.191\{c16c1~1\browse~1.dll
Data Deleted : HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\browse~1\261519~1.191\{c16c1~1\browse~1.dll
Data Deleted : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD3200BPVT-75ZEST0_WD-WXG1A80V4791V4791&ts=1376674606
Data Deleted : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [(Default)] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD3200BPVT-75ZEST0_WD-WXG1A80V4791V4791&ts=1376674606
------------------------------------------------

# AdwCleaner v3.000 - Report created20/08/2013at22:31:43
# Updated 13/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Graham - GRAHAM-PC
# Running from : C:\Users\Graham\Downloads\adwcleaner.exe

***** [ Services ] *****

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\BrowserDefender

***** [ Shortcuts ] *****

***** [ Registry ] *****

Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\browse~1\261519~1.191\{c16c1~1\browse~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\browse~1\261519~1.191\{c16c1~1\browse~1.dll
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NTRedirect]
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\speedmaxpc_RASAPI32
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKCU\Software\5be8bdee139ec14
Key Deleted : HKLM\SOFTWARE\5be8bdee139ec14
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_samsung-kies_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-photo-gallery_RASAPI32
Key Deleted : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C41C967C-1BD4-404c-8393-A34F94156193}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\iMesh.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0af350d9-3916-454b-ac53-0b0b65f41301}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{819DC4CA-4FFF-4C2E-800D-F346471D99BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A105B30B-D103-4781-B18C-E8DF93B6EBD0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Deleted : HKU\S-1-5-21-2006630492-923559519-2914204040-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1968FDBA-C769-E6FC-912D-0C23A8A0D151}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1968FDBA-C769-E6FC-912D-0C23A8A0D151}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1D058402-4289-8EBA-19C8-29AAE7A0699A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1D058402-4289-8EBA-19C8-29AAE7A0699A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{372B4DAF-A2C5-4F3F-F8EC-1E74EDC5FA1B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{372B4DAF-A2C5-4F3F-F8EC-1E74EDC5FA1B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7113F0FD-F334-060E-2B72-356AD1A4A0A5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7113F0FD-F334-060E-2B72-356AD1A4A0A5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{108F5878-71F9-4B5C-9EC0-58CEC29E8124}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{108F5878-71F9-4B5C-9EC0-58CEC29E8124}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{27588682-6FCC-4061-B2BB-7176E03359B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{27588682-6FCC-4061-B2BB-7176E03359B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9A2DCB-F5DB-40D0-8E62-3B47DD476A77}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E9A2DCB-F5DB-40D0-8E62-3B47DD476A77}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2EEFF6A3-9828-48F2-A7BF-1A5365D7DA32}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2EEFF6A3-9828-48F2-A7BF-1A5365D7DA32}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{38F830AF-C844-48BD-86CF-75AB9A5C3FC2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{38F830AF-C844-48BD-86CF-75AB9A5C3FC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4CA33941-B476-46A4-94EB-3DBA21B2D76D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4CA33941-B476-46A4-94EB-3DBA21B2D76D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C854B7-3DE0-406B-83F1-D218481BD1FA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C854B7-3DE0-406B-83F1-D218481BD1FA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59B23951-2232-4AFB-81D4-64A8A16D457A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59B23951-2232-4AFB-81D4-64A8A16D457A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6390CA4B-8D70-47EA-90F5-21E2FEADD997}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6390CA4B-8D70-47EA-90F5-21E2FEADD997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{794DC34A-1D5E-4205-80BE-FC9D8E19E7F8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{794DC34A-1D5E-4205-80BE-FC9D8E19E7F8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7E23FCAB-83EE-4012-B6A0-1EC68554956F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7E23FCAB-83EE-4012-B6A0-1EC68554956F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E522F1-9E90-47DD-A2CE-39B0C00274A0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E522F1-9E90-47DD-A2CE-39B0C00274A0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{888C8994-107B-4CFB-9E42-7AA96230C1E0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{888C8994-107B-4CFB-9E42-7AA96230C1E0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E096DFB-6AB7-45C7-BF64-B313C7096529}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8E096DFB-6AB7-45C7-BF64-B313C7096529}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{996A9940-2F2C-4486-A479-439C4A15F278}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{996A9940-2F2C-4486-A479-439C4A15F278}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B7D44BA-376C-456F-B289-5034270322FD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9B7D44BA-376C-456F-B289-5034270322FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BD8FF26-2C71-4D35-9FE2-AD8D25AECC36}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BD8FF26-2C71-4D35-9FE2-AD8D25AECC36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9FD6DE57-31C7-4EB4-87AF-495DEEA4ECBD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9FD6DE57-31C7-4EB4-87AF-495DEEA4ECBD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A63B48E9-1EC7-413E-9C48-3404BBF87BF3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A63B48E9-1EC7-413E-9C48-3404BBF87BF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCE6E914-AEF0-4FEE-8FC8-06F9B42BF890}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCE6E914-AEF0-4FEE-8FC8-06F9B42BF890}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD8D5FFA-4F92-48AD-BFBE-7896916656F5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD8D5FFA-4F92-48AD-BFBE-7896916656F5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C92E6D80-EC54-45CC-AC4B-A7CF42F11B52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C92E6D80-EC54-45CC-AC4B-A7CF42F11B52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D1CB564E-F38A-4F2A-8257-60E3F8BE9F34}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D1CB564E-F38A-4F2A-8257-60E3F8BE9F34}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DBEFF714-9A11-45DC-80FC-B86EAE86641A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DBEFF714-9A11-45DC-80FC-B86EAE86641A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEFC8918-B440-4CEB-8BFD-140AE24DCABB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DEFC8918-B440-4CEB-8BFD-140AE24DCABB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EC29D34C-2A45-4BB0-A065-79B891A57647}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EC29D34C-2A45-4BB0-A065-79B891A57647}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFDE11A9-FE0B-4548-B876-5EAC0A6CE86E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFDE11A9-FE0B-4548-B876-5EAC0A6CE86E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F293BBC0-DA7E-4CF1-9EEA-CE90CFE0DF86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F293BBC0-DA7E-4CF1-9EEA-CE90CFE0DF86}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FEFBC559-C3C7-4287-B05B-49D489B80749}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FEFBC559-C3C7-4287-B05B-49D489B80749}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8BA772A8-AC4F-4954-9B5E-433CA6DC506F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{69332529-EEC8-4D0D-9FD3-202C4AE8E589}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}
Key Deleted : HKLM\SOFTWARE\Classes\IMWeb.IMWebControl
Key Deleted : HKLM\SOFTWARE\Classes\IMWeb.IMWebControl.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Classes\IGIFAnimator.IGIFAnimatorCtrl
Key Deleted : HKLM\SOFTWARE\Classes\IGIFAnimator.IGIFAnimatorCtrl.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F8AB43ED-EC88-4de7-B213-F89157D29C62}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0180E49C-13BF-46DB-9AFD-9F52292E1C22}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\IMTrProgress.IMTrProgressCtrl
Key Deleted : HKLM\SOFTWARE\Classes\IMTrProgress.IMTrProgressCtrl.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{148132E6-626D-4A5E-8063-A761EB29A50B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\ironsource.searchyaHlpr
Key Deleted : HKLM\SOFTWARE\Classes\ironsource.searchyaHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25927741-5E5B-4D27-8D8B-9188FE64373F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25927741-5E5B-4D27-8D8B-9188FE64373F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\WMHelperiMesh.WMHelper
Key Deleted : HKLM\SOFTWARE\Classes\WMHelperiMesh.WMHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{596BB86E-F1E5-A1DE-3363-41AB634E77EF}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{596BB86E-F1E5-A1DE-3363-41AB634E77EF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjappCore
Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C141B4C-B5BA-4E89-BE73-F71ED4A208CF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\ironsource.searchyadskBnd
Key Deleted : HKLM\SOFTWARE\Classes\ironsource.searchyadskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33AA308B-B565-4376-AC66-59EE9B6AD13E}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{33AA308B-B565-4376-AC66-59EE9B6AD13E}]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Deleted : HKLM\SOFTWARE\Classes\Aurigma.ShellCombo.5
Key Deleted : HKLM\SOFTWARE\Classes\Aurigma.ShellCombo.5.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1D1E43F7-246B-4700-B1B8-68DC4015B918}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1D1E43F7-246B-4700-B1B8-68DC4015B918}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjHlpr
Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{525F116F-04AD-40A2-AE2F-A0C4E1AFEF98}
Key Deleted : HKLM\SOFTWARE\Classes\i
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54B24FA9-87E8-47FC-8589-F9D382D8B299}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5B45AC88-523C-431E-86D7-F339B2EE262E}
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : HKLM\SOFTWARE\Classes\Aurigma.ImageUploaderEx.5
Key Deleted : HKLM\SOFTWARE\Classes\Aurigma.ImageUploaderEx.5.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60765CF5-01C2-4EE7-A44B-C791CF25FEA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{15F6BCB7-BB0F-4A66-8762-4765B05597EB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{15F6BCB7-BB0F-4A66-8762-4765B05597EB}
Key Deleted : HKLM\SOFTWARE\Classes\esrv.searchyaESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.searchyaESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6801410E-CC88-42D6-A93B-909E95645407}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Key Deleted : HKLM\SOFTWARE\Classes\Aurigma.UploadPane.5
Key Deleted : HKLM\SOFTWARE\Classes\Aurigma.UploadPane.5.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{14B1B6D0-D25F-4418-94E3-EC2B5AEE9756}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{14B1B6D0-D25F-4418-94E3-EC2B5AEE9756}
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mixidjESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mixidjESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7D0EE142-0642-4FDD-AF73-7399C04E1041}
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Key Deleted : HKLM\SOFTWARE\Classes\Aurigma.Thumbnail.5
Key Deleted : HKLM\SOFTWARE\Classes\Aurigma.Thumbnail.5.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Key Deleted : HKLM\SOFTWARE\Classes\d
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Key Deleted : HKLM\SOFTWARE\Classes\ironsource.searchyaappCore
Key Deleted : HKLM\SOFTWARE\Classes\ironsource.searchyaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8B0C188C-F6F3-484D-8225-E40262DDE633}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{93A22E7A-5091-45EF-BA61-6DA26156A5D0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9852A670-F845-491B-9BE6-EBD841B8A613}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A8B25C0E-0894-4531-B668-AB1599FAF7F6}
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ACE4747B-35BD-4E97-9DD7-1D4245B0695C}
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C2D6D98F-09CA-4524-AF64-1049B5665C9C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C3F978C3-0594-4397-B8E6-3F9D9BE6A7B9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjdskBnd
Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjdskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CE77C59C-CFD2-429F-868C-8B04D23F94CA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F544E0F5-CA3C-47EA-A64D-35FCF1602396}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Key Deleted : HKLM\SOFTWARE\Classes\m
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9221CC8-22DF-4CEF-B8ED-BA87F1F09878}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\delta LTD
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\mixidj
Key Deleted : HKCU\Software\mysearchdial
Key Deleted : HKCU\Software\mysearchdial.com
Key Deleted : HKCU\Software\searchya
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Tuto4PC
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\UpdateStar
Key Deleted : HKCU\Software\AppDataLow\Software\findlyrics
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\Imesh
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\mixidj
Key Deleted : HKLM\Software\qvo6Software
Key Deleted : HKLM\Software\SearchquMediabarTb
Key Deleted : HKLM\Software\SpeedMaxPC
Key Deleted : HKLM\Software\Tutorials
Key Deleted : HKLM\Software\Umbrella
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Imesh
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{29C7E8BE-FBD9-4D91-BC4F-B470C718D554}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mixidj
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\searchya
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

Setting Reset : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]
Setting Reset : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Reset : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Reset : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
Setting Reset : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v23.0.1 (en-GB)

File Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\Extensions\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\cr6cty95.default-1370792112859\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\tfizo06i.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\w23vjsx0.default-1370347310982\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\Extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\tfizo06i.default\Extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\Extensions\ffxtlbr@babylon.com
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\Extensions\ffxtlbr@delta.com
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\Extensions\ffxtlbr@funmoods.com
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\Extensions\ffxtlbr@mysearchdial.com
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\cr6cty95.default-1370792112859\Extensions\ffxtlbr@searchya.com
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\Extensions\ffxtlbr@searchya.com
Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\Extensions\plugin@yontoo.com
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]
File Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\Extensions\webbooster@iminent.com.xpi
File Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\searchplugins\Babylon.xml
File Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\searchplugins\BrowserDefender.xml
File Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\cr6cty95.default-1370792112859\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\tfizo06i.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\w23vjsx0.default-1370347310982\searchplugins\Mysearchdial.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\StartWeb.xml
File Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\bprotector_extensions.sqlite
File Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\tfizo06i.default\bprotector_extensions.sqlite
File Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\bprotector_prefs.js
File Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\user.js
File Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\cr6cty95.default-1370792112859\user.js
File Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\user.js
File Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\tfizo06i.default\user.js
File Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\w23vjsx0.default-1370347310982\user.js

[ File : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\prefs.js ]

Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");

[ File : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\cr6cty95.default-1370792112859\prefs.js ]

Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");

[ File : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");
Line Deleted : user_pref("browser.search.order.1", "Mysearchdial");
Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");

Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.dfltLng", "en");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.id", "08e7e50e0000000000001c659d5ccc29");
Line Deleted : user_pref("extensions.delta.instlDay", "15937");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.24.6");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.24.6");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.24.619:42:51");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=121232&tt=200813_246&tsp=4980");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extensions.enabledAddons", "translator%40zoli.bod:2.1.0.3,s3google%40translator:2.7,%7B5e[...]
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-[...]
Line Deleted : user_pref("extensions.mysearchdial.aflt", "dnldmsd");
Line Deleted : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Line Deleted : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutC0CyCyDzy0DyD0C0C0CtBzy0EyDtD0EtN0D0Tzu0Cy[...]
Line Deleted : user_pref("extensions.mysearchdial.cntry", "FR");
Line Deleted : user_pref("extensions.mysearchdial.cr", "1070429699");
Line Deleted : user_pref("extensions.mysearchdial.dfltLng", "");
Line Deleted : user_pref("extensions.mysearchdial.dfltSrch", true);
Line Deleted : user_pref("extensions.mysearchdial.dnsErr", true);
Line Deleted : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,6[...]
Line Deleted : user_pref("extensions.mysearchdial.excTlbr", false);
Line Deleted : user_pref("extensions.mysearchdial.hdrMd5", "7FB79B408B67A76D7AA53F5485A497E1");
Line Deleted : user_pref("extensions.mysearchdial.hmpg", true);

Line Deleted : user_pref("extensions.mysearchdial.id", "1C659D5CCC29E50E");
Line Deleted : user_pref("extensions.mysearchdial.instlDay", "15937");
Line Deleted : user_pref("extensions.mysearchdial.instlRef", "");

Line Deleted : user_pref("extensions.mysearchdial.lastVrsnTs", "22:14:18");

Line Deleted : user_pref("extensions.mysearchdial.pnu_base", "{\"lastVrsn\":\"1\",\"newVrsn\":\"1\",\"showMsg\":\"f[...]
Line Deleted : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Line Deleted : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Line Deleted : user_pref("extensions.mysearchdial.sg", "none");
Line Deleted : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Line Deleted : user_pref("extensions.mysearchdial.tlbrId", "base");

Line Deleted : user_pref("extensions.mysearchdial.vrsn", "");
Line Deleted : user_pref("extensions.mysearchdial.vrsni", "");
Line Deleted : user_pref("extensions.mysearchdial_i.hmpg", true);
Line Deleted : user_pref("extensions.mysearchdial_i.newTab", false);
Line Deleted : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Line Deleted : user_pref("extensions.mysearchdial_i.vrsnTs", "22:14:18");
Line Deleted : user_pref("extensions.searchya.aflt", "syd72");
Line Deleted : user_pref("extensions.searchya.appId", "{1973277F-87B0-4EA3-9ED2-470A91D284CF}");
Line Deleted : user_pref("extensions.searchya.cd", "2XzuyEtN2Y1L1QzutC0CyCyDzy0DyD0C0C0CtBzy0EyDtD0EtN0D0Tzu0CyDzyz[...]
Line Deleted : user_pref("extensions.searchya.cr", "552961267");
Line Deleted : user_pref("extensions.searchya.dfltLng", "");
Line Deleted : user_pref("extensions.searchya.dfltSrch", true);
Line Deleted : user_pref("extensions.searchya.dnsErr", true);
Line Deleted : user_pref("extensions.searchya.excTlbr", false);
Line Deleted : user_pref("extensions.searchya.hmpg", true);

Line Deleted : user_pref("extensions.searchya.id", "1C659D5CCC29E50E");
Line Deleted : user_pref("extensions.searchya.instlDay", "15937");
Line Deleted : user_pref("extensions.searchya.instlRef", "");

Line Deleted : user_pref("extensions.searchya.prdct", "searchya");
Line Deleted : user_pref("extensions.searchya.prtnrId", "searchya");
Line Deleted : user_pref("extensions.searchya.srchPrvdr", "SearchYa!");
Line Deleted : user_pref("extensions.searchya.tlbrId", "base");

Line Deleted : user_pref("extensions.searchya.vrsn", "1.8.8.0");
Line Deleted : user_pref("extensions.searchya.vrsni", "1.8.8.0");
Line Deleted : user_pref("extensions.searchya_i.hmpg", true);
Line Deleted : user_pref("extensions.searchya_i.newTab", false);
Line Deleted : user_pref("extensions.searchya_i.smplGrp", "none");
Line Deleted : user_pref("extensions.searchya_i.vrsnTs", "1.8.8.020:40:1");
Line Deleted : user_pref("iminent.webbooster.scripts.minibar.SOFTONICREFRESHRATE", "140000");
Line Deleted : user_pref("iminent.webbooster.scripts.sslminibar.SOFTONICREFRESHRATE", "140000");

[ File : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\tfizo06i.default\prefs.js ]

Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");

[ File : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\w23vjsx0.default-1370347310982\prefs.js ]

Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");

-\\ Google Chrome v28.0.1500.95

Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Folder Deleted : C:\Users\Graham\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kpepfkjapeclaafmhoelccknpfedainn
File Deleted : C:\Users\Graham\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\Graham\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\Graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage

[ File : C:\Users\Graham\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Restored : search_url
Restored : keyword
Restored : urls_to_restore_on_startup
Restored : homepage

*************************

AdwCleaner[0].txt - [6464 octets] - [20/08/2013 22:19:48]
AdwCleaner[1].txt - [49282 octets] - [20/08/2013 22:31:43]

########## EOF - C:\AdwCleaner\AdwCleaner[1].txt - [49342 octets] ##########

MrCharlie · August 21, 2013

Good......

Lets check your computers security before you go and we have a little cleanup to do also:

Download Security Check by screen317 from HERE or HERE.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
If you get Unsupported operating system. Aborting now, just reboot and try again.
A Notepad document should open automatically called checkup.txt.
Please Post the contents of that document.
Do Not Attach It!!!

MrC

maiduguri · August 21, 2013

Results of screen317's Security Check version 0.99.72
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
McAfee Anti-Virus and Anti-Spyware
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Java 6 Update 18
Java version out of Date!
Adobe Flash Player 11.8.800.94
Adobe Reader XI
Mozilla Firefox (23.0.1)
Google Chrome 28.0.1500.72
Google Chrome 28.0.1500.95
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
McAfee Online Backup MOBKbackup.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

MrCharlie · August 21, 2013

Out dated programs on the system are vulnerable to malware.
Please update or uninstall them:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Java™ 6 Update 18 <------please uninstall from your add/remove programs

Java version out of Date! <-------Download and install the latest version (Java™ 7 Update 25 ) from Here
Uncheck the box to install the Ask toolbar!!! and any other free "stuff".

---------------------------------------

Google Chrome 28.0.1500.72 <-----OLD
Google Chrome 28.0.1500.95 <-----OK

You have old versions of Google Chrome on the system.
Please download and run OldChromeRemover.
@Windows Vista/Windows 7-8 users must use “Run As Administrator.”

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

A little clean up to do....

Please Uninstall ComboFix: (if you used it)

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

Then hit enter.
This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall or download and run the uninstaller)

---------------------------------

If you used FRST:
Download the fixlist.txt to the same folder as FRST.
Run FRST and click Fix only once and wait
That will delete the quarantine folder created by FRST.

-----------------------------

If you used DeFogger to disable your CD Emulation drivers, please re-enable them.

-------------------------------

Please download OTC to your desktop.
http://oldtimer.geekstogo.com/OTC.exe

Double-click OTC to run it. (Vista and up users, please right click on OTC and select "Run as an Administrator")
Click on the CleanUp! button and follow the prompts.
(If you get a warning from your firewall or other security programs regarding OTC attempting to contact the Internet, please allow the connection.)
You will be asked to reboot the machine to finish the Cleanup process, choose Yes.
After the reboot all the tools we used should be gone.
Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind.

Any other programs or logs you can manually delete.
IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST, MBAR, etc....AdwCleaner > just run the program and click uninstall.

-------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

maiduguri · August 22, 2013

MrC seems to have cleaned my computer, so many, many thanks to him

LDTate · August 22, 2013

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

qv06 virus

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information