maiduguri Posted August 19, 2013 ID:717166 Share Posted August 19, 2013 The above virus has got into my computer in the past few days, and no matter what I try I have not been able to remove it. I researched this on google and learnt that it is extremely difficult to remove, but there were many suggestions that Malwarebytes would remove qv06 from my system. Having downloaded your software and scanned my computer, many threats were found, and subsequently removed, but not qv06. Can anyone please advise how to achieve complete removal? Link to post Share on other sites More sharing options...
MrCharlie Posted August 19, 2013 ID:717187 Share Posted August 19, 2013 Welcome to the forum, please start HERE Post back the 2 logs here.....DDS.txt and Attach.txt (please don't put logs in code or quotes) P2P/Piracy Warning: 1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here. Failure to remove or disable such software will result in your topic being closed and no further assistance being provided. 2. If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy. Failure to remove such software will result in your topic being closed and no further assistance being provided. <====><====><====><====><====><====><====><====> Next................ Please download and run RogueKiller 32 bit to your desktop. RogueKiller<---use this one for 64 bit systems Quit all running programs. For Windows XP, double-click to start. For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run. Click Scan to scan the system. When the scan completes > Close out the program > Don't Fix anything! Don't run any other options, they're not all bad!!!!!!! Post back the report which should be located on your desktop. (please don't put logs in code or quotes) MrC Note: Please read all of my instructions completely including these. Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive <+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you. <+>The removal of malware isn't instantaneous, please be patient. <+>When we are done, I'll give to instructions on how to cleanup all the tools and logs <+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that. ------->Your topic will be closed if you haven't replied within 3 days!<-------- (If I don't respond within 24 hours, please send me a PM) Link to post Share on other sites More sharing options...
maiduguri Posted August 19, 2013 Author ID:717318 Share Posted August 19, 2013 Hi MrCharlie I was not able to copy and paste in a folder, so I had to copy the entire text. Hope this will be of help. Maiduguri RogueKiller V8.6.6 _x64_ [Aug 19 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Website : http://www.adlice.com/softwares/roguekiller/Blog : http://tigzyrk.blogspot.com/Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Graham [Admin rights]Mode : Scan -- Date : 08/19/2013 17:45:34| ARK || FAK || MBR |¤¤¤ Bad processes : 0 ¤¤¤¤¤¤ Registry Entries : 9 ¤¤¤[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:8877;hxxps=127.0.0.1:8877) -> FOUND[PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (1) -> FOUND[HJ POL] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND[APPINIT][sUSP PATH] HKLM\[...]\Windows : AppInit_DLLs (C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\SEARCH~2\Datamngr\x64\mgrldr.dll [-][x]) -> FOUND¤¤¤ Scheduled tasks : 6 ¤¤¤[V1][sUSP PATH] MySearchDial.job : C:\Users\Graham\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND[V1][sUSP PATH] DSite.job : C:\Users\Graham\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND[V1][sUSP PATH] Dealply.job : C:\Users\Graham\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND[V2][sUSP PATH] Dealply : C:\Users\Graham\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND[V2][sUSP PATH] DSite : C:\Users\Graham\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND[V2][sUSP PATH] MySearchDial : C:\Users\Graham\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND¤¤¤ Startup Entries : 0 ¤¤¤¤¤¤ Web browsers : 1 ¤¤¤[FF][PROXY] qlduj3p9.default-1371034330804 : user_pref("network.proxy.type", 2); -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤¤¤¤ External Hives: ¤¤¤¤¤¤ Infection : ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: WDC WD3200BPVT-75ZEST0 ATA Device +++++--- User ---[MBR] ebf54d5438519b3b7374c5f74356a198[bSP] dcc41f796c074ce294de96e542a755a2 : Windows 7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 305143 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[0]_S_08192013_174534.txt >> Link to post Share on other sites More sharing options...
MrCharlie Posted August 19, 2013 ID:717321 Share Posted August 19, 2013 I need to see the logs from DDS: DDS.txt and Attach.txt MrC Link to post Share on other sites More sharing options...
maiduguri Posted August 19, 2013 Author ID:717373 Share Posted August 19, 2013 I'm sorry but I don't see anything about DDS. Where do I find the two files you mentioned? Link to post Share on other sites More sharing options...
MrCharlie Posted August 19, 2013 ID:717431 Share Posted August 19, 2013 Here you go: http://forums.malwarebytes.org/index.php?showtopic=9573 MrC Link to post Share on other sites More sharing options...
maiduguri Posted August 20, 2013 Author ID:717756 Share Posted August 20, 2013 MrC I may be in my 70's, but everythings still works, including my brain, but I just can't find a way to copy the two files you want from my desktop and paste and post it here. Link to post Share on other sites More sharing options...
MrCharlie Posted August 20, 2013 ID:717761 Share Posted August 20, 2013 Well if you have located the 2 files......DDS.txt and Attach.txt Double click on DDS.txt to open itGo to Edit on top and choose Select allThen back to Edit > choose CopyNow back to the forum at the bottom you'll see ----->> Reply to this topicRight click in the box and choose PasteThe DDS.txt should now have been copied into the boxNow click Post on the bottom right of the window. Repeat for Attach.txt MrC Link to post Share on other sites More sharing options...
maiduguri Posted August 20, 2013 Author ID:717787 Share Posted August 20, 2013 DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 1.6.0_18Run by Graham at 12:35:45 on 2013-08-20Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.1911.188 [GMT 2:00].AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXEC:\Windows\system32\WLANExt.exeC:\Program Files\Dell\DW WLAN Card\bcmwltry.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\SUPERAntiSpyware\SASCORE64.EXEC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files (x86)\Spotmau\PowerSuite Golden Edition\PowerSuite 2012\PcCheck\CareMon.exeC:\Windows\SysWOW64\svchost.exe -k hpdevmgmtC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\McAfee\MSC\McAPExe.exeC:\Windows\system32\rundll32.exeC:\Windows\system32\rundll32.exeC:\Windows\SysWOW64\rundll32.exeC:\Windows\system32\mfevtps.exeC:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsService.exeC:\Program Files\Macrium\Reflect\ReflectService.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeC:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\sysTPL\sysTPLMonitor.exeC:\Program Files (x86)\sysTPL\sysTPLService.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Intel\WiFi\bin\EvtEng.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files\Common Files\McAfee\AMCore\mcshield.exeC:\Program Files\Common Files\McAfee\SystemCore\mfefire.exeC:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exeC:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exeC:\Program Files\Dell\DW WLAN Card\WLTRAY.EXEC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exeC:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exeC:\Program Files (x86)\JRT Studio\iSyncr\iSyncr.exeC:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exeC:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exeC:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exeC:\Program Files\iPod\bin\iPodService.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\Everything\Everything.exeC:\Program Files\McAfee\MAT\McPvTray.exeC:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exeC:\Program Files (x86)\Nero\Update\NASvc.exeC:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\system32\DeviceDisplayObjectProvider.exeC:\Windows\system32\DXPServer.exec:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exeC:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exeC:\Program Files\Common Files\McAfee\Platform\mcuicnt.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\servicing\TrustedInstaller.exeC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uWindow Title = Internet Explorer, enhanced for Bing and MSNuProxyServer = hxxp=127.0.0.1:8877;https=127.0.0.1:8877uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllmWinlogon: Userinit = userinit.exe,BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dllBHO: mixidj Helper Object: {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dllBHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllTB: MixiDJ Toolbar: {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dllEB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dlluRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrunuRun: [iMesh] "C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe" --lightmodeuRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exemRun: [bingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkeymRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkeymRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [Everything] "C:\Program Files (x86)\Everything\Everything.exe" -startupmRun: [tuto4pc_fr_53] <no file>StartupFolder: C:\Users\Graham\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\NOVABA~1.LNK - C:\Program Files (x86)\NovaStor\NovaStor NovaBACKUP\nsCtrl.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\iSyncr.lnk - C:\Windows\Installer\{8D061AA0-3612-4F54-A105-5DA809D4B2EA}\_8041A96F4907AC943CB7DC.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoDriveTypeAutoRun = dword:253mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllIE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dllTrusted Zone: google-analytics.comTrusted Zone: novastor.comTrusted Zone: novastor.comTCP: NameServer = 192.168.1.1TCP: Interfaces\{331650E7-0FC5-47DF-B2CF-7CBB01ED6B76} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{331650E7-0FC5-47DF-B2CF-7CBB01ED6B76}\77966696F527463613F523 : DHCPNameServer = 8.8.8.8 8.8.4.4Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dllHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllHandler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllx64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Trayx64-Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exex64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dllx64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\FF - prefs.js: browser.search.selectedEngine - qvo6FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dllFF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dllFF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dllFF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dllFF - plugin: C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dllFF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dllFF - ExtSQL: 2013-07-31 14:30; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; C:\Program Files (x86)\McAfee\SiteAdvisorFF - ExtSQL: 2013-08-01 20:15; jid1-4P0kohSJxU1qGg@jetpack; C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\extensions\jid1-4P0kohSJxU1qGg@jetpack.xpiFF - ExtSQL: 2013-08-02 16:45; webbooster@iminent.com; C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\extensions\webbooster@iminent.com.xpiFF - ExtSQL: 2013-08-06 14:45; s3google@translator; C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\extensions\s3google@translator.xpiFF - ExtSQL: !HIDDEN! 2013-06-06 19:33; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3.---- FIREFOX POLICIES ----FF - user.js: extensions.mysearchdial.hmpg - trueFF - user.js: extensions.mysearchdial.dfltSrch - trueFF - user.js: extensions.mysearchdial.srchPrvdr - MysearchdialFF - user.js: extensions.mysearchdial.dnsErr - trueFF - user.js: extensions.mysearchdial_i.newTab - falseFF - user.js: extensions.mysearchdial.id - 1C659D5CCC29E50EFF - user.js: extensions.mysearchdial.instlDay - 15912FF - user.js: extensions.mysearchdial.vrsn -FF - user.js: extensions.mysearchdial.vrsni -FF - user.js: extensions.mysearchdial_i.vrsnTs - 16:42:16FF - user.js: extensions.mysearchdial.prtnrId - mysearchdialFF - user.js: extensions.mysearchdial.prdct - mysearchdialFF - user.js: extensions.mysearchdial.aflt - dnldmsdFF - user.js: extensions.mysearchdial_i.smplGrp - noneFF - user.js: extensions.mysearchdial.tlbrId - baseFF - user.js: extensions.mysearchdial.instlRef -FF - user.js: extensions.mysearchdial.dfltLng -FF - user.js: extensions.mysearchdial.appId - {CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}FF - user.js: extensions.mysearchdial.excTlbr - falseFF - user.js: extensions.mysearchdial_i.hmpg - trueFF - user.js: extensions.mysearchdial.cr - 1289528298FF - user.js: extensions.mysearchdial.cd - 2XzuyEtN2Y1L1QzutC0CyCyDzy0DyD0C0C0CtBzy0EyDtD0EtN0D0Tzu0CyDyBtAtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1QFF - user.js: extensions.irmysearch.aflt - dnldmsdFF - user.js: extensions.irmysearch.instlRef -FF - user.js: extensions.irmysearch.cr - 1289528298FF - user.js: extensions.irmysearch.cd - 2XzuyEtN2Y1L1QzutC0CyCyDzy0DyD0C0C0CtBzy0EyDtD0EtN0D0Tzu0CyDyBtAtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1QFF - user.js: extensions.delta.tlbrSrchUrl -FF - user.js: extensions.delta.id - 08e7e50e0000000000001c659d5ccc29FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}FF - user.js: extensions.delta.instlDay - 15933FF - user.js: extensions.delta.vrsn - 1.8.24.5FF - user.js: extensions.delta.vrsni - 1.8.24.5FF - user.js: extensions.delta.vrsnTs - 1.8.24.517:39:02FF - user.js: extensions.delta.prtnrId - deltaFF - user.js: extensions.delta.prdct - deltaFF - user.js: extensions.delta.aflt - babsstFF - user.js: extensions.delta.smplGrp - noneFF - user.js: extensions.delta.tlbrId - baseFF - user.js: extensions.delta.instlRef - sstFF - user.js: extensions.delta.dfltLng - enFF - user.js: extensions.delta.excTlbr - falseFF - user.js: extensions.delta.ffxUnstlRst - trueFF - user.js: extensions.delta.admin - falseFF - user.js: extensions.delta_i.babTrack - affID=119357&tsp=4976FF - user.js: extensions.delta_i.babExt -FF - user.js: extensions.delta_i.srcExt - ssFF - user.js: extensions.delta.autoRvrt - falseFF - user.js: extensions.delta.rvrt - falseFF - user.js: extensions.delta.newTab - false.============= SERVICES / DRIVERS ===============.R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2012-12-26 772944]R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-12-26 342416]R1 MOBKFilter;MOBKFilter;C:\Windows\System32\drivers\MOBK.sys [2013-5-6 66040]R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]R2 McPvDrv;McPvDrv Driver;C:\Windows\System32\drivers\McPvDrv.sys [2013-8-10 74560]R2 supersafer64;supersafer64;C:\Windows\SysWOW64\drivers\supersafer64.sys [2013-5-7 238072]R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2013-5-6 20984]R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2012-12-26 70112]R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-8-18 25928]R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-12-26 309968]R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-12-26 516608]R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2013-2-18 337120]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-5-6 325152]S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-5-27 57840]S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2013-8-10 197264]S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2013-2-18 95856]S3 PSMounterEx;Macrium Reflect Image Explorer Driver;C:\Windows\System32\drivers\psmounterex.sys [2013-7-26 79992]S3 PSVolAcc;PSVolAcc;C:\Windows\System32\drivers\PSVolAcc.sys [2013-6-28 13944]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-6-6 19456]S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2013-7-26 31800]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-6-6 57856]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-6-6 30208]S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464].=============== File Associations ===============..chm: <filetype is not registered>.=============== Created Last 30 ================.2013-08-19 09:04:16 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EED8CBFE-5D5E-4C64-B5AF-379893F48C95}\offreg.dll2013-08-19 08:33:35 -------- d-----w- C:\Users\Graham\AppData\Roaming\SUPERAntiSpyware.com2013-08-19 08:33:11 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com2013-08-19 08:33:11 -------- d-----w- C:\Program Files\SUPERAntiSpyware2013-08-18 15:04:36 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-08-18 15:04:35 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-08-18 12:14:09 -------- d-----w- C:\Program Files\Enigma Software Group2013-08-18 12:12:56 -------- d-----w- C:\Windows\67E1227ED5534A6A96CD40CCBBC705D8.TMP2013-08-18 12:12:53 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard2013-08-17 16:12:57 -------- d-----w- C:\ProgramData\391B72013-08-17 12:36:55 -------- d-----w- C:\Windows\en-gb2013-08-16 18:09:37 -------- d-----w- C:\Users\Graham\AppData\Roaming\MusicNet2013-08-16 18:07:15 -------- d-----w- C:\Users\Graham\AppData\Local\iMesh2013-08-16 18:06:23 -------- d-----w- C:\Program Files (x86)\iMesh Applications2013-08-16 17:37:46 -------- d-----w- C:\ProgramData\eSafe2013-08-16 17:37:30 -------- d-----w- C:\Users\Graham\AppData\Local\DealPlyLive2013-08-16 17:36:51 -------- d-----w- C:\Program Files (x86)\tuto4pc_fr_532013-08-16 17:36:41 -------- d-----w- C:\Program Files (x86)\DealPly2013-08-16 17:36:36 -------- d-----w- C:\Users\Graham\AppData\Roaming\eIntaller2013-08-16 15:41:52 -------- d-----w- C:\Users\Graham\Qtrax2013-08-16 15:38:08 -------- d-----w- C:\Users\Graham\AppData\Local\eorezo2013-08-16 15:18:36 -------- d-----w- C:\Users\Graham\AppData\Roaming\DSite2013-08-16 14:47:15 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EED8CBFE-5D5E-4C64-B5AF-379893F48C95}\mpengine.dll2013-08-14 19:49:37 1472512 ----a-w- C:\Windows\System32\crypt32.dll2013-08-14 19:49:37 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-08-14 19:49:36 224256 ----a-w- C:\Windows\System32\wintrust.dll2013-08-14 19:49:36 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll2013-08-14 19:49:35 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-08-14 19:49:35 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-08-14 19:49:34 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-08-14 19:49:34 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-08-14 19:48:25 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-08-14 19:48:25 2048 ----a-w- C:\Windows\System32\tzres.dll2013-08-10 15:35:15 74560 ----a-w- C:\Windows\System32\drivers\McPvDrv.sys2013-08-10 15:34:13 197264 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys2013-08-02 01:21:05 -------- d-----w- C:\Windows\System32\MRT2013-07-31 12:45:18 -------- d-----w- C:\Program Files (x86)\stinger2013-07-27 08:08:46 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll2013-07-26 15:00:28 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys2013-07-26 15:00:28 -------- d-----w- C:\ProgramData\VS Revo Group2013-07-26 15:00:22 -------- d-----w- C:\Program Files\VS Revo Group2013-07-26 14:42:55 -------- d-----w- C:\Program Files (x86)\Everything2013-07-26 14:25:01 -------- d-----w- C:\Stinger_Quarantine2013-07-26 14:24:07 -------- d-----w- C:\Program Files\stinger2013-07-26 11:32:51 -------- d-----w- C:\Users\Graham\AppData\Roaming\JRT Studio2013-07-26 11:32:39 -------- d-----w- C:\Program Files (x86)\JRT Studio2013-07-25 23:01:11 79992 ----a-w- C:\Windows\System32\drivers\psmounterex.sys2013-07-25 19:51:34 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692013-07-25 19:31:04 -------- d-----w- C:\Program Files\iPod2013-07-25 19:30:46 -------- d-----w- C:\Program Files\iTunes2013-07-25 18:58:46 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll2013-07-25 18:58:46 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll2013-07-25 18:58:46 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll2013-07-25 18:58:46 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll2013-07-25 18:58:45 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll2013-07-25 18:58:45 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll2013-07-25 18:58:45 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll2013-07-25 18:56:24 624128 ----a-w- C:\Windows\System32\qedit.dll2013-07-25 18:56:24 509440 ----a-w- C:\Windows\SysWow64\qedit.dll2013-07-25 18:41:15 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL2013-07-25 18:41:15 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll2013-07-25 18:41:15 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll2013-07-25 18:41:14 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll2013-07-25 18:41:13 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll2013-07-25 18:40:12 3153920 ----a-w- C:\Windows\System32\win32k.sys2013-07-25 18:39:42 1643520 ----a-w- C:\Windows\System32\DWrite.dll2013-07-25 18:39:41 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll2013-07-25 18:03:37 -------- d-----w- C:\0623fe9094bc586ff9206f8e7039072013-07-25 17:32:33 4188160 ----a-w- C:\Program Files (x86)\GUT4559.tmp2013-07-25 17:32:33 -------- d-----w- C:\Program Files (x86)\GUM4558.tmp.==================== Find3M ====================.2013-08-12 06:45:08 117439456 ----a-w- C:\Users\Graham\AppData\Roaming\hkey_local_machine.reg2013-07-26 10:09:53 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-07-26 10:09:53 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-06-28 14:55:56 13944 ----a-w- C:\Windows\System32\drivers\PSVolAcc.sys2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys2013-06-12 12:05:17 9089416 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe2013-06-04 17:55:57 86720 ----a-w- C:\Windows\System32\drivers\hola_mon_drv.sys2013-06-04 17:55:57 571072 ----a-w- C:\Windows\System32\drivers\hola_drv.sys2013-06-04 17:47:03 86976 ----a-w- C:\Windows\System32\drivers\hola_net.sys2013-05-24 16:23:48 411368 ----a-w- C:\Windows\SysWow64\deploytk.dll.============= FINISH: 12:39:19.48 ===============And attach.txt UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 06/05/2013 16:11:17System Uptime: 19/08/2013 10:48:05 (26 hours ago).Motherboard: Dell Inc. | | 0WXY9JProcessor: Intel® Pentium® CPU P6000 @ 1.87GHz | CPU 1 | 931/533mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 298 GiB total, 78.654 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP121: 12/08/2013 19:21:01 - TuneUp360's restore pointRP122: 13/08/2013 09:45:09 - Windows UpdateRP123: 16/08/2013 09:23:01 - Windows UpdateRP125: 16/08/2013 19:39:17 - Windows Defender CheckpointRP127: 17/08/2013 13:43:59 - Revo Uninstaller Pro's restore point - windows photo galleryRP128: 17/08/2013 14:29:21 - Windows Live EssentialsRP129: 17/08/2013 14:31:26 - Installed DirectXRP130: 17/08/2013 14:33:03 - Installed DirectXRP131: 17/08/2013 14:33:59 - Installed DirectXRP132: 17/08/2013 14:35:11 - WLSetupRP133: 17/08/2013 16:16:06 - Windows UpdateRP134: 17/08/2013 17:46:59 - Restore OperationRP135: 18/08/2013 14:13:06 - Installed SpyHunterRP136: 18/08/2013 16:54:59 - Removed SpyHunterRP137: 18/08/2013 16:55:59 - Removed SpyHunter.==== Installed Programs ======================.64 Bit HP CIO Components InstallerAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader XI (11.0.03)AIO_CDB_ProductContextAIO_CDB_SoftwareAIO_ScanAny Video Converter 5.0.5Apple Application SupportApple Mobile Device SupportApple Software UpdateAwesome Duplicate Photo Finder v. 1.1Bing DesktopBonjourBufferChmBykiByki DeluxeCCleanerCopyD3DX10DestinationsDeviceDiscoveryDocProcDW WLAN Card UtilityEverything 1.2.1.371FaxFile UploaderFTDownloaderGoogle ChromeGoogle Update HelperGPBaseService2HP Customer Participation Program 13.0HP Imaging Device Functions 13.0HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. BHP Smart Web Printing 4.51HP Solution Center 13.0HP UpdateHPPhotoGadgetHPPhotoSmartDiscLabelContent1HPPhotosmartEssentialHPProductAssistantHPSSupplyiMeshIminentIminent Toolbar For Internet ExplorerIntel PROSet WirelessIntel® PROSet/Wireless WiFi SoftwareIrfanView (remove only)iSyncriTunesJava 7 Update 21 (64-bit)Java 6 Update 18Junk Mail filter updateMacrium Reflect Standard EditionMalwarebytes Anti-Malware version 1.75.0.1300MarketResearchMcAfee Online BackupMcAfee Security Scan PlusMcAfee Total ProtectionMcAfee Virtual TechnicianMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft SilverlightMicrosoft SkyDriveMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219MixiDJ ToolbarModem Diagnostic ToolMovie MakerMozilla Firefox 23.0.1 (x86 en-GB)Mozilla Maintenance ServiceMSVCRTMSVCRT_amd64MSVCRT110MSVCRT110_amd64MSXML 4.0 SP2 (KB954430)Nero Audio Pack 1Nero Blu-ray PlayerNero Blu-ray Player Help (CHM)Nero Core ComponentsNero Kwik MediaNero Kwik Media Help (CHM)Nero Kwik Themes BasicNero SharedVideoCodecsNero UpdateNetwaitingNetwork64Nikon Message CenterNikon RAW CodecNikon TransferNovaBACKUPOCR Software by I.R.I.S. 13.0OpenOffice.org 3.2Photo CommonPhoto GalleryPicasa 3Picture Control UtilityPrerequisite installerRealtek Ethernet Controller Driver For Windows 7Revo Uninstaller Pro 3.0.7ScanSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Shared C Run-time for x64Shop for HP SuppliesSkype Click to CallSkype™ 6.7SloMoDirectorSmartWebPrintingSolutionCenterSpotmau PowerSuite Golden 2012 (build 7.0.1)StatusSUPERAntiSpywaresysTPLTEFView 2.73TempoPerfect Metronome SoftwareToolboxTrayAppUnloadSupportUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)ViewNXVLC media player 2.0.7WebRegWindows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live MailWindows Live MessengerWindows Live MIME IFilterWindows Live Photo CommonWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Media Player Firefox Plugin.==== Event Viewer Messages From Past Week ========.20/08/2013 12:27:13, Error: Service Control Manager [7023] - The HP Network Devices Support service terminated with the following error: The specified module could not be found.20/08/2013 12:24:55, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.20/08/2013 12:24:55, Error: Service Control Manager [7000] - The TCP/IP NetBIOS Helper service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.19/08/2013 10:08:21, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.19/08/2013 10:08:21, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.19/08/2013 10:08:21, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}19/08/2013 05:25:19, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.18/08/2013 20:00:39, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McProxy service.18/08/2013 20:00:09, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mcpltsvc service.18/08/2013 19:59:39, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McNaiAnn service.18/08/2013 19:59:09, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McMPFSvc service.18/08/2013 19:58:09, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HomeNetSvc service.18/08/2013 15:26:46, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {D4583E73-8C3A-4850-A60F-71363527B0FB}. The error: "740" Happened while starting this command: "C:\Program Files (x86)\McAfee\Supportability\MVT\MvtApp.exe" -Embedding18/08/2013 14:15:12, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 2 time(s).18/08/2013 14:11:47, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).18/08/2013 14:11:47, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).18/08/2013 10:26:35, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: hola_net18/08/2013 10:24:53, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..17/08/2013 21:00:04, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: %%-214746724317/08/2013 20:59:39, Error: Service Control Manager [7023] - The Security Center service terminated with the following error: The authentication service is unknown.17/08/2013 19:26:17, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.17/08/2013 19:04:56, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.17/08/2013 19:04:55, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}17/08/2013 19:04:55, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}17/08/2013 19:04:39, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}17/08/2013 19:04:30, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}17/08/2013 18:57:41, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}17/08/2013 18:57:41, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}17/08/2013 18:55:55, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 2117/08/2013 18:55:38, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache hola_net MOBKFilter spldr Wanarpv617/08/2013 18:43:14, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}17/08/2013 16:16:46, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f020b: Realtek - Network - Realtek PCIe FE Family Controller.17/08/2013 14:11:59, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service stisvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}17/08/2013 04:37:55, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.16/08/2013 21:05:29, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR6.16/08/2013 20:47:28, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR3.16/08/2013 18:54:15, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service mcpltsvc with arguments "" in order to run the server: {20966775-18A4-4299-B8E3-772C336B52A7}16/08/2013 18:54:14, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Platform Services service to connect.16/08/2013 18:54:14, Error: Service Control Manager [7000] - The McAfee Platform Services service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.16/08/2013 10:21:05, Error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.16/08/2013 10:21:05, Error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.16/08/2013 10:21:05, Error: Service Control Manager [7031] - The McAfee Platform Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.16/08/2013 10:21:05, Error: Service Control Manager [7031] - The McAfee Personal Firewall service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.16/08/2013 10:21:05, Error: Service Control Manager [7031] - The McAfee Anti-Spam Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.16/08/2013 10:21:04, Error: Service Control Manager [7031] - The McAfee Home Network service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.15/08/2013 18:25:22, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McAfee SiteAdvisor Service service.15/08/2013 09:14:32, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.14/08/2013 21:38:25, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service HPSLPSVC with arguments "" in order to run the server: {10DA4F3C-CC99-4190-BE4D-58330754E882}14/08/2013 21:38:24, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Network Devices Support service to connect.14/08/2013 21:38:24, Error: Service Control Manager [7000] - The HP Network Devices Support service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion..==== End Of File ===========================ch.txt Link to post Share on other sites More sharing options...
MrCharlie Posted August 20, 2013 ID:717823 Share Posted August 20, 2013 Run RogueKiller again and click Scan When the scan completes > click on the Registry tab Put a check next to all of these and uncheck the rest: (if found) [PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:8877;hxxps=127.0.0.1:8877) -> FOUND [PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (1) -> FOUND [APPINIT][sUSP PATH] HKLM\[...]\Windows : AppInit_DLLs (C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\SEARCH~2\Datamngr\x64\mgrldr.dll [-][x]) -> FOUND Now click Delete on the right hand column under Options ------------- Then click on "Fix proxy" on the right hand column under Options ------------------------------------------------------------------------------- Please uninstall ----------->MixiDJ Toolbar from your add/remove programs: http://www.systemlookup.com/CLSID/77445-mixidjTlbr_dll.html ---------------------------------------------------------------------------------- There's lots of adware in the logs......lets get rid of it: Please download AdwCleaner by Xplode and save to your Desktop.Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As AdministratorClick on the Scan button.AdwCleaner will begin...be patient as the scan may take some time to complete.After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.Copy and paste the contents of that logfile in your next reply.A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.MrC Link to post Share on other sites More sharing options...
maiduguri Posted August 21, 2013 Author ID:718161 Share Posted August 21, 2013 MrCharlie I downloaded AdwCleaned but there was no "scan" button, only a "clean" button. So I took that option and it seems to have removed qv06 from my computer. I attach below the AdwCleaner report, which is in two parts because my laptop shut down half way through the firect clean: # AdwCleaner v3.000 - Report created20/08/2013at22:19:48# Updated 13/08/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Graham - GRAHAM-PC# Running from : C:\Users\Graham\Downloads\adwcleaner.exe***** [ Services ] *****Service Deleted : BrowserDefendert***** [ Files / Folders ] *****Folder Deleted : C:\ProgramData\BabylonFolder Deleted : C:\ProgramData\boost_interprocess[#] Folder Deleted : C:\ProgramData\Browser Manager[!] Folder Deleted : C:\ProgramData\BrowserDefenderFolder Deleted : C:\ProgramData\eSafeFolder Deleted : C:\ProgramData\IminentFolder Deleted : C:\ProgramData\ParetoLogicFolder Deleted : C:\Program Files (x86)\DealPlyFolder Deleted : C:\Program Files (x86)\deltaFolder Deleted : C:\Program Files (x86)\FTDownloader.comFolder Deleted : C:\Program Files (x86)\iMesh ApplicationsFolder Deleted : C:\Program Files (x86)\mixidjFolder Deleted : C:\Program Files (x86)\MysearchdialFolder Deleted : C:\Program Files (x86)\Search Results ToolbarFolder Deleted : C:\Program Files (x86)\Searchqu ToolbarFolder Deleted : C:\Program Files (x86)\SearchYa!Folder Deleted : C:\Program Files (x86)\Common Files\UmbrellaFolder Deleted : C:\Users\Graham\AppData\Local\blekkotbFolder Deleted : C:\Users\Graham\AppData\Local\ConduitFolder Deleted : C:\Users\Graham\AppData\Local\DealPlyLiveFolder Deleted : C:\Users\Graham\AppData\Local\EoRezoFolder Deleted : C:\Users\Graham\AppData\Local\iMeshFolder Deleted : C:\Users\Graham\AppData\Local\jZipFolder Deleted : C:\Users\Graham\AppData\Local\PutLockerDownloaderFolder Deleted : C:\Users\Graham\AppData\Local\Temp\IminentFolder Deleted : C:\Users\Graham\AppData\LocalLow\AskToolbarFolder Deleted : C:\Users\Graham\AppData\LocalLow\BabylonToolbarFolder Deleted : C:\Users\Graham\AppData\LocalLow\blekkotbFolder Deleted : C:\Users\Graham\AppData\LocalLow\ConduitFolder Deleted : C:\Users\Graham\AppData\LocalLow\ConduitEngineFolder Deleted : C:\Users\Graham\AppData\LocalLow\DealioFolder Deleted : C:\Users\Graham\AppData\LocalLow\jZipFolder Deleted : C:\Users\Graham\AppData\LocalLow\koyotesofttoolbarnewFolder Deleted : C:\Users\Graham\AppData\LocalLow\MysearchdialFolder Deleted : C:\Users\Graham\AppData\LocalLow\PriceGongFolder Deleted : C:\Users\Graham\AppData\LocalLow\Search SettingsFolder Deleted : C:\Users\Graham\AppData\LocalLow\SearchqutoolbarFolder Deleted : C:\Users\Graham\AppData\LocalLow\Toolbar4Folder Deleted : C:\Users\Graham\AppData\LocalLow\Vuze_RemoteFolder Deleted : C:\Users\Graham\AppData\Roaming\BabSolutionFolder Deleted : C:\Users\Graham\AppData\Roaming\BabylonFolder Deleted : C:\Users\Graham\AppData\Roaming\deltaFolder Deleted : C:\Users\Graham\AppData\Roaming\DriverCureFolder Deleted : C:\Users\Graham\AppData\Roaming\DSiteFolder Deleted : C:\Users\Graham\AppData\Roaming\eIntallerFolder Deleted : C:\Users\Graham\AppData\Roaming\ExpressFilesFolder Deleted : C:\Users\Graham\AppData\Roaming\IminentFolder Deleted : C:\Users\Graham\AppData\Roaming\Media FinderFolder Deleted : C:\Users\Graham\AppData\Roaming\mixidjFolder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.comFolder Deleted : C:\Users\Graham\AppData\Roaming\MysearchdialFolder Deleted : C:\Users\Graham\AppData\Roaming\OfferBoxFolder Deleted : C:\Users\Graham\AppData\Roaming\ParetoLogicFolder Deleted : C:\Users\Graham\AppData\Roaming\SearchYaFolder Deleted : C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefenderFolder Deleted : C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.comFolder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\blekkotbFolder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\ConduitCommonFolder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\jetpackFolder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\SearchqutoolbarFolder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\jetpackFile Deleted : C:\ENDFile Deleted : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnkFile Deleted : C:\Users\Public\Desktop\MySearchDial.urlFile Deleted : C:\Windows\System32\Tasks\BrowserDefendertFile Deleted : C:\Windows\Tasks\Dealply.jobFile Deleted : C:\Windows\System32\Tasks\DealplyFile Deleted : C:\Windows\Tasks\DSite.jobFile Deleted : C:\Windows\System32\Tasks\DSiteFile Deleted : C:\Windows\System32\Tasks\EPUpdaterFile Deleted : C:\Windows\Tasks\MySearchDial.jobFile Deleted : C:\Windows\System32\Tasks\MySearchDial***** [ Shortcuts ] *****Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnkShortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnkShortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnkShortcut Disinfected : C:\Users\Graham\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnkShortcut Disinfected : C:\Users\Graham\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnkShortcut Disinfected : C:\Users\Graham\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk***** [ Registry ] *****Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\browse~1\261519~1.191\{c16c1~1\browse~1.dllData Deleted : HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\browse~1\261519~1.191\{c16c1~1\browse~1.dllData Deleted : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD3200BPVT-75ZEST0_WD-WXG1A80V4791V4791&ts=1376674606Data Deleted : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command [(Default)] - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=WDCXWD3200BPVT-75ZEST0_WD-WXG1A80V4791V4791&ts=1376674606------------------------------------------------ # AdwCleaner v3.000 - Report created20/08/2013at22:31:43# Updated 13/08/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Graham - GRAHAM-PC# Running from : C:\Users\Graham\Downloads\adwcleaner.exe***** [ Services ] ********** [ Files / Folders ] *****[!] Folder Deleted : C:\ProgramData\BrowserDefender***** [ Shortcuts ] ********** [ Registry ] *****Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\browse~1\261519~1.191\{c16c1~1\browse~1.dllData Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\browse~1\261519~1.191\{c16c1~1\browse~1.dllValue Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NTRedirect]Key Deleted : HKLM\SOFTWARE\Classes\Prod.capKey Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\speedmaxpc_RASAPI32Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvcKey Deleted : HKCU\Software\5be8bdee139ec14Key Deleted : HKLM\SOFTWARE\5be8bdee139ec14Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_samsung-kies_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-photo-gallery_RASAPI32Key Deleted : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbarKey Deleted : HKLM\SOFTWARE\Classes\TBSB01620.IEToolbar.1Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dllKey Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXEKey Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\{C41C967C-1BD4-404c-8393-A34F94156193}Key Deleted : HKLM\SOFTWARE\Classes\AppID\iMesh.exeKey Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLLKey Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXEKey Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLLKey Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0af350d9-3916-454b-ac53-0b0b65f41301}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{819DC4CA-4FFF-4C2E-800D-F346471D99BC}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A105B30B-D103-4781-B18C-E8DF93B6EBD0}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}Key Deleted : HKU\S-1-5-21-2006630492-923559519-2914204040-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1968FDBA-C769-E6FC-912D-0C23A8A0D151}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1968FDBA-C769-E6FC-912D-0C23A8A0D151}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1D058402-4289-8EBA-19C8-29AAE7A0699A}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1D058402-4289-8EBA-19C8-29AAE7A0699A}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{372B4DAF-A2C5-4F3F-F8EC-1E74EDC5FA1B}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{372B4DAF-A2C5-4F3F-F8EC-1E74EDC5FA1B}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7113F0FD-F334-060E-2B72-356AD1A4A0A5}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7113F0FD-F334-060E-2B72-356AD1A4A0A5}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{108F5878-71F9-4B5C-9EC0-58CEC29E8124}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{108F5878-71F9-4B5C-9EC0-58CEC29E8124}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{27588682-6FCC-4061-B2BB-7176E03359B8}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{27588682-6FCC-4061-B2BB-7176E03359B8}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9A2DCB-F5DB-40D0-8E62-3B47DD476A77}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E9A2DCB-F5DB-40D0-8E62-3B47DD476A77}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2EEFF6A3-9828-48F2-A7BF-1A5365D7DA32}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2EEFF6A3-9828-48F2-A7BF-1A5365D7DA32}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{38F830AF-C844-48BD-86CF-75AB9A5C3FC2}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{38F830AF-C844-48BD-86CF-75AB9A5C3FC2}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4CA33941-B476-46A4-94EB-3DBA21B2D76D}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4CA33941-B476-46A4-94EB-3DBA21B2D76D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C854B7-3DE0-406B-83F1-D218481BD1FA}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C854B7-3DE0-406B-83F1-D218481BD1FA}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59B23951-2232-4AFB-81D4-64A8A16D457A}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59B23951-2232-4AFB-81D4-64A8A16D457A}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6390CA4B-8D70-47EA-90F5-21E2FEADD997}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6390CA4B-8D70-47EA-90F5-21E2FEADD997}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{794DC34A-1D5E-4205-80BE-FC9D8E19E7F8}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{794DC34A-1D5E-4205-80BE-FC9D8E19E7F8}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7E23FCAB-83EE-4012-B6A0-1EC68554956F}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7E23FCAB-83EE-4012-B6A0-1EC68554956F}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E522F1-9E90-47DD-A2CE-39B0C00274A0}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E522F1-9E90-47DD-A2CE-39B0C00274A0}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{888C8994-107B-4CFB-9E42-7AA96230C1E0}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{888C8994-107B-4CFB-9E42-7AA96230C1E0}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E096DFB-6AB7-45C7-BF64-B313C7096529}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8E096DFB-6AB7-45C7-BF64-B313C7096529}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{996A9940-2F2C-4486-A479-439C4A15F278}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{996A9940-2F2C-4486-A479-439C4A15F278}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B7D44BA-376C-456F-B289-5034270322FD}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9B7D44BA-376C-456F-B289-5034270322FD}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BD8FF26-2C71-4D35-9FE2-AD8D25AECC36}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BD8FF26-2C71-4D35-9FE2-AD8D25AECC36}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9FD6DE57-31C7-4EB4-87AF-495DEEA4ECBD}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9FD6DE57-31C7-4EB4-87AF-495DEEA4ECBD}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A63B48E9-1EC7-413E-9C48-3404BBF87BF3}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A63B48E9-1EC7-413E-9C48-3404BBF87BF3}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCE6E914-AEF0-4FEE-8FC8-06F9B42BF890}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCE6E914-AEF0-4FEE-8FC8-06F9B42BF890}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD8D5FFA-4F92-48AD-BFBE-7896916656F5}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD8D5FFA-4F92-48AD-BFBE-7896916656F5}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C92E6D80-EC54-45CC-AC4B-A7CF42F11B52}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C92E6D80-EC54-45CC-AC4B-A7CF42F11B52}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D1CB564E-F38A-4F2A-8257-60E3F8BE9F34}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D1CB564E-F38A-4F2A-8257-60E3F8BE9F34}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DBEFF714-9A11-45DC-80FC-B86EAE86641A}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DBEFF714-9A11-45DC-80FC-B86EAE86641A}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEFC8918-B440-4CEB-8BFD-140AE24DCABB}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DEFC8918-B440-4CEB-8BFD-140AE24DCABB}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EC29D34C-2A45-4BB0-A065-79B891A57647}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EC29D34C-2A45-4BB0-A065-79B891A57647}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFDE11A9-FE0B-4548-B876-5EAC0A6CE86E}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFDE11A9-FE0B-4548-B876-5EAC0A6CE86E}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F293BBC0-DA7E-4CF1-9EEA-CE90CFE0DF86}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F293BBC0-DA7E-4CF1-9EEA-CE90CFE0DF86}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FEFBC559-C3C7-4287-B05B-49D489B80749}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FEFBC559-C3C7-4287-B05B-49D489B80749}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8BA772A8-AC4F-4954-9B5E-433CA6DC506F}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{69332529-EEC8-4D0D-9FD3-202C4AE8E589}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}Key Deleted : HKLM\SOFTWARE\Classes\IMWeb.IMWebControlKey Deleted : HKLM\SOFTWARE\Classes\IMWeb.IMWebControl.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}Key Deleted : HKLM\SOFTWARE\Classes\IGIFAnimator.IGIFAnimatorCtrlKey Deleted : HKLM\SOFTWARE\Classes\IGIFAnimator.IGIFAnimatorCtrl.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6DiscoveryKey Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F8AB43ED-EC88-4de7-B213-F89157D29C62}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0180E49C-13BF-46DB-9AFD-9F52292E1C22}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}Key Deleted : HKLM\SOFTWARE\Classes\IMTrProgress.IMTrProgressCtrlKey Deleted : HKLM\SOFTWARE\Classes\IMTrProgress.IMTrProgressCtrl.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{148132E6-626D-4A5E-8063-A761EB29A50B}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequestKey Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}Key Deleted : HKLM\SOFTWARE\Classes\ironsource.searchyaHlprKey Deleted : HKLM\SOFTWARE\Classes\ironsource.searchyaHlpr.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25927741-5E5B-4D27-8D8B-9188FE64373F}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25927741-5E5B-4D27-8D8B-9188FE64373F}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvcKey Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}Key Deleted : HKLM\SOFTWARE\Classes\WMHelperiMesh.WMHelperKey Deleted : HKLM\SOFTWARE\Classes\WMHelperiMesh.WMHelper.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{596BB86E-F1E5-A1DE-3363-41AB634E77EF}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{596BB86E-F1E5-A1DE-3363-41AB634E77EF}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjappCoreKey Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjappCore.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C141B4C-B5BA-4E89-BE73-F71ED4A208CF}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}Key Deleted : HKLM\SOFTWARE\Classes\ironsource.searchyadskBndKey Deleted : HKLM\SOFTWARE\Classes\ironsource.searchyadskBnd.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33AA308B-B565-4376-AC66-59EE9B6AD13E}Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{33AA308B-B565-4376-AC66-59EE9B6AD13E}]Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}Key Deleted : HKLM\SOFTWARE\Classes\Aurigma.ShellCombo.5Key Deleted : HKLM\SOFTWARE\Classes\Aurigma.ShellCombo.5.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1D1E43F7-246B-4700-B1B8-68DC4015B918}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1D1E43F7-246B-4700-B1B8-68DC4015B918}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgsKey Deleted : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgsKey Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjHlprKey Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjHlpr.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPaneKey Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{525F116F-04AD-40A2-AE2F-A0C4E1AFEF98}Key Deleted : HKLM\SOFTWARE\Classes\iKey Deleted : HKLM\SOFTWARE\Classes\CLSID\{54B24FA9-87E8-47FC-8589-F9D382D8B299}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5B45AC88-523C-431E-86D7-F339B2EE262E}Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtenderKey Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}Key Deleted : HKLM\SOFTWARE\Classes\Aurigma.ImageUploaderEx.5Key Deleted : HKLM\SOFTWARE\Classes\Aurigma.ImageUploaderEx.5.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60765CF5-01C2-4EE7-A44B-C791CF25FEA0}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{15F6BCB7-BB0F-4A66-8762-4765B05597EB}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{15F6BCB7-BB0F-4A66-8762-4765B05597EB}Key Deleted : HKLM\SOFTWARE\Classes\esrv.searchyaESrvcKey Deleted : HKLM\SOFTWARE\Classes\esrv.searchyaESrvc.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6801410E-CC88-42D6-A93B-909E95645407}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}Key Deleted : HKLM\SOFTWARE\Classes\Aurigma.UploadPane.5Key Deleted : HKLM\SOFTWARE\Classes\Aurigma.UploadPane.5.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgsKey Deleted : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{14B1B6D0-D25F-4418-94E3-EC2B5AEE9756}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{14B1B6D0-D25F-4418-94E3-EC2B5AEE9756}Key Deleted : HKLM\SOFTWARE\Classes\esrv.mixidjESrvcKey Deleted : HKLM\SOFTWARE\Classes\esrv.mixidjESrvc.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7D0EE142-0642-4FDD-AF73-7399C04E1041}Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBndKey Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}Key Deleted : HKLM\SOFTWARE\Classes\Aurigma.Thumbnail.5Key Deleted : HKLM\SOFTWARE\Classes\Aurigma.Thumbnail.5.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}Key Deleted : HKLM\SOFTWARE\Classes\dKey Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}Key Deleted : HKLM\SOFTWARE\Classes\ironsource.searchyaappCoreKey Deleted : HKLM\SOFTWARE\Classes\ironsource.searchyaappCore.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8B0C188C-F6F3-484D-8225-E40262DDE633}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{93A22E7A-5091-45EF-BA61-6DA26156A5D0}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9852A670-F845-491B-9BE6-EBD841B8A613}Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifierKey Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A8B25C0E-0894-4531-B668-AB1599FAF7F6}Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTaskKey Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ACE4747B-35BD-4E97-9DD7-1D4245B0695C}Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelperKey Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlprKey Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C2D6D98F-09CA-4524-AF64-1049B5665C9C}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManagerKey Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C3F978C3-0594-4397-B8E6-3F9D9BE6A7B9}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgsKey Deleted : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}Key Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjdskBndKey Deleted : HKLM\SOFTWARE\Classes\mixidj.mixidjdskBnd.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}]Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CE77C59C-CFD2-429F-868C-8B04D23F94CA}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvcKey Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImplKey Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManagerKey Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandlerKey Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgsKey Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCoreKey Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F544E0F5-CA3C-47EA-A64D-35FCF1602396}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}Key Deleted : HKLM\SOFTWARE\Classes\mKey Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9221CC8-22DF-4CEF-B8ED-BA87F1F09878}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}Key Deleted : HKCU\Software\1ClickDownloadKey Deleted : HKCU\Software\APN DTXKey Deleted : HKCU\Software\BabSolutionKey Deleted : HKCU\Software\ConduitKey Deleted : HKCU\Software\DataMngr[#] Key Deleted : HKCU\Software\DataMngr_ToolbarKey Deleted : HKCU\Software\delta LTDKey Deleted : HKCU\Software\DeltaKey Deleted : HKCU\Software\ImeshKey Deleted : HKCU\Software\IminentKey Deleted : HKCU\Software\InstallCoreKey Deleted : HKCU\Software\mixidjKey Deleted : HKCU\Software\mysearchdialKey Deleted : HKCU\Software\mysearchdial.comKey Deleted : HKCU\Software\searchyaKey Deleted : HKCU\Software\SoftonicKey Deleted : HKCU\Software\Tuto4PCKey Deleted : HKCU\Software\TutorialsKey Deleted : HKCU\Software\TutoTagKey Deleted : HKCU\Software\UpdateStarKey Deleted : HKCU\Software\AppDataLow\Software\findlyricsKey Deleted : HKLM\Software\BabylonKey Deleted : HKLM\Software\BabylonToolbarKey Deleted : HKLM\Software\ConduitKey Deleted : HKLM\Software\DataMngrKey Deleted : HKLM\Software\DeltaKey Deleted : HKLM\Software\eSafeSecControlKey Deleted : HKLM\Software\ImeshKey Deleted : HKLM\Software\IminentKey Deleted : HKLM\Software\InstallCoreKey Deleted : HKLM\Software\mixidjKey Deleted : HKLM\Software\qvo6SoftwareKey Deleted : HKLM\Software\SearchquMediabarTbKey Deleted : HKLM\Software\SpeedMaxPCKey Deleted : HKLM\Software\TutorialsKey Deleted : HKLM\Software\UmbrellaKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ImeshKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{29C7E8BE-FBD9-4D91-BC4F-B470C718D554}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownloadKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome ToolbarKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DeltaKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mixidjKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdialKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results ToolbarKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARPKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\searchyaKey Deleted : [x64] HKLM\SOFTWARE\DataMngr***** [ Browsers ] *****-\\ Internet Explorer v10.0.9200.16660Setting Reset : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]Setting Reset : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]Setting Reset : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]Setting Reset : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]Setting Reset : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]-\\ Mozilla Firefox v23.0.1 (en-GB)File Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\Extensions\{5EBDCA98-43B3-45BB-87E0-716029FB42AB}Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\cr6cty95.default-1370792112859\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\tfizo06i.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\w23vjsx0.default-1370347310982\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\Extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\tfizo06i.default\Extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}Folder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\Extensions\ffxtlbr@babylon.comFolder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.comFolder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\Extensions\ffxtlbr@delta.comFolder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\Extensions\ffxtlbr@funmoods.comFolder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\Extensions\ffxtlbr@mysearchdial.comFolder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\cr6cty95.default-1370792112859\Extensions\ffxtlbr@searchya.comFolder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\Extensions\ffxtlbr@searchya.comFolder Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\Extensions\plugin@yontoo.comValue Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]File Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\Extensions\webbooster@iminent.com.xpiFile Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\searchplugins\Babylon.xmlFile Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\searchplugins\BrowserDefender.xmlFile Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\searchplugins\Mysearchdial.xmlFile Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\cr6cty95.default-1370792112859\searchplugins\Mysearchdial.xmlFile Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\searchplugins\Mysearchdial.xmlFile Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\tfizo06i.default\searchplugins\Mysearchdial.xmlFile Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\w23vjsx0.default-1370347310982\searchplugins\Mysearchdial.xmlFile Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xmlFile Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xmlFile Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\StartWeb.xmlFile Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\bprotector_extensions.sqliteFile Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\tfizo06i.default\bprotector_extensions.sqliteFile Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\bprotector_prefs.jsFile Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\user.jsFile Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\cr6cty95.default-1370792112859\user.jsFile Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\user.jsFile Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\tfizo06i.default\user.jsFile Deleted : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\w23vjsx0.default-1370347310982\user.js[ File : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\4t0o942f.default\prefs.js ]Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");[ File : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\cr6cty95.default-1370792112859\prefs.js ]Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");[ File : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\qlduj3p9.default-1371034330804\prefs.js ]Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");Line Deleted : user_pref("browser.search.order.1", "Mysearchdial");Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");Line Deleted : user_pref("extensions.delta.admin", false);Line Deleted : user_pref("extensions.delta.aflt", "babsst");Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");Line Deleted : user_pref("extensions.delta.autoRvrt", "false");Line Deleted : user_pref("extensions.delta.dfltLng", "en");Line Deleted : user_pref("extensions.delta.excTlbr", false);Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);Line Deleted : user_pref("extensions.delta.id", "08e7e50e0000000000001c659d5ccc29");Line Deleted : user_pref("extensions.delta.instlDay", "15937");Line Deleted : user_pref("extensions.delta.instlRef", "sst");Line Deleted : user_pref("extensions.delta.newTab", false);Line Deleted : user_pref("extensions.delta.prdct", "delta");Line Deleted : user_pref("extensions.delta.prtnrId", "delta");Line Deleted : user_pref("extensions.delta.rvrt", "false");Line Deleted : user_pref("extensions.delta.smplGrp", "none");Line Deleted : user_pref("extensions.delta.tlbrId", "base");Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");Line Deleted : user_pref("extensions.delta.vrsn", "1.8.24.6");Line Deleted : user_pref("extensions.delta.vrsni", "1.8.24.6");Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.24.619:42:51");Line Deleted : user_pref("extensions.delta_i.babExt", "");Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=121232&tt=200813_246&tsp=4980");Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");Line Deleted : user_pref("extensions.enabledAddons", "translator%40zoli.bod:2.1.0.3,s3google%40translator:2.7,%7B5e[...]Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-[...]Line Deleted : user_pref("extensions.mysearchdial.aflt", "dnldmsd");Line Deleted : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");Line Deleted : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutC0CyCyDzy0DyD0C0C0CtBzy0EyDtD0EtN0D0Tzu0Cy[...]Line Deleted : user_pref("extensions.mysearchdial.cntry", "FR");Line Deleted : user_pref("extensions.mysearchdial.cr", "1070429699");Line Deleted : user_pref("extensions.mysearchdial.dfltLng", "");Line Deleted : user_pref("extensions.mysearchdial.dfltSrch", true);Line Deleted : user_pref("extensions.mysearchdial.dnsErr", true);Line Deleted : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,6[...]Line Deleted : user_pref("extensions.mysearchdial.excTlbr", false);Line Deleted : user_pref("extensions.mysearchdial.hdrMd5", "7FB79B408B67A76D7AA53F5485A497E1");Line Deleted : user_pref("extensions.mysearchdial.hmpg", true);Line Deleted : user_pref("extensions.mysearchdial.id", "1C659D5CCC29E50E");Line Deleted : user_pref("extensions.mysearchdial.instlDay", "15937");Line Deleted : user_pref("extensions.mysearchdial.instlRef", "");Line Deleted : user_pref("extensions.mysearchdial.lastVrsnTs", "22:14:18");Line Deleted : user_pref("extensions.mysearchdial.pnu_base", "{\"lastVrsn\":\"1\",\"newVrsn\":\"1\",\"showMsg\":\"f[...]Line Deleted : user_pref("extensions.mysearchdial.prdct", "mysearchdial");Line Deleted : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");Line Deleted : user_pref("extensions.mysearchdial.sg", "none");Line Deleted : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");Line Deleted : user_pref("extensions.mysearchdial.tlbrId", "base");Line Deleted : user_pref("extensions.mysearchdial.vrsn", "");Line Deleted : user_pref("extensions.mysearchdial.vrsni", "");Line Deleted : user_pref("extensions.mysearchdial_i.hmpg", true);Line Deleted : user_pref("extensions.mysearchdial_i.newTab", false);Line Deleted : user_pref("extensions.mysearchdial_i.smplGrp", "none");Line Deleted : user_pref("extensions.mysearchdial_i.vrsnTs", "22:14:18");Line Deleted : user_pref("extensions.searchya.aflt", "syd72");Line Deleted : user_pref("extensions.searchya.appId", "{1973277F-87B0-4EA3-9ED2-470A91D284CF}");Line Deleted : user_pref("extensions.searchya.cd", "2XzuyEtN2Y1L1QzutC0CyCyDzy0DyD0C0C0CtBzy0EyDtD0EtN0D0Tzu0CyDzyz[...]Line Deleted : user_pref("extensions.searchya.cr", "552961267");Line Deleted : user_pref("extensions.searchya.dfltLng", "");Line Deleted : user_pref("extensions.searchya.dfltSrch", true);Line Deleted : user_pref("extensions.searchya.dnsErr", true);Line Deleted : user_pref("extensions.searchya.excTlbr", false);Line Deleted : user_pref("extensions.searchya.hmpg", true);Line Deleted : user_pref("extensions.searchya.id", "1C659D5CCC29E50E");Line Deleted : user_pref("extensions.searchya.instlDay", "15937");Line Deleted : user_pref("extensions.searchya.instlRef", "");Line Deleted : user_pref("extensions.searchya.prdct", "searchya");Line Deleted : user_pref("extensions.searchya.prtnrId", "searchya");Line Deleted : user_pref("extensions.searchya.srchPrvdr", "SearchYa!");Line Deleted : user_pref("extensions.searchya.tlbrId", "base");Line Deleted : user_pref("extensions.searchya.vrsn", "1.8.8.0");Line Deleted : user_pref("extensions.searchya.vrsni", "1.8.8.0");Line Deleted : user_pref("extensions.searchya_i.hmpg", true);Line Deleted : user_pref("extensions.searchya_i.newTab", false);Line Deleted : user_pref("extensions.searchya_i.smplGrp", "none");Line Deleted : user_pref("extensions.searchya_i.vrsnTs", "1.8.8.020:40:1");Line Deleted : user_pref("iminent.webbooster.scripts.minibar.SOFTONICREFRESHRATE", "140000");Line Deleted : user_pref("iminent.webbooster.scripts.sslminibar.SOFTONICREFRESHRATE", "140000");[ File : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\tfizo06i.default\prefs.js ]Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");[ File : C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\w23vjsx0.default-1370347310982\prefs.js ]Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");-\\ Google Chrome v28.0.1500.95Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehojKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehojKey Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehojKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmdeFolder Deleted : C:\Users\Graham\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjlKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjlKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kpepfkjapeclaafmhoelccknpfedainnFile Deleted : C:\Users\Graham\AppData\Local\Google\Chrome\User Data\Default\bProtector Web DataFile Deleted : C:\Users\Graham\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferencesFile Deleted : C:\Users\Graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage[ File : C:\Users\Graham\AppData\Local\Google\Chrome\User Data\Default\preferences ]Restored : search_urlRestored : keywordRestored : urls_to_restore_on_startupRestored : homepage*************************AdwCleaner[0].txt - [6464 octets] - [20/08/2013 22:19:48]AdwCleaner[1].txt - [49282 octets] - [20/08/2013 22:31:43]########## EOF - C:\AdwCleaner\AdwCleaner[1].txt - [49342 octets] ########## Link to post Share on other sites More sharing options...
MrCharlie Posted August 21, 2013 ID:718219 Share Posted August 21, 2013 Good...... Lets check your computers security before you go and we have a little cleanup to do also: Download Security Check by screen317 from HERE or HERE.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.If you get Unsupported operating system. Aborting now, just reboot and try again.A Notepad document should open automatically called checkup.txt.Please Post the contents of that document.Do Not Attach It!!!MrC Link to post Share on other sites More sharing options...
maiduguri Posted August 21, 2013 Author ID:718241 Share Posted August 21, 2013 Results of screen317's Security Check version 0.99.72 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! McAfee Anti-Virus and Anti-Spyware WMI entry may not exist for antivirus; attempting automatic update.`````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 6 Update 18 Java version out of Date! Adobe Flash Player 11.8.800.94 Adobe Reader XI Mozilla Firefox (23.0.1) Google Chrome 28.0.1500.72 Google Chrome 28.0.1500.95 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe McAfee Online Backup MOBKbackup.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0%````````````````````End of Log`````````````````````` Link to post Share on other sites More sharing options...
MrCharlie Posted August 21, 2013 ID:718245 Share Posted August 21, 2013 Out dated programs on the system are vulnerable to malware.Please update or uninstall them:~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Java™ 6 Update 18 <------please uninstall from your add/remove programsJava version out of Date! <-------Download and install the latest version (Java™ 7 Update 25 ) from HereUncheck the box to install the Ask toolbar!!! and any other free "stuff".---------------------------------------Google Chrome 28.0.1500.72 <-----OLDGoogle Chrome 28.0.1500.95 <-----OKYou have old versions of Google Chrome on the system.Please download and run OldChromeRemover.@Windows Vista/Windows 7-8 users must use “Run As Administrator.”~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~A little clean up to do....Please Uninstall ComboFix: (if you used it)Press the Windows logo key + R to bring up the "run box"Copy and paste next command in the field:ComboFix /uninstallMake sure there's a space between Combofix and /Then hit enter.This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall or download and run the uninstaller)---------------------------------If you used FRST:Download the fixlist.txt to the same folder as FRST.Run FRST and click Fix only once and waitThat will delete the quarantine folder created by FRST.-----------------------------If you used DeFogger to disable your CD Emulation drivers, please re-enable them.-------------------------------Please download OTC to your desktop.http://oldtimer.geekstogo.com/OTC.exeDouble-click OTC to run it. (Vista and up users, please right click on OTC and select "Run as an Administrator")Click on the CleanUp! button and follow the prompts.(If you get a warning from your firewall or other security programs regarding OTC attempting to contact the Internet, please allow the connection.)You will be asked to reboot the machine to finish the Cleanup process, choose Yes.After the reboot all the tools we used should be gone.Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind.Any other programs or logs you can manually delete.IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST, MBAR, etc....AdwCleaner > just run the program and click uninstall.-------------------------------Any questions...please post back.If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.Take a look at My Preventive Maintenance to avoid being infected again.Good Luck and Thanks for using the forum, MrC Link to post Share on other sites More sharing options...
maiduguri Posted August 22, 2013 Author ID:718741 Share Posted August 22, 2013 MrC seems to have cleaned my computer, so many, many thanks to him Link to post Share on other sites More sharing options...
LDTate Posted August 22, 2013 ID:718834 Share Posted August 22, 2013 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts