Jump to content

%programfiles%\magnipic\sprotector.dll virus


fire456

Recommended Posts

I'm a little inexperienced with computers but Google Chrome say that I have a %programfiles%/magnipic/sprotector.dll module that's conflicting with chrome? Please help. 

 

I followed the first step in the pinned topic and I have attached the .txt documents below:XT

 

DDS.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16537  BrowserJavaVersion: 10.45.2
Run by Suber2 at 12:34:07 on 2013-12-22
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8040.5341 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\taskeng.exe
c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Ceton\Ceton InfiniTV\InfiniTVSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Ceton\Ceton InfiniTV\CetonTRIFSvc.exe
C:\Windows\ehome\ehRecvr.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Windows\system32\SearchIndexer.exe
C:\Users\Suber2\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\jmesoft\hotkey.exe
C:\Program Files (x86)\Binnerup Consult\My Movies for Windows Media Center\My Movies Tray.exe
C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
C:\Program Files (x86)\AutoRipNCompress\Extender Rip Monitor.exe
C:\Program Files (x86)\MediaBrowser\MediaBrowser\MediaBrowserService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\PrintIsolationHost.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Webexp Enhanced: {0e70bce3-9509-4f41-90c7-4894d88f7781} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha615\ie\WebexpEnhancedV1alpha615.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
uRun: [CC6A15883C85E3606BA3D8C05BF439CF0DCD80F2._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [GoogleChromeAutoLaunch_CA62B2E91B242D9E87344E3B177ED180] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [spotify] "C:\Users\Suber2\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [spotify Web Helper] "C:\Users\Suber2\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe
mRun: [My Movies Tray] "C:\Program Files (x86)\Binnerup Consult\My Movies for Windows Media Center\My Movies Tray.exe"
mRun: [DiscWizardMonitor.exe] "C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
StartupFolder: C:\Users\Suber2\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\IMVU.lnk - C:\Users\Suber2\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORI~1.LNK - C:\Program Files (x86)\AutoRipNCompress\Extender Rip Monitor.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MEDIAB~1.LNK - C:\Program Files (x86)\MediaBrowser\MediaBrowser\MediaBrowserService.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Suber2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
TCP: NameServer = 167.206.245.130 167.206.245.129
TCP: Interfaces\{193A3654-A44B-4180-BBDA-078BE86EB915} : DHCPNameServer = 167.206.245.130 167.206.245.129
TCP: Interfaces\{CF91BD7F-48EB-4188-99A4-D35E2A6D4BAB} : DHCPNameServer = 167.206.245.130 167.206.245.129
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~2\magnipic\sprote~1.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
x64-Run: [seagate Scheduler2 Service] "C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe"
x64-Run: [igfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Suber2\AppData\Roaming\Mozilla\Firefox\Profiles\3izi8dp4.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: keyword.URL - 
FF - prefs.js: browser.startup.homepage - 
FF - plugin: C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Roblox\Versions\version-28a069d7dccb4f92\NPRobloxProxy.dll
FF - plugin: C:\Program Files (x86)\Winamp Detect\npwachk.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Suber2\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll
FF - plugin: C:\Users\Suber2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Suber2\AppData\Roaming\CATALI~1\npBcsKtTcHW.dll
FF - plugin: C:\Windows\System32\Adobe\Director\np32dsw_1204144.dll
FF - plugin: C:\Windows\System32\Adobe\Director\np32dsw_1205146.dll
FF - plugin: C:\Windows\System32\Adobe\Director\np32dsw_1206147.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
FF - ExtSQL: 2013-12-03 12:35; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; C:\Program Files (x86)\McAfee\SiteAdvisor
FF - ExtSQL: 2013-12-03 12:41; ext@flash-Enhancer.com; C:\Program Files (x86)\AmiExt\flashEnhancer\ff
.
============= SERVICES / DRIVERS ===============
.
R0 fbfmon;fbfmon;C:\Windows\System32\drivers\fbfmon.sys [2013-3-1 57952]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2013-4-30 210016]
R0 vidsflt53;Acronis Disk Storage Filter (53);C:\Windows\System32\drivers\vsflt53.sys [2013-4-30 141920]
R1 BPntDrv;BPntDrv;C:\Windows\System32\drivers\BPntDrv.sys [2013-3-1 13408]
R2 CetonInfiniTVSvc;Ceton InfiniTV Support Service;C:\Program Files\Ceton\Ceton InfiniTV\InfiniTVSvc.exe [2013-3-22 84744]
R2 CetonTRIFSvc;Ceton InfiniTV Tuning Adapter Service;C:\Program Files\Ceton\Ceton InfiniTV\CetonTRIFSvc.exe [2013-3-22 89088]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2013-2-28 165032]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-22 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-22 701512]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2013-12-3 121616]
R2 MSSQL$MYMOVIES;SQL Server (MYMOVIES);C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 134944]
R2 SgtSch2Svc;Seagate Scheduler2 Service;C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [2011-6-30 1191408]
R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2013-10-18 1025408]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-2-28 2655768]
R3 ceton_mocur;Ceton InfiniTV Network Device;C:\Windows\System32\drivers\ceton_mocur.sys [2011-10-6 40720]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-12-1 317440]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-12-22 25928]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S3 EsgScanner;EsgScanner;C:\Windows\System32\drivers\EsgScanner.sys [2013-12-22 22704]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-2-28 57856]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-28 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2013-2-28 247400]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-2-28 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-2-28 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-28 1255736]
.
=============== Created Last 30 ================
.
2013-12-22 17:31:49 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C71DF9D7-2A29-4119-BFE0-A7EE771DDF46}\offreg.dll
2013-12-22 17:12:31 -------- d-----w- C:\Users\Suber2\AppData\Roaming\Malwarebytes
2013-12-22 17:12:24 -------- d-----w- C:\ProgramData\Malwarebytes
2013-12-22 17:12:23 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-12-22 17:12:23 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-22 16:59:13 22704 ----a-w- C:\Windows\System32\drivers\EsgScanner.sys
2013-12-22 16:59:10 110080 ----a-r- C:\Users\Suber2\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconF7A21AF7.exe
2013-12-22 16:59:10 110080 ----a-r- C:\Users\Suber2\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\IconD7F16134.exe
2013-12-22 16:59:10 110080 ----a-r- C:\Users\Suber2\AppData\Roaming\Microsoft\Installer\{72AAF455-1E54-475B-B0AB-5413C78D0E63}\Icon1226A4C5.exe
2013-12-22 16:59:07 -------- d-----w- C:\sh4ldr
2013-12-22 16:59:07 -------- d-----w- C:\Program Files\Enigma Software Group
2013-12-22 16:58:36 -------- d-----w- C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-12-22 16:58:35 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-12-22 16:00:31 -------- d-----w- C:\Windows\Migration
2013-12-22 15:58:36 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C71DF9D7-2A29-4119-BFE0-A7EE771DDF46}\mpengine.dll
2013-12-22 15:49:47 -------- d-----w- C:\Program Files\CCleaner
2013-12-22 06:41:43 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-21 05:15:03 -------- d-----w- C:\Program Files (x86)\WebexpEnhancedV1
2013-12-20 17:56:41 -------- d-----w- C:\Users\Suber2\AppData\Local\Macromedia
2013-12-20 13:02:20 439296 ----a-w- C:\Windows\System32\AdpeakProxy64.dll
2013-12-20 13:02:19 338944 ----a-w- C:\Windows\SysWow64\AdpeakProxy.dll
2013-12-20 13:02:16 -------- d-----w- C:\Program Files\ScorpionSaver Services
2013-12-18 04:28:48 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-18 04:28:48 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-18 04:26:10 -------- d-----w- C:\Users\Suber2\AppData\Local\cache
2013-12-17 16:25:32 -------- d-----w- C:\ProgramData\VTech
2013-12-17 16:25:32 -------- d-----w- C:\Program Files (x86)\VTech
2013-12-17 16:22:52 934912 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\QtNetwork4.dll
2013-12-17 16:22:52 7826432 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\QtGui4.dll
2013-12-17 16:22:52 527240 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\ProductExtend.exe
2013-12-17 16:22:52 434040 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\UninstallWizard.exe
2013-12-17 16:22:52 335360 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\QtXml4.dll
2013-12-17 16:22:52 268800 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\QtSvg4.dll
2013-12-17 16:22:52 2150400 ----a-w- C:\ProgramData\Microsoft\Windows\Templates\VTechUninstall\QtCore4.dll
2013-12-07 21:14:02 -------- d-----w- C:\Users\Suber2\AppData\Local\Spotify
2013-12-07 21:13:38 -------- d-----w- C:\Users\Suber2\AppData\Roaming\Spotify
2013-12-07 11:50:35 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B1202640-250D-4675-9965-BB6B8CD4DE9B}\gapaengine.dll
2013-12-05 14:52:19 -------- d-----w- C:\Program Files (x86)\ScorpionSaver
2013-12-03 17:42:12 -------- d-----w- C:\Program Files (x86)\Lightspark 0.5.3-git
2013-12-03 17:41:22 -------- d-----w- C:\temp
2013-12-03 17:41:22 -------- d-----w- C:\Program Files (x86)\AmiExt
2013-12-03 17:41:20 -------- d-----w- C:\Program Files\Level Quality Watcher
2013-12-03 17:41:19 -------- d-----w- C:\Users\Suber2\AppData\Local\SwvUpdater
2013-12-03 17:33:15 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2013-12-03 17:33:07 -------- d-----w- C:\Program Files (x86)\McAfee
2013-12-03 17:32:59 -------- d-----w- C:\Users\Suber2\AppData\Roaming\Philipp Winterberg
2013-12-03 17:32:46 -------- d-----w- C:\Users\Suber2\AppData\Roaming\OpenCandy
2013-12-03 17:32:46 -------- d-----w- C:\Program Files (x86)\RAR File Open Knife - Free Opener
2013-11-30 19:30:21 -------- d-----w- C:\Windows\System32\drivers\NSSx64\0400030.01B
2013-11-30 19:30:21 -------- d-----w- C:\Windows\System32\drivers\NSSx64
2013-11-30 19:30:21 -------- d-----w- C:\Program Files (x86)\Norton Security Scan
2013-11-30 19:30:19 -------- d-----w- C:\ProgramData\NortonInstaller
2013-11-30 19:30:19 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2013-11-29 08:36:46 -------- d-----w- C:\Games
2013-11-23 15:37:57 -------- d-----w- C:\Users\Suber2\AppData\Local\Apple Computer
2013-11-23 15:37:34 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-23 15:37:16 -------- d-----w- C:\Users\Suber2\AppData\Local\Apple
2013-11-23 15:36:59 -------- d-----w- C:\Program Files\Bonjour
2013-11-23 15:36:59 -------- d-----w- C:\Program Files (x86)\Bonjour
2013-11-23 15:22:39 -------- d-----w- C:\Program Files (x86)\Winamp Detect
2013-11-23 15:22:31 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
.
==================== Find3M  ====================
.
2013-11-19 10:21:41 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-10-15 09:05:30 1754928 ----a-w- C:\Windows\System32\dmwu.exe
2013-10-15 08:59:58 33792 ----a-w- C:\Windows\System32\ImHttpComm.dll
2013-10-08 11:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-30 15:53:00 829264 ----a-w- C:\Windows\System32\msvcr100.dll
2013-09-30 15:53:00 608080 ----a-w- C:\Windows\System32\msvcp100.dll
2013-09-27 14:53:06 248240 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2013-09-27 14:53:06 134944 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
.
============= FINISH: 12:34:26.44 ===============
 
 
ATTACH.txt:
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 2/28/2013 6:30:35 PM
System Uptime: 12/22/2013 12:31:37 PM (0 hours ago)
.
Motherboard: LENOVO |  | To be filled by O.E.M.
Processor: Intel® Pentium® CPU G620 @ 2.60GHz | CPU 1 | 2600/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 60 GiB total, 2.884 GiB free.
D: is FIXED (NTFS) - 1863 GiB total, 780.768 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: USB Mass Storage Device
Device ID: USB\VID_1908&PID_0221\00000000000004C2
Manufacturer: Compatible USB storage device
Name: USB Mass Storage Device
PNP Device ID: USB\VID_1908&PID_0221\00000000000004C2
Service: USBSTOR
.
==== System Restore Points ===================
.
RP17: 5/22/2013 12:15:45 AM - Windows Update
RP18: 6/11/2013 9:10:40 PM - Restore Operation
RP19: 6/24/2013 5:22:20 PM - Windows Update
RP20: 7/20/2013 8:49:56 AM - Windows Update
RP21: 11/11/2013 4:11:10 PM - Windows Update
RP22: 11/16/2013 7:20:36 AM - Windows Update
RP23: 11/20/2013 12:18:36 PM - Windows Update
RP24: 11/22/2013 3:54:41 PM - Windows Update
RP25: 11/29/2013 1:29:03 PM - Windows Update
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
Acoustica Mixcraft 6
Adobe Flash Player 11 Plugin
Adobe Shockwave Player 12.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AutoRipNCompress
AVerMedia A770 PCIe Pure ISDB-T (PBDA) 1.2.64.59
Bonjour
Catalina Savings Printer
CCleaner
Ceton InfiniTV (x64)
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
D3DX10
Digital Cable Advisor
DMB-TH Driver Install 64Bit
Driver Install 64-bit
ffdshow v1.2.4422 [2012-04-09]
Google Chrome
Google Drive
Google Update Helper
Hulu Desktop
HuluDesktopIntegration
IMVU Avatar Chat Software
Intel® Management Engine Components
Intel® Network Connections 15.7.176.0
Intel® Processor Graphics
Internet Explorer Toolbar 4.7 by SweetPacks
Java 7 Update 45
Java Auto Updater
Junk Mail filter update
LAV Filters 0.55.3
Learning Lodge™
Lenovo Driver and Application Installation
Lenovo EE Boot Optimizer
Lenovo USB2.0 UVC Camera
Lightspark 0.5.3-git
LXH-JME2207FN Hotkey Driver
MagniPic
MakeMKV v1.8.0
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee SiteAdvisor
Media Browser
Media Center Master v1.31
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (MYMOVIES)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Movie Maker
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
My Channel Logos
My Movies for Windows Media Center
MySQL Server 5.1
Netflix in Windows Media Center
Norton Security Scan
NVIDIA 3D Vision Controller Driver
PE988
Photo Common
Photo Gallery
PlayReady PC Runtime amd64
Plugin 7
Prime World version 9.11.5
RAR File Open Knife - Free Opener
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
REALTEK Wireless LAN Driver
Renesas Electronics USB 3.0 Host Controller Driver
ROBLOX Player
ROBLOX Studio 2013
ScorpionSaver
ScorpionSaver Services
Seagate DiscWizard
Spotify
SpyHunter
swMSM
Typing Trainer 8.0
VIO Player version 1.0.1
VTech Download Agent Library
Webexp Enhanced
Winamp
Winamp Detector Plug-in
Windows Driver Package - YUAN TV DRIVER (cxpl_mhd) Media  (03/15/2010 6.0.64.0063)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
12/22/2013 12:32:01 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  cdrom
12/22/2013 11:59:19 AM, Error: volsnap [14]  - The shadow copies of volume C: were aborted because of an IO failure on volume C:.
12/22/2013 11:59:19 AM, Error: atapi [11]  - The driver detected a controller error on \Device\Ide\IdePort0.
12/22/2013 11:12:27 AM, Error: volsnap [25]  - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
12/22/2013 11:11:38 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
12/20/2013 8:08:47 PM, Error: volsnap [36]  - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
12/20/2013 8:02:19 AM, Error: Service Control Manager [7034]  - The AdpeakProxy service terminated unexpectedly.  It has done this 1 time(s).
12/18/2013 12:26:32 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 4.5.1 for Windows 7 x64-based Systems (KB2858725).
12/18/2013 12:25:12 AM, Error: volsnap [35]  - The shadow copies of volume C: were aborted because the shadow copy storage failed to grow.
12/18/2013 12:17:07 AM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk2\DR14.
12/18/2013 12:14:18 AM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk2\DR11.
12/18/2013 12:08:01 AM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk2\DR8.
12/17/2013 4:32:23 AM, Error: Schannel [36888]  - The following fatal alert was generated: 10. The internal error state is 10.
12/17/2013 11:43:56 PM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk2\DR5.
12/17/2013 11:17:10 AM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk2\DR26.
12/17/2013 11:16:37 AM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk2\DR23.
12/17/2013 11:15:24 AM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk2\DR20.
12/17/2013 11:14:44 AM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk2\DR17.
12/15/2013 6:40:01 AM, Error: volmgr [46]  - Crash dump initialization failed!
.
==== End Of File ===========================
 

 

 
 
Link to post
Share on other sites

Welcome to the forum.

Please download and run RogueKiller 32 Bit to your desktop.

RogueKiller 64 Bit <---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

General P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

Here's the report you requested:

 

 

RogueKiller V8.7.13 _x64_ [Dec 18 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com




 

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Suber2 [Admin rights]

Mode : Scan -- Date : 12/22/2013 13:37:34

| ARK || FAK || MBR |

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 6 ¤¤¤

[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Scheduled tasks : 0 ¤¤¤

 

¤¤¤ Startup Entries : 0 ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

 

¤¤¤ External Hives: ¤¤¤

-> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]

-> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]

-> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]

-> D:\windows\system32\config\SAM | DRVINFO [Drv - D:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]

-> D:\windows\system32\config\DEFAULT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]

 

¤¤¤ Infection :  ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

 

 

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ADATA SP600 ATA Device +++++

--- User ---

[MBR] 424d7e87a647fe685b05560b1065aad0

[bSP] eadf9018da6a0aa8110ab6d7842e51d3 : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 61055 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) ST32000542AS ATA Device +++++

--- User ---

[MBR] 9a444f6d9761b578a74de3215c682b7c

[bSP] b480309f4de37248bf949d01ef852293 : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 1907718 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[0]_S_12222013_133734.txt >>
Link to post
Share on other sites

Please do this:

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Make sure you click on download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites

Here's the log. Should I save anything or have it all removed?

 

# AdwCleaner v3.015 - Report created 22/12/2013 at 13:56:19

# Updated 10/12/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Suber2 - HTPC

# Running from : C:\Users\Suber2\Downloads\AdwCleaner (1).exe

# Option : Scan

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

File Found : C:\END

File Found : C:\Users\Suber2\AppData\Roaming\Mozilla\Firefox\Profiles\3izi8dp4.default\searchplugins\MyStart Search.xml

File Found : C:\Windows\System32\AdpeakProxy.ini

File Found : C:\Windows\System32\AdpeakProxyOff.ini

File Found : C:\Windows\System32\dmwu.exe

File Found : C:\Windows\System32\ImhxxpComm.dll

File Found : C:\Windows\System32\Tasks\AmiUpdXp

File Found : C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore

File Found : C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA

File Found : C:\Windows\System32\Tasks\SpyHunter4Startup

File Found : C:\Windows\SysWOW64\AdpeakProxy.ini

File Found : C:\Windows\SysWOW64\AdpeakProxyOff.ini

File Found : C:\Windows\Tasks\AmiUpdXp.job

File Found : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job

File Found : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job

Folder Found : C:\Users\Suber2\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli

Folder Found : C:\Users\Suber2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

Folder Found : C:\Users\Suber2\AppData\Roaming\Mozilla\Firefox\Profiles\3izi8dp4.default\Extensions\ScorpionSaver@jetpack

Folder Found : C:\Users\Suber2\AppData\Roaming\Mozilla\Firefox\Profiles\3izi8dp4.default\Extensions\ScorpionSaver@jetpack

Folder Found : C:\Users\Suber2\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\ScorpionSaver@jetpack

Folder Found : C:\Users\Suber2\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\ScorpionSaver@jetpack

Folder Found C:\Program Files (x86)\DealPly

Folder Found C:\Program Files (x86)\DealPlyLive

Folder Found C:\Program Files (x86)\HDvidCodec.com

Folder Found C:\Program Files (x86)\MagniPic

Folder Found C:\Program Files (x86)\ScorpionSaver

Folder Found C:\Program Files (x86)\SweetIM

Folder Found C:\Program Files\Level Quality Watcher

Folder Found C:\Program Files\ScorpionSaver Services

Folder Found C:\ProgramData\apn

Folder Found C:\ProgramData\clsoft ltd

Folder Found C:\ProgramData\DealPlyLive

Folder Found C:\ProgramData\MiaigNiPiC

Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiaigNiPiC

Folder Found C:\ProgramData\Premium

Folder Found C:\ProgramData\Tarma Installer

Folder Found C:\Users\Suber2\AppData\Local\DealPlyLive

Folder Found C:\Users\Suber2\AppData\Local\SwvUpdater

Folder Found C:\Users\Suber2\AppData\LocalLow\Industriya

Folder Found C:\Users\Suber2\AppData\Roaming\DealPly

Folder Found C:\Users\Suber2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly

Folder Found C:\Users\Suber2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com

Folder Found C:\Users\Suber2\AppData\Roaming\OpenCandy

Folder Found C:\Users\Suber2\AppData\Roaming\pccustubinstaller

Folder Found C:\Windows\System32\ljkb

Folder Found C:\Windows\SysWOW64\ARFC

Folder Found C:\Windows\SysWOW64\jmdp

Folder Found C:\Windows\SysWOW64\WNLT

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Found : HKCU\Software\Adpeak, Inc.

Key Found : HKCU\Software\IM

Key Found : HKCU\Software\ImInstaller

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Key Found : HKCU\Software\PrivitizeVPNInstallDates

Key Found : HKCU\Software\StartSearch

Key Found : [x64] HKCU\Software\Adpeak, Inc.

Key Found : [x64] HKCU\Software\IM

Key Found : [x64] HKCU\Software\ImInstaller

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Key Found : [x64] HKCU\Software\PrivitizeVPNInstallDates

Key Found : [x64] HKCU\Software\StartSearch

Key Found : HKLM\Software\BetterSurf

Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Found : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE91F9CE-0900-4E2A-B673-F3F6E4FC54D9}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}

Key Found : HKLM\Software\Classes\Installer\Features\6BA018E6E43F3A949AF3E90563067F81

Key Found : HKLM\Software\Classes\Installer\Products\6BA018E6E43F3A949AF3E90563067F81

Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Found : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Key Found : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

Key Found : HKLM\Software\InstallIQ

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_008a99b9

Key Found : HKLM\Software\SP Global

Key Found : HKLM\Software\SProtector

Key Found : [x64] HKLM\SOFTWARE\Adpeak, Inc.

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6E810AB6-F34E-49A3-A93F-9E503660F718}

Key Found : [x64] HKLM\SOFTWARE\Scorpion Saver

Key Found : [x64] HKLM\SOFTWARE\Tarma Installer

Key Found : [x64] HKLM\SOFTWARE\Updater By Sweetpacks

Key Found : [x64] HKLM\SOFTWARE\wnlt

Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]

Value Found : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16537

 

 

-\\ Mozilla Firefox v26.0 (en-US)

 

[ File : C:\Users\Suber2\AppData\Roaming\Mozilla\Firefox\Profiles\3izi8dp4.default\prefs.js ]

 

Line Found : user_pref("aol_toolbar.default.homepage.check", false);

Line Found : user_pref("aol_toolbar.default.search.check", false);

Line Found : user_pref("extensions.BabylonToolbar.prtkDS", 0);

Line Found : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);

Line Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");

Line Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");

Line Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");

Line Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");

Line Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");

Line Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");

Line Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");

Line Found : user_pref("sweetim.toolbar.searchguard.enable", "");

 

[ File : C:\Users\Suber2\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]

 

 

-\\ Google Chrome v31.0.1650.63

 

[ File : C:\Users\Suber2\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [9419 octets] - [22/12/2013 13:56:19]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9479 octets] ##########
Link to post
Share on other sites

Since you didn't respond I went ahead and pressed the CLEAN button. AS per your instructions certain files/folders can be removed by going to the Quarantine Folder.

 

Here's the log after reboot:

 

# AdwCleaner v3.015 - Report created 22/12/2013 at 14:11:33
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Suber2 - HTPC
# Running from : C:\Users\Suber2\Downloads\AdwCleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\clsoft ltd
Folder Deleted : C:\ProgramData\DealPlyLive
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\MiaigNiPiC
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiaigNiPiC
Folder Deleted : C:\Program Files (x86)\DealPly
Folder Deleted : C:\Program Files (x86)\DealPlyLive
Folder Deleted : C:\Program Files (x86)\HDvidCodec.com
Folder Deleted : C:\Program Files (x86)\MagniPic
Folder Deleted : C:\Program Files (x86)\ScorpionSaver
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Windows\SysWOW64\ARFC
Folder Deleted : C:\Windows\SysWOW64\jmdp
Folder Deleted : C:\Windows\SysWOW64\WNLT
Folder Deleted : C:\Program Files\Level Quality Watcher
Folder Deleted : C:\Program Files\ScorpionSaver Services
Folder Deleted : C:\Windows\System32\ljkb
Folder Deleted : C:\Users\Suber2\AppData\Local\DealPlyLive
Folder Deleted : C:\Users\Suber2\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Suber2\AppData\LocalLow\Industriya
Folder Deleted : C:\Users\Suber2\AppData\Roaming\DealPly
Folder Deleted : C:\Users\Suber2\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Suber2\AppData\Roaming\pccustubinstaller
Folder Deleted : C:\Users\Suber2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Deleted : C:\Users\Suber2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Folder Deleted : C:\Users\Suber2\AppData\Roaming\Mozilla\Firefox\Profiles\3izi8dp4.default\Extensions\ScorpionSaver@jetpack
Folder Deleted : C:\Users\Suber2\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\ScorpionSaver@jetpack
Folder Deleted : C:\Users\Suber2\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Folder Deleted : C:\Users\Suber2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
File Deleted : C:\END
File Deleted : C:\Windows\SysWOW64\AdpeakProxy.ini
File Deleted : C:\Windows\SysWOW64\AdpeakProxyOff.ini
File Deleted : C:\Windows\System32\AdpeakProxy.ini
File Deleted : C:\Windows\System32\AdpeakProxyOff.ini
File Deleted : C:\Windows\System32\dmwu.exe
File Deleted : C:\Windows\System32\ImhxxpComm.dll
File Deleted : C:\Users\Suber2\AppData\Roaming\Mozilla\Firefox\Profiles\3izi8dp4.default\searchplugins\MyStart Search.xml
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
File Deleted : C:\Windows\System32\Tasks\AmiUpdXp
File Deleted : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
File Deleted : C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore
File Deleted : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
File Deleted : C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA
File Deleted : C:\Windows\System32\Tasks\SpyHunter4Startup
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_008a99b9
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE91F9CE-0900-4E2A-B673-F3F6E4FC54D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Adpeak, Inc.
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\PrivitizeVPNInstallDates
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKLM\Software\BetterSurf
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : [x64] HKLM\SOFTWARE\Adpeak, Inc.
Key Deleted : [x64] HKLM\SOFTWARE\Scorpion Saver
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Key Deleted : [x64] HKLM\SOFTWARE\wnlt
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6E810AB6-F34E-49A3-A93F-9E503660F718}
Key Deleted : HKLM\Software\Classes\Installer\Features\6BA018E6E43F3A949AF3E90563067F81
Key Deleted : HKLM\Software\Classes\Installer\Products\6BA018E6E43F3A949AF3E90563067F81
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16537
 
 
-\\ Mozilla Firefox v26.0 (en-US)
 
[ File : C:\Users\Suber2\AppData\Roaming\Mozilla\Firefox\Profiles\3izi8dp4.default\prefs.js ]
 
Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Line Deleted : user_pref("aol_toolbar.default.search.check", false);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");
 
[ File : C:\Users\Suber2\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\Suber2\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [9643 octets] - [22/12/2013 13:56:19]
AdwCleaner[s0].txt - [9209 octets] - [22/12/2013 14:11:33]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [9269 octets] ##########
Link to post
Share on other sites

Here's the Malwarebytes report before deleting:

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.12.22.03
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
Suber2 :: HTPC [administrator]
 
Protection: Enabled
 
12/22/2013 2:19:57 PM
MBAM-log-2013-12-22 (14-30-38).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 302275
Time elapsed: 9 minute(s), 9 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> No action taken.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 16
C:\Program Files (x86)\AmiExt\flashEnhancer (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ch (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\core (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\icons (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\icons\default (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\utils (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\locale (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\defaults (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\defaults\preferences (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ie (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\core (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\utils (PUP.Optional.Amonetize.A) -> No action taken.
 
Files Detected: 54
C:\temp\000.exe (PUP.Optional.Adpeak) -> No action taken.
C:\temp\InstallServices64.msi (PUP.Optional.Adpeak) -> No action taken.
C:\temp\scorpionsaver.exe (PUP.Optional.ScorpionSaver) -> No action taken.
C:\temp\ScorpionSaver.msi (PUP.Optional.Adpeak) -> No action taken.
C:\Windows\System32\AdpeakProxy.dll (PUP.Optional.Adpeak) -> No action taken.
C:\Users\Suber2\AppData\Local\Temp\mgsqlite3.7z (PUP.Optional.SweetIM) -> No action taken.
C:\Users\Suber2\AppData\Local\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Users\Suber2\AppData\Local\Temp\Shortcut_BundleSweetIMSetup.exe (PUP.Optional.SweetIM) -> No action taken.
C:\Users\Suber2\AppData\Local\Temp\dlmEC7F.tmp\InstallRARFileOpenKnife.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Suber2\AppData\Local\Temp\flashEnhancer1\Install\flashEnhancerInstaller.exe (PUP.Optional.Amonetize.A) -> No action taken.
C:\Users\Suber2\AppData\Local\Temp\oi_AGYPv2vcFg\dp.exe (PUP.Optional.DealPly.A) -> No action taken.
C:\Users\Suber2\Downloads\Download (1).exe (PUP.Optional.InstalleRex) -> No action taken.
C:\Users\Suber2\Downloads\Download (2).exe (PUP.Optional.InstalleRex) -> No action taken.
C:\Users\Suber2\Downloads\Download (3).exe (PUP.Optional.InstalleRex) -> No action taken.
C:\Users\Suber2\Downloads\Download.exe (PUP.Optional.InstalleRex) -> No action taken.
C:\Users\Suber2\Downloads\iLividSetup.exe (PUP.Optional.Bandoo) -> No action taken.
C:\Users\Suber2\Downloads\mplayer.exe (PUP.Optional.InstallIQ.A) -> No action taken.
C:\Users\Suber2\Downloads\Setup.exe (PUP.Optional.iBryte) -> No action taken.
C:\Users\Suber2\Downloads\vioplayer2_d3993141.exe (PUP.Optional.InstallIQ) -> No action taken.
C:\Windows\Installer\18db7e3b.msi (PUP.Optional.Adpeak) -> No action taken.
C:\Windows\Installer\24c1ae0.msi (PUP.Optional.SweetIM) -> No action taken.
C:\Windows\Installer\293e89c.msi (PUP.Optional.Adpeak) -> No action taken.
C:\Windows\SysWOW64\AdpeakProxy.dll (PUP.Optional.Adpeak) -> No action taken.
C:\Users\Suber2\AppData\Local\Temp\AdpeakProxyr.log (PUP.Optional.AdpeakProxy) -> No action taken.
C:\Windows\Temp\AdpeakProxy.log (PUP.Optional.AdpeakProxy) -> No action taken.
C:\Windows\Temp\AdpeakProxyr.log (PUP.Optional.AdpeakProxy) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ch\flashEnhancer.crx (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\bootstrap.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome.manifest (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\install.rdf (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\preferencesWindow.xul (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\myext.xul (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\core\core.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\icons\Thumbs.db (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\icons\default\star1_32.png (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\utils\amiextension.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\utils\amihelper.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\utils\amilocal.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\utils\chaddon.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\utils\chback.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\utils\ffaddon.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\utils\hostutils.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\utils\ieaddon.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ff\defaults\preferences\myext.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ie\AmiStorage.exe (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\core\core.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\utils\amiextension.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\utils\amihelper.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\utils\amilocal.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\utils\chaddon.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\utils\chback.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\utils\ffaddon.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\utils\hostutils.js (PUP.Optional.Amonetize.A) -> No action taken.
C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\utils\ieaddon.js (PUP.Optional.Amonetize.A) -> No action taken.
 
(end)
Link to post
Share on other sites

Malwarebytes Anti-Malware (Trial) 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.12.22.03

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16540

Suber2 :: HTPC [administrator]

 

Protection: Enabled

 

12/22/2013 2:19:57 PM

mbam-log-2013-12-22 (14-19-57).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 302275

Time elapsed: 9 minute(s), 9 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 16

C:\Program Files (x86)\AmiExt\flashEnhancer (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ch (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\core (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\icons (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\icons\default (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\utils (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\locale (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\defaults (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\defaults\preferences (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ie (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\core (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\utils (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

 

Files Detected: 54

C:\temp\000.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.

C:\temp\InstallServices64.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.

C:\temp\scorpionsaver.exe (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.

C:\temp\ScorpionSaver.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.

C:\Windows\System32\AdpeakProxy.dll (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.

C:\Users\Suber2\AppData\Local\Temp\mgsqlite3.7z (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.

C:\Users\Suber2\AppData\Local\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.

C:\Users\Suber2\AppData\Local\Temp\Shortcut_BundleSweetIMSetup.exe (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.

C:\Users\Suber2\AppData\Local\Temp\dlmEC7F.tmp\InstallRARFileOpenKnife.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.

C:\Users\Suber2\AppData\Local\Temp\flashEnhancer1\Install\flashEnhancerInstaller.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Users\Suber2\AppData\Local\Temp\oi_AGYPv2vcFg\dp.exe (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.

C:\Users\Suber2\Downloads\Download (1).exe (PUP.Optional.InstalleRex) -> Quarantined and deleted successfully.

C:\Users\Suber2\Downloads\Download (2).exe (PUP.Optional.InstalleRex) -> Quarantined and deleted successfully.

C:\Users\Suber2\Downloads\Download (3).exe (PUP.Optional.InstalleRex) -> Quarantined and deleted successfully.

C:\Users\Suber2\Downloads\Download.exe (PUP.Optional.InstalleRex) -> Quarantined and deleted successfully.

C:\Users\Suber2\Downloads\iLividSetup.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.

C:\Users\Suber2\Downloads\mplayer.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.

C:\Users\Suber2\Downloads\Setup.exe (PUP.Optional.iBryte) -> Quarantined and deleted successfully.

C:\Users\Suber2\Downloads\vioplayer2_d3993141.exe (PUP.Optional.InstallIQ) -> Quarantined and deleted successfully.

C:\Windows\Installer\18db7e3b.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.

C:\Windows\Installer\24c1ae0.msi (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.

C:\Windows\Installer\293e89c.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.

C:\Windows\SysWOW64\AdpeakProxy.dll (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.

C:\Users\Suber2\AppData\Local\Temp\AdpeakProxyr.log (PUP.Optional.AdpeakProxy) -> Quarantined and deleted successfully.

C:\Windows\Temp\AdpeakProxy.log (PUP.Optional.AdpeakProxy) -> Quarantined and deleted successfully.

C:\Windows\Temp\AdpeakProxyr.log (PUP.Optional.AdpeakProxy) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ch\flashEnhancer.crx (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\bootstrap.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome.manifest (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\install.rdf (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\preferencesWindow.xul (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\myext.xul (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\core\core.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\icons\Thumbs.db (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\icons\default\star1_32.png (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\utils\amiextension.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\utils\amihelper.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\utils\amilocal.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\utils\chaddon.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\utils\chback.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\utils\ffaddon.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\utils\hostutils.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\chrome\content\utils\ieaddon.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ff\defaults\preferences\myext.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ie\AmiStorage.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\core\core.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\utils\amiextension.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\utils\amihelper.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\utils\amilocal.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\utils\chaddon.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\utils\chback.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\utils\ffaddon.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\utils\hostutils.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\Program Files (x86)\AmiExt\flashEnhancer\ie\js\utils\ieaddon.js (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

 

(end)
Link to post
Share on other sites

Good.....

Lets check your computers security before you go and we have a little cleanup to do also:

Download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!
MrC
Link to post
Share on other sites

 Results of screen317's Security Check version 0.99.77  

 Windows 7 Service Pack 1 x64 (UAC is disabled!)  

 Internet Explorer 10 Out of date! 

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

Microsoft Security Essentials   

 Antivirus up to date!  

`````````Anti-malware/Other Utilities Check:````````` 

 McAfee SiteAdvisor    

 Malwarebytes Anti-Malware version 1.75.0.1300  

 Java 7 Update 45  

 Adobe Flash Player 11.9.900.170  

 Mozilla Firefox (26.0) 

 Google Chrome 31.0.1650.57  

 Google Chrome 31.0.1650.63  

````````Process Check: objlist.exe by Laurent````````  

 Microsoft Security Essentials MSMpEng.exe 

 Microsoft Security Essentials msseces.exe 

 Malwarebytes Anti-Malware mbamservice.exe  

 Malwarebytes Anti-Malware mbamgui.exe  

 Malwarebytes' Anti-Malware mbamscheduler.exe   

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C: 12% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log`````````````````````` 
Link to post
Share on other sites

Looks OK....

A little clean up to do....

Please download OTC to your desktop. (This will clean up most of the tools and logs)

http://oldtimer.geekstogo.com/OTC.exe

Double-click OTC to run it. (Vista and up users, please right click on OTC and select "Run as an Administrator")

Click on the CleanUp! button and follow the prompts.

(If you get a warning from your firewall or other security programs regarding OTC attempting to contact the Internet, please allow the connection.)

You will be asked to reboot the machine to finish the Cleanup process, choose Yes.

After the reboot all the tools we used should be gone.

Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind.

Any other programs or logs you can manually delete. (right click.....Delete)

IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST folder, FRST-OlderVersion folder, MBAR folder, etc....AdwCleaner > just run the program and click uninstall.

Note:

If you used FRST and can't delete the quarantine folder:

Download the fixlist.txt to the same folder as FRST.exe.

Run FRST.exe and click Fix only once and wait

That will delete the quarantine folder created by FRST.

The rest you can manually delete.

-------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.