Removal instructions for VCL

Metallica · August 5, 2015

What is VCL?

The Malwarebytes research team has determined that VCL is adware. These adware applications display advertisements not originating from the sites you are browsing.

How do I know if my computer is affected by VCL?

You may see this entry in your list of installed programs:

How did VCL get on my computer?

Adware applications use different methods for distributing themselves. This particular one was bundled with other software.

How do I remove VCL?

Our program Malwarebytes Anti-Malware can detect and remove this potentially unwanted program.

Please download Malwarebytes Anti-Malware to your desktop.
Double-click mbam-setup-version.exe and follow the prompts to install the program.
At the end, be sure a check-mark is placed next to the following:
- Enable free trial of Malwarebytes Anti-Malware Premium
- Launch Malwarebytes Anti-Malware
Then click Finish.
If an update is found, you will be prompted to download and install the latest version.
Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
Reboot your computer if prompted.

Is there anything else I need to do to get rid of VCL?

You may be prompted twice to reboot after removal. Malwarebytes Anti-Malware needs to restore your connection after removing this LSP-hijacker.

How would the full version of Malwarebytes Anti-Malware help protect me?

We hope our application and this guide have helped you eradicate this hijacker.

As you can see below the full version of Malwarebytes Anti-Malware would have protected you against the VCL adware. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late.

Technical details for experts

You will see these signs in a HijackThis log:

O10 - Unknown file in Winsock LSP: c:\windows\system32\vcl.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\vcl.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\vcl.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\vcl.dllO10 - Unknown file in Winsock LSP: c:\windows\system32\vcl.dllO23 - Service: VCL - VC Corporation - C:\Program Files (x86)\IGS\VCL.exe

You may see these signs in FRST logs:

 Winsock: Catalog9 01 C:\Windows\SysWOW64\VCL.dll [335064 2015-08-05] (VC Corporation) Winsock: Catalog9 02 C:\Windows\SysWOW64\VCL.dll [335064 2015-08-05] (VC Corporation) Winsock: Catalog9 03 C:\Windows\SysWOW64\VCL.dll [335064 2015-08-05] (VC Corporation) Winsock: Catalog9 04 C:\Windows\SysWOW64\VCL.dll [335064 2015-08-05] (VC Corporation) Winsock: Catalog9 16 C:\Windows\SysWOW64\VCL.dll [335064 2015-08-05] (VC Corporation) S2 VCL; C:\Program Files (x86)\IGS\VCL.exe [1757232 2015-03-20] (VC Corporation) [File not signed] (VC Corporation) C:\Windows\SysWOW64\VCL.dll C:\Program Files (x86)\IGSPadlock Memory Key (HKLM-x32\...\IGS) (Version:  - )HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VCL => ""="service"

Alterations made by the installer:

File system details [View: All details] (Selection)---------------------------------------------------    Adds the folder C:\Program Files (x86)\IGS       Adds the file freebl3.dll"="1/27/2015 2:46 AM, 303104 bytes, A       Adds the file libnspr4.dll"="1/27/2015 2:46 AM, 295424 bytes, A       Adds the file libplc4.dll"="1/27/2015 2:46 AM, 48640 bytes, A       Adds the file libplds4.dll"="1/27/2015 2:46 AM, 46080 bytes, A       Adds the file nss3.dll"="1/27/2015 2:46 AM, 854528 bytes, A       Adds the file nssckbi.dll"="1/27/2015 2:46 AM, 417280 bytes, A       Adds the file nssdbm3.dll"="1/27/2015 2:46 AM, 164352 bytes, A       Adds the file nssutil3.dll"="1/27/2015 2:46 AM, 135680 bytes, A       Adds the file smime3.dll"="1/27/2015 2:46 AM, 132608 bytes, A       Adds the file softokn3.dll"="1/27/2015 2:46 AM, 230400 bytes, A       Adds the file sqlite3.dll"="1/27/2015 2:46 AM, 455168 bytes, A       Adds the file ssl3.dll"="1/27/2015 2:46 AM, 228352 bytes, A       Adds the file uninstall.exe"="8/5/2015 11:52 AM, 61035 bytes, A       Adds the file VCCert.dll"="3/20/2015 2:54 PM, 178136 bytes, A       Adds the file VCL.dll"="3/20/2015 2:54 PM, 335064 bytes, A       Adds the file VCL.exe"="3/20/2015 2:54 PM, 1757232 bytes, A       Adds the file VCL.tlb"="3/20/2015 2:54 PM, 49040 bytes, A       Adds the file VCL64.dll"="3/20/2015 2:54 PM, 398792 bytes, A       Adds the file VCLR.exe"="3/20/2015 2:54 PM, 290128 bytes, A       Adds the file VCLR.ini"="3/20/2015 2:54 PM, 116 bytes, A       Adds the file VCLR64.exe"="3/20/2015 2:54 PM, 339304 bytes, A    In the existing folder C:\Windows\SysWOW64       Adds the file VCL.dll"="3/20/2015 2:54 PM, 335064 bytes, ARegistry details [View: All details] (Selection)------------------------------------------------    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{32D8DE8B-CFAF-49FC-928A-74E851854123}]       "(Default)"="REG_SZ", "VCL"       "InstallingUser"="REG_SZ", "bQBhAGwAdwBhAHIAZQBiAHkAdABlAHMAXABwAGkAZQB0AGUAcgAAAA=="       "kp1"="REG_DWORD", 0       "LaunchPermission"="REG_BINARY, ..L.\...0................................. ....... ...       "LocalService"="REG_SZ", "VCL"       "ServiceParameters"="REG_SZ", "-Service"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\VCL.exe]       "AppID"="REG_SZ", "{32D8DE8B-CFAF-49FC-928A-74E851854123}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0877A1D4-1570-487A-B891-FA34464C2F32}]       "(Default)"="REG_SZ", "IDataContainer"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0877A1D4-1570-487A-B891-FA34464C2F32}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0877A1D4-1570-487A-B891-FA34464C2F32}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{226746EF-6F15-4F88-B186-CCE2D8A90982}]       "(Default)"="REG_SZ", "ILSPLogic"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{226746EF-6F15-4F88-B186-CCE2D8A90982}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{226746EF-6F15-4F88-B186-CCE2D8A90982}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2E38EBD1-7C3B-4837-9BED-6793A6197694}]       "(Default)"="REG_SZ", "ISSHController"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2E38EBD1-7C3B-4837-9BED-6793A6197694}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2E38EBD1-7C3B-4837-9BED-6793A6197694}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2F0616DC-62A9-4D5A-B388-4682BC3269D1}]       "(Default)"="REG_SZ", "IDataTable"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2F0616DC-62A9-4D5A-B388-4682BC3269D1}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2F0616DC-62A9-4D5A-B388-4682BC3269D1}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{40E55B03-4288-472A-9E5A-A3658B9ADE3A}]       "(Default)"="REG_SZ", "IDataStatistics"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{40E55B03-4288-472A-9E5A-A3658B9ADE3A}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{40E55B03-4288-472A-9E5A-A3658B9ADE3A}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6B78C1B0-96CF-4698-9F9E-B67F1022C4E5}]       "(Default)"="REG_SZ", "IDataController"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6B78C1B0-96CF-4698-9F9E-B67F1022C4E5}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6B78C1B0-96CF-4698-9F9E-B67F1022C4E5}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{76CD09C2-78CF-49F0-8F6A-C7CAF94BCB05}]       "(Default)"="REG_SZ", "IDataTableHolder"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{76CD09C2-78CF-49F0-8F6A-C7CAF94BCB05}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{76CD09C2-78CF-49F0-8F6A-C7CAF94BCB05}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{823DC7E1-20D1-4A01-B43A-E6CE81A15AF2}]       "(Default)"="REG_SZ", "IWFPController"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{823DC7E1-20D1-4A01-B43A-E6CE81A15AF2}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{823DC7E1-20D1-4A01-B43A-E6CE81A15AF2}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{985766D1-EC72-4AAC-A4D3-AD98968F76A0}]       "(Default)"="REG_SZ", "IDataTableFields"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{985766D1-EC72-4AAC-A4D3-AD98968F76A0}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{985766D1-EC72-4AAC-A4D3-AD98968F76A0}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A8364F18-719D-4C2F-93DF-2DD0F65D2AA7}]       "(Default)"="REG_SZ", "IParentalControl"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A8364F18-719D-4C2F-93DF-2DD0F65D2AA7}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A8364F18-719D-4C2F-93DF-2DD0F65D2AA7}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AD65BA76-2D8B-4181-858D-CD86EA48E49D}]       "(Default)"="REG_SZ", "IParentalControlController"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AD65BA76-2D8B-4181-858D-CD86EA48E49D}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AD65BA76-2D8B-4181-858D-CD86EA48E49D}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B647431C-FC20-416D-BAA6-B9D30D9F7720}]       "(Default)"="REG_SZ", "IWatchDog"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B647431C-FC20-416D-BAA6-B9D30D9F7720}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B647431C-FC20-416D-BAA6-B9D30D9F7720}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EEC74663-1A7E-434A-8DD6-8F76B3DF1181}]       "(Default)"="REG_SZ", "IReadOnlyManager"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EEC74663-1A7E-434A-8DD6-8F76B3DF1181}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EEC74663-1A7E-434A-8DD6-8F76B3DF1181}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{83350327-E2E6-4D1C-9B65-2C0F83E6585E}\1.0]       "(Default)"="REG_SZ", "VCL 1.0 Type Library"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{83350327-E2E6-4D1C-9B65-2C0F83E6585E}\1.0\0\win32]       "(Default)"="REG_SZ", "C:\Program Files (x86)\IGS\VCL.tlb"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{83350327-E2E6-4D1C-9B65-2C0F83E6585E}\1.0\FLAGS]       "(Default)"="REG_SZ", "0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{83350327-E2E6-4D1C-9B65-2C0F83E6585E}\1.0\HELPDIR]       "(Default)"="REG_SZ", "C:\Program Files (x86)\IGS"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataContainer]       "(Default)"="REG_SZ", "DataContainer Class"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataContainer\CLSID]       "(Default)"="REG_SZ", "{0CE9EA6E-1F94-4182-8155-762A846A6ABF}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataContainer\CurVer]       "(Default)"="REG_SZ", "VCLLib.DataContainer.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataContainer.1]       "(Default)"="REG_SZ", "DataContainer Class"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataContainer.1\CLSID]       "(Default)"="REG_SZ", "{0CE9EA6E-1F94-4182-8155-762A846A6ABF}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataController]       "(Default)"="REG_SZ", "DataController Class"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataController\CLSID]       "(Default)"="REG_SZ", "{100DC7DB-465C-4DE1-9CD7-51687B06CECE}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataController\CurVer]       "(Default)"="REG_SZ", "VCLLib.DataController.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataController.1]       "(Default)"="REG_SZ", "DataController Class"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataController.1\CLSID]       "(Default)"="REG_SZ", "{100DC7DB-465C-4DE1-9CD7-51687B06CECE}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataTable]       "(Default)"="REG_SZ", "DataTable Class"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataTable\CLSID]       "(Default)"="REG_SZ", "{52AEA015-43D6-4CBA-9724-FE8E7F8DB440}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataTable\CurVer]       "(Default)"="REG_SZ", "VCLLib.DataTable.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataTable.1]       "(Default)"="REG_SZ", "DataTable Class"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataTable.1\CLSID]       "(Default)"="REG_SZ", "{52AEA015-43D6-4CBA-9724-FE8E7F8DB440}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataTableFields]       "(Default)"="REG_SZ", "DataTableFields Class"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataTableFields\CLSID]       "(Default)"="REG_SZ", "{E05BC679-CE7A-49A6-A310-EA0F8EE0441B}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataTableFields\CurVer]       "(Default)"="REG_SZ", "VCLLib.DataTableFields.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataTableFields.1]       "(Default)"="REG_SZ", "DataTableFields Class"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataTableFields.1\CLSID]       "(Default)"="REG_SZ", "{E05BC679-CE7A-49A6-A310-EA0F8EE0441B}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataTableHolder]       "(Default)"="REG_SZ", "DataTableHolder Class"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataTableHolder\CLSID]       "(Default)"="REG_SZ", "{003A214D-E2C4-4E62-BE85-E267824249CA}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataTableHolder\CurVer]       "(Default)"="REG_SZ", "VCLLib.DataTableHolder.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataTableHolder.1]       "(Default)"="REG_SZ", "DataTableHolder Class"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.DataTableHolder.1\CLSID]       "(Default)"="REG_SZ", "{003A214D-E2C4-4E62-BE85-E267824249CA}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.LSPLogic]       "(Default)"="REG_SZ", "LSPLogic Class"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.LSPLogic\CLSID]       "(Default)"="REG_SZ", "{3114BEB7-16D4-451D-A138-86E4B1BBAD93}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.LSPLogic\CurVer]       "(Default)"="REG_SZ", "VCLLib.LSPLogic.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.LSPLogic.1]       "(Default)"="REG_SZ", "LSPLogic Class"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.LSPLogic.1\CLSID]       "(Default)"="REG_SZ", "{3114BEB7-16D4-451D-A138-86E4B1BBAD93}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.ReadOnlyManager]       "(Default)"="REG_SZ", "ReadOnlyManager Class"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.ReadOnlyManager\CLSID]       "(Default)"="REG_SZ", "{9ED3FA87-8B1F-4A72-B26C-B3606357B103}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.ReadOnlyManager\CurVer]       "(Default)"="REG_SZ", "VCLLib.ReadOnlyManager.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.ReadOnlyManager.1]       "(Default)"="REG_SZ", "ReadOnlyManager Class"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VCLLib.ReadOnlyManager.1\CLSID]       "(Default)"="REG_SZ", "{9ED3FA87-8B1F-4A72-B26C-B3606357B103}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{003A214D-E2C4-4E62-BE85-E267824249CA}]       "(Default)"="REG_SZ", "DataTableHolder Class"       "AppID"="REG_SZ", "{32D8DE8B-CFAF-49FC-928A-74E851854123}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{003A214D-E2C4-4E62-BE85-E267824249CA}\LocalServer32]       "(Default)"="REG_SZ", ""C:\Program Files (x86)\IGS\VCL.exe""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{003A214D-E2C4-4E62-BE85-E267824249CA}\ProgID]       "(Default)"="REG_SZ", "VCLLib.DataTableHolder.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{003A214D-E2C4-4E62-BE85-E267824249CA}\Programmable]    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{003A214D-E2C4-4E62-BE85-E267824249CA}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{003A214D-E2C4-4E62-BE85-E267824249CA}\VersionIndependentProgID]       "(Default)"="REG_SZ", "VCLLib.DataTableHolder"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0CE9EA6E-1F94-4182-8155-762A846A6ABF}]       "(Default)"="REG_SZ", "DataContainer Class"       "AppID"="REG_SZ", "{32D8DE8B-CFAF-49FC-928A-74E851854123}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0CE9EA6E-1F94-4182-8155-762A846A6ABF}\LocalServer32]       "(Default)"="REG_SZ", ""C:\Program Files (x86)\IGS\VCL.exe""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0CE9EA6E-1F94-4182-8155-762A846A6ABF}\ProgID]       "(Default)"="REG_SZ", "VCLLib.DataContainer.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0CE9EA6E-1F94-4182-8155-762A846A6ABF}\Programmable]    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0CE9EA6E-1F94-4182-8155-762A846A6ABF}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0CE9EA6E-1F94-4182-8155-762A846A6ABF}\VersionIndependentProgID]       "(Default)"="REG_SZ", "VCLLib.DataContainer"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{100DC7DB-465C-4DE1-9CD7-51687B06CECE}]       "(Default)"="REG_SZ", "DataController Class"       "AppID"="REG_SZ", "{32D8DE8B-CFAF-49FC-928A-74E851854123}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{100DC7DB-465C-4DE1-9CD7-51687B06CECE}\LocalServer32]       "(Default)"="REG_SZ", ""C:\Program Files (x86)\IGS\VCL.exe""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{100DC7DB-465C-4DE1-9CD7-51687B06CECE}\ProgID]       "(Default)"="REG_SZ", "VCLLib.DataController.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{100DC7DB-465C-4DE1-9CD7-51687B06CECE}\Programmable]    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{100DC7DB-465C-4DE1-9CD7-51687B06CECE}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{100DC7DB-465C-4DE1-9CD7-51687B06CECE}\VersionIndependentProgID]       "(Default)"="REG_SZ", "VCLLib.DataController"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3114BEB7-16D4-451D-A138-86E4B1BBAD93}]       "(Default)"="REG_SZ", "LSPLogic Class"       "AppID"="REG_SZ", "{32D8DE8B-CFAF-49FC-928A-74E851854123}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3114BEB7-16D4-451D-A138-86E4B1BBAD93}\LocalServer32]       "(Default)"="REG_SZ", ""C:\Program Files (x86)\IGS\VCL.exe""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3114BEB7-16D4-451D-A138-86E4B1BBAD93}\ProgID]       "(Default)"="REG_SZ", "VCLLib.LSPLogic.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3114BEB7-16D4-451D-A138-86E4B1BBAD93}\Programmable]    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3114BEB7-16D4-451D-A138-86E4B1BBAD93}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{3114BEB7-16D4-451D-A138-86E4B1BBAD93}\VersionIndependentProgID]       "(Default)"="REG_SZ", "VCLLib.LSPLogic"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{52AEA015-43D6-4CBA-9724-FE8E7F8DB440}]       "(Default)"="REG_SZ", "DataTable Class"       "AppID"="REG_SZ", "{32D8DE8B-CFAF-49FC-928A-74E851854123}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{52AEA015-43D6-4CBA-9724-FE8E7F8DB440}\LocalServer32]       "(Default)"="REG_SZ", ""C:\Program Files (x86)\IGS\VCL.exe""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{52AEA015-43D6-4CBA-9724-FE8E7F8DB440}\ProgID]       "(Default)"="REG_SZ", "VCLLib.DataTable.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{52AEA015-43D6-4CBA-9724-FE8E7F8DB440}\Programmable]    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{52AEA015-43D6-4CBA-9724-FE8E7F8DB440}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{52AEA015-43D6-4CBA-9724-FE8E7F8DB440}\VersionIndependentProgID]       "(Default)"="REG_SZ", "VCLLib.DataTable"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9ED3FA87-8B1F-4A72-B26C-B3606357B103}]       "(Default)"="REG_SZ", "ReadOnlyManager Class"       "AppID"="REG_SZ", "{32D8DE8B-CFAF-49FC-928A-74E851854123}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9ED3FA87-8B1F-4A72-B26C-B3606357B103}\LocalServer32]       "(Default)"="REG_SZ", ""C:\Program Files (x86)\IGS\VCL.exe""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9ED3FA87-8B1F-4A72-B26C-B3606357B103}\ProgID]       "(Default)"="REG_SZ", "VCLLib.ReadOnlyManager.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9ED3FA87-8B1F-4A72-B26C-B3606357B103}\Programmable]    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9ED3FA87-8B1F-4A72-B26C-B3606357B103}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9ED3FA87-8B1F-4A72-B26C-B3606357B103}\VersionIndependentProgID]       "(Default)"="REG_SZ", "VCLLib.ReadOnlyManager"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E05BC679-CE7A-49A6-A310-EA0F8EE0441B}]       "(Default)"="REG_SZ", "DataTableFields Class"       "AppID"="REG_SZ", "{32D8DE8B-CFAF-49FC-928A-74E851854123}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E05BC679-CE7A-49A6-A310-EA0F8EE0441B}\LocalServer32]       "(Default)"="REG_SZ", ""C:\Program Files (x86)\IGS\VCL.exe""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E05BC679-CE7A-49A6-A310-EA0F8EE0441B}\ProgID]       "(Default)"="REG_SZ", "VCLLib.DataTableFields.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E05BC679-CE7A-49A6-A310-EA0F8EE0441B}\Programmable]    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E05BC679-CE7A-49A6-A310-EA0F8EE0441B}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E05BC679-CE7A-49A6-A310-EA0F8EE0441B}\VersionIndependentProgID]       "(Default)"="REG_SZ", "VCLLib.DataTableFields"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{0877A1D4-1570-487A-B891-FA34464C2F32}]       "(Default)"="REG_SZ", "IDataContainer"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{0877A1D4-1570-487A-B891-FA34464C2F32}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{0877A1D4-1570-487A-B891-FA34464C2F32}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{226746EF-6F15-4F88-B186-CCE2D8A90982}]       "(Default)"="REG_SZ", "ILSPLogic"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{226746EF-6F15-4F88-B186-CCE2D8A90982}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{226746EF-6F15-4F88-B186-CCE2D8A90982}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E38EBD1-7C3B-4837-9BED-6793A6197694}]       "(Default)"="REG_SZ", "ISSHController"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E38EBD1-7C3B-4837-9BED-6793A6197694}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E38EBD1-7C3B-4837-9BED-6793A6197694}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2F0616DC-62A9-4D5A-B388-4682BC3269D1}]       "(Default)"="REG_SZ", "IDataTable"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2F0616DC-62A9-4D5A-B388-4682BC3269D1}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2F0616DC-62A9-4D5A-B388-4682BC3269D1}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{40E55B03-4288-472A-9E5A-A3658B9ADE3A}]       "(Default)"="REG_SZ", "IDataStatistics"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{40E55B03-4288-472A-9E5A-A3658B9ADE3A}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{40E55B03-4288-472A-9E5A-A3658B9ADE3A}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6B78C1B0-96CF-4698-9F9E-B67F1022C4E5}]       "(Default)"="REG_SZ", "IDataController"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6B78C1B0-96CF-4698-9F9E-B67F1022C4E5}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6B78C1B0-96CF-4698-9F9E-B67F1022C4E5}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{76CD09C2-78CF-49F0-8F6A-C7CAF94BCB05}]       "(Default)"="REG_SZ", "IDataTableHolder"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{76CD09C2-78CF-49F0-8F6A-C7CAF94BCB05}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{76CD09C2-78CF-49F0-8F6A-C7CAF94BCB05}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{823DC7E1-20D1-4A01-B43A-E6CE81A15AF2}]       "(Default)"="REG_SZ", "IWFPController"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{823DC7E1-20D1-4A01-B43A-E6CE81A15AF2}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{823DC7E1-20D1-4A01-B43A-E6CE81A15AF2}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"]    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{985766D1-EC72-4AAC-A4D3-AD98968F76A0}]       "(Default)"="REG_SZ", "IDataTableFields"]    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{985766D1-EC72-4AAC-A4D3-AD98968F76A0}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{985766D1-EC72-4AAC-A4D3-AD98968F76A0}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{A8364F18-719D-4C2F-93DF-2DD0F65D2AA7}]       "(Default)"="REG_SZ", "IParentalControl"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{A8364F18-719D-4C2F-93DF-2DD0F65D2AA7}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{A8364F18-719D-4C2F-93DF-2DD0F65D2AA7}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AD65BA76-2D8B-4181-858D-CD86EA48E49D}]       "(Default)"="REG_SZ", "IParentalControlController"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AD65BA76-2D8B-4181-858D-CD86EA48E49D}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AD65BA76-2D8B-4181-858D-CD86EA48E49D}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B647431C-FC20-416D-BAA6-B9D30D9F7720}]       "(Default)"="REG_SZ", "IWatchDog"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B647431C-FC20-416D-BAA6-B9D30D9F7720}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B647431C-FC20-416D-BAA6-B9D30D9F7720}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{EEC74663-1A7E-434A-8DD6-8F76B3DF1181}]       "(Default)"="REG_SZ", "IReadOnlyManager"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{EEC74663-1A7E-434A-8DD6-8F76B3DF1181}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{EEC74663-1A7E-434A-8DD6-8F76B3DF1181}\TypeLib]       "(Default)"="REG_SZ", "{83350327-E2E6-4D1C-9B65-2C0F83E6585E}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IGS]       "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\IGS\uninstall.exe"       "DisplayName"="REG_SZ", "Padlock Memory Key"       "NoModify"="REG_DWORD", 1       "NoRepair"="REG_DWORD", 1       "UninstallString"="REG_SZ", "C:\Program Files (x86)\IGS\uninstall.exe"    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VCL]       "(Default)"="REG_SZ", "service"    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VCL]       "DependOnService"="REG_MULTI_SZ, "RPCSS "       "Description"="REG_SZ", "VCL is here"       "DisplayName"="REG_SZ", "VCL"       "ErrorControl"="REG_DWORD", 1       "FailureActions"="REG_BINARY, ......................       "ImagePath"="REG_EXPAND_SZ, "C:\Program Files (x86)\IGS\VCL.exe"       "ObjectName"="REG_SZ", "LocalSystem"       "Start"="REG_DWORD", 2       "Type"="REG_DWORD", 16       "WOW64"="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\AppId_Catalog\18770B78]       "AppFullPath"="REG_SZ", "C:\Program Files (x86)\IGS\VCL.exe"       "PermittedLspCategories"="REG_DWORD", 3840

Malwarebytes Anti-Malware log:

Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date: 8/5/2015Scan Time: 12:06 PMLogfile: mbamVCL.txtAdministrator: YesVersion: 2.1.8.1057Malware Database: v2015.08.05.03Rootkit Database: v2015.08.04.01License: PremiumMalware Protection: DisabledMalicious Website Protection: EnabledSelf-protection: DisabledOS: Windows 8.1CPU: x64File System: NTFSUser: {username}Scan Type: Threat ScanResult: CompletedObjects Scanned: 346621Time Elapsed: 29 min, 58 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: EnabledProcesses: 1PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\IGS\VCL.exe, 3260, Delete-on-Reboot, [8ea9fb0aa4e76acc99b2c3c352af1ce4]Modules: 8PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\freebl3.dll, Delete-on-Reboot, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\libnspr4.dll, Delete-on-Reboot, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\libplc4.dll, Delete-on-Reboot, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\libplds4.dll, Delete-on-Reboot, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\nss3.dll, Delete-on-Reboot, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\nssutil3.dll, Delete-on-Reboot, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\smime3.dll, Delete-on-Reboot, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\VCCert.dll, Delete-on-Reboot, [50e75aaba2e97bbbe1a7918a0300cc34], Registry Keys: 44PUP.Optional.Winsock.HijackBoot, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\VCL, Quarantined, [8ea9fb0aa4e76acc99b2c3c352af1ce4], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{83350327-E2E6-4D1C-9B65-2C0F83E6585E}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0877A1D4-1570-487A-B891-FA34464C2F32}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{226746EF-6F15-4F88-B186-CCE2D8A90982}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{2E38EBD1-7C3B-4837-9BED-6793A6197694}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{2F0616DC-62A9-4D5A-B388-4682BC3269D1}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{40E55B03-4288-472A-9E5A-A3658B9ADE3A}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6B78C1B0-96CF-4698-9F9E-B67F1022C4E5}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{76CD09C2-78CF-49F0-8F6A-C7CAF94BCB05}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{823DC7E1-20D1-4A01-B43A-E6CE81A15AF2}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{985766D1-EC72-4AAC-A4D3-AD98968F76A0}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A8364F18-719D-4C2F-93DF-2DD0F65D2AA7}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AD65BA76-2D8B-4181-858D-CD86EA48E49D}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B647431C-FC20-416D-BAA6-B9D30D9F7720}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EEC74663-1A7E-434A-8DD6-8F76B3DF1181}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0877A1D4-1570-487A-B891-FA34464C2F32}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{226746EF-6F15-4F88-B186-CCE2D8A90982}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{2E38EBD1-7C3B-4837-9BED-6793A6197694}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{2F0616DC-62A9-4D5A-B388-4682BC3269D1}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{40E55B03-4288-472A-9E5A-A3658B9ADE3A}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6B78C1B0-96CF-4698-9F9E-B67F1022C4E5}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{76CD09C2-78CF-49F0-8F6A-C7CAF94BCB05}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{823DC7E1-20D1-4A01-B43A-E6CE81A15AF2}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{985766D1-EC72-4AAC-A4D3-AD98968F76A0}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A8364F18-719D-4C2F-93DF-2DD0F65D2AA7}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AD65BA76-2D8B-4181-858D-CD86EA48E49D}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B647431C-FC20-416D-BAA6-B9D30D9F7720}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EEC74663-1A7E-434A-8DD6-8F76B3DF1181}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{0877A1D4-1570-487A-B891-FA34464C2F32}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{226746EF-6F15-4F88-B186-CCE2D8A90982}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{2E38EBD1-7C3B-4837-9BED-6793A6197694}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{2F0616DC-62A9-4D5A-B388-4682BC3269D1}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{40E55B03-4288-472A-9E5A-A3658B9ADE3A}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{6B78C1B0-96CF-4698-9F9E-B67F1022C4E5}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{76CD09C2-78CF-49F0-8F6A-C7CAF94BCB05}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{823DC7E1-20D1-4A01-B43A-E6CE81A15AF2}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{985766D1-EC72-4AAC-A4D3-AD98968F76A0}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A8364F18-719D-4C2F-93DF-2DD0F65D2AA7}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{AD65BA76-2D8B-4181-858D-CD86EA48E49D}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B647431C-FC20-416D-BAA6-B9D30D9F7720}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EEC74663-1A7E-434A-8DD6-8F76B3DF1181}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{83350327-E2E6-4D1C-9B65-2C0F83E6585E}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{83350327-E2E6-4D1C-9B65-2C0F83E6585E}, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IGS, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], Registry Values: 2PUP.Optional.IGS.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IGS|DisplayIcon, C:\Program Files (x86)\IGS\uninstall.exe, Quarantined, [ce699372ccbf60d64804badfc14323dd]PUP.Optional.VCL.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\VCL|ImagePath, C:\Program Files (x86)\IGS\VCL.exe, Quarantined, [989f21e444478aac3250c3575da6629e]Registry Data: 0(No malicious items detected)Folders: 1PUP.Optional.IGS.A, C:\Program Files (x86)\IGS, Delete-on-Reboot, [50e75aaba2e97bbbe1a7918a0300cc34], Files: 29PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\IGS\VCL.exe, Delete-on-Reboot, [8ea9fb0aa4e76acc99b2c3c352af1ce4], PUP.Optional.Winsock.HijackBoot, C:\Users\{username}\Desktop\kmdsetup.exe, Quarantined, [2c0b9d682d5e36008dbe7412b64b28d8], PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\IGS\VCL.dll, Quarantined, [0f287d888506e4522c1f7610ce3346ba], PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\IGS\VCL64.dll, Quarantined, [9b9c43c2117a41f5f259087e59a8c53b], PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\IGS\VCLR.exe, Quarantined, [5bdc7e877318162074d790f6679af20e], PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\IGS\VCLR64.exe, Quarantined, [1c1bf70eccbf9c9a0744afd79d64ae52], PUP.Optional.Winsock.HijackBoot, C:\Windows\SysWOW64\VCL.dll, Delete-on-Reboot, [9b9cd0356a21cf6796b52a5c798828d8], PUP.Optional.VCL.A, C:\Windows\Temp\VCL.log, Delete-on-Reboot, [46f10203513a8fa7087cdd3da65dd927], PUP.Optional.VCL.A, C:\Users\{username}\AppData\Local\Temp\VCLR.ini.log, Quarantined, [e057877e98f3b87e1c698d8d29da8c74], PUP.Optional.VCL.A, C:\Users\{username}\AppData\Local\Temp\VCLr.log, Quarantined, [54e334d1692284b29fe7e832cd36837d], PUP.Optional.VCL.A, C:\Windows\Temp\VCLr.log, Quarantined, [d85fe421f794b3831d69d248709338c8], PUP.Optional.Winsock.HijackBoot, C:\Windows\System32\VCLOff.ini, Quarantined, [fb3c2fd67f0cf6408ff8aa70a65d45bb], PUP.Optional.Winsock.HijackBoot, C:\Windows\SysWOW64\VCLOff.ini, Quarantined, [2215679e672451e5f88fd842f80ba759], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\VCL.tlb, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\freebl3.dll, Delete-on-Reboot, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\libnspr4.dll, Delete-on-Reboot, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\libplc4.dll, Delete-on-Reboot, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\libplds4.dll, Delete-on-Reboot, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\nss3.dll, Delete-on-Reboot, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\nssckbi.dll, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\nssdbm3.dll, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\nssutil3.dll, Delete-on-Reboot, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\smime3.dll, Delete-on-Reboot, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\softokn3.dll, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\sqlite3.dll, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\ssl3.dll, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\uninstall.exe, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\VCCert.dll, Delete-on-Reboot, [50e75aaba2e97bbbe1a7918a0300cc34], PUP.Optional.IGS.A, C:\Program Files (x86)\IGS\VCLR.ini, Quarantined, [50e75aaba2e97bbbe1a7918a0300cc34], Physical Sectors: 0(No malicious items detected)(end)

As mentioned before the full version of Malwarebytes Anti-Malware could have protected your computer against this threat.

We use different ways of protecting your computer(s):

Dynamically Blocks Malware Sites & Servers
Malware Execution Prevention

Save yourself the hassle and get protected.

Sign In

Removal instructions for VCL

Recommended Posts

Metallica

Link to post

Share on other sites

Recently Browsing 0 members

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information