Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

problems with my grandpap's laptop


  • Please log in to reply
6 replies to this topic

#1 dnap

dnap

  • Members
  • 262 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:10 PM

Posted 16 November 2012 - 05:46 PM

well my pap called me yesterday saying his laptop wasnt working right, and wanted to know if i could look at it. the problems he is having is, certain websites he uses are working anymore, specifically allmyfaves.com and flixxy.com, neither of which i use. when i go to these sites, nothing loads on the pages besides the search bar, and the website name basically. i have tried the sites on my personal computer and they work fine, so i dont know whats going on with his.

i dont know anything about windows 7 or laptops so i am at a disadvantage, but i tried clearing his browser history, but that did nothing. the laptop is also having problems with windows updates, some of them arent working and fail every time. and it also seems to be slow and acting odd, so it may be a virus or something, im not sure at this point, but any help would be appreciated.

Edited by hamluis, 18 November 2012 - 12:47 PM.
Moved from Win 7 to Am I Infected - Hamluis.

CPU - AMD FX-8350 Black Edition

Motherboard -MSI 990FXA-GD80

Ram - G.SKILL Ripjaws X Series 8GB (2 x 4GB)

Video Card - MSI Radeon R9 280

Storage - Western Digital Velociraptor 300GB 10k RPM

Power Supply - hec XP1080 800W

Case - Antec DF-35


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:10 AM

Posted 17 November 2012 - 12:00 AM

Hi -
Download Malwarebytes Anti-Malware Free and SuperantiSpyware Free, Make sure you check for Updates and run Full scans with both programs -
Be sure to remove all problems found, and Copy / Paste the logs when finished

Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Download Security Check by Screen317 from HERE or HERE, and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

Thank You -

#3 dnap

dnap
  • Topic Starter

  • Members
  • 262 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:10 PM

Posted 17 November 2012 - 09:06 PM

sorry for the long delay, had to work today and didnt have time to work on it until now, but here are your logs...

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.17.06

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Toshiba :: TOSHIBA-PC [administrator]

11/17/2012 8:03:15 PM
mbam-log-2012-11-17 (20-03-15).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 343683
Time elapsed: 50 minute(s), 42 second(s)

Memory Processes Detected: 2
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zbrmon.exe (PUP.MyWebSearch) -> 2724 -> Delete on reboot.
C:\Windows\svchost.exe (Trojan.Agent) -> 3904 -> Delete on reboot.

Memory Modules Detected: 6
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zbrstub.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\NP2zStub.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zPlugin.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zbar.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zscript.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zfeedmg.dll (PUP.MyWebSearch) -> Delete on reboot.

Registry Keys Detected: 78
HKLM\SYSTEM\CurrentControlSet\Services\Retrogamer_2zService (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{54ba686e-738f-42fe-badd-d8cb7cfbc07e} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{54BA686E-738F-42FE-BADD-D8CB7CFBC07E} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{54BA686E-738F-42FE-BADD-D8CB7CFBC07E} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Retrogamer_2zbar Uninstall (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{fc1e426b-fa76-428f-b680-86ef1edb13c1} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC1E426B-FA76-428F-B680-86EF1EDB13C1} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC1E426B-FA76-428F-B680-86EF1EDB13C1} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC1E426B-FA76-428F-B680-86EF1EDB13C1} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{0592CE71-A3C3-4F0B-AFA6-B67DFFC65F70} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.HTMLMenu.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.HTMLMenu (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0592CE71-A3C3-4F0B-AFA6-B67DFFC65F70} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{9646a7e3-e039-4695-ad8c-03f3959667ec} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.MultipleButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.MultipleButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{42f86556-68eb-44ab-9a3c-f6ebef638c11} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.ScriptButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.ScriptButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{c0b5f7ae-bdd4-4df5-b0bf-af54da2b22ef} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{9dd5d5d2-0f61-4986-ad08-84f2780bd9e2} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{14C6062D-696F-4DCC-AE09-BAA6E579A5DF} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.FeedManager.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.FeedManager (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{1c583e40-0629-4bb9-ab68-1cf539f2f782} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{6ffed9d8-942f-4384-aa29-d3bd083a346a} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FFED9D8-942F-4384-AA29-D3BD083A346A} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6FFED9D8-942F-4384-AA29-D3BD083A346A} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6FFED9D8-942F-4384-AA29-D3BD083A346A} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{517E0D3E-17A4-4592-926E-A082DB43B7D3} (PUP.FaceTheme) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{517E0D3E-17A4-4592-926E-A082DB43B7D3} (PUP.FaceTheme) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{517E0D3E-17A4-4592-926E-A082DB43B7D3} (PUP.FaceTheme) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{517E0D3E-17A4-4592-926E-A082DB43B7D3} (PUP.FaceTheme) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{517E0D3E-17A4-4592-926E-A082DB43B7D3} (PUP.FaceTheme) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{517E0D3E-17A4-4592-926E-A082DB43B7D3} (PUP.FaceTheme) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{517E0D3E-17A4-4592-926E-A082DB43B7D3} (PUP.FaceTheme) -> Quarantined and deleted successfully.
HKCR\CLSID\{39bbcfda-fbd8-4bad-8f76-627310a33fcb} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{6fe13672-d5e1-4f11-a5f0-d4ebeecfe62b} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{41F01C2E-58C1-424B-9233-72B833FC8FB5} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{8ff1018e-6255-43b3-88f0-d9bd1094bdc9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{f6ebb1da-8f7b-49b4-8e56-3bf2dd9cc758} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{54D6B3B2-64C9-4687-8076-001674D333A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{fee58fba-ccdb-42e0-b0bd-a37812509763} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.DynamicBarButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.DynamicBarButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{c996d130-adb6-440e-8f9b-2bd40801aa7b} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{c9909a26-d829-437e-a22c-f48137f0ec9d} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{04D14231-1070-4B7A-B55E-CBEDAA8223C9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.HTMLPanel.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.HTMLPanel (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C996D130-ADB6-440E-8F9B-2BD40801AA7B} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{2062a63c-7fea-4d06-ab19-5223bac659da} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{5f1bde62-fc1b-4661-abf8-984b997aeda2} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{46DCD470-A8B1-482C-B638-272F3491CC04} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{731b0dfb-a6d2-456d-a8cf-8f8f9428c2a5} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{c7566a44-80ea-4c12-adc9-209a58d82860} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{29395D3E-0A99-401B-B3EF-778107B5FCCD} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.XMLSessionPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.XMLSessionPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{731B0DFB-A6D2-456D-A8CF-8F8F9428C2A5} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{7e3c3521-5504-492a-a99d-3cdc1b795ea5} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.Radio.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.Radio (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{09f75bfc-d8ec-4a0f-a7e6-69a0278b44b4} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{7de13ab7-a6d2-4ed5-96d5-d85a5cc546b0} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{227B108F-BE74-41CE-8CDC-54BE86D1EADA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.PseudoTransparentPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{09F75BFC-D8EC-4A0F-A7E6-69A0278B44B4} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{fd34eacb-53f5-4965-94bd-cc503b0ec292} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\TypeLib\{7815cd7b-4477-4d83-b66c-97e5eb483a05} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Interface\{5A67CFE6-ED34-4114-8A3B-08E9F5E2EE39} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.ThirdPartyInstaller.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.ThirdPartyInstaller (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FD34EACB-53F5-4965-94BD-CC503B0EC292} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\CLSID\{6a9882b5-0181-40c1-ae99-98f2274aa5c0} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.UrlAlertButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCR\Retrogamer_2z.UrlAlertButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Retrogamer_2z Browser Plugin Loader (PUP.MyWebSearch) -> Data: C:\PROGRA~2\RETROG~2\bar\1.bin\2zbrmon.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{54BA686E-738F-42FE-BADD-D8CB7CFBC07E} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Retrogamer Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~2\RETROG~2\bar\1.bin\2zsrchmn.exe" /m=2 /w /h -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{1C583E40-0629-4BB9-AB68-1CF539F2F782} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 36
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zbarsvc.exe (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zbrstub.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zbrmon.exe (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\NP2zStub.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zPlugin.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zbar.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zhtmlmu.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zmlbtn.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zscript.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zmedint.exe (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zfeedmg.dll (PUP.MyWebSearch) -> Delete on reboot.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zSrchMn.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zSrcAs.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zauxstb.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zdatact.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zdlghk.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zdyn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zhighin.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zhkstub.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zhtml.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zhttpct.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zidle.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zieovr.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zimpipe.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zmsg.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zradio.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zregfft.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zreghk.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zregiet.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zskin.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zskplay.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2ztpinst.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\2zuabtn.dll (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Retrogamer_2z\bar\1.bin\T8RES.DLL (PUP.MyWebSearch) -> Delete on reboot.
C:\Users\Toshiba\AppData\LocalLow\Retrogamer_2zEI\Installr\Cache\0009A2E3.exe (PUP.MyWebSearch) -> Quarantined and deleted successfully.
C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)

------------------------------------

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/17/2012 at 07:42 PM

Application Version : 5.6.1014

Core Rules Database Version : 9606
Trace Rules Database Version: 7418

Scan type : Complete Scan
Total Scan Time : 00:45:37

Operating System Information
Windows 7 Ultimate 64-bit (Build 6.01.7600)
UAC On - Limited User

Memory items scanned : 548
Memory threats detected : 0
Registry items scanned : 71461
Registry threats detected : 0
File items scanned : 61704
File threats detected : 108

Adware.Tracking Cookie
C:\USERS\TOSHIBA\AppData\Roaming\Microsoft\Windows\Cookies\Low\DLORMPEQ.txt [ Cookie:toshiba@doubleclick.net/ ]
C:\USERS\TOSHIBA\AppData\Roaming\Microsoft\Windows\Cookies\Low\3Z5SV15F.txt [ Cookie:toshiba@lucidmedia.com/ ]
C:\USERS\TOSHIBA\AppData\Roaming\Microsoft\Windows\Cookies\Low\XEUA5T9I.txt [ Cookie:toshiba@click.livesearchnow.com/ads-clicktrack/click/ ]
C:\USERS\TOSHIBA\AppData\Roaming\Microsoft\Windows\Cookies\Low\8D5US1U0.txt [ Cookie:toshiba@insightexpressai.com/ ]
C:\USERS\TOSHIBA\AppData\Roaming\Microsoft\Windows\Cookies\Low\IKY78XSC.txt [ Cookie:toshiba@serving-sys.com/ ]
C:\USERS\TOSHIBA\AppData\Roaming\Microsoft\Windows\Cookies\Low\1DUUD54Z.txt [ Cookie:toshiba@revsci.net/ ]
C:\USERS\TOSHIBA\AppData\Roaming\Microsoft\Windows\Cookies\Low\W35SNODY.txt [ Cookie:toshiba@adbrite.com/ ]
C:\USERS\TOSHIBA\AppData\Roaming\Microsoft\Windows\Cookies\Low\6WKLDJWJ.txt [ Cookie:toshiba@apmebf.com/ ]
C:\USERS\TOSHIBA\AppData\Roaming\Microsoft\Windows\Cookies\Low\RO2XM9MI.txt [ Cookie:toshiba@questionmarket.com/ ]
C:\USERS\TOSHIBA\AppData\Roaming\Microsoft\Windows\Cookies\Low\HPIL4GD7.txt [ Cookie:toshiba@casalemedia.com/ ]
C:\USERS\TOSHIBA\AppData\Roaming\Microsoft\Windows\Cookies\Low\F7NKN03G.txt [ Cookie:toshiba@ru4.com/ ]
C:\USERS\TOSHIBA\AppData\Roaming\Microsoft\Windows\Cookies\Low\3DXS87T6.txt [ Cookie:toshiba@atdmt.com/ ]
C:\USERS\TOSHIBA\AppData\Roaming\Microsoft\Windows\Cookies\Low\GPR0PN79.txt [ Cookie:toshiba@burstnet.com/ ]
C:\USERS\TOSHIBA\AppData\Roaming\Microsoft\Windows\Cookies\Low\YJKEN53I.txt [ Cookie:toshiba@media6degrees.com/ ]
C:\USERS\TOSHIBA\AppData\Roaming\Microsoft\Windows\Cookies\Low\A9414K5V.txt [ Cookie:toshiba@imrworldwide.com/cgi-bin ]
C:\USERS\TOSHIBA\AppData\Roaming\Microsoft\Windows\Cookies\Low\RMAU57Z7.txt [ Cookie:toshiba@ad.yieldmanager.com/ ]
C:\USERS\TOSHIBA\AppData\Roaming\Microsoft\Windows\Cookies\Low\N7TWUWQS.txt [ Cookie:toshiba@animaltracks.today.msnbc.msn.com/ ]
.doubleclick.net [ C:\USERS\TOSHIBA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\TOSHIBA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\TOSHIBA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\TOSHIBA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\TOSHIBA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
core.insightexpressai.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YNP4RNF5 ]
.a1.interclick.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.a1.interclick.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.dc.tremormedia.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.eyewonder.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.findlocation.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.findlocation.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.tracking.foxnews.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.tracking.foxnews.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.tracking.foxnews.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.www.googleadservices.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.adtechus.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.tacoda.at.atwola.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.adbrite.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.microsoftsto.112.2o7.net [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
click.livesearchnow.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
click.searchwebresults.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
server.iad.liveperson.net [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.mywebsearch.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.mywebsearch.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.mywebsearch.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.mywebsearch.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.mywebsearch.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PXMPUC7P.DEFAULT\COOKIES.SQLITE ]

Trojan.Agent/Gen-VB
C:\PROGRAM FILES (X86)\GAMETAP WEB PLAYER\GT_UNINSTALL.EXE

-------------------------------------------

# AdwCleaner v2.008 - Logfile created 11/17/2012 at 19:49:03
# Updated 17/11/2012 by Xplode
# Operating system : Windows 7 Ultimate (64 bits)
# User : Toshiba - TOSHIBA-PC
# Boot Mode : Normal
# Running from : C:\Users\Toshiba\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Program Files (x86)\OApps
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\Toshiba\AppData\Local\Temp\boost_interprocess

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4f73-BBBA-9B2B222FB7D6}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\pxmpuc7p.default\prefs.js

C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\pxmpuc7p.default\user.js ... Deleted !

Deleted : user_pref("aol_toolbar.buttons.layout", "aol_mail_5496;facebook_40839;mapquest_40872;twitter_40883;w[...]
Deleted : user_pref("aol_toolbar.default.homepage.check", true);
Deleted : user_pref("aol_toolbar.default.homepage.url", "hxxp://www.aol.com/?mtmhp=hyplogusaolp00000023");
Deleted : user_pref("aol_toolbar.default.search.check", true);
Deleted : user_pref("aol_toolbar.default.search.label", "AOL Search");
Deleted : user_pref("aol_toolbar.default.search.url", "hxxp://search.aol.com/search/search?query={searchTerms}[...]
Deleted : user_pref("aol_toolbar.firsttime.showwindow", false);
Deleted : user_pref("aol_toolbar.guid", "{839EAA93-469D-DDDB-ED46-01538BABCD25}");
Deleted : user_pref("aol_toolbar.install.distroid", "aol");
Deleted : user_pref("aol_toolbar.install.homepage", "hxxp://www.aol.com/?mtmhp={mtmhp}");
Deleted : user_pref("aol_toolbar.install.lastTbVersion", "5.74.1.8614");
Deleted : user_pref("aol_toolbar.install.lid", "hyplognew00000010");
Deleted : user_pref("aol_toolbar.install.mtmhp", "hyplogusaolp00000023");
Deleted : user_pref("aol_toolbar.install.ncid", "");
Deleted : user_pref("aol_toolbar.metrics.activestampdate", "16");
Deleted : user_pref("aol_toolbar.metrics.activestampmonth", "10");
Deleted : user_pref("aol_toolbar.metrics.activestampyear", "2012");
Deleted : user_pref("aol_toolbar.metrics.originalDate", "24");
Deleted : user_pref("aol_toolbar.metrics.originalHours", "17");
Deleted : user_pref("aol_toolbar.metrics.originalMinutes", "43");
Deleted : user_pref("aol_toolbar.metrics.originalMonth", "10");
Deleted : user_pref("aol_toolbar.metrics.originalSeconds", "23");
Deleted : user_pref("aol_toolbar.metrics.originalYear", "2012");
Deleted : user_pref("aol_toolbar.relatednews.enabled", false);
Deleted : user_pref("aol_toolbar.remote.publish.xml", "1353089354382");
Deleted : user_pref("aol_toolbar.rtw.active", false);
Deleted : user_pref("aol_toolbar.search.button", true);
Deleted : user_pref("aol_toolbar.search.cid", "24-10-2012");
Deleted : user_pref("aol_toolbar.search.instd", "201210241740070002");
Deleted : user_pref("aol_toolbar.search.oid", "24-10-2012");
Deleted : user_pref("aol_toolbar.search.placement", "right");
Deleted : user_pref("aol_toolbar.search.populateoncomplete", false);
Deleted : user_pref("aol_toolbar.search.savehistory", false);
Deleted : user_pref("aol_toolbar.search.searchtype", "web");
Deleted : user_pref("aol_toolbar.search.source", "tb50-ff-adknowledgeaol");
Deleted : user_pref("aol_toolbar.skin.custom", false);
Deleted : user_pref("aol_toolbar.surf.date", "24");
Deleted : user_pref("aol_toolbar.surf.lastDate", "16");
Deleted : user_pref("aol_toolbar.surf.lastMonth", "10");
Deleted : user_pref("aol_toolbar.surf.lastYear", "2012");
Deleted : user_pref("aol_toolbar.surf.month", "24");
Deleted : user_pref("aol_toolbar.surf.prevMonth", "33");
Deleted : user_pref("aol_toolbar.surf.total", "57");
Deleted : user_pref("aol_toolbar.surf.week", "24");
Deleted : user_pref("aol_toolbar.surf.year", "56");
Deleted : user_pref("aol_toolbar.ticker.active", false);
Deleted : user_pref("aol_toolbar.upgrade.showwindow", false);
Deleted : user_pref("aol_toolbar.weather.degc", "7");
Deleted : user_pref("aol_toolbar.weather.degf", "44");
Deleted : user_pref("aol_toolbar.weather.image", "chrome://aoltoolbar/skin/weather/34.png");
Deleted : user_pref("aol_toolbar.weather.locationid", "USNY0996");
Deleted : user_pref("aol_toolbar.weather.metric", true);
Deleted : user_pref("aol_toolbar.weather.tooltip", "New York , NY : Mostly Sunny");
Deleted : user_pref("aol_toolbar.weather.update", "1353105022592");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.aol.com/search/search?query={searchTerms}&invo[...]
Deleted : user_pref("extensions.Retrogamer_2z.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opens[...]
Deleted : user_pref("extensions.Retrogamer_2z.prevKwdURL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.j[...]
Deleted : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=RGxdm003W1us&ptb[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [8442 octets] - [17/11/2012 19:49:03]

########## EOF - C:\AdwCleaner[S1].txt - [8502 octets] ##########

--------------------------------------------------------

Results of screen317's Security Check version 0.99.54
Windows 7 x64 (UAC is enabled)
Out of date service pack!!
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Norton Security Suite
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
Java™ 6 Update 30
Java 7 Update 9
Adobe Flash Player 11.5.502.110
Adobe Reader X 10.1.0 Adobe Reader out of Date!
Mozilla Firefox (15.0)
Google Chrome 22.0.1229.95
Google Chrome 23.0.1271.64
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````

CPU - AMD FX-8350 Black Edition

Motherboard -MSI 990FXA-GD80

Ram - G.SKILL Ripjaws X Series 8GB (2 x 4GB)

Video Card - MSI Radeon R9 280

Storage - Western Digital Velociraptor 300GB 10k RPM

Power Supply - hec XP1080 800W

Case - Antec DF-35


#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:10 AM

Posted 17 November 2012 - 09:49 PM

Hi -
You got rid of what looks like all (or most of) the problems that were troubling him - - How are things running now ??

Out of date service pack!! << Use this link to install Windows7 up to Service Pack 1 - Important -
Make sure Microsoft Updates are set to download, so no important updates are missed -

Delete Java™ 6 Update 30 from Control Panel > Programs and Features, old versions are never required once you have the current version -

Several of the "favorites" may have been removed (by AdwCleaner), but since the computer now looks clean, you should be able to back to the programs again.

Now you can Update and Run Malwarebytes and SUPERAntiSpyware every week to keep most problems away -

If there are still problems, please let us know -

Thank You -

#5 dnap

dnap
  • Topic Starter

  • Members
  • 262 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:10 PM

Posted 17 November 2012 - 10:20 PM

well something is still wrong because i tried the websites he uses, mentioned above, and they do not work still, but that is another problem as windows update is still failing to work. i just tried to update to SP1 and it failed and gave me error code FFFFFFFF, and most or all of the other updates recommended to install fail as well. what could be causing that?

EDIT: well i decided to run eset online scanner and tdss killer, and they both found something, had them fix the problems, restarted, and lo and behold, his websites work again, and more importantly windows was able to update, and install SP1 and all the other updates as well.

Edited by dnap, 18 November 2012 - 02:55 PM.

CPU - AMD FX-8350 Black Edition

Motherboard -MSI 990FXA-GD80

Ram - G.SKILL Ripjaws X Series 8GB (2 x 4GB)

Video Card - MSI Radeon R9 280

Storage - Western Digital Velociraptor 300GB 10k RPM

Power Supply - hec XP1080 800W

Case - Antec DF-35


#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:10 AM

Posted 19 November 2012 - 02:51 AM

Hi -
"well i decided to run eset online scanner" << Thanks for the EDIT update, I was about to add ESET scanner if problems continued, but you found it -

Disable Norton Security Suite >> Information on A/V control (temp disable) HERE if needed during updates.
If the Norton Security Suite is the paid version, please disable it during the updates. This may be a problem.
If it is a free version please replace with one of these free versions listed below, as Norton is not working and not finding problems -
Be sure to only install one.
Microsoft Security Essentials (what I currently use)
Avira AntiVir
avast!
This is your choice, but I will assist if you wish -

Thank You -



#7 dnap

dnap
  • Topic Starter

  • Members
  • 262 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:10 PM

Posted 19 November 2012 - 10:57 AM

i believe it is the paid version as i do not see any option to upgrade, plus it looks like he has all the features available. also, while going through the settings, a lot of his protection settings were turned off (possible from all the infections) so i turned everything on, and for now will keep norton on here. but if the problems come back, i will switch to something else.

thank you for the help.

CPU - AMD FX-8350 Black Edition

Motherboard -MSI 990FXA-GD80

Ram - G.SKILL Ripjaws X Series 8GB (2 x 4GB)

Video Card - MSI Radeon R9 280

Storage - Western Digital Velociraptor 300GB 10k RPM

Power Supply - hec XP1080 800W

Case - Antec DF-35





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users