Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Did spybot quarantine parts of my OS?


  • Please log in to reply
10 replies to this topic

#1 Russ1981

Russ1981

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:59 PM

Posted 16 August 2013 - 11:05 AM

I admit I know next to nothing about computers, so the subject title probably sounded quite amusing to some people lol. I did a scan with spybot and it found several issues, including things involving windows explorer and other windows components, which I know is possibly very bad. But wouldn't quarantining a piece of my OS make it not work at all? Is it safe to delete the items in my quarantine?

 

 



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:59 PM

Posted 16 August 2013 - 11:18 AM

It is probably okay to delete the quarantined items if they have been in quarantine for some time

and you haven't noticed any problems with your day to day computer use. A better answer could be

given if we knew what was quarantined.

 

In the mean time, use the programs below to scan your computer.

AdwCleaner Download

SUPERAntiSpyware.com - AntiAdware, AntiSpyware, AntiMalware!

Free ESET Online Antivirus Scanner

 

Allow those programs to remove whatever they find.

Post the logs from those scans back here.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 Russ1981

Russ1981
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:59 PM

Posted 16 August 2013 - 11:39 AM

Well I did 3 scans just to be sure, but I can't quite make sense of them since it's been some time since I've used any malware program other than malwarebytes and AVG. I use norton ghost most of the time so I don't really worry about it. Anyway, here are all 3 logs. I may have to use a few posts, just FYI.

 

Search results from Spybot - Search & Destroy
 
8/16/2013 5:02:56 AM
Scan took 00:20:45.
49 items found.
 
Widgi.Toolbar: [SBI $16C3A07B] Settings (Registry Value, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files (x86)\Common Files\Spigot\
 
Widgi.Toolbar: [SBI $000389AB] Settings (Registry Value, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files (x86)\Common Files\Spigot\Search Settings\
 
Widgi.Toolbar: [SBI $05E59E37] Program directory (Directory, nothing done)
  C:\Program Files (x86)\Common Files\Spigot\
  Directory.subfile=C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.3.crx
  Directory.subfile.size=15412
  Directory.subfile.md5=A67E35FC1F38A9F878CCE3E6DA181EFB
  Directory.subfile.filedate=1350410934
  Directory.subfile.filedatetext=2012-10-16 14:08:54
  Directory.subfile=C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx
  Directory.subfile.size=22298
  Directory.subfile.md5=FE899CD9A19B06CA78943E6CDED6189E
  Directory.subfile.filedate=1366996286
  Directory.subfile.filedatetext=2013-04-26 13:11:26
  Directory.subfile=C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx
  Directory.subfile.size=14131
  Directory.subfile.md5=224571C869D3D076082EF2A1E9F37868
  Directory.subfile.filedate=1376006106
  Directory.subfile.filedatetext=2013-08-08 19:55:06
  Directory.subfile=C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx
  Directory.subfile.size=9295
  Directory.subfile.md5=B5E9314DDF964ED67F05DBE2379DC41C
  Directory.subfile.filedate=1353614438
  Directory.subfile.filedatetext=2012-11-22 16:00:38
  Directory.subfile=C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx
  Directory.subfile.size=6585
  Directory.subfile.md5=4ED926250DB8B32583E42AAC8AD2F4BF
  Directory.subfile.filedate=1353613660
  Directory.subfile.filedatetext=2012-11-22 15:47:40
 
Fraud.HotspotShield: [SBI $BDADD868] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
 
Fraud.HotspotShield: [SBI $A53B531B] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{307A31DF-F8B5-426C-9594-FBC1E819AED2}
 
Fraud.HotspotShield: [SBI $A53B531B] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{307A31DF-F8B5-426C-9594-FBC1E819AED2}
 
Fraud.HotspotShield: [SBI $983D9C8F] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{4F6AFF86-4D81-45B8-8CAD-22ABA529C091}
 
Fraud.HotspotShield: [SBI $983D9C8F] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{4F6AFF86-4D81-45B8-8CAD-22ABA529C091}
 
Fraud.HotspotShield: [SBI $D06974C9] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
 
Fraud.HotspotShield: [SBI $D06974C9] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
 
Fraud.HotspotShield: [SBI $F866CAFE] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
 
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\Russ\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\DYVGLURF\a.vimeocdn.com\com.conviva.livePass.sol
  Properties.size=224
  Properties.md5=711D9ED08303BDF2B886D26319E152C1
  Properties.filedate=1375678445
  Properties.filedatetext=2013-08-05 00:54:05
 
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\Russ\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\DYVGLURF\localhost\core.sol
  Properties.size=53
  Properties.md5=A3E4B19744288430E2577C560E59645E
  Properties.filedate=1376642099
  Properties.filedatetext=2013-08-16 04:34:59
 
Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\Russ\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\DYVGLURF\skype.com\#ui\preferences.sol
  Properties.size=233
  Properties.md5=D5DF38F1978746345D07FAA0E408BBDF
  Properties.filedate=1376641928
  Properties.filedatetext=2013-08-16 04:32:07
 
FastClick: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (User): Russ) (Browser: Cookie, nothing done)
  
 
Right Media: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (User): Russ) (Browser: Cookie, nothing done)
  
 
MediaPlex: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (User): Russ) (Browser: Cookie, nothing done)
  
 
DoubleClick: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (User): Russ) (Browser: Cookie, nothing done)
  
 
BurstMedia: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (User): Russ) (Browser: Cookie, nothing done)
  
 
Internet Explorer: [SBI $FF589D0C] Download directory (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2213290499-924695053-2521939652-1001\Software\Microsoft\Internet Explorer\Download Directory
 
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
 
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2213290499-924695053-2521939652-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
 
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
 
MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2213290499-924695053-2521939652-1001\Software\Microsoft\Microsoft Management Console\Recent File List
 
MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2213290499-924695053-2521939652-1001\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
 
MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
 
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
 
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2213290499-924695053-2521939652-1001\Software\Microsoft\Direct3D\MostRecentApplication\Name
 
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
 
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
 
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
 
MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2213290499-924695053-2521939652-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name
 
MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2213290499-924695053-2521939652-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id
 
MS Paint: [SBI $07867C39] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2213290499-924695053-2521939652-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List
 
MS Wordpad: [SBI $4C02334D] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2213290499-924695053-2521939652-1001\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List
 
Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2213290499-924695053-2521939652-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
 
Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2213290499-924695053-2521939652-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
 
Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2213290499-924695053-2521939652-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
 
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2213290499-924695053-2521939652-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
 
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2213290499-924695053-2521939652-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
 
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2213290499-924695053-2521939652-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
 
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2213290499-924695053-2521939652-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
 
WinRAR: [SBI $0B56E92B] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2213290499-924695053-2521939652-1001\Software\WinRAR\ArcHistory
 
WinRAR: [SBI $B84F9965] Last used directory (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2213290499-924695053-2521939652-1001\Software\WinRAR\General\LastFolder
 
Cookie: [SBI $49804B54] Browser: Cookie (58) (Browser: Cookie, nothing done)
  
 
Cache: [SBI $49804B54] Browser: Cache (34) (Browser: Cache, nothing done)
  
 
History: [SBI $49804B54] Browser: History (179) (Browser: History, nothing done)
  
 
Cookie: [SBI $49804B54] Browser: Cookie (1) (Browser: Cookie, nothing done)
  
 
History: [SBI $49804B54] Browser: History (9) (Browser: History, nothing done)
  
 
 
--- Spybot - Search & Destroy version: 2.1.18.131  DLL (build: 20130516) ---
 
2013-05-16 blindman.exe (2.1.18.151)
2013-05-16 explorer.exe (2.1.18.177)
2013-05-16 SDBootCD.exe (2.1.18.109)
2013-05-16 SDCleaner.exe (2.1.18.110)
2013-05-16 SDDelFile.exe (2.1.18.94)
2013-06-18 SDDisableProxy.exe
2013-05-16 SDFiles.exe (2.1.18.135)
2013-03-20 SDFileScanHelper.exe (2.1.16.1)
2013-05-16 SDFSSvc.exe (2.1.18.208)
2013-05-16 SDHookHelper.exe (2.1.18.2)
2013-05-16 SDHookInst32.exe (2.1.18.2)
2013-05-16 SDHookInst64.exe (2.1.18.2)
2013-05-16 SDImmunize.exe (2.1.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-05-16 SDOnAccess.exe (2.1.18.4)
2013-05-16 SDPESetup.exe (2.1.18.3)
2013-05-16 SDPEStart.exe (2.1.18.86)
2013-05-16 SDPhoneScan.exe (2.1.18.28)
2013-05-16 SDPRE.exe (2.1.18.22)
2013-05-16 SDPrepPos.exe (2.1.18.10)
2013-05-16 SDQuarantine.exe (2.1.18.103)
2013-05-16 SDRootAlyzer.exe (2.1.18.116)
2013-05-16 SDSBIEdit.exe (2.1.18.39)
2013-05-16 SDScan.exe (2.1.18.177)
2013-05-16 SDScript.exe (2.1.18.53)
2013-05-16 SDSettings.exe (2.1.18.136)
2013-05-16 SDShell.exe (2.1.18.2)
2013-05-16 SDShred.exe (2.1.18.107)
2013-05-16 SDSysRepair.exe (2.1.18.101)
2013-05-16 SDTools.exe (2.1.18.150)
2013-07-25 SDTray.exe (2.1.21.129)
2013-05-16 SDUpdate.exe (2.1.18.91)
2013-05-16 SDUpdSvc.exe (2.1.18.76)
2013-07-10 SDWelcome.exe (2.1.21.129)
2013-05-15 SDWSCSvc.exe (2.1.18.2)
2013-06-19 spybotsd2-translation-frx.exe
2013-08-16 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-05-16 SDFileScanLibrary.dll (2.1.18.12)
2013-05-16 SDHook32.dll (2.1.18.2)
2013-05-16 SDHook64.dll (2.1.18.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2012-12-18 Includes\Adware.sbi (*)
2013-07-30 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2013-06-25 Includes\Keyloggers.sbi (*)
2012-12-18 Includes\KeyloggersC.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-08-06 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-08-06 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-08-06 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi (*)
2013-05-13 Includes\TrojansC-02.sbi (*)
2013-07-31 Includes\TrojansC-03.sbi (*)
2013-08-06 Includes\TrojansC-04.sbi (*)
2013-05-08 Includes\TrojansC-05.sbi (*)
2013-08-06 Includes\TrojansC.sbi (*)
 
Search results from Spybot - Search & Destroy
 
8/16/2013 5:24:40 AM
Scan took 00:20:09.
21 items found.
 
Fraud.HotspotShield: [SBI $BDADD868] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
 
Fraud.HotspotShield: [SBI $A53B531B] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{307A31DF-F8B5-426C-9594-FBC1E819AED2}
 
Fraud.HotspotShield: [SBI $A53B531B] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{307A31DF-F8B5-426C-9594-FBC1E819AED2}
 
Fraud.HotspotShield: [SBI $983D9C8F] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{4F6AFF86-4D81-45B8-8CAD-22ABA529C091}
 
Fraud.HotspotShield: [SBI $983D9C8F] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{4F6AFF86-4D81-45B8-8CAD-22ABA529C091}
 
Fraud.HotspotShield: [SBI $D06974C9] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
 
Fraud.HotspotShield: [SBI $D06974C9] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
 
Fraud.HotspotShield: [SBI $F866CAFE] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
 
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
 
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
 
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
 
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
 
MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
 
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
 
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
 
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
 
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
 
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
 
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
 
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
 
Cache: [SBI $49804B54] Browser: Cache (1) (Browser: Cache, nothing done)
  
 
 
--- Spybot - Search & Destroy version: 2.1.18.131  DLL (build: 20130516) ---
 
2013-05-16 blindman.exe (2.1.18.151)
2013-05-16 explorer.exe (2.1.18.177)
2013-05-16 SDBootCD.exe (2.1.18.109)
2013-05-16 SDCleaner.exe (2.1.18.110)
2013-05-16 SDDelFile.exe (2.1.18.94)
2013-06-18 SDDisableProxy.exe
2013-05-16 SDFiles.exe (2.1.18.135)
2013-03-20 SDFileScanHelper.exe (2.1.16.1)
2013-05-16 SDFSSvc.exe (2.1.18.208)
2013-05-16 SDHookHelper.exe (2.1.18.2)
2013-05-16 SDHookInst32.exe (2.1.18.2)
2013-05-16 SDHookInst64.exe (2.1.18.2)
2013-05-16 SDImmunize.exe (2.1.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-05-16 SDOnAccess.exe (2.1.18.4)
2013-05-16 SDPESetup.exe (2.1.18.3)
2013-05-16 SDPEStart.exe (2.1.18.86)
2013-05-16 SDPhoneScan.exe (2.1.18.28)
2013-05-16 SDPRE.exe (2.1.18.22)
2013-05-16 SDPrepPos.exe (2.1.18.10)
2013-05-16 SDQuarantine.exe (2.1.18.103)
2013-05-16 SDRootAlyzer.exe (2.1.18.116)
2013-05-16 SDSBIEdit.exe (2.1.18.39)
2013-05-16 SDScan.exe (2.1.18.177)
2013-05-16 SDScript.exe (2.1.18.53)
2013-05-16 SDSettings.exe (2.1.18.136)
2013-05-16 SDShell.exe (2.1.18.2)
2013-05-16 SDShred.exe (2.1.18.107)
2013-05-16 SDSysRepair.exe (2.1.18.101)
2013-05-16 SDTools.exe (2.1.18.150)
2013-07-25 SDTray.exe (2.1.21.129)
2013-05-16 SDUpdate.exe (2.1.18.91)
2013-05-16 SDUpdSvc.exe (2.1.18.76)
2013-07-10 SDWelcome.exe (2.1.21.129)
2013-05-15 SDWSCSvc.exe (2.1.18.2)
2013-06-19 spybotsd2-translation-frx.exe
2013-08-16 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-05-16 SDFileScanLibrary.dll (2.1.18.12)
2013-05-16 SDHook32.dll (2.1.18.2)
2013-05-16 SDHook64.dll (2.1.18.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2012-12-18 Includes\Adware.sbi (*)
2013-07-30 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2013-06-25 Includes\Keyloggers.sbi (*)
2012-12-18 Includes\KeyloggersC.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-08-06 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-08-06 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-08-06 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi (*)
2013-05-13 Includes\TrojansC-02.sbi (*)
2013-07-31 Includes\TrojansC-03.sbi (*)
2013-08-06 Includes\TrojansC-04.sbi (*)
2013-05-08 Includes\TrojansC-05.sbi (*)
2013-08-06 Includes\TrojansC.sbi (*)
 
 
Search results from Spybot - Search & Destroy
 
8/16/2013 5:44:34 AM
Scan took 00:19:02.
1 items found.
 
 
Cache: [SBI $49804B54] Browser: Cache (1) (Browser: Cache, nothing done)
  
 
 
--- Spybot - Search & Destroy version: 2.1.18.131  DLL (build: 20130516) ---
 
2013-05-16 blindman.exe (2.1.18.151)
2013-05-16 explorer.exe (2.1.18.177)
2013-05-16 SDBootCD.exe (2.1.18.109)
2013-05-16 SDCleaner.exe (2.1.18.110)
2013-05-16 SDDelFile.exe (2.1.18.94)
2013-06-18 SDDisableProxy.exe
2013-05-16 SDFiles.exe (2.1.18.135)
2013-03-20 SDFileScanHelper.exe (2.1.16.1)
2013-05-16 SDFSSvc.exe (2.1.18.208)
2013-05-16 SDHookHelper.exe (2.1.18.2)
2013-05-16 SDHookInst32.exe (2.1.18.2)
2013-05-16 SDHookInst64.exe (2.1.18.2)
2013-05-16 SDImmunize.exe (2.1.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-05-16 SDOnAccess.exe (2.1.18.4)
2013-05-16 SDPESetup.exe (2.1.18.3)
2013-05-16 SDPEStart.exe (2.1.18.86)
2013-05-16 SDPhoneScan.exe (2.1.18.28)
2013-05-16 SDPRE.exe (2.1.18.22)
2013-05-16 SDPrepPos.exe (2.1.18.10)
2013-05-16 SDQuarantine.exe (2.1.18.103)
2013-05-16 SDRootAlyzer.exe (2.1.18.116)
2013-05-16 SDSBIEdit.exe (2.1.18.39)
2013-05-16 SDScan.exe (2.1.18.177)
2013-05-16 SDScript.exe (2.1.18.53)
2013-05-16 SDSettings.exe (2.1.18.136)
2013-05-16 SDShell.exe (2.1.18.2)
2013-05-16 SDShred.exe (2.1.18.107)
2013-05-16 SDSysRepair.exe (2.1.18.101)
2013-05-16 SDTools.exe (2.1.18.150)
2013-07-25 SDTray.exe (2.1.21.129)
2013-05-16 SDUpdate.exe (2.1.18.91)
2013-05-16 SDUpdSvc.exe (2.1.18.76)
2013-07-10 SDWelcome.exe (2.1.21.129)
2013-05-15 SDWSCSvc.exe (2.1.18.2)
2013-06-19 spybotsd2-translation-frx.exe
2013-08-16 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-05-16 SDFileScanLibrary.dll (2.1.18.12)
2013-05-16 SDHook32.dll (2.1.18.2)
2013-05-16 SDHook64.dll (2.1.18.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2012-12-18 Includes\Adware.sbi (*)
2013-07-30 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2013-06-25 Includes\Keyloggers.sbi (*)
2012-12-18 Includes\KeyloggersC.sbi (*)
2013-05-29 Includes\Malware.sbi (*)
2013-08-06 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2013-08-06 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2013-05-22 Includes\Spyware.sbi (*)
2013-08-06 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2013-01-16 Includes\Trojans.sbi (*)
2013-05-13 Includes\TrojansC-02.sbi (*)
2013-07-31 Includes\TrojansC-03.sbi (*)
2013-08-06 Includes\TrojansC-04.sbi (*)
2013-05-08 Includes\TrojansC-05.sbi (*)
2013-08-06 Includes\TrojansC.sbi (*)
 

 

 


Edited by Russ1981, 16 August 2013 - 11:47 AM.


#4 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:59 PM

Posted 16 August 2013 - 12:33 PM

According to Spybot you have some adware/ spyware on your comp.

Go ahead and run the three programs I listed. You should exit/ disable Spybot and Norton while

scanning.

I would rather use those three than Spybot to find and remove malware. Some of what Spybot includes in its

logs such as changes in the registry are normal/ safe. Most experts do not recommend Spybot anymore. Haven't 

in years.

 

See if this item is listed in your Add/ Remove programs:  Fraud.HotspotShield


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 Russ1981

Russ1981
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:59 PM

Posted 16 August 2013 - 01:55 PM

No the hotspotshield isn't in my add/remove programs. Here are the results from the other scans. The antivirus found nothing of importance so that won't be included, it was apparently a false positive for babylon9_setup.exe, I looked that up and it says it's safe. One other thing I should note, I found the quarantine folder for spybot and there's a ton of zip files in there, I'm afraid to delete them though because they're labeled as parts of my OS. But I'm guessing I'd probably know if my OS has accidentally been quarantined right? My computer would literally be useless because those files are locked away and unable to be used?

 

# AdwCleaner v2.306 - Logfile created 08/16/2013 at 12:49:40
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Russ - RUSS-PC
# Boot Mode : Normal
# Running from : C:\Users\Russ\Downloads\AdwCleaner.exe
# Option [Search]
 
 
***** [Services] *****
 
 
***** [Files / Folders] *****
 
Folder Found : C:\Program Files (x86)\AVG Secure Search
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\Users\Russ\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Russ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found : C:\Users\Russ\AppData\LocalLow\AVG Secure Search
 
***** [Registry] *****
 
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKU\S-1-5-21-2213290499-924695053-2521939652-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
 
***** [Internet Browsers] *****
 
-\\ Internet Explorer v9.0.8112.16476
 
[OK] Registry is clean.
 
-\\ Google Chrome v28.0.1500.95
 
File : C:\Users\Russ\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File is clean.
 
-\\ Opera v [Unable to get version]
 
File : C:\Users\Russ\AppData\Roaming\Opera\Opera\operaprefs.ini
 
[OK] File is clean.
 
*************************
 
AdwCleaner[R1].txt - [6844 octets] - [16/08/2013 12:49:40]
 
########## EOF - C:\AdwCleaner[R1].txt - [6904 octets] ##########
 

 

SUPERAntiSpyware Scan Log
 
Generated 08/16/2013 at 01:49 PM
 
Application Version : 5.6.1032
 
Core Rules Database Version : 10693
Trace Rules Database Version: 8505
 
Scan type       : Quick Scan
Total Scan Time : 00:02:30
 
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
 
Memory items scanned      : 714
Memory threats detected   : 0
Registry items scanned    : 59879
Registry threats detected : 0
File items scanned        : 11025
File threats detected     : 129
 
Adware.Tracking Cookie
.doubleclick.net [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Russ\AppData\Roaming\Microsoft\Windows\Cookies\russ@ad.yieldmanager[1].txt [ /ad.yieldmanager ]
C:\Users\Russ\AppData\Roaming\Microsoft\Windows\Cookies\russ@eaeacom.112.2o7[2].txt [ /eaeacom.112.2o7 ]
C:\Users\Russ\AppData\Roaming\Microsoft\Windows\Cookies\russ@invitemedia[2].txt [ /invitemedia ]
.verizontelecom.112.2o7.net [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Russ\AppData\Roaming\Microsoft\Windows\Cookies\QY59H89I.txt [ /ru4.com ]
C:\Users\Russ\AppData\Roaming\Microsoft\Windows\Cookies\Y0TX8XU1.txt [ /atdmt.com ]
C:\Users\Russ\AppData\Roaming\Microsoft\Windows\Cookies\IJS4ZX9E.txt [ /ad.yieldmanager.com ]
C:\Users\Russ\AppData\Roaming\Microsoft\Windows\Cookies\P01PNIU3.txt [ /eaeacom.112.2o7.net ]
C:\Users\Russ\AppData\Roaming\Microsoft\Windows\Cookies\RJ79BSQJ.txt [ /c.atdmt.com ]
C:\Users\Russ\AppData\Roaming\Microsoft\Windows\Cookies\DTDHV2WL.txt [ /doubleclick.net ]
.invitemedia.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Russ\AppData\Roaming\Microsoft\Windows\Cookies\Q0MROSTI.txt [ /invitemedia.com ]
.imrworldwide.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mpstat.us [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yadro.ru [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\RUSS\Cookies\QY59H89I.txt [ Cookie:russ@ru4.com/ ]
.naiadsystems.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.naiadsystems.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\RUSS\Cookies\Y0TX8XU1.txt [ Cookie:russ@atdmt.com/ ]
C:\USERS\RUSS\Cookies\P01PNIU3.txt [ Cookie:russ@eaeacom.112.2o7.net/ ]
C:\USERS\RUSS\Cookies\RJ79BSQJ.txt [ Cookie:russ@c.atdmt.com/ ]
C:\USERS\RUSS\Cookies\DTDHV2WL.txt [ Cookie:russ@doubleclick.net/ ]
C:\USERS\RUSS\Cookies\Q0MROSTI.txt [ Cookie:russ@invitemedia.com/ ]
.countingdownto.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.survey.g.doubleclick.net [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dmtracker.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.caloriecount.about.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.caloriecount.about.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.caloriecount.about.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.steelhousemedia.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.px.steelhousemedia.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.steelhousemedia.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.wileypublishing.112.2o7.net [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.sextoys.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.sextoys.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.getclicky.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
uk.sitestat.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
uk.sitestat.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
demandmedia.trc.taboola.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
demandmedia.trc.taboola.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
demandmedia.trc.taboola.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pornhub.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pornhub.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.sextoys.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.sextoys.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.sextoys.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.sextoys.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.sextoys.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.sextoys.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.sextoys.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.sextoys.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.sextoys.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
insight-beacon.torbit.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.stats.paypal.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
demandmedia.trc.taboola.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
demandmedia.trc.taboola.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracked.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bdsmplaypen.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bdsmplaypen.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bdsmplaypen.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pornhub.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pornhub.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pornhub.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.pornhub.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.youporn.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.youporn.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.youporn.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.youporn.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.youporn.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.youporn.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.leeenterprises.112.2o7.net [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atlanticmedia.122.2o7.net [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.stats.complex.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.stats.complex.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.stats.complex.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
demandmedia.trc.taboola.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
demandmedia.trc.taboola.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.espn.112.2o7.net [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cbsdigitalmedia.112.2o7.net [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
demandmedia.trc.taboola.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
demandmedia.trc.taboola.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
demandmedia.trc.taboola.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
demandmedia.trc.taboola.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.mediaite.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.mediaite.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaite.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaite.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaite.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaite.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaite.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.mediaite.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.videos.mediaite.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.videos.mediaite.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.videos.mediaite.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.videos.mediaite.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
videos.mediaite.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.mediaite.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
videos.mediaite.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
videos.mediaite.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
videos.mediaite.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.microsoftsto.112.2o7.net [ C:\USERS\RUSS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

Edited by Russ1981, 16 August 2013 - 03:16 PM.


#6 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:59 PM

Posted 16 August 2013 - 03:43 PM

Babylon is adware. You should of removed it.

 

You can block those Ad/ Tracking/ Third Party cookies that SAS found and removed from installing on your computer.

See info in Disable third-party cookies in IE, Firefox, and Google Chrome | How To - CNET

 

Do a file search for Hotspot Shield.....I don't know if what Spybot reported is correct, if it was removed by Spybot or if

it is still on your computer.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 Russ1981

Russ1981
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:59 PM

Posted 16 August 2013 - 10:00 PM

Well I removed it manually so it wasn't an issue anyway, not sure why sites were saying it's safe. I got rid of hotspot shield manually as well, spybot did quarantine it but I'm not sure why the quarantine folder was still on my computer when I uninstalled it, I didn't tell it to keep it. It doesn't really matter though, my main concern is if those zip files labeled as part of my OS are okay to delete, my computer seems okay now and it's faster. I compiled a somewhat long list of all of the zip files in the quarantine folder, maybe you can make sense of them, I'm not sure why they weren't just deleted if they were bad.

 

BurstMedia-0000

Cache-0000

Cache-0001

Cache-0002

Cookie-0000

DoubleClick-0000

FastClick-0000

History-0000

Internet Explorer-0000

Internet Explorer-0001

Macromedia.FlashPlayer.Cookies-0000

MediaPlex-0000

MS Direct3D-0000

MS Direct3D-0001

MS DirectDraw-0000

MS DirectDraw-0001

MS DirectInput-0000

MS Management Console-0000

MS Media Player-0000

MS Paint-0000

MS Wordpad-0000

Right Media-0000

Widgi.Toolbar-0000

Widgi.Toolbar-0001

Windows Explorer-0000

Windows Media SDK-0000

Windows Media SDK-0001

Windows.OpenWith-0000

WinRAR-0000


Edited by Russ1981, 17 August 2013 - 05:21 AM.


#8 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:59 PM

Posted 17 August 2013 - 09:03 AM

As I said in my first post, if the files have been in quarantine for some time then it is okay to delete

the quarantined files. That is one reason programs use quarantine instead of just deleting files. Just in

case the files were legit then you could remove the quarantine.

I think it is perfectly safe to delete those files in quarantine.

 

Did you block the install of the Ad/ Tracking cookies? If so, you will need to run SAS one more time to

remove the ones presently installed.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 Russ1981

Russ1981
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:59 PM

Posted 17 August 2013 - 05:27 PM

Yeah I already ran it again to clean out those cookies so I'm okay. I'm going to experiment with those files, I have norton ghost and a backup image that I created before all of this happened, so if those files are legit and screw me up when I delete them, I'll still have that to fall back on. It'll set me back a bit but not terribly. Thanks for the help.



#10 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:59 PM

Posted 18 August 2013 - 06:31 AM

It is always a good idea to have a backup image. If you haven't thought of it already, you should make another

soon.....as the one you have now may have some of the crapware that you recently removed.

 

Once you have cleaned up your quarantined files, you should cleanup the temp files, logs, etc. using Ccleaner.

Just use the default settings for now. There will be an offer to install Yahoo Toolbar or other during the install. Be sure UNcheck if not wanted.

It is not recommended to use the Registry cleaner option. Could cause a problem.

CCleaner - PC Optimization and Cleaning - Free Download

 

Check the Recycle Bin to be sure it is empty, too.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#11 Russ1981

Russ1981
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:59 PM

Posted 18 August 2013 - 06:36 AM

Yep, like I mentioned before, I have an older backup image that I made with norton ghost, and I put the files I want to keep on another drive (they're not infected so I'm not worried about them) just in case my system doesn't like what I do. I'll give it a few more days to see if it acts wonky before I take any action, those files are locked away so they shouldn't give me a problem if they are actually bad.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users