Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

www.getwindowinfo virus Windows7


  • This topic is locked This topic is locked
20 replies to this topic

#1 Min-C

Min-C

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 PM

Posted 14 May 2014 - 12:16 PM

Good afternoon can anyone help me please with this virus.

 

It is a browser hijacker, each time I reboot a computer Internet Explorer is turn on automatically with this line in address field: www.getwindowinfo

 

This is for me very hard to remove, your help will be very appreciated.

 

 

P.S. The first step is done - I have internet connection back after AdwCleaner scan

       Junkware Removal Tool shows all clean (there is just one entry)

 

 

 

Please spend some of your valuable time to help me with this.


Edited by Queen-Evie, 14 May 2014 - 12:30 PM.
edited topic title


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:04 PM

Posted 14 May 2014 - 02:14 PM

Hello Min-C

I don't know your Operating System so try this....
Press CTRL+SHIFT+ESC
this brings up the Task Manager
Look for getwindowinfo Highlight it and Click END
Close Task Manager.



Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .

Edited by boopme, 14 May 2014 - 02:15 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Min-C

Min-C
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 PM

Posted 14 May 2014 - 10:36 PM

                                                           oh, Thanks for your interest. I'll follow your post.

 

                                                           

                                                           I ended tasks in the Task Manager immediately.

 

 

                 

                                 Now I do the rest once again. (Please donj't leave me with this ugly browser hijacker)



#4 Min-C

Min-C
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 PM

Posted 14 May 2014 - 10:53 PM

the MiniToolBox results for a dear doctor:

 

 

MiniToolBox by Farbar  Version: 23-01-2014

Ran by xxx (administrator) on 15-05-2014 at 04:41:55

Running from "C:\Users\xxx\Desktop"

Microsoft Windows 7 Home Premium  Service Pack 1 (X64)

Boot Mode: Normal

***************************************************************************

 

========================= Flush DNS: ===================================

 

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

 

========================= IE Proxy Settings: ==============================

 

Proxy is not enabled.

No Proxy Server is set.

 

"Reset IE Proxy Settings": IE Proxy Settings were reset.

 

========================= FF Proxy Settings: ==============================

 

 

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

 

========================= Hosts content: =================================

176.67.169.175 perfectmoney.is

176.67.169.175 www.perfectmoney.is

176.67.169.175 http://perfectmoney.is

176.67.169.175 http://www.perfectmoney.is

176.67.169.175 https://perfectmoney.is

176.67.169.175 https://www.perfectmoney.is

176.67.169.175 perfectmoney.com

176.67.169.175 www.perfectmoney.com

176.67.169.175 http://perfectmoney.com

176.67.169.175 http://www.perfectmoney.com

176.67.169.175 https://perfectmoney.com

176.67.169.175 https://www.perfectmoney.com

176.67.169.175 moneybookers.com

176.67.169.175 www.moneybookers.com

176.67.169.175 http://moneybookers.com

176.67.169.175 http://www.moneybookers.com

176.67.169.175 https://moneybookers.com

176.67.169.175 https://www.moneybookers.com

176.67.169.175 egopay.com

176.67.169.175 www.egopay.com

176.67.169.175 http://egopay.com

176.67.169.175 http://www.egopay.com

176.67.169.175 https://egopay.com

176.67.169.175 https://www.egopay.com

 

 

========================= IP Configuration: ================================

 

Ralink RT5390 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)

Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)

Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)

 

 

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

 

reset

set global icmpredirects=enabled

set interface interface="Wireless Network Connection" forwarding=enabled advertise=enabled metric=100 nud=enabled

set interface interface="Local Area Connection" forwarding=enabled advertise=enabled metric=100 nud=enabled

set interface interface="Wireless Network Connection 2" forwarding=enabled advertise=enabled metric=100 nud=enabled

 

 

popd

# End of IPv4 configuration

 

 

 

Windows IP Configuration

 

   Host Name . . . . . . . . . . . . : nmc

   Primary Dns Suffix  . . . . . . . :

   Node Type . . . . . . . . . . . . : Hybrid

   IP Routing Enabled. . . . . . . . : Yes

   WINS Proxy Enabled. . . . . . . . : No

   DNS Suffix Search List. . . . . . : Home

   System Quarantine State . . . . . : Not Restricted

 

 

Wireless LAN adapter Wireless Network Connection 2:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter

   Physical Address. . . . . . . . . : 7C-E9-D3-35-15-FA

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Ethernet adapter Local Area Connection:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller

   Physical Address. . . . . . . . . : 00-9C-02-21-60-8A

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Wireless LAN adapter Wireless Network Connection:

 

   Connection-specific DNS Suffix  . : Home

   Description . . . . . . . . . . . : Ralink RT5390 802.11b/g/n WiFi Adapter

   Physical Address. . . . . . . . . : 7C-E9-D3-35-15-FB

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   IPv6 Address. . . . . . . . . . . : fd98:68bc:6682:0:d10f:c675:e532:9818(Preferred)

   Temporary IPv6 Address. . . . . . : fd98:68bc:6682:0:41b2:b6b:2c7f:a7e1(Preferred)

   Link-local IPv6 Address . . . . . : fe80::d10f:c675:e532:9818%11(Preferred)

   IPv4 Address. . . . . . . . . . . : 192.168.0.3(Preferred)

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Lease Obtained. . . . . . . . . . : 15 May 2014 04:23:09

   Lease Expires . . . . . . . . . . : 16 May 2014 04:34:39

   Default Gateway . . . . . . . . . : 192.168.0.1

   DHCP Server . . . . . . . . . . . : 192.168.0.1

   DHCPv6 IAID . . . . . . . . . . . : 192735699

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-CB-A9-63-7C-E9-D3-35-15-FB

   DNS Servers . . . . . . . . . . . : 192.168.0.1

   NetBIOS over Tcpip. . . . . . . . : Enabled

 

Tunnel adapter Reusable ISATAP Interface {8ECA82EF-76F1-4FF7-944F-B6645A46E7F1}:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : Home

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.Home:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter Local Area Connection* 17:

 

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:348d:63f:fd84:9932(Preferred)

   Link-local IPv6 Address . . . . . : fe80::348d:63f:fd84:9932%24(Preferred)

   Default Gateway . . . . . . . . . :

   NetBIOS over Tcpip. . . . . . . . : Disabled

Server:  SkyRouter.Home

Address:  192.168.0.1

 

DNS request timed out.

    timeout was 2 seconds.

DNS request timed out.

    timeout was 2 seconds.

Name:    google.com

Addresses:  2a00:1450:4009:805::1006

                  173.194.34.165

                  173.194.34.169

                  173.194.34.167

                  173.194.34.174

                  173.194.34.161

                  173.194.34.168

                  173.194.34.164

                  173.194.34.163

                  173.194.34.162

                  173.194.34.166

                  173.194.34.160

 

 

Pinging google.com [173.194.34.165] with 32 bytes of data:

Reply from 173.194.34.165: bytes=32 time=9ms TTL=58

Reply from 173.194.34.165: bytes=32 time=10ms TTL=58

 

Ping statistics for 173.194.34.165:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 9ms, Maximum = 10ms, Average = 9ms

Server:  SkyRouter.Home

Address:  192.168.0.1

 

DNS request timed out.

    timeout was 2 seconds.

DNS request timed out.

    timeout was 2 seconds.

Name:    yahoo.com

Addresses:  206.190.36.45

                  98.138.253.109

                  98.139.183.24

 

 

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=217ms TTL=52

Reply from 206.190.36.45: bytes=32 time=181ms TTL=52

 

Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 181ms, Maximum = 217ms, Average = 199ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

 15...7c e9 d3 35 15 fa ......Microsoft Virtual WiFi Miniport Adapter

 12...00 9c 02 21 60 8a ......Realtek PCIe FE Family Controller

 11...7c e9 d3 35 15 fb ......Ralink RT5390 802.11b/g/n WiFi Adapter

  1...........................Software Loopback Interface 1

 25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7

 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6

 24...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

===========================================================================

 

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.3    200

        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306

        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306

  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306

      192.168.0.0    255.255.255.0         On-link       192.168.0.3    356

      192.168.0.3  255.255.255.255         On-link       192.168.0.3    356

    192.168.0.255  255.255.255.255         On-link       192.168.0.3    356

        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link       192.168.0.3    356

  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306

  255.255.255.255  255.255.255.255         On-link       192.168.0.3    356

===========================================================================

Persistent Routes:

  None

 

IPv6 Route Table

===========================================================================

Active Routes:

 If Metric Network Destination      Gateway

  1    306 ::1/128                  On-link

 24     58 2001::/32                On-link

 24    306 2001:0:9d38:6ab8:348d:63f:fd84:9932/128

                                    On-link

 11     48 fd98:68bc:6682::/64      On-link

 11    296 fd98:68bc:6682:0:41b2:b6b:2c7f:a7e1/128

                                    On-link

 11    296 fd98:68bc:6682:0:d10f:c675:e532:9818/128

                                    On-link

 11    296 fe80::/64                On-link

 24    306 fe80::/64                On-link

 24    306 fe80::348d:63f:fd84:9932/128

                                    On-link

 11    296 fe80::d10f:c675:e532:9818/128

                                    On-link

  1    306 ff00::/8                 On-link

 24    306 ff00::/8                 On-link

 11    296 ff00::/8                 On-link

===========================================================================

Persistent Routes:

 If Metric Network Destination      Gateway

  0 4294967295 2620:9b::/96             On-link

  0   9000 ::/0                     2620:9b::1900:1

===========================================================================

========================= Winsock entries =====================================

 

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)

Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)

Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)

Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)

Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)

x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)

x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)

x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)

x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (05/15/2014 04:21:44 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (05/14/2014 05:54:21 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (05/14/2014 05:05:15 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (05/14/2014 02:48:52 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

System errors:

=============

Error: (05/15/2014 04:22:23 AM) (Source: Service Control Manager) (User: )

Description: The HP Support Assistant Service service failed to start due to the following error:

%%2

 

Error: (05/15/2014 04:20:19 AM) (Source: Service Control Manager) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

sptd

 

Error: (05/15/2014 04:20:19 AM) (Source: Service Control Manager) (User: )

Description: The Function Discovery Resource Publication service terminated with the following error:

%%-2147014847

 

Error: (05/15/2014 04:20:17 AM) (Source: Service Control Manager) (User: )

Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:

%%1058

 

Error: (05/15/2014 04:20:16 AM) (Source: Service Control Manager) (User: )

Description: The DirMngr service failed to start due to the following error:

%%2

 

Error: (05/15/2014 04:19:47 AM) (Source: sptd) (User: )

Description: Driver detected an internal error in its data structures for .

 

Error: (05/14/2014 05:55:00 PM) (Source: Service Control Manager) (User: )

Description: The HP Support Assistant Service service failed to start due to the following error:

%%2

 

Error: (05/14/2014 05:52:57 PM) (Source: Service Control Manager) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

sptd

 

Error: (05/14/2014 05:52:55 PM) (Source: Service Control Manager) (User: )

Description: The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error:

%%1058

 

Error: (05/14/2014 05:52:54 PM) (Source: Service Control Manager) (User: )

Description: The DirMngr service failed to start due to the following error:

%%2

 

 

Microsoft Office Sessions:

=========================

Error: (05/15/2014 04:21:44 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (05/14/2014 05:54:21 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (05/14/2014 05:05:15 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (05/14/2014 02:48:52 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

CodeIntegrity Errors:

===================================

  Date: 2013-03-25 01:56:31.394

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-03-22 03:15:31.912

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-02-13 19:00:51.997

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\PROGRA~2\McAfee\SITEAD~1\x64\saHook.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-02-13 19:00:02.836

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\PROGRA~2\McAfee\SITEAD~1\x64\saHook.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-02-13 19:00:02.406

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-02-13 19:00:00.508

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\PROGRA~2\McAfee\SITEAD~1\x64\saHook.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-02-13 18:59:59.942

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\PROGRA~2\McAfee\SITEAD~1\x64\saHook.dll because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-02-13 18:59:19.739

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

 

 

=========================== Installed Programs ============================

 

 

Adobe Flash Player 13 Plugin (Version: 13.0.0.182)

Adobe Reader XI (11.0.06) (Version: 11.0.06)

AMD APP SDK Runtime (Version: 2.4.650.9)

AMD Fuel (Version: 2011.0705.1115.18310)

AMD Media Foundation Decoders (Version: 1.0.60705.1113)

AMD VISION Engine Control Center (Version: 2011.0705.1115.18310)

ATI Catalyst Install Manager (Version: 3.0.829.0)

avast! Free Antivirus (Version: 6.0.1270.0)

Blio (Version: 2.2.8188)

Catalyst Control Center - Branding (Version: 1.00.0000)

Catalyst Control Center Graphics Previews Common (Version: 2011.0705.1115.18310)

Catalyst Control Center InstallProxy (Version: 2011.0705.1115.18310)

Catalyst Control Center Localization All (Version: 2011.0705.1115.18310)

CCC Help Chinese Standard (Version: 2011.0705.1114.18310)

CCC Help Chinese Traditional (Version: 2011.0705.1114.18310)

CCC Help Czech (Version: 2011.0705.1114.18310)

CCC Help Danish (Version: 2011.0705.1114.18310)

CCC Help Dutch (Version: 2011.0705.1114.18310)

CCC Help English (Version: 2011.0705.1114.18310)

CCC Help Finnish (Version: 2011.0705.1114.18310)

CCC Help French (Version: 2011.0705.1114.18310)

CCC Help German (Version: 2011.0705.1114.18310)

CCC Help Greek (Version: 2011.0705.1114.18310)

CCC Help Hungarian (Version: 2011.0705.1114.18310)

CCC Help Italian (Version: 2011.0705.1114.18310)

CCC Help Japanese (Version: 2011.0705.1114.18310)

CCC Help Korean (Version: 2011.0705.1114.18310)

CCC Help Norwegian (Version: 2011.0705.1114.18310)

CCC Help Polish (Version: 2011.0705.1114.18310)

CCC Help Portuguese (Version: 2011.0705.1114.18310)

CCC Help Russian (Version: 2011.0705.1114.18310)

CCC Help Spanish (Version: 2011.0705.1114.18310)

CCC Help Swedish (Version: 2011.0705.1114.18310)

CCC Help Thai (Version: 2011.0705.1114.18310)

CCC Help Turkish (Version: 2011.0705.1114.18310)

ccc-utility64 (Version: 2011.0705.1115.18310)

CCleaner (Version: 4.11)

Compaq Setup Manager (Version: 1.2.14901.3869)

CyberLink YouCam (Version: 3.5.0.4606)

D3DX10 (Version: 15.4.2368.0902)

DC++ 0.799 (Version: 0.799)

ESU for Microsoft Windows 7 SP1 (Version: 2.1.1)

Evernote v. 4.2.3 (Version: 4.2.3.22)

 

 

 

Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)

HP Auto (Version: 1.0.12935.3667)

HP Client Services (Version: 1.1.12938.3539)

HP Customer Experience Enhancements (Version: 6.0.1.8)

HP Documentation (Version: 1.1.0.0)

HP Games (Version: 1.0.2.5)

HP Launch Box (Version: 1.0.12)

HP Power Manager (Version: 1.4.8)

HP Recovery Manager (Version: 2.0.0)

HP Security Assistant (Version: 3.0.4)

HP Setup (Version: 9.0.15076.3891)

HP Software Framework (Version: 4.5.1.1)

Java 7 Update 45 (Version: 7.0.450)

Java Auto Updater (Version: 2.1.9.8)

Junk Mail filter update (Version: 15.4.3502.0922)

Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)

Mesh Runtime (Version: 15.4.5722.2)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)

Microsoft Application Error Reporting (Version: 12.0.6015.5000)

Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000)

Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)

Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000)

Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000)

Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000)

Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000)

Microsoft Office Professional 2010 (Version: 14.0.4763.1000)

Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)

Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)

Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)

Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)

Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000)

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000)

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)

Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)

Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)

Microsoft Office Single Image 2010 (Version: 14.0.4763.1000)

Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000)

Microsoft Silverlight (Version: 4.1.10329.0)

Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)

Mozilla Firefox

MSVCRT (Version: 15.4.2862.0708)

MSVCRT_amd64 (Version: 15.4.2862.0708)

 

 

opensource (Version: 1.0.14960.3876)

Opera Stable 20.0.1387.91 (Version: 20.0.1387.91)

PlayReady PC Runtime x86 (Version: 1.3.0)

Ralink RT5390 802.11b/g/n WiFi Adapter (Version: 3.2.12.0)

Realtek Ethernet Controller Driver (Version: 7.42.304.2011)

Realtek High Definition Audio Driver (Version: 6.0.1.6461)

Realtek PCIE Card Reader (Version: 6.1.7600.77)

 

 

Skype™ 5.5 (Version: 5.5.117)

swMSM (Version: 12.0.0.1)

Synaptics TouchPad Driver (Version: 15.3.21.0)

 

Winamp (Version: 5.63 )

Windows Live Communications Platform (Version: 15.4.3502.0922)

Windows Live Essentials (Version: 15.4.3502.0922)

Windows Live Essentials (Version: 15.4.3538.0513)

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)

Windows Live Installer (Version: 15.4.3502.0922)

Windows Live Language Selector (Version: 15.4.3538.0513)

Windows Live Mail (Version: 15.4.3502.0922)

Windows Live Mesh (Version: 15.4.3502.0922)

Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)

Windows Live Messenger (Version: 15.4.3538.0513)

Windows Live MIME IFilter (Version: 15.4.3502.0922)

Windows Live Movie Maker (Version: 15.4.3502.0922)

Windows Live Photo Common (Version: 15.4.3502.0922)

Windows Live Photo Gallery (Version: 15.4.3502.0922)

Windows Live PIMT Platform (Version: 15.4.3508.1109)

Windows Live Remote Client (Version: 15.4.5722.2)

Windows Live Remote Client Resources (Version: 15.4.5722.2)

Windows Live Remote Service (Version: 15.4.5722.2)

Windows Live Remote Service Resources (Version: 15.4.5722.2)

Windows Live SOXE (Version: 15.4.3502.0922)

Windows Live SOXE Definitions (Version: 15.4.3502.0922)

Windows Live UX Platform (Version: 15.4.3502.0922)

Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)

Windows Live Writer (Version: 15.4.3502.0922)

Windows Live Writer Resources (Version: 15.4.3502.0922)

Windows Media Player Firefox Plugin (Version: 1.0.0.8)

WinRAR 4.20 (32-bit) (Version: 4.20.0)

 

========================= Memory info: ===================================

 

Percentage of memory in use: 16%

Total physical RAM: 7786.91 MB

Available physical RAM: 6513.05 MB

Total Pagefile: 16320.1 MB

Available Pagefile: 14917.13 MB

Total Virtual: 4095.88 MB

Available Virtual: 3980.8 MB

 

========================= Partitions: =====================================

 

1 Drive c: () (Fixed) (Total:442.26 GB) (Free:382.13 GB) NTFS

2 Drive d: (Recovery) (Fixed) (Total:19.34 GB) (Free:0.41 GB) NTFS

3 Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:2.49 GB) FAT32

 

========================= Users: ========================================

 

User accounts for \\NMC

 

Administrator            xxx                Guest                   

 

 

**** End of log ****


Edited by Min-C, 14 May 2014 - 11:01 PM.


#5 Min-C

Min-C
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 PM

Posted 14 May 2014 - 11:10 PM

the TDSSKiller didn't find anything. No files to report.


Edited by Min-C, 14 May 2014 - 11:11 PM.


#6 Min-C

Min-C
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 PM

Posted 14 May 2014 - 11:45 PM

the AdwCleaner results [R0]

 

 

 

# AdwCleaner v3.208 - Report created 14/05/2014 at 01:42:34

# Updated 11/05/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : thanksdoctor - NMC

# Running from : C:\Users\thanksdoctor\Desktop\AdwCleaner.exe

# Option : Scan

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

File Found : C:\END

File Found : C:\Users\thanksdoctor\AppData\Local\funmoods-speeddial.crx

Folder Found : C:\Program Files (x86)\sweetpacks bundle uninstaller

Folder Found : C:\ProgramData\374311380

Folder Found : C:\ProgramData\House Of Soft

Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder

Folder Found : C:\ProgramData\speedypc software

Folder Found : C:\ProgramData\StarApp

Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlaenadidhkmnafnbnipbenknchfkknk

Folder Found : C:\Users\Administrator\AppData\Local\torch

Folder Found : C:\Users\thanksdoctor\AppData\Local\cool_mirage

Folder Found : C:\Users\thanksdoctor\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlaenadidhkmnafnbnipbenknchfkknk

Folder Found : C:\Users\thanksdoctor\AppData\Local\SwvUpdater

Folder Found : C:\Users\thanksdoctor\AppData\Local\torch

Folder Found : C:\Users\thanksdoctor\AppData\Roaming\DriverCure

Folder Found : C:\Users\thanksdoctor\AppData\Roaming\Media Finder

Folder Found : C:\Users\thanksdoctor\AppData\Roaming\Nosibay

Folder Found : C:\Users\thanksdoctor\AppData\Roaming\speedypc software

Folder Found : C:\Users\thanksdoctor\Documents\Optimizer Pro

Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlaenadidhkmnafnbnipbenknchfkknk

Folder Found : C:\Users\Guest\AppData\Local\torch

Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlaenadidhkmnafnbnipbenknchfkknk

Folder Found : C:\Users\HomeGroupUser$\AppData\Local\torch

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Found : HKCU\Software\BabSolution

Key Found : HKCU\Software\BI

Key Found : HKCU\Software\Conduit

Key Found : HKCU\Software\Delta

Key Found : HKCU\Software\IM

Key Found : HKCU\Software\ImInstaller

Key Found : HKCU\Software\MediaFinder

Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311551178}

Key Found : HKCU\Software\Nosibay

Key Found : HKCU\Software\powerpack

Key Found : HKCU\Software\Softonic

Key Found : HKCU\Software\speedypc software

Key Found : [x64] HKCU\Software\BabSolution

Key Found : [x64] HKCU\Software\BI

Key Found : [x64] HKCU\Software\Conduit

Key Found : [x64] HKCU\Software\Delta

Key Found : [x64] HKCU\Software\IM

Key Found : [x64] HKCU\Software\ImInstaller

Key Found : [x64] HKCU\Software\MediaFinder

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Found : [x64] HKCU\Software\Nosibay

Key Found : [x64] HKCU\Software\powerpack

Key Found : [x64] HKCU\Software\Softonic

Key Found : [x64] HKCU\Software\speedypc software

Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Key Found : HKLM\SOFTWARE\5a6d6d8b33ab914

Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}

Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}

Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311551178}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322552278}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

Key Found : HKLM\SOFTWARE\Classes\f

Key Found : HKLM\SOFTWARE\Classes\FTDownloader

Key Found : HKLM\SOFTWARE\Classes\funmoods.dskBnd

Key Found : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1

Key Found : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr

Key Found : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1

Key Found : HKLM\SOFTWARE\Classes\funmoodsApp.appCore

Key Found : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1

Key Found : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}

Key Found : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}

Key Found : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

Key Found : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}

Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

Key Found : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

Key Found : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555578}

Key Found : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

Key Found : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556678}

Key Found : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

Key Found : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}

Key Found : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}

Key Found : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

Key Found : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}

Key Found : HKLM\SOFTWARE\Classes\MF

Key Found : HKLM\SOFTWARE\Classes\Prod.cap

Key Found : HKLM\SOFTWARE\Classes\speedupmypc

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344554478}

Key Found : HKLM\Software\DataMngr

Key Found : HKLM\Software\Delta

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lgnbhdnimikkoodkogjlcllngimhlapp

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai

Key Found : HKLM\Software\InstallCore

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock BSetup_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock BSetup_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ftdownloader v4_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ftdownloader v4_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_taskbar-transparency_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_taskbar-transparency_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_mameui_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_mameui_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_registrar-registry-manager_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_registrar-registry-manager_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Uninstall Bubble Dock_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Uninstall Bubble Dock_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}

Key Found : HKLM\Software\SP Global

Key Found : HKLM\Software\speedypc software

Key Found : HKLM\Software\SProtector

Key Found : HKLM\Software\Uniblue

Key Found : HKLM\Software\Uniblue\DriverScanner

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555578}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556678}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}

Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Found : [x64] HKLM\SOFTWARE\Tarma Installer

Key Found : [x64] HKLM\SOFTWARE\Updater By Sweetpacks

Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]

Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]

Value Found : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v9.0.8112.16447

 

Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=dnldmsd&cd=2XzuyEtN2Y1L1QzuyB0C0Ezy0DtAtAyDtCyD0F0ByByC0E0EtN0D0Tzu0CyDyByEtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=1303008473&ir=

 

-\\ Mozilla Firefox xxx (en-US)

 

[ File : C:\Users\thanksdoctor\AppData\Roaming\Mozilla\Firefox\Profiles\mbqcadij.default\prefs.js ]

 

 

[ File : C:\Users\thanksdoctor\AppData\Roaming\Mozilla\Firefox\Profiles\x3a3vql6.default\prefs.js ]

 

 

-\\ Google Chrome v

 

*************************

 

AdwCleaner[R0].txt - [13815 octets] - [14/05/2014 01:42:34]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [13876 octets] ##########


Edited by Min-C, 15 May 2014 - 12:26 AM.


#7 Min-C

Min-C
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 PM

Posted 14 May 2014 - 11:46 PM

the AdwCleaner results [R1]

 

 

 

# AdwCleaner v3.208 - Report created 14/05/2014 at 01:53:26

# Updated 11/05/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : thanksdoctor - NMC

# Running from : C:\Users\thanksdoctor\Desktop\AdwCleaner.exe

# Option : Scan

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Found : C:\Users\thanksdoctor\AppData\Roaming\Media Finder

Folder Found : C:\Users\thanksdoctor\Documents\Optimizer Pro

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v9.0.8112.16447

 

 

-\\ Mozilla Firefox xxx (en-US)

 

[ File : C:\Users\thanksdoctor\AppData\Roaming\Mozilla\Firefox\Profiles\mbqcadij.default\prefs.js ]

 

 

[ File : C:\Users\thanksdoctor\AppData\Roaming\Mozilla\Firefox\Profiles\x3a3vql6.default\prefs.js ]

 

 

-\\ Google Chrome v

 

*************************

 

AdwCleaner[R0].txt - [14113 octets] - [14/05/2014 01:42:34]

AdwCleaner[R1].txt - [944 octets] - [14/05/2014 01:53:26]

AdwCleaner[S0].txt - [13366 octets] - [14/05/2014 01:46:57]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1064 octets] ##########


Edited by Min-C, 15 May 2014 - 12:27 AM.


#8 Min-C

Min-C
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 PM

Posted 14 May 2014 - 11:51 PM

the  AdwCleaner results [S0]

 

 

 

# AdwCleaner v3.208 - Report created 14/05/2014 at 01:46:57

# Updated 11/05/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : thanksdoctor - NMC

# Running from : C:\Users\thanksdoctor\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\374311380

Folder Deleted : C:\ProgramData\House Of Soft

Folder Deleted : C:\ProgramData\speedypc software

Folder Deleted : C:\ProgramData\StarApp

[x] Not Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder

[x] Not Deleted : C:\Program Files (x86)\sweetpacks bundle uninstaller

Folder Deleted : C:\Users\Administrator\AppData\Local\torch

Folder Deleted : C:\Users\thanksdoctor\AppData\Local\cool_mirage

Folder Deleted : C:\Users\thanksdoctor\AppData\Local\SwvUpdater

Folder Deleted : C:\Users\thanksdoctor\AppData\Local\torch

Folder Deleted : C:\Users\thanksdoctor\AppData\Roaming\DriverCure

[x] Not Deleted : C:\Users\thanksdoctor\AppData\Roaming\Media Finder

Folder Deleted : C:\Users\thanksdoctor\AppData\Roaming\Nosibay

Folder Deleted : C:\Users\thanksdoctor\AppData\Roaming\speedypc software

[x] Not Deleted : C:\Users\thanksdoctor\Documents\Optimizer Pro

Folder Deleted : C:\Users\Guest\AppData\Local\torch

Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch

Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlaenadidhkmnafnbnipbenknchfkknk

Folder Deleted : C:\Users\thanksdoctor\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlaenadidhkmnafnbnipbenknchfkknk

Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlaenadidhkmnafnbnipbenknchfkknk

Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlaenadidhkmnafnbnipbenknchfkknk

File Deleted : C:\END

File Deleted : C:\Users\thanksdoctor\AppData\Local\funmoods-speeddial.crx

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]

Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lgnbhdnimikkoodkogjlcllngimhlapp

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai

Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder

Key Deleted : HKLM\SOFTWARE\Classes\f

Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader

Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd

Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1

Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr

Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1

Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore

Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1

Key Deleted : HKLM\SOFTWARE\Classes\MF

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock BSetup_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock BSetup_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ftdownloader v4_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ftdownloader v4_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Uninstall Bubble Dock_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Uninstall Bubble Dock_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS

Key Deleted : HKLM\SOFTWARE\5a6d6d8b33ab914

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_taskbar-transparency_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_dla_taskbar-transparency_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_mameui_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_mameui_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_registrar-registry-manager_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_registrar-registry-manager_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311551178}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322552278}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555578}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556678}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344554478}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311551178}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555578}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556678}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKCU\Software\BabSolution

Key Deleted : HKCU\Software\BI

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\Delta

Key Deleted : HKCU\Software\IM

Key Deleted : HKCU\Software\ImInstaller

Key Deleted : HKCU\Software\MediaFinder

Key Deleted : HKCU\Software\Nosibay

Key Deleted : HKCU\Software\powerpack

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\speedypc software

Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Key Deleted : HKLM\Software\DataMngr

Key Deleted : HKLM\Software\Delta

Key Deleted : HKLM\Software\InstallCore

Key Deleted : HKLM\Software\SP Global

Key Deleted : HKLM\Software\speedypc software

Key Deleted : HKLM\Software\SProtector

Key Deleted : HKLM\Software\Uniblue

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}

Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

Key Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v9.0.8112.16447

 

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

 

-\\ Mozilla Firefox xxx (en-US)

 

[ File : C:\Users\thanksdoctor\AppData\Roaming\Mozilla\Firefox\Profiles\mbqcadij.default\prefs.js ]

 

 

[ File : C:\Users\thanksdoctor\AppData\Roaming\Mozilla\Firefox\Profiles\x3a3vql6.default\prefs.js ]

 

 

-\\ Google Chrome v

 

*************************

 

AdwCleaner[R0].txt - [14113 octets] - [14/05/2014 01:42:34]

AdwCleaner[S0].txt - [13128 octets] - [14/05/2014 01:46:57]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13189 octets] ##########


Edited by Min-C, 15 May 2014 - 12:27 AM.


#9 Min-C

Min-C
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 PM

Posted 14 May 2014 - 11:58 PM

the AdwCleaner results [S1]

 

 

 

# AdwCleaner v3.208 - Report created 14/05/2014 at 01:55:25

# Updated 11/05/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : thanksdoctor - NMC

# Running from : C:\Users\thanksdoctor\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\Users\thanksdoctor\AppData\Roaming\Media Finder

Folder Deleted : C:\Users\thanksdoctor\Documents\Optimizer Pro

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v9.0.8112.16447

 

 

-\\ Mozilla Firefox xxx (en-US)

 

[ File : C:\Users\thanksdoctor\AppData\Roaming\Mozilla\Firefox\Profiles\mbqcadij.default\prefs.js ]

 

 

[ File : C:\Users\thanksdoctor\AppData\Roaming\Mozilla\Firefox\Profiles\x3a3vql6.default\prefs.js ]

 

 

-\\ Google Chrome v

 

*************************

 

AdwCleaner[R0].txt - [14113 octets] - [14/05/2014 01:42:34]

AdwCleaner[R1].txt - [1144 octets] - [14/05/2014 01:53:26]

AdwCleaner[S0].txt - [13366 octets] - [14/05/2014 01:46:57]

AdwCleaner[S1].txt - [1070 octets] - [14/05/2014 01:55:25]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1130 octets] ##########


Edited by Min-C, 15 May 2014 - 12:26 AM.


#10 Min-C

Min-C
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 PM

Posted 15 May 2014 - 12:07 AM

the JRT results

 

 

(these are after the second scan, after the first one it was a bit more but I lost them (overwrite)

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Home Premium x64

Ran by thanksdoctor on 14/05/2014 at 12:42:59.93

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ FireFox

 

Emptied folder: C:\Users\thanksdoctor\AppData\Roaming\mozilla\firefox\profiles\rkojai73.default-1400031483615\minidumps [1 files]

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 14/05/2014 at 13:25:50.07

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#11 Min-C

Min-C
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 PM

Posted 15 May 2014 - 12:10 AM

,

,

,

...waiting for orders...



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:04 PM

Posted 15 May 2014 - 11:26 AM

Ok reset your Hosts file and see how it is.

To reset the Hosts file back to the default automatically, click the Fix it button or link, click Run in the File Download dialog box, and then follow the steps in the Fix it wizard.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Min-C

Min-C
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 PM

Posted 15 May 2014 - 12:49 PM

,
,
YES SIR!
,
,

Edited by Min-C, 15 May 2014 - 01:13 PM.


#14 Min-C

Min-C
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 PM

Posted 15 May 2014 - 01:12 PM

,
,
..'This Microsoft fix has been processed'
,
,
..after the process I see six Internet Explorer windows instead of one
,
,

Edited by Min-C, 16 May 2014 - 06:48 AM.


#15 Min-C

Min-C
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 PM

Posted 15 May 2014 - 01:15 PM

,

Edited by Min-C, 16 May 2014 - 06:47 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users