Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MyStartSearch / MySearch123


  • Please log in to reply
12 replies to this topic

#1 FourPart

FourPart

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:33 AM

Posted 29 August 2015 - 07:41 AM

I know this is nothing new.  It's a problem that seems to be found everywhere. 
I use FireFox, and despite being set to About:Blank (also no trace of it in About:Config) it defaults to either MyStartSearch or MySearch123 on startup.  The same also happens on IE. 
 
However, no matter how much searching I do everything comes down to the same thing:
 
Uninstall affected programs from Programs & Features. - None there. 
Everything listed in order of date.  Nothing installed for ages.  Problems only just began.
 
Have even removed other older unused programs with Revo.
 
Scan with Malwarebytes - Done (I have the paid up pro version, which even blocks it when running in AV mode), otherwise, nothing.
 
Scan with ADWare - Done - Nothing.
 
Scan with SpyBot - Done - Nothing
 
Scan with SpyHunter - Avoid like the plague - SpyHunter is SpamWare - it finds 1000s of supposed 'threats' & then demands payment in order to remove them.  Then, when you try to uninstall it, it fights back to stop you doing so.
 
Reset Firefox - Done - Nothing. 
Uninstalled Firefox with Revo & did clean reinstall.  As soon as I opened it, it's there again.
 
Can anyone come up with something new - something that WILL get rid of this Hijacker from Hell?

Edited by Queen-Evie, 29 August 2015 - 08:01 AM.
moved from Windows 7 to Am I Infected


BC AdBot (Login to Remove)

 


#2 Firehouse

Firehouse

  • Members
  • 637 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:33 AM

Posted 29 August 2015 - 07:53 AM

Hello,
 
please download MiniToolBox by Farbar and save it to your desktop.
 
Run tool as Administrator and make sure that these options are checked :
 
  • Flush DNS
  • Reset IE Proxy Settings
  • Reset FF Proxy Settings
  • List Installed Programs
 
Post log here .


#3 FourPart

FourPart
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:33 AM

Posted 29 August 2015 - 08:22 AM

MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by Jerry 2 (administrator) on 29-08-2015 at 14:21:27
Running from "C:\Users\Jerry 2\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: MS-7599 Manufacturer: MICRO-STAR INTERNATIONAL

CO.,LTD
Boot Mode: Normal
***************************************************

************************

========================= Flush DNS:

===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

"Reset FF Proxy Settings": Firefox Proxy settings were reset.


=========================== Installed Programs

============================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent

Inc.)
1st MP3 Tag Editor 5.91 (HKLM-x32\...\1st MP3 Tag Editor_is1)

(Version:  - 1st-mp3-tag-editor.com)
2010 Backgammon 5.0 (HKLM-x32\...\2010 Backgammon)

(Version: 5.0 - Rightdown Software)
Adobe Acrobat 8.3.1 - CPSID_83708 (HKLM-x32\...\Adobe

Acrobat 8 Professional - English, Français, Deutsch_831)

(Version:  - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-

7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player

NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe PDF iFilter 11 for 64-bit platforms (HKLM\...\{BA5C0CC3-

421B-4AE5-9370-1650D1941F30}) (Version: 11.0.00 - Adobe)
Adobe Photoshop Elements 6.0 (HKLM-x32\...\Adobe Photoshop

Elements 6) (Version: 6.0 - Adobe Systems Inc.)
Adobe Reader XI (11.0.03) (HKLM-x32\...\{AC76BA86-7AD7-

1033-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems

Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave

Player) (Version: 12.1.9.160 - Adobe Systems, Inc.)
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1)

(Version:  - Kim Jensen)
Advertising Center (HKLM-x32\...\{B2EC4A38-B545-4A00-8214-

13FE0E915E6D}) (Version: 0.0.0.2 - Nero AG) Hidden
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-

2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro

Devices, Inc.)
AP Tuner 3.08 (HKLM-x32\...\AP Tuner 3.08) (Version:  - )
ATI Catalyst Install Manager (HKLM\...\{655CC2C0-66E7-E863-

3523-408A67E2B961}) (Version: 3.0.732.0 - ATI Technologies,

Inc.)
ATITool Overclocking Utility (HKLM-x32\...\ATITool) (Version:

0.26 - )
AutoUnpack 4.5.2 (HKLM-x32\...\AutoUnpack_is1) (Version:  - )
Beyond TV DVD Burning Foundation (HKLM-x32\...\{C29B13CC-

F0C5-4973-8980-2BCDC7C44E39}) (Version: 1.0.4 -

SnapStream Media) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
CFTsoft Free APE 2 MP3 Convert (HKLM-x32\...\CFTsoft Free APE

2 MP3 Convert_is1) (Version: 1.2.2 - changeformat.net)
Chinese Checkers Master 1.03 (HKLM-x32\...\Chinese Checkers

Master_is1) (Version: 1.03 - Guardian Games)
CoffeeCup Web Form Builder Lite (HKLM-x32\...\{85DE30D0-

AEC8-4799-A56A-14267C421A76}) (Version: 2.4.5318 -

CoffeeCup Software, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...

\{90120000-0020-0409-0000-0000000FF1CE}) (Version:

12.0.6612.1000 - Microsoft Corporation)
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-

4977-B4A8-262CD53D0BD3}) (Version: 12.010.0000 - Corel

Corporation)
CrossEyes (HKLM-x32\...\{BD5806EC-F23C-480D-BAAB-

B13A41835AB6}) (Version: 5.0.1 - Levit & James, Inc.) Hidden
CrossEyes (HKLM-x32\...\CrossEyes) (Version: 5.0.1 - Levit &

James, Inc.)
CSS3 Menu (HKLM-x32\...\CSS3 Menu_is1) (Version:  - )
CutePDF Writer 2.7 (HKLM\...\CutePDF Writer Installation)

(Version:  - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-

8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
dBpowerAMP Mp4 Codec (HKLM-x32\...\dBpowerAMP Mp4 Codec)

(Version:  - )
DeepBurner Pro v1.9.0.228 (HKLM-x32\...\{1AD22277-7A1E-

71EC-B27D-EB7A22BED143}) (Version:  - )
DolbyFiles (HKLM-x32\...\{B1ADF008-E898-4FE2-8A1F-

690D9A06ACAF}) (Version: 2.0 - Nero AG) Hidden
Dots (HKCU\...\af96c9b6992b539c) (Version: 1.0.0.9 - Stellerjay

Enterprises, LLC)
Driver (HKLM-x32\...\{C0467622-B130-4981-B9CE-

34B94F8006D2}) (Version: 0.5.2.3 - M-Audio)
Driving Test Success - All Tests 2013 Edition (Update 3) (HKLM-

x32\...\{EF570A1B-7593-4EDB-8AF0-8041F2A7A81B}_is1)

(Version: 17.0 - Imagitech Ltd.)
Easy Video Downloader v. 1.4.1 (HKLM-x32\...\Easy Video

Downloader_is1) (Version:  - VideoDownloader.fdrlab.com)
Encore (HKLM-x32\...\Encore 5.0.4) (Version: 5.0.4 - Passport

Music Software LLC)
EndItAll 2.0 (HKLM-x32\...\EndItAll_is1) (Version: 2.0 - Ziff Davis

Media, Inc.)
FileZilla Client 3.13.1 (HKLM-x32\...\FileZilla Client) (Version:

3.13.1 - Tim Kosse)
Finale Reader 2011 (HKLM-x32\...\Finale Reader) (Version:

2011..r2.1 - MakeMusic)
FormatFactory 3.7.0.0 (HKLM-x32\...\FormatFactory) (Version:

3.7.0.0 - Format Factory)
Free Alarm Clock 2.2.1 (HKLM-x32\...\{8ED5A2F1-338F-4608-

8AF7-BCD1ADC1E1F7}_is1) (Version: 2.2 - Comfort Software

Group)
Free M4V Converter (HKLM-x32\...\{DAD8D5C7-4671-472E-

8A3E-3891D471481A}) (Version: 1.0.0 - Convert Audio Free)
Free M4V To AVI Converter (HKLM-x32\...\{E0D4938C-DE70-

4E40-BAD3-40598E2AF03C}) (Version: 1.0.0 - Convert Audio

Free)
Free MP4 Splitter (HKLM-x32\...\{38ECB700-186E-4E87-996C-

54290D4412BE}) (Version: 1.0.0 - Media Freeware)
FTP Commander (HKLM-x32\...\FTP Commander) (Version:  - )
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-

B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-

E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.)

Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-

4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 -

Google Inc.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-

9AB6-BC44E68B55E2}) (Version: 1.3.25.0 - Google Inc.) Hidden
Harmony Assistant (HKLM-x32\...\Harmony Assistant) (Version:

9.6.3i - Myriad SARL)
Hashi (HKLM-x32\...\{719E2A7A-8708-45CE-8FC8-

75E753EE1919}) (Version: 001.000.00005 - greenstreet games)
Hashi (HKLM-x32\...\{F4D24EAE-323B-4CC9-8EF8-

8BDF85B7A22D}) (Version: 001.000.00005 - greenstreet games)

Hidden
HydraVision (HKLM-x32\...\{89CE7F9B-B4DF-8585-638B-

6BD807ADE9C7}) (Version: 4.2.252.0 - Advanced Micro Devices,

Inc.) Hidden
ieSpell (HKLM-x32\...\ieSpell) (Version: 2.5.1 (build 106) - Red

Egg Software)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-

A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Jasc Animation Shop 3 (HKLM-x32\...\{174D5678-D941-433C-

BD23-58A5C7B0D36D}) (Version: 3.05.0000 - Jasc Software

Inc)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-

87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-

2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Jimmy White's 2 - Cueball (HKLM-x32\...\Jimmy White's 2 -

Cueball) (Version:  - )
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-

9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft

Corporation) Hidden
Ka Kuro Master (HKLM-x32\...\{BE4631B4-A0C3-49A8-BCE5-

E1673BE61C5D}) (Version: 1.10.0009 - greenstreet games)

Hidden
Ka Kuro Master (HKLM-x32\...\{C59DDD60-F614-44C2-8689-

D414C0CEB86C}) (Version: 1.10.0009 - greenstreet games)
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-

8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
Logitech Unifying Software 1.00 (HKLM\...\Logitech Unifying)

(Version: 1.00.127 - Logitech)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2

-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia,

Inc.)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO

Maker v5.5 (build 0281)) (Version:  - )
MakeMKV v1.8.10 (HKLM-x32\...\MakeMKV) (Version: v1.8.10 -

GuinpinSoft inc)
Malwarebytes' Anti-Malware (HKLM-x32\...\Malwarebytes' Anti-

Malware_is1) (Version:  - Malwarebytes Corporation)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...

\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 -

Malwarebytes Corporation)
Masyu (HKLM-x32\...\{66070AB7-B545-4079-BA3B-

360A93B41636}) (Version: 001.000.00002 - greenstreet games)

Hidden
Masyu (HKLM-x32\...\{E05AFE32-80DC-4923-AB84-

670CB1712ADE}) (Version: 001.000.00002 - greenstreet games)
M-Audio KeyStudio49i Driver 6.0.1 (x64) (HKLM\...\{74BAEC6B-

6FE3-455D-894D-94C488613823}) (Version: 6.0.1 - M-Audio)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-

9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Melody Player (HKLM-x32\...\Melody Player) (Version: 6.3.2n -

Myriad SARL)
Menu Templates - Starter Kit (HKLM-x32\...\{B78120A0-CF84-

4366-A393-4D0A59BC546C}) (Version: 9.6.0.0 - Nero AG)

Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-

45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 -

Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...

\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_

{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  -

Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE)

(Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-

0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 -

Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000

-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 -

Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4

-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft

Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-

007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 -

Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...

\{95120000-00AF-0409-0000-0000000FF1CE}) (Version:

12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version:

17.3.5930.0814 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-

x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3})

(Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client)

(Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-

2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...

\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version:

3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{79BF7CB8-1E09-

489F-9547-DB3EE8EA3F16}) (Version: 9.00.4035.00 - Microsoft

Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...

\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version:

9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{86177DAE-38B1-

49DD-912E-35CB703AB779}) (Version: 9.00.4035.00 - Microsoft

Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64

8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-

CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft

Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...

\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version:

8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...

\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version:

8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...

\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version:

8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

(HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version:

8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...

\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version:

8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...

\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version:

8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86

9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-

3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft

Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86

9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-

E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft

Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

(HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE})

(Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

(HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4})

(Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

(HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4})

(Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

(HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475})

(Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

(HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F})

(Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

(HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7})

(Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...

\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version:

10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

(HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5})

(Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-

x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6})

(Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030

(HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6})

(Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030

(HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f})

(Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501

(HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f})

(Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ Run Time  Lib Setup (HKLM-x32\...

\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0

- Microsoft)
Microsoft Word 2002 (HKLM-x32\...\{911B0409-6000-11D3-

8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft

Corporation)
Microsoft Works 6.0 (HKLM-x32\...\{A1B7B9B3-E1D2-41CA-

9B4A-F18DC2710704}) (Version: 06.00.0000 - Microsoft

Corporation)
Microsoft Works Suite Add-in for Microsoft Word (HKLM-x32\...

\{C3A439E4-7303-491F-A678-CEA36A87D517}) (Version:

2.0.0.0000 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.1 - mIRC Co. Ltd.)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-

032C8C251304}) (Version: 16.4.3528.0331 - Microsoft

Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-

F123A800A389}) (Version: 16.4.3528.0331 - Microsoft

Corporation) Hidden
Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-

DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft

Corporation) Hidden
Movie Templates - Starter Kit (HKLM-x32\...\{E498385E-1C51-

459A-B45F-1721E37AA1A0}) (Version: 9.6.0.0 - Nero AG)

Hidden
Moyea FLV Editor Lite version: 1.1.1.846 (HKLM-x32\...

\{8E3F691A-4972-47FF-9E09-1981B62A5D5A}_is1) (Version:  -

)
Moyea YouTube FLV Downloader version: 3.1.2.26 (HKLM-x32\...

\{EA426461-31AA-4AB3-B15D-EDD748F08394}_is1) (Version:  -

)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox

40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
MP4Joiner v2.1.2 (HKLM-x32\...\MP4Joiner_is1) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-

4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft

Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-

41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft

Corporation)
Musicnotes Software Suite 1.7.2 (HKLM-x32\...\Musicnotes

Combined Installer_is1) (Version: 1.7.2 - Musicnotes Inc.)
MySQL Servers and Clients 3.23.49 (HKLM-x32\...\MySQL

Servers and Clients 3.23.49) (Version:  - )
Nero 9 (HKLM-x32\...\{eb317916-19a9-4010-aaee-

e21b3409250d}) (Version:  - Nero AG)
OMeR (HKLM-x32\...\OMeR) (Version: 2.3.0 - Myriad SARL)
Paltalk Messenger  11.6 (HKLM-x32\...\Paltalk Messenger)

(Version: 11.6.614.17393 - AVM Software Inc.)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-

FD14BA3AB01D}) (Version: 2.0.2 - pdfforge)
PDFtoMusic (HKLM-x32\...\PDFtoMusic) (Version: 1.4.2c - Myriad

SARL)
PHP 4.1.1 (HKLM-x32\...\PHP 4.1.1) (Version:  - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65

-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PVSonyDll (HKLM\...\{3D3E663D-4E7E-4577-A560-

7ECDDD45548A}) (Version: 1.00.0001 - NVIDIA Corporation)

Hidden
Quick Cribbage 3.5 (remove only) (HKLM-x32\...\Quick Cribbage

3.5) (Version:  - )
Rapport (HKLM\...\{1DD81E7D-0D28-4CEB-87B2-

C041A4FCB215}) (Version: 3.5.1201.78 - Trusteer) Hidden
Real Alternative 1.9.0 (HKLM-x32\...\RealAlt_is1) (Version: 1.9.0

- )
RealDownloader (HKLM-x32\...\{87C3442E-6F2D-4CB2-8312-

270BF5D0755E}) (Version: 18.0.1.9 - RealNetworks) Hidden
RealDownloader (HKLM-x32\...\{8e7a0203-575b-425c-91a1-

8e89464fc940}) (Version: 18.0.1.9 - RealNetworks) Hidden
RealDownloader (HKLM-x32\...\{EA1FAE0F-2354-4E32-B423-

ABAE8E358F91}) (Version: 1.3.1 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-

x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA})

(Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-

x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version:

10.0 - RealNetworks, Inc) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-

7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5983 -

Realtek Semiconductor Corp.)
Replay Media Catcher (HKLM-x32\...\Replay Media Catcher2.10)

(Version: 2.10 - Applian Technologies Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version:

1.95 - VS Revo Group)
Rightdown Software - Toolbar (HKLM-x32\...\Rightdown

SoftwareRightdown Software SearchBar) (Version:  - )
SAMSUNG Mobile Composite Device Software (HKLM\...

\SAMSUNG Mobile Composite Device) (Version:  - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile

Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...

\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG

Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG

Mobile USB Modem) (Version:  - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-

0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 -

SAMSUNG Electronics Co., Ltd.)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-

B0108F0D93BC}) (Version:  - )
Shockwave (HKLM-x32\...\Shockwave) (Version:  - )
Sibelius Scorch (ActiveX Only) (HKLM-x32\...\{868291A4-229E-

4795-B0B0-E60E87AF53CD}) (Version: 6.2.0 - Sibelius Software)
Sibelius Scorch (Firefox, Opera, Netscape, Chrome only) (HKLM-

x32\...\{41626CC0-A854-4402-AD06-D7939515C282})

(Version: 6.2.0 - Sibelius Software, a division of Avid Technology,

Inc.)
SONY USB CAMERA Installer (HKLM-x32\...\{B1D97610-98C9-

4C87-8314-888D1DDA3669}) (Version: 2.0.0.0 - SONY

Corporation)
SoundTrax (HKLM-x32\...\{C5A7CB6C-E76D-408F-BA0E-

85605420FE9D}) (Version: 4.4.39.0 - Nero AG) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-

4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-

Networking Ltd.)
Suji Moji (HKLM-x32\...\{3FCC9D21-0279-4214-B4F3-

1EED90A7191A}) (Version: 001.000.00005 - greenstreet games)
Suji Moji (HKLM-x32\...\{C54812C2-EF4E-43EA-83D2-

E57782C15F09}) (Version: 001.000.00005 - greenstreet games)

Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-

0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc)

Hidden
Total Recorder 8.4 Professional Edition (HKLM-x32\...

\TotalRecorder) (Version:  - )
TSS (HKLM-x32\...\{5CF84352-6499-43D5-A7EB-

A938E079E106}) (Version: 1.0.0 - Sourcecode, Inc)
TSS Administration (HKLM-x32\...\{C317E1FF-6290-4480-

884B-DA7CA9441A83}) (Version: 1.0.0 - Sourcecode, Inc.)
UM-1 Driver (HKLM\...\RolandRDID0009) (Version:  - Roland

Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-

x32\...\{90120000-0030-0000-0000-0000000FF1CE}

_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D})

(Version:  - Microsoft)
USB Webcam (HKLM-x32\...\{91848602-9EF7-4864-9198-

48C071769ACD}) (Version: 1.00.0000 - Vimicro Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-

4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc)

Hidden
Video Downloader (HKLM-x32\...\{E60AFF01-6087-47BD-8272-

61FA3CFC309D}) (Version: 1.0.0 - RealNetworks) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version:

2.1.5 - VideoLAN)
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-

2C7559DE3409}) (Version: 2.5.7 - Shark007)
Winamp (HKLM-x32\...\Winamp) (Version: 5.571  - Nullsoft, Inc)
WinBowl 3.22 (HKLM-x32\...\WinBowl 3.22) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version:

16.4.3528.0331 - Microsoft Corporation)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-

ECDD91C240E7}) (Version: 19.0.11294 - WinZip Computing, S.L.

)
Works Suite OS Pack (HKLM-x32\...\{DC19E750-988B-4005-

A355-85EF66055EFE}) (Version: 1.0.0.0000 - Microsoft

Corporation) Hidden
Works Synchronization (HKLM-x32\...\{BD3DCAB0-3FE5-44FB-

90DA-EFB0A2CD1387}) (Version: 1.0.0.0000 - Your Company

Name) Hidden
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2)

(Version: 1.3.4 - Xvid Team)

**** End of log ****
 



#4 Firehouse

Firehouse

  • Members
  • 637 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:33 AM

Posted 29 August 2015 - 02:25 PM

First we will uninstall some unwanted / unneeded programs :

 

  • Google Toolbar
  • WinZip
  • Spybot S&D

After that, manually restart PC and proceed to next steps:

 

Download AdwCleaner by Xplode and save it to your desktop.
 
Run tool as Administrator, accept terms of usage, and wait while database is updating.
 
After it's done with updating, click Scan button and wait while it's scanning.
 
All found items remove by clicking on Cleaning button, and allow tool to restart.
 
After restart will make a log which you will attach or paste in your reply.
 
 
 
Download JRT by Malwarebytes and save it to your desktop.
 
Run tool as Administrator,accept disclaimer by pressing Y, and wait while it's scanning system.
 
Tool will automatically scan and remove all found items, if tool requires restart, allow it to do so.
 
Attach log here.


#5 FourPart

FourPart
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:33 AM

Posted 29 August 2015 - 07:52 PM

I wouldn't necessarily agree with them being unwanted / unneeded programs - especially SpyBot, which is better than SpyHunter, and free.  However, for the sake of following things through, I have installed them.  They can easily be re-installed at some later late.

 

# AdwCleaner v5.004 - Logfile created 30/08/2015 at 01:36:23
# Updated 26/08/2015 by Xplode
# Database : 2015-08-25.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1

(x64)
# Username : Jerry 2 - JERRYS-BABY
# Running from : C:\Users\Jerry 2\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : globalUpdate
[-] Service Deleted : globalUpdatem
[-] Service Deleted : SPBIUpd
[-] Service Deleted : SPBIUpdd
[-] Service Deleted : wbsvc
[-] Service Deleted : wStLibG64
[-] Service Deleted : SSFK
[-] Service Deleted : 923071b5

***** [ Folders ] *****

[-] Folder Deleted : C:\IQIYI Video
[-] Folder Deleted : C:\DesktopSearch
[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\predm
[-] Folder Deleted : C:\Program Files (x86)\ShopperPro
[-] Folder Deleted : C:\Program Files (x86)\VideoConverter
[-] Folder Deleted : C:\Program Files (x86)\Super Optimizer
[-] Folder Deleted : C:\Program Files (x86)\Crossbrowse
[-] Folder Deleted : C:\Program Files (x86)\SFK
[-] Folder Deleted : C:\Program Files (x86)\aappsaVe
[-] Folder Deleted : C:\Program Files (x86)\aipppsave
[-] Folder Deleted : C:\Program Files (x86)\appsoave
[-] Folder Deleted : C:\Program Files

(x86)\CinemaPlus_6.5V26.08
[!] Folder Not Deleted : C:\Program Files (x86)\Crossbrowse
[-] Folder Deleted : C:\Program Files\Common Files\pastaleads
[-] Folder Deleted : C:\Program Files\Common Files\ShopperPro
[-] Folder Deleted : C:\ProgramData\ParetoLogic
[-] Folder Deleted : C:\ProgramData\SearchModule
[-] Folder Deleted : C:\ProgramData\ShopperPro
[-] Folder Deleted : C:\ProgramData\PC Drivers HeadQuarters
[-] Folder Deleted : C:\ProgramData\Driver Manager
[-] Folder Deleted : C:\ProgramData\FlashBeat
[-] Folder Deleted : C:\ProgramData\IQIYI Video
[-] Folder Deleted : C:\ProgramData\Driver Boost
[-] Folder Deleted : C:\ProgramData\InstallSightSDK
[-] Folder Deleted : C:\ProgramData\FreeRIP
[-] Folder Deleted : C:\ProgramData\260c240df1295b91
[-] Folder Deleted : C:\ProgramData\2741605915460983697
[-] Folder Deleted : C:\ProgramData

\28341ff220e0446c9fff27c4493d622e
[-] Folder Deleted : C:\ProgramData\531ebfc8000040f6
[-] Folder Deleted : C:\ProgramData\644cd09800007505
[-] Folder Deleted : C:\ProgramData\b57446d800001e51
[-] Folder Deleted : C:\ProgramData\b62ab8440000244e
[-] Folder Deleted : C:\ProgramData\eb8db3e5000019a1
[-] Folder Deleted : C:\ProgramData\{1f868129-cdc0-e7a6-1f86

-68129cdc04a7}
[-] Folder Deleted : C:\ProgramData\{2c2ed9f3-a306-0791-

2c2e-ed9f3a3067ce}
[-] Folder Deleted : C:\ProgramData\{ba258f51-b238-2674-

ba25-58f51b233d46}
[-] Folder Deleted : C:\ProgramData

\fjjckpeadlbnpkhndelofbdpgacpnomm
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start

Menu\Programs\Desktop Search
[-] Folder Deleted : C:\Users\Jerry 2\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Jerry 2\AppData\Local\SmartWeb
[-] Folder Deleted : C:\Users\Jerry 2\AppData\Local

\BrowserHelper
[-] Folder Deleted : C:\Users\Jerry 2\AppData\Local

\DesktopSearch
[-] Folder Deleted : C:\Users\Jerry 2\Documents\Super Optimizer
[-] Folder Deleted : C:\Users\Public\Documents\ShopperPro
[-] Folder Deleted : C:\WINDOWS\SysWOW64\config

\systemprofile\AppData\Roaming\WeatherTool

***** [ Files ] *****

[-] File Deleted : C:\WINDOWS\Sysnative\log\iSafeKrnlCall.log
[-] File Deleted : C:\WINDOWS\Sysnative\acengine64.dll

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : AmiUpdXp
[-] Task Deleted : APSnotifierPP1
[-] Task Deleted : APSnotifierPP2
[-] Task Deleted : APSnotifierPP3
[-] Task Deleted : ASP
[-] Task Deleted : Crossbrowse
[-] Task Deleted : DSite
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : Inst_Rep
[-] Task Deleted : PC Performer
[-] Task Deleted : RegClean Pro
[-] Task Deleted : ShopperProJSUpd
[-] Task Deleted : SmartWeb Upgrade Trigger Task
[-] Task Deleted : Super Optimizer Schedule
[-] Task Deleted : WebBarLaunchTask
[-] Task Deleted : WebBarUpdateTask
[-] Task Deleted : WSE_Vosteran
[-] Task Deleted : web_disco_updating_service
[-] Task Deleted : web_disco_notification_service
[-] Task Deleted : coupons_and_fun_updating_service
[-] Task Deleted : coupons_and_fun_notification_service
[-] Task Deleted : 24seven_savings_updating_service
[-] Task Deleted : 24seven_savings_notification_service
[-] Task Deleted : WindApp Update
[-] Task Deleted : Selection Tools Update
[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi
[-] Task Deleted : WordSurfer Auto Updater 1.10.0.19 Pending

Update
[-] Task Deleted : WordSurfer Auto Updater 1.10.0.19 Core
[-] Task Deleted : Optscan
[-] Task Deleted : WordSurfer Auto Updater 1.10.0.19 Core
[-] Task Deleted : WordSurfer Auto Updater 1.10.0.19 Pending

Update
[-] Task Deleted : Selection Tools Update
[-] Task Deleted : WindApp Update
[-] Task Deleted : 6d75fc7d-fab1-4a9c-bef8-4114dec5970e-1
[-] Task Deleted : 6d75fc7d-fab1-4a9c-bef8-4114dec5970e-2
[-] Task Deleted : 6d75fc7d-fab1-4a9c-bef8-4114dec5970e-4
[-] Task Deleted : 6d75fc7d-fab1-4a9c-bef8-4114dec5970e-5
[-] Task Deleted : 6d75fc7d-fab1-4a9c-bef8-4114dec5970e-

5_user
[-] Task Deleted : a6a398af-b1d0-463d-937b-04382a761142-1-6
[-] Task Deleted : a6a398af-b1d0-463d-937b-04382a761142-1-7
[-] Task Deleted : a6a398af-b1d0-463d-937b-04382a761142-

10_user
[-] Task Deleted : a6a398af-b1d0-463d-937b-04382a761142-4
[-] Task Deleted : a6a398af-b1d0-463d-937b-04382a761142-5
[-] Task Deleted : a6a398af-b1d0-463d-937b-04382a761142-

5_user
[-] Task Deleted : c033e29e-1bc1-4336-a74a-1152b885ab08-1
[-] Task Deleted : c033e29e-1bc1-4336-a74a-1152b885ab08-4
[-] Task Deleted : c033e29e-1bc1-4336-a74a-1152b885ab08-5
[-] Task Deleted : c033e29e-1bc1-4336-a74a-1152b885ab08-

5_user
[-] Task Deleted : f9c38f6d-b7d5-4dfd-b75a-8afc10d03940-

10_user
[-] Task Deleted : f9c38f6d-b7d5-4dfd-b75a-8afc10d03940-4
[-] Task Deleted : 6d75fc7d-fab1-4a9c-bef8-4114dec5970e-1
[-] Task Deleted : 6d75fc7d-fab1-4a9c-bef8-4114dec5970e-2
[-] Task Deleted : 6d75fc7d-fab1-4a9c-bef8-4114dec5970e-4
[-] Task Deleted : 6d75fc7d-fab1-4a9c-bef8-4114dec5970e-5
[-] Task Deleted : 6d75fc7d-fab1-4a9c-bef8-4114dec5970e-

5_user
[-] Task Deleted : a6a398af-b1d0-463d-937b-04382a761142-1-6
[-] Task Deleted : a6a398af-b1d0-463d-937b-04382a761142-1-7
[-] Task Deleted : a6a398af-b1d0-463d-937b-04382a761142-

10_user
[-] Task Deleted : a6a398af-b1d0-463d-937b-04382a761142-4
[-] Task Deleted : a6a398af-b1d0-463d-937b-04382a761142-5
[-] Task Deleted : a6a398af-b1d0-463d-937b-04382a761142-

5_user
[-] Task Deleted : c033e29e-1bc1-4336-a74a-1152b885ab08-1
[-] Task Deleted : c033e29e-1bc1-4336-a74a-1152b885ab08-4
[-] Task Deleted : c033e29e-1bc1-4336-a74a-1152b885ab08-5
[-] Task Deleted : c033e29e-1bc1-4336-a74a-1152b885ab08-

5_user
[-] Task Deleted :

SPBIW_UpdateTask_Time_333539373937333538372d4137345a

376c453278345a41
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID

\NCTAudioCompress3.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID

\NCTAudioFormatSettings3.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes

\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins

\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins

\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows

\CurrentVersion\App Paths\ShopperPro.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Mediaplayer

\Shiminclusionlist\crossbrowse.exe
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet

\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID

\globalupdate.exe
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class

\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class

\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
[-] Key Deleted : HKLM\System\CurrentControlSet\Services

\Eventlog\Application\registry helper service
[-] Value Deleted : HKLM\SOFTWARE\Classes\.webp

\OpenWithProgIDs [CRSBRWSHTML]
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins

\@iqiyi.com/npWebPlayer
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins

\@iqiyi.com/npclient
[-] Key Deleted : HKLM\SOFTWARE\Classes\HCDNProxy
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet

\Torch
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer

\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION

[TotalPlusHD-3.1V30.12-bg.exe]
[-] Key Deleted : HKLM\SOFTWARE\3a6f705f-7302-f9ad-5d7d-

592622fafbe7
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions

[deskCutv2@gmail.com]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions

[defsearchp@gmail.com]
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions

\bakijjialdiiboeaknfpmflphhmljfkd
[-] Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome

\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions

\ejocekekgcaldnmjngfdbmbeebcekelc
[-] Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome

\Extensions\ejocekekgcaldnmjngfdbmbeebcekelc
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-

48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-

C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-

6A53-460C-8301-C694EC9E1033}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-

2FA6-477D-A1B0-EF7500B3C49E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-

75ED-4364-ABA5-9A95B1F5E946}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-

8FED-4CBC-B01A-4B57FC199062}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{051E9166-

B275-4683-907B-372FAE22BC7C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-

73BC-47A5-9F51-B67F0BAFE24D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-

48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-

C3FB-4D88-990D-31DB2EBD72BD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-

7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-

7B72-4D3D-A36E-66167A99BC31}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-

604C-47F3-8F2B-39F79640B85E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-

FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-

C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-

E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-

BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-

9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-

B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-

CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-

5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-

3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-

7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-

5FB5-4AD0-8427-6AA04334A3FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-

BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-

D7B5-4D8B-B15D-578BDD20D76A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-

A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-

F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{085CB97F-

6D0B-487D-B94C-E11A736C38CE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E6A8DA1-

5731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EC7C511-

CD0F-42E6-830C-1BD9882F3458}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CF3CDEFB-

31BE-43AE-B064-B9C62C883259}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D96C1D26-

5CDF-4506-9244-57233C3984DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-

1ADF-41E6-BE26-AF44326E30E4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2970C7C-

8392-4E6F-8B51-B763CF38E13C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-

C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-

A5FF-11D1-B2E9-444553540000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82351441-

9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface

\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface

\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface

\{D96C1D26-5CDF-4506-9244-57233C3984DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7

-1D19-46CB-88C0-45A24DF6CD6E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044

-17C0-48FB-A300-C9747D5DF29C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib

\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4

-3074-4CB6-9FB8-0A64273166F0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B6360BD3

-5CD0-40D3-BD87-DAFF37889F50}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E6F928E4

-B672-4F3A-8CA2-53C4259235DE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433

-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib

\{04A0F1FA-CF83-4ECD-9F68-D94D3F8A7622}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows

\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-

7695ECA05670}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows

\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-

8A89D3229068}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows

\CurrentVersion\Ext\Settings\{21FA44EF-376D-4D53-9B0F-

8A89D3229068}
[-] Key Deleted : HKCU\Software\Microsoft\Windows

\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-

B9E16EF26CAC}
[-] Key Deleted : HKCU\Software\Microsoft\Windows

\CurrentVersion\Ext\Stats\{5EC7C511-CD0F-42E6-830C-

1BD9882F3458}
[-] Key Deleted : HKCU\Software\Microsoft\Windows

\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-

830C-1BD9882F3458}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows

\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-

F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows

\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-

A43B-0C67731134B9}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows

\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-

3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows

\CurrentVersion\Ext\PreApproved\{2FF49ED5-A3EF-410B-918E-

97DECEB5996D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows

\CurrentVersion\Ext\PreApproved\{5EC7C511-CD0F-42E6-

830C-1BD9882F3458}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows

\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-

B7D3-CB8BEB1AA42C}]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer

\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-

110111991162}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer

\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-

F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer

\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-

0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer

\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-

3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer

\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-

72ED3E59ED31}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer

\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-

B9E16EF26CAC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer

\Low Rights\ElevationPolicy\{1E6BE0FB-8B18-4DFC-959F-

233651CC4D7F}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer

\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-

B9E16EF26CAC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer

\Low Rights\ElevationPolicy\{BAC94FEE-45B4-4FD4-9EEA-

D8978EC96C6E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID

\{051E9166-B275-4683-907B-372FAE22BC7C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID

\{085CB97F-6D0B-487D-B94C-E11A736C38CE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID

\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID

\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID

\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID

\{A2970C7C-8392-4E6F-8B51-B763CF38E13C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID

\{5CD76C57-6893-478A-B776-47E7C82504BE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{BB27DF2F-6F05-4A42-9FFD-14696D795750}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{D96C1D26-5CDF-4506-9244-57233C3984DF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{0FEB2313-F89B-4AC6-8153-84025604A06A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{2AF343DD-3102-4F9D-AC95-DCA4C95382C7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{4CA2AC92-971B-47B1-ACB6-357B552155AC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{52C5395B-1FCD-47FA-A834-FD830701C2D5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{615FACDF-DADB-440D-AC91-8AAB0AE9E3AD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{762D463B-C45A-456D-A80D-8689C297C91E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{7A6BE473-7960-44D0-BD54-D23DA76353DF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{803F550E-BAAE-42BB-8917-64BA0006AB17}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{991C9D8D-A789-4DB9-BDFC-5F33398B04BF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{A5ACC874-D943-483F-A2D1-14598D51F872}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{B0474212-0D9D-4361-90B3-B89D1A44275D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{DD260902-9420-4055-A956-9152EB4F3E6A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{EB1F9F3C-5526-4DAE-BD4B-3EAA7715DA9F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{F68DC16C-9C2B-455B-8853-7E4D34BAA3F4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface

\{FBA8498F-B3A0-4942-A2BF-E0CB7BC7E000}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet

Explorer\SearchScopes\{31090377-0740-419E-BEFC-

A56E50500D5B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet

Explorer\SearchScopes\{31090377-0740-419E-BEFC-

A56E50500D5B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet

Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-

B036-B9E16EF26CAC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet

Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-

B036-B9E16EF26CAC}
[-] Key Deleted : HKU\.DEFAULT\Software\IBUpdaterService
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow

\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software

\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\Store
[-] Key Deleted : HKCU\Software\CrossBrowser
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[-] Key Deleted : HKCU\Software\{3BDFD1D7-7A9B-4D29-80B3

-D00E66E62885}
[-] Key Deleted : HKCU\Software\DAILYPCCLEAN
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE

\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE

\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-

BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\OpenCandy
[-] Key Deleted : HKLM\SOFTWARE\ParetoLogic
[-] Key Deleted : HKLM\SOFTWARE\supWPM
[-] Key Deleted : HKLM\SOFTWARE\Tutorials
[-] Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-

94BC-918E511FAA81}
[-] Key Deleted : HKLM\SOFTWARE\SearchModule
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\FFPluginHp
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows

\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-

B0108F0D93BC}
[!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
[!] Key Not Deleted : [x64] HKCU\Software

\InstalledBrowserExtensions
[!] Key Not Deleted : [x64] HKCU\Software\Store
[!] Key Not Deleted : [x64] HKCU\Software\CrossBrowser
[!] Key Not Deleted : [x64] HKCU\Software\HighDefAction
[!] Key Not Deleted : [x64] HKCU\Software\ArenaHD
[!] Key Not Deleted : [x64] HKCU\Software\{3BDFD1D7-7A9B-

4D29-80B3-D00E66E62885}
[!] Key Not Deleted : [x64] HKCU\Software\DAILYPCCLEAN
[-] Key Deleted : [x64] HKLM\SOFTWARE

\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
[-] Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
[-] Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow

\Software\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow

\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features

\DF917BEA0BDE9E345B42099FC7E14699
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products

\DF917BEA0BDE9E345B42099FC7E14699
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows

\CurrentVersion\Installer\UserData\S-1-5-18\Components

\30C16B15B255BD349A1157B8A83E2AF9
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows

\CurrentVersion\Installer\UserData\S-1-5-18\Components

\3152E1F19977892449DC968802CE8964
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows

\CurrentVersion\Installer\UserData\S-1-5-18\Components

\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows

\CurrentVersion\Installer\UserData\S-1-5-18\Components

\ED1CAE30F47D14B41B5FC8FA53658044
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows

\CurrentVersion\Installer\UserData\S-1-5-18\Products

\DF917BEA0BDE9E345B42099FC7E14699
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT

\CurrentVersion\Image File Execution Options\bpsvc.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT

\CurrentVersion\Image File Execution Options

\browsersafeguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT

\CurrentVersion\Image File Execution Options\dprotectsvc.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT

\CurrentVersion\Image File Execution Options

\protectedsearch.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT

\CurrentVersion\Image File Execution Options\searchinstaller.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT

\CurrentVersion\Image File Execution Options

\searchprotection.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT

\CurrentVersion\Image File Execution Options

\searchprotector.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT

\CurrentVersion\Image File Execution Options

\searchsettings64.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT

\CurrentVersion\Image File Execution Options\stinst32.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT

\CurrentVersion\Image File Execution Options\stinst64.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT

\CurrentVersion\Image File Execution Options\umbrella.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT

\CurrentVersion\Image File Execution Options\utiljumpflip.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT

\CurrentVersion\Image File Execution Options\websteroids.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT

\CurrentVersion\Image File Execution Options

\websteroidsservice.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT

\CurrentVersion\Image File Execution Options

\GLOBALUPDATE.EXE
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT

\CurrentVersion\Image File Execution Options\jumpflip
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet

Explorer\SearchScopes\{4C4C7AAB-5854-4241-A414-

E2F1EF119C4A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet

Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-

06d606da78a2}
[!] Key Not Deleted : HKU\.DEFAULT\Software\Microsoft\Internet

Explorer\SearchScopes\{4C4C7AAB-5854-4241-A414-

E2F1EF119C4A}
[!] Key Not Deleted : HKU\S-1-5-18\Software\Microsoft\Internet

Explorer\SearchScopes\{4C4C7AAB-5854-4241-A414-

E2F1EF119C4A}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Windows NT

\CurrentVersion\Windows [AppInit_DLLs]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Windows

NT\CurrentVersion\Windows [AppInit_DLLs]

***** [ Web browsers ] *****

[-] [C:\Users\Jerry 2\AppData\Roaming\Mozilla\Firefox\Profiles

\kp6c88ya.default\prefs.js] [Preference] Deleted : user_pref

("plugin.state.npwebplayer", 0);

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt -

[27744 bytes] ##########
 

 

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.9 (08.27.2015:1)
OS: Windows 7 Home Premium x64
Ran by Jerry 2 on 30/08/2015 at  1:42:14.25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\doweloadie
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Driver Robot
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\VCKGUAPGZ1
Successfully deleted: [Task] C:\WINDOWS\Tasks\Driver Robot.job
Successfully deleted: [Task] C:\WINDOWS\Tasks\f9c38f6d-b7d5-4dfd-b75a-8afc10d03940-10_user.job
Successfully deleted: [Task] C:\WINDOWS\Tasks\f9c38f6d-b7d5-4dfd-b75a-8afc10d03940-4.job
Successfully deleted: [Task] C:\WINDOWS\Tasks\VCKGUAPGZ1.job
Successfully deleted: [Task] C:\WINDOWS\Tasks\web_disco_notification_service.job
Successfully deleted: [Task] C:\WINDOWS\Tasks\web_disco_updating_service.job



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D6F180CB-E683-41A3-8CD2-C53DBAA0530D}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_gb_005010073
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\gmsd_gb_005010074
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{D6F180CB-E683-41A3-8CD2-C53DBAA0530D}



~~~ Registry Keys

Successfully deleted: [Registry Key] (Default)    REG_SZ    Crossbrowse
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611881155}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Caramava
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Jump Flip
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update RightSurf
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\wbsvc



~~~ Files

Successfully deleted: [File] C:\Users\Jerry 2\Appdata\Local\nsb9F3A.tmp
Successfully deleted: [File] C:\Users\Jerry 2\Appdata\Local\nsc1755.tmp
Successfully deleted: [File] C:\Users\Jerry 2\Appdata\Local\nsh1234.tmp
Successfully deleted: [File] C:\Users\Jerry 2\Appdata\Local\nsi3B9B.tmp
Successfully deleted: [File] C:\Users\Jerry 2\Appdata\Local\nsnEFC9.tmp
Successfully deleted: [File] C:\Users\Jerry 2\Appdata\Local\nsx42BD.tmp
Successfully deleted: [File] C:\Users\Jerry 2\Appdata\Local\nsy6CF0.tmp
Successfully deleted: [File] C:\WINDOWS\SysWOW64\REN845B.tmp



~~~ Folders

Failed to delete: [Folder] C:\ProgramData\pc1data
Successfully deleted: [Folder] C:\Program Files (x86)\convert audio free
Successfully deleted: [Folder] C:\Program Files (x86)\gmsd_gb_005010073 [Adware.EoRezo]
Successfully deleted: [Folder] C:\Program Files (x86)\media freeware
Successfully deleted: [Folder] C:\ProgramData\google
Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mipony
Successfully deleted: [Folder] C:\Users\Jerry 2\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\Jerry 2\Appdata\Local\installer
Successfully deleted: [Folder] C:\Users\Jerry 2\Appdata\LocalLow\company
Successfully deleted: [Folder] C:\Users\Jerry 2\AppData\Roaming\convert audio free
Successfully deleted: [Folder] C:\Users\Jerry 2\AppData\Roaming\miniget
Successfully deleted: [Folder] C:\users\Public\Documents\guid
Successfully deleted: [Folder] C:\Users\Public\qiyi
Successfully deleted: [Folder] C:\ProgramData\Sayfe saive
Successfully deleted: [Folder] C:\Users\Jerry 2\Appdata\Local\9370



~~~ FireFox

Emptied folder: C:\Users\Jerry 2\AppData\Roaming\mozilla\firefox\profiles\kp6c88ya.default\minidumps [3 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30/08/2015 at  1:47:22.39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#6 FourPart

FourPart
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:33 AM

Posted 29 August 2015 - 08:01 PM

I've just closed & restarted Firefox, fully expecting to see MySearch123 still up there, and it's gone.  I really can't thank you guys enough.  However, I've just noticed that a Double Underlining has just appeared.

 



#7 Firehouse

Firehouse

  • Members
  • 637 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:33 AM

Posted 30 August 2015 - 03:36 AM

Something like this ?

 

Green-Double-Underlined-pop-up.jpg

 

Try to install uBlock Origin for Firefox.



#8 FourPart

FourPart
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:33 AM

Posted 30 August 2015 - 06:40 AM

That's the fella.  And thanks again.  That fixed it.



#9 Firehouse

Firehouse

  • Members
  • 637 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:33 AM

Posted 30 August 2015 - 07:59 AM

Glad i helped.



#10 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:03:33 AM

Posted 30 August 2015 - 01:57 PM

I wouldn't necessarily agree with them being unwanted / unneeded programs - especially SpyBot, which is better than SpyHunter, and free.  However, for the sake of following things through, I have installed them.  They can easily be re-installed at some later late.

 

 

Just to add something...

 

SpyHunter is a rogue software.

 

Please read this: http://www.bleepingcomputer.com/forums/t/550005/spyhunter-vs-malwarebytes-vs-iobit/?p=3491488


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#11 Firehouse

Firehouse

  • Members
  • 637 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:33 AM

Posted 30 August 2015 - 03:13 PM

@severac And Spybot isn't used to be good as before.



#12 FourPart

FourPart
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:02:33 AM

Posted 30 August 2015 - 03:19 PM

I am just amazed at how many links there are to download SpyHunter as if it were the be all & end all of Anti Malware, when it's as good as Malware itself.



#13 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:03:33 AM

Posted 30 August 2015 - 03:39 PM

@severac And Spybot isn't used to be good as before.

 

Unfortunately, that is the truth.

 

 

 

I am just amazed at how many links there are to download SpyHunter as if it were the be all & end all of Anti Malware, when it's as good as Malware itself.

 

This is also the truth.  :smash:


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users