Jump to content


Photo
- - - - -

This is my malware log I have the Yontoo 2.051 virus on my PC


  • This topic is locked This topic is locked
6 replies to this topic

#1 Brigidmartin

Brigidmartin

    New Member

  • Members
  • Pip
  • 3 posts

Posted 14 June 2013 - 11:23 AM

I have followed your instructions and these are the two reports that I got. I have the Yontoo 2.051 virus on my computer and would be very grateful for your help.

Thank you

Brigid .

The first one is to follow

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16490
Run by ray at 16:32:16 on 2013-06-14
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3325.1208 [GMT 1:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\LexmarkX84-X85\AcBtnMgr_X84-X85.exe
C:\Program Files\Lexmark X5400 Series\lxdvmon.exe
C:\Program Files\Lexmark X5400 Series\lxdvamon.exe
C:\Windows\PixArt\PAC7302\Monitor.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\McAfee Security Scan\3.0.287\SSScheduler.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\hasplms.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\ProgramData\IBUpdaterService\ibsvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\lxdvcoms.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\PSIService.exe
C:\Program Files\Cyberlink\Shared files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\MSC\McAPExe.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
C:\Program Files\Freecorder 6\TbHelper2.exe
c:\PROGRA~1\mcafee\SITEAD~1\saui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.co.uk/
mStart Page = hxxp://start.mysearchdial.com/?f=1&a=solimmsd&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtCtD0FtCtB0E0A0DtBzzzytN0D0Tzu0CyDtByEtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1L1H1H1B1Q&cr=1731386782&ir=
mDefault_Page_URL = hxxp://www.aldi.com/
uSearchURL,(Default) = hxxp://uk.search.yahoo.com/search?fr=mcafee&p=%s
uURLSearchHooks: ToolbarURLSearchHook Class: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - c:\program files\freecorder 6\tbhelper.dll
uURLSearchHooks: {462be121-2b54-4218-bf00-b9bf8135b23f} - <orphaned>
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Happy Lyrics: {59C0C5BD-2579-433A-BBB8-AFFD59642BAF} - c:\program files\happylyrics\hppylrc.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: TBSB00808 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - c:\program files\freecorder 6\tbcore3.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files\yontoo\YontooIEClient.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: &RoboForm: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Freecorder 6: {6B34ACCF-1B63-4E1A-8633-461917C75544} - c:\program files\freecorder 6\tbcore3.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
TB: Freecorder 6: {6B34ACCF-1B63-4E1A-8633-461917C75544} - c:\program files\freecorder 6\tbcore3.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [Skytel] c:\program files\realtek\audio\hda\Skytel.exe
mRun: [Lexmark X84-X85 Button Manager] c:\progra~1\lexmar~1\AcBtnMgr_X84-X85.exe
mRun: [PrinTray] c:\windows\system32\spool\drivers\w32x86\3\printray.exe
mRun: [lxdvmon.exe] "c:\program files\lexmark x5400 series\lxdvmon.exe"
mRun: [lxdvamon] "c:\program files\lexmark x5400 series\lxdvamon.exe"
mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [DivXMediaServer] c:\program files\divx\divx media server\DivXMediaServer.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [mcpltui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\ray\appdata\roaming\microsoft\windows\start menu\programs\startup\TalkTalk Setup CD Reporting Tool.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.287\SSScheduler.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.co...72741-17534-1/4
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{8E95E304-7C00-4260-8609-AAE68B9DBC1D} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F0237129-DCF1-400F-9260-FE7C3C4B7109} : DHCPNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.110\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2012-11-9 566656]
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2013-2-13 102008]
R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-12-28 212432]
R1 RapportCerberus_53984;RapportCerberus_53984;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\53984\RapportCerberus32_53984.sys [2013-5-30 317424]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2013-2-13 102680]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2013-2-13 173880]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/04/21 15:55:00];c:\program files\homecinema\powerdvd9\000.fcl [2009-9-1 87536]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 hasplms;Sentinel Local License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
R2 HomeNetSvc;McAfee Home Network;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2012-12-20 184728]
R2 IBUpdaterService;Updater Service;c:\programdata\ibupdaterservice\ibsvc.exe [2013-6-10 727584]
R2 lxdv_device;lxdv_device;c:\windows\system32\lxdvcoms.exe -service --> c:\windows\system32\lxdvcoms.exe -service [?]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-6-13 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-6-13 701512]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2010-1-4 101552]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2012-12-20 184728]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2012-12-20 184728]
R2 mcpltsvc;McAfee Platform Services;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2012-12-20 184728]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2012-12-20 184728]
R2 mfecore;McAfee Anti-Malware Core;c:\program files\common files\mcafee\amcore\mcshield.exe [2012-12-20 638976]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2012-12-20 169320]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-12-20 172416]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2013-2-13 1124184]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2012-8-28 92632]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-11-9 60920]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-6-13 22856]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2012-11-9 235520]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-11-9 363432]
R3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\drivers\mfencbdc.sys [2013-2-18 257496]
R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2007-11-21 569344]
S2 ADExchange;ArcSoft Exchange Service;c:\program files\common files\arcsoft\esinter\bin\eservutil.exe --> c:\program files\common files\arcsoft\esinter\bin\eservutil.exe [?]
S2 CLKMSVC10_5CD8CF9A;CyberLink Product - 2011/09/03 23:10:55;c:\program files\homecinema\powerdvd9\navfilter\kmsvc.exe [2010-11-18 240112]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 lxdvCATSCustConnectService;lxdvCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdvserv.exe [2007-10-18 98984]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2012-6-20 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2013-3-30 147472]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.287\McCHSvc.exe [2012-9-11 234776]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2012-11-9 65928]
S3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\drivers\mfencrk.sys [2013-2-18 80592]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]
S3 ST330;ST330;c:\windows\system32\drivers\st330.sys [2005-10-27 30464]
S3 STBUS;STBUS;c:\windows\system32\drivers\stbus.sys [2005-10-27 12672]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-5-14 3289208]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
S4 Yontoo Desktop Updater;Yontoo Desktop Updater;c:\program files\yontoo\Y2Desktop.Updater.exe [2013-4-1 23552]
.
=============== Created Last 30 ================
.
2013-06-14 15:19:26 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{751158cb-aee7-4642-84e4-eb21b0a5287e}\offreg.dll
2013-06-14 15:14:50 7016152 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{751158cb-aee7-4642-84e4-eb21b0a5287e}\mpengine.dll
2013-06-13 09:32:23 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-13 09:32:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-06-12 14:43:11 443904 ----a-w- c:\windows\system32\win32spl.dll
2013-06-12 14:43:11 37376 ----a-w- c:\windows\system32\printcom.dll
2013-06-12 14:43:08 914792 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-12 14:43:08 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-06-12 14:42:57 985600 ----a-w- c:\windows\system32\crypt32.dll
2013-06-12 14:42:57 812544 ----a-w- c:\windows\system32\certutil.exe
2013-06-12 14:42:57 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-12 14:42:56 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-12 14:42:56 41984 ----a-w- c:\windows\system32\certenc.dll
2013-06-12 14:42:40 3603832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-12 14:42:39 3551096 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-06-12 14:42:11 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-10 18:11:29 -------- d-----w- c:\users\ray\appdata\roaming\McAFee TechCheck
2013-06-10 18:07:54 244416 ----a-w- c:\windows\system32\Msflxgrd.ocx
2013-06-10 18:07:54 209192 ----a-w- c:\windows\system32\TABCTL32.OCX
2013-06-10 18:07:54 203976 ----a-w- c:\windows\system32\RICHTX32.OCX
2013-06-10 18:07:54 140288 ----a-w- c:\windows\system32\comdlg32.ocx
2013-06-10 18:07:49 -------- d-----w- c:\users\ray\appdata\roaming\TechCheck
2013-06-10 14:42:41 -------- d-----w- c:\users\ray\appdata\roaming\PerformerSoft
2013-06-10 14:41:50 18096 ----a-w- c:\windows\system32\roboot.exe
2013-06-10 14:41:50 -------- d-----w- c:\program files\MyPC Backup
2013-06-10 14:41:36 -------- d-----w- c:\users\ray\appdata\roaming\SpeedAnalysis2
2013-06-10 14:41:34 79360 ----a-w- c:\windows\system32\ff_vfw.dll
2013-06-10 14:41:33 -------- d-----w- c:\users\ray\appdata\roaming\PlusWinks
2013-06-10 14:41:21 -------- d-----w- c:\program files\ffdshow
2013-06-10 14:41:12 -------- d-----w- c:\users\ray\appdata\roaming\File Scout
2013-06-10 14:41:11 -------- d-----w- c:\programdata\IBUpdaterService
2013-06-07 19:58:49 -------- d-----w- c:\program files\HappyLyrics
2013-06-05 23:09:19 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-06-05 20:16:41 -------- d-----w- c:\users\ray\appdata\local\{CB329204-FBBA-41C9-8AD0-DFB59A87283D}
2013-06-01 11:48:50 -------- d-----w- c:\users\ray\appdata\local\{55D9282A-F487-40F3-B910-09290CCB1C20}
2013-05-29 17:47:45 -------- d-----w- c:\programdata\McAfee Security Scan
2013-05-29 17:47:10 0 ----a-w- c:\windows\system32\RENDDB5.tmp
2013-05-29 17:47:10 0 ----a-w- c:\windows\system32\RENDDB4.tmp
2013-05-29 00:53:57 -------- d-----w- C:\d4a0c10d4ea30d040ec83fb005
2013-05-29 00:02:06 64000 ----a-w- c:\windows\system32\smss.exe
2013-05-29 00:02:06 49152 ----a-w- c:\windows\system32\csrsrv.dll
2013-05-29 00:02:04 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-29 00:02:03 37376 ----a-w- c:\windows\system32\cdd.dll
2013-05-29 00:01:52 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-05-29 00:01:49 2049024 ----a-w- c:\windows\system32\win32k.sys
2013-05-29 00:01:47 2067968 ----a-w- c:\windows\system32\mstscax.dll
2013-05-29 00:01:45 376320 ----a-w- c:\windows\system32\winsrv.dll
2013-05-28 21:42:02 -------- d-----w- c:\users\ray\appdata\roaming\McAfee
2013-05-28 18:39:13 4167680 ----a-w- c:\program files\GUTC4D5.tmp
2013-05-28 18:39:13 -------- d-----w- c:\program files\GUMC206.tmp
2013-05-27 21:08:49 -------- d-----w- c:\program files\LyricsFan
2013-05-27 21:08:38 -------- d-----w- c:\users\ray\appdata\roaming\mysearchdial
2013-05-27 21:08:30 -------- d-----w- c:\program files\FindLyrics
2013-05-27 21:01:24 -------- d-----w- c:\users\ray\Qtrax
2013-05-27 21:01:14 -------- d-----w- c:\programdata\Symantec
2013-05-27 21:00:51 -------- d-----w- c:\program files\Norton Security Scan
2013-05-27 21:00:49 -------- d-----w- c:\programdata\Norton
2013-05-27 21:00:45 -------- d-----w- c:\programdata\NortonInstaller
2013-05-27 21:00:45 -------- d-----w- c:\program files\NortonInstaller
2013-05-27 21:00:26 -------- d-----w- c:\users\ray\appdata\roaming\WebCake
2013-05-27 21:00:24 -------- d-----w- c:\program files\WebCake
2013-05-24 00:51:23 -------- d-----w- c:\program files\ArcSoft(19)
2013-05-22 20:56:21 -------- d-----w- c:\users\ray\appdata\local\{CC7321B3-DF6F-45E3-9721-E8832A9E5EAC}
2013-05-20 12:20:10 -------- d-----w- c:\program files\common files\Java(77)
2013-05-20 12:07:39 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1(269)
.
==================== Find3M ====================
.
2013-06-12 18:31:35 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-12 18:31:35 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-16 22:39:39 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-05-16 22:28:26 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-05-16 22:27:30 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-16 22:21:37 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-16 22:20:30 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-05-16 22:16:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-02 01:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-03 12:53:24 60920 ----a-w- c:\windows\system32\drivers\cfwids.sys
2013-04-03 12:50:44 212432 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2013-04-03 12:50:34 172416 ----a-w- c:\windows\system32\mfevtps.exe
2013-04-03 12:48:22 566656 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2013-04-03 12:47:32 363432 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2013-04-03 12:47:10 65928 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2013-04-03 12:46:52 235520 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2013-04-03 12:46:22 133992 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2013-03-23 01:09:28 354656 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
.
============= FINISH: 16:33:27.83 ===============

The second log is here

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 14/06/2009 14:14:43
System Uptime: 14/06/2013 15:52:33 (1 hours ago)
.
Motherboard: MICRO-STAR INTERNATIONAL CO., LTD | | MS-7502
Processor: Intel® Core™2 Quad CPU Q8300 @ 2.50GHz | Socket 775 | 2498/333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 912 GiB total, 315.537 GiB free.
D: is FIXED (FAT32) - 20 GiB total, 9.324 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1421: 17/05/2013 04:26:34 - Scheduled Checkpoint
RP1423: 17/05/2013 19:41:44 - Installed ArcSoft ShowBiz
RP1424: 18/05/2013 11:29:45 - Scheduled Checkpoint
RP1425: 20/05/2013 10:44:12 - Scheduled Checkpoint
RP1426: 20/05/2013 13:18:28 - Installed Java 7 Update 21
RP1427: 21/05/2013 06:59:27 - Windows Update
RP1428: 21/05/2013 07:11:13 - Removed Corel MediaOne.
RP1429: 21/05/2013 07:15:10 - Removed CorelDRAW Essential Edition 3
RP1430: 22/05/2013 11:02:57 - Scheduled Checkpoint
RP1432: 22/05/2013 20:42:12 - Installed ArcSoft ShowBiz
RP1433: 24/05/2013 01:40:04 - Removed ShowBiz
RP1434: 24/05/2013 01:50:17 - Installed ShowBiz
RP1435: 24/05/2013 23:02:56 - Windows Update
RP1436: 26/05/2013 06:13:04 - Scheduled Checkpoint
RP1437: 27/05/2013 14:47:27 - Scheduled Checkpoint
RP1438: 28/05/2013 09:41:33 - Windows Update
RP1439: 28/05/2013 11:45:13 - Restore Operation
RP1440: 28/05/2013 11:59:24 - Windows Update
RP1441: 28/05/2013 19:16:19 - Restore Operation
RP1442: 28/05/2013 20:07:21 - Windows Update
RP1443: 29/05/2013 00:13:58 - Removed ShowBiz
RP1444: 29/05/2013 01:51:41 - Windows Update
RP1445: 29/05/2013 02:03:31 - Windows Update
RP1446: 29/05/2013 18:45:40 - Installed Java 7 Update 21
RP1447: 29/05/2013 18:56:10 - Removed Java 7 Update 21
RP1448: 31/05/2013 12:20:12 - Scheduled Checkpoint
RP1449: 01/06/2013 10:44:14 - Windows Update
RP1450: 02/06/2013 13:30:29 - Scheduled Checkpoint
RP1451: 05/06/2013 13:43:55 - Scheduled Checkpoint
RP1452: 05/06/2013 23:19:22 - Removed iTunes
RP1453: 06/06/2013 00:08:37 - Installed iTunes
RP1454: 07/06/2013 19:50:55 - Windows Update
RP1455: 08/06/2013 16:46:13 - Scheduled Checkpoint
RP1456: 09/06/2013 13:06:59 - Scheduled Checkpoint
RP1457: 11/06/2013 09:43:37 - Windows Update
RP1458: 12/06/2013 08:52:34 - Removed Bonjour
RP1459: 12/06/2013 15:32:39 - Windows Update
RP1460: 12/06/2013 16:13:55 - Windows Update
RP1461: 13/06/2013 10:57:40 - Removed Qtrax Player.
.
==== Installed Programs ======================
.
ABBYY FineReader 6.0 Sprint
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.5
Adobe Shockwave Player 11.5
AI RoboForm (All Users)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Compatibility Pack for the 2007 Office system
Corel MediaOne
CorelDRAW Essential Edition 3
Coupon Printer
CyberLink MediaShow
CyberLink PhotoNow
CyberLink PowerDirector
CyberLink PowerDVD 9
CyberLink PowerDVD Copy
CyberLink PowerProducer
D3DX10
DivX Plus DirectShow Filters
DivX Setup
Dropbox
EN
EZ Vinyl/Tape Converter 7.7 by MixMeister
Facebook Video Calling 1.2.0.287
ffdshow v1.2.4422 [2012-04-09]
Freecorder 6
Freecorder 6 Applications (6.0.0.45)
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Happy Lyrics
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iCloud
Intel® Matrix Storage Manager
iTunes
Java Auto Updater
JDownloader 0.9
Junk Mail filter update
Lexmark X5400 Series
LightScribe System Software
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Security Scan Plus
McAfee Total Protection
McAfee Virtual Technician
MCE Software Encoder 1.1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office File Validation Add-In
Microsoft Office Live Add-in 1.5
Microsoft Office PowerPoint Viewer 2003
Microsoft Office Professional Edition 2003
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft Works 6-9 Converter
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
neroxml
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA PhysX
OGA Notifier 2.0.0048.0
PC Connectivity Solution
PC VGA Camer@ Plus
PVSonyDll
QuickTime
Rapport
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Segoe UI
Shared C Run-time for x86
Skype Click to Call
Skype™ 6.0
System Requirements Lab
TomTom HOME
TomTom HOME Visual Studio Merge Modules
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update Manager
Updater Service
VC80CRTRedist - 8.0.50727.6195
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinPcap 4.1.1
Yahoo! Toolbar
Yontoo 2.051
.
==== Event Viewer Messages From Past Week ========
.
14/06/2013 15:54:04, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxdvCATSCustConnectService service to connect.
14/06/2013 15:54:04, Error: Service Control Manager [7000] - The lxdvCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
13/06/2013 13:24:43, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect.
13/06/2013 13:24:43, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
13/06/2013 13:24:01, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
13/06/2013 10:24:11, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
12/06/2013 15:36:16, Error: Service Control Manager [7022] - The McAfee Home Network service hung on starting.
12/06/2013 15:33:54, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Font Cache Service service to connect.
12/06/2013 15:33:54, Error: Service Control Manager [7000] - The Windows Font Cache Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/06/2013 15:50:03, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
10/06/2013 15:50:03, Error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/06/2013 15:48:55, Error: EventLog [6008] - The previous system shutdown at 15:44:04 on 10/06/2013 was unexpected.
09/06/2013 23:42:26, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mfecore service.
09/06/2013 19:45:00, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee Platform Services service, but this action failed with the following error: An instance of the service is already running.
09/06/2013 19:44:00, Error: Service Control Manager [7031] - The McAfee Platform Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
09/06/2013 02:45:22, Error: EventLog [6008] - The previous system shutdown at 02:43:24 on 09/06/2013 was unexpected.
08/06/2013 18:15:56, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {A47979D2-C419-11D9-A5B4-001185AD2B89} to the user HOME\ray SID (S-1-5-21-874015975-200929412-1567091792-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
08/06/2013 01:32:00, Error: EventLog [6008] - The previous system shutdown at 01:26:52 on 08/06/2013 was unexpected.
07/06/2013 20:58:22, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the BrowserProtect service, but this action failed with the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
07/06/2013 20:57:52, Error: Service Control Manager [7031] - The BrowserProtect service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
07/06/2013 00:32:20, Error: EventLog [6008] - The previous system shutdown at 00:29:53 on 07/06/2013 was unexpected.
.
==== End Of File ===========================

#2 MrCharlie

MrCharlie

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 28,137 posts
  • Gender:Male
  • Location:So. Plainfield, New Jersey, USA

Posted 14 June 2013 - 11:33 AM

Welcome to the forum.

Have you tried to uninstall it from your add/remove programs??

Yontoo 2.051

MrC

Malware Removal Expert


Posted Image


I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.

Posted Image Thanks MrC & crew

#3 Brigidmartin

Brigidmartin

    New Member

  • Members
  • Pip
  • 3 posts

Posted 15 June 2013 - 05:01 AM

Hi Mr C,
yes I have tried to uninstall but it cannot find it to remove it, I get a message that reads: PROGRA-2/TARMAI~1889DF~ 1/SETUP data.
Error 2 while loading archive the sysytem cannot fiind the file specified

#4 MrCharlie

MrCharlie

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 28,137 posts
  • Gender:Male
  • Location:So. Plainfield, New Jersey, USA

Posted 15 June 2013 - 07:11 AM

Please download AdwCleaner from here and save it on your Desktop.

AdwCleaner is a reliable removal tool for Adware, Foistware, toolbars and potentially unwanted programs.

AdwCleaner is a tool that deletes :
· Adwares (software ads)
· PUP/LPI (Potentially Undesirable Program)
· Toolbars
· Hijacker (Hijack of the browser's homepage)

It works with a Search and Deletion method. It can be easily uninstalled using the "Uninstall" mode.


  • Right-click on adwcleaner.exe and select Run As Administrator (for XP just double click) to launch the application.
  • Now click on the Search tab.
  • Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

Note:
Please look over what was found......especially any folders, we're going to permanently delete it all in the next step....if there's something you may want to keep...please let me know and I'll explain to why it shouldn't be on your system.
If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.

Please note that Antivir Webguard uses ASK Toolbar as part of its web security. If you remove ASK by using Adwcleaner, Antivir Webguard will no longer work properly. Therefore, if you use this program please use the instructions below to access the options screen where you should enable /DisableAskDetections before using AdwCleaner.

You can click on the question mark (?) in the upper left corner of the program and then click on Options. You will then be presented with a dialog where you can disable various detections. These options are described below:

/DisableAskDetection - This option disables Ask Toolbar detection.


MrC

Malware Removal Expert


Posted Image


I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.

Posted Image Thanks MrC & crew

#5 Brigidmartin

Brigidmartin

    New Member

  • Members
  • Pip
  • 3 posts

Posted 15 June 2013 - 11:43 AM

Hi Mr C
this is the result of running AdwCleaner, I don't know if there is anything on this list that shouldn't be deleted.


# AdwCleaner v2.303 - Logfile created 06/15/2013 at 16:56:47
# Updated 08/06/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : ray - HOME
# Boot Mode : Normal
# Running from : C:\Users\ray\Downloads\adwcleaner.exe
# Option [Search]

***** [Services] *****
Found : IBUpdaterService
Found : Yontoo Desktop Updater
***** [Files / Folders] *****
File Found : C:\END
File Found : C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrch.xml
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Users\ray\AppData\Roaming\Mozilla\Firefox\Profiles\nj1k4b90.default\searchplugins\Mysearchdial.xml
File Found : C:\Windows\system32\roboot.exe
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\FindLyrics
Folder Found : C:\Program Files\HappyLyrics
Folder Found : C:\Program Files\TelevisionFanatic
Folder Found : C:\Program Files\WebCake
Folder Found : C:\Program Files\Yontoo
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\DriverCure
Folder Found : C:\ProgramData\IBUpdaterService
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\ProgramData\ParetoLogic
Folder Found : C:\ProgramData\Premium
Folder Found : C:\ProgramData\SpeedMaxPc
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\ray\AppData\Local\Conduit
Folder Found : C:\Users\ray\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Users\ray\AppData\LocalLow\Conduit
Folder Found : C:\Users\ray\AppData\LocalLow\Delta
Folder Found : C:\Users\ray\AppData\LocalLow\facemoods.com
Folder Found : C:\Users\ray\AppData\LocalLow\Mysearchdial
Folder Found : C:\Users\ray\AppData\LocalLow\PriceGong
Folder Found : C:\Users\ray\AppData\LocalLow\ShoppingReport2
Folder Found : C:\Users\ray\AppData\LocalLow\TelevisionFanatic
Folder Found : C:\Users\ray\AppData\LocalLow\Toolbar4
Folder Found : C:\Users\ray\AppData\Roaming\Babylon
Folder Found : C:\Users\ray\AppData\Roaming\DriverCure
Folder Found : C:\Users\ray\AppData\Roaming\file scout
Folder Found : C:\Users\ray\AppData\Roaming\Mozilla\Firefox\Profiles\nj1k4b90.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Found : C:\Users\ray\AppData\Roaming\Mysearchdial
Folder Found : C:\Users\ray\AppData\Roaming\PerformerSoft
Folder Found : C:\Users\ray\AppData\Roaming\SpeedAnalysis2
Folder Found : C:\Users\ray\AppData\Roaming\SpeedMaxPc
Folder Found : C:\Users\ray\AppData\Roaming\WebCake
Folder Found : C:\Users\ray\AppData\Roaming\Yontoo
***** [Registry] *****
Key Found : HKCU\Software\5b48fdce03ee448
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\ShoppingReport2
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Updater Service
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\mysearchdial
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\SpeedMaxPC
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\5b48fdce03ee448
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Found : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\TBSB00808.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\TBSB00808.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\TBSB00808.TBSB00808
Key Found : HKLM\SOFTWARE\Classes\TBSB00808.TBSB00808.3
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3244149
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB00808
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB00808.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Found : HKLM\Software\InstallCore
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Key Found : HKLM\Software\mysearchdial
Key Found : HKLM\Software\PIP
Key Found : HKLM\SOFTWARE\Software
Key Found : HKLM\Software\SpeedMaxPC
Key Found : HKLM\Software\Tarma Installer
Key Found : HKU\S-1-5-21-874015975-200929412-1567091792-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKU\S-1-5-21-874015975-200929412-1567091792-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-874015975-200929412-1567091792-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [happylyrics@hpyproductions.net]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16490
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.mysearchdial.com/?f=1&a=solimmsd&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtCtD0FtCtB0E0A0DtBzzzytN0D0Tzu0CyDtByEtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1L1H1H1B1Q&cr=1731386782&ir=
-\\ Mozilla Firefox v [Unable to get version]
File : C:\Users\ray\AppData\Roaming\Mozilla\Firefox\Profiles\nj1k4b90.default\prefs.js
Found : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=solimmsd&cd=2XzuyEtN2Y1L[...]
Found : user_pref("browser.search.selectedEngine", "Mysearchdial");
Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
-\\ Google Chrome v27.0.1453.110
File : C:\Users\ray\AppData\Local\Google\Chrome\User Data\Default\Preferences
Found [l.2525] : homepage = "hxxp://www.delta-search.com/?affID=121845&babsrc=HP_ss&mntrId=02A50015AF72E192",
Found [l.3748] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?affID=121845&babsrc=HP_ss&mntrId=02A50015AF72E192" ]
*************************
AdwCleaner[R1].txt - [18495 octets] - [15/06/2013 16:56:47]
########## EOF - C:\AdwCleaner[R1].txt - [18556 octets] ##########

#6 MrCharlie

MrCharlie

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 28,137 posts
  • Gender:Male
  • Location:So. Plainfield, New Jersey, USA

Posted 15 June 2013 - 11:46 AM

It's all adware........

Lots of adware found....lets clear it out.....
  • Please re-run AdwCleaner
  • Click on Delete button.
  • Confirm each time with OK if asked.
  • Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

Reboot and let me know how it is.....MrC

Malware Removal Expert


Posted Image


I volunteer my free time to help you, if you would like to donate to show your appreciation, it will be much appreciated.

Posted Image Thanks MrC & crew

#7 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 40,987 posts
  • Gender:Male
  • Location:US

Posted 20 June 2013 - 02:38 PM

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users