Jump to content

zygotic

Members
  • Posts

    17
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I don't really know. Having the Pup.optional thing on my computer never really affected me in the first place........you said it wasn't a serious issue, didn't you? I mean, what do you want me to do now? Do you want me to do a full Malwarebytes scan? Do you want me to have another go at taking off the search-result toolbar?
  2. And here is the malwarebytes log: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.08.08.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 10.0.9200.16635 karen :: KAREN-PC [administrator] 08/08/2013 15:43:34 mbam-log-2013-08-08 (15-43-34).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 215034 Time elapsed: 10 minute(s), 24 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  3. Here is the AdwCleaner log: # AdwCleaner v2.306 - Logfile created 08/08/2013 at 15:33:23 # Updated 19/07/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (32 bits) # User : karen - KAREN-PC # Boot Mode : Normal # Running from : C:\Users\karen\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16635 [OK] Registry is clean. -\\ Google Chrome v28.0.1500.95 File : C:\Users\karen\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [3892 octets] - [06/08/2013 11:32:51] AdwCleaner[s2].txt - [717 octets] - [08/08/2013 15:33:23] ########## EOF - C:\AdwCleaner[s2].txt - [776 octets] ##########
  4. Ok, I'm back again. Here is the Junkware removal tool log: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.3.8 (08.07.2013:4) OS: Windows 7 Home Premium x86 Ran by karen on 08/08/2013 at 15:20:00.65 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\datamngr Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\browserconnection.dll Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{75E8DA27-44AF-40AE-927C-F2EEC99D65B1} Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilividtoolbarguid Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\performersoft llc Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\torch Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\trolltech Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\ilividtoolbarguid Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Successfully deleted: [Registry Key] "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3242055426-2972767584-1155037981-1000\Software\SweetIM" Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetup.exe Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ilividiehelper.dnsguard Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ilividiehelper.dnsguard.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} ~~~ Files Successfully deleted [File] C:\Windows\system32\Tasks\CreateChoiceProcessTask Successfully deleted: [File] "C:\Windows\system32\roboot.exe" ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\tarma installer" Successfully deleted: [Folder] "C:\Users\karen\appdata\local\ilivid" Successfully deleted: [Folder] "C:\Users\karen\appdata\local\torch" Successfully deleted: [Folder] "C:\Users\karen\appdata\locallow\ilividtoolbarguid" Successfully deleted: [Folder] "C:\Program Files\file scout" Successfully deleted: [Folder] "C:\Program Files\search results toolbar" ~~~ Chrome Successfully deleted: [Folder] C:\Users\karen\appdata\local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 08/08/2013 at 15:23:05.64 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  5. Everytime I try to uninstall it a black box comes up. A black box comes up everytime my desktop opens too. Should I be worried?
  6. I've tried uninstalling it but it won't uninstall.
  7. I'm sorry, but how do I uninstall search-results toolbar? I'm really sorry but I'm a real novice at this. You're gonna have to be patient with me.
  8. And here is the attach.txt log: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 10/01/2010 11:19:20 System Uptime: 08/08/2013 11:13:51 (0 hours ago) . Motherboard: Advent | | Roma Processor: Intel® Celeron® CPU 900 @ 2.20GHz | U2E1 | 2194/mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 289 GiB total, 236.996 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP617: 29/06/2013 07:56:05 - Windows Update RP618: 02/07/2013 20:42:55 - Windows Update RP619: 08/07/2013 20:07:37 - Windows Update RP620: 12/07/2013 22:15:46 - Windows Update RP621: 12/07/2013 22:30:41 - Windows Update RP622: 17/07/2013 15:18:46 - Windows Update RP623: 21/07/2013 08:26:50 - Windows Update RP624: 24/07/2013 13:54:13 - Windows Update RP625: 27/07/2013 22:46:58 - Windows Update RP626: 02/08/2013 20:56:10 - Windows Update RP627: 06/08/2013 13:12:17 - Windows Update RP628: 07/08/2013 11:31:57 - Restore Operation RP629: 07/08/2013 12:56:07 - Windows Update RP630: 07/08/2013 13:00:42 - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Acrobat.com Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.5) Apple Application Support Apple Mobile Device Support Apple Software Update Bonjour CCScore Compatibility Pack for the 2007 Office system CyberLink MediaShow Espresso CyberLink Power2Go CyberLink YouCam docrafts DIGITAL Designer docrafts Digital Designer™ ESSCDBK ESScore ESSgui ESSini ESSPCD ESSSONIC ESSTOOLS essvatgt Foxit Reader Google Chrome Google Toolbar for Internet Explorer Google Update Helper iLivid Intel® Graphics Media Accelerator Driver Intel® TV Wizard Intel® Matrix Storage Manager iTunes kgcbaby kgcbase kgchday kgchlwn kgcinvt kgckids kgcmove kgcvday Kodak EasyShare software KSU Launch LIVE! Control Center 1.05 LIVE! OSD 1.14(AD) Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Standard 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Works MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) My Craft Studio My Craft Studio Professional 2.1.4.0 netbrdg Notifier OfotoXMI Pacman Papercraft Factory PCDADDIN PCDHELP PhotoMail Maker PlayReady PC Runtime x86 QuickTime Rapport Realtek 8136 8168 8169 Ethernet Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader REALTEK Wireless LAN Driver Search-Results Toolbar Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition SFR SHASTA SKIN0001 SKINXSDK SpaceInvadersAnniversary staticcr Synaptics Pointing Device Driver tooltips Torch Unity Web Player Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VPRINTOL WIRELESS . ==== Event Viewer Messages From Past Week ======== . 07/08/2013 12:54:51, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. . ==== End Of File ===========================
  9. Ok, sorry about the lateness of my reply. So busy this week. So let's start again. Here is the dds.txt log - DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 10.0.9200.16635 Run by karen at 11:18:52 on 2013-08-08 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3033.1847 [GMT 1:00] . AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\CyberLink\YouCam\YouCamTray.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\system32\taskeng.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\The TechGuys\Launch\Launch.exe C:\Program Files\OEM\LIVE! OSD 1.14(AD)\osd.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\sppsvc.exe c:\Program Files\Microsoft Security Client\MpCmdRun.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet . ============== Pseudo HJT Report =============== . BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [Reminder] c:\program files\ttg\reminder\Reminder.exe uRun: [Google Update] "c:\users\karen\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [MDS_Menu] "c:\program files\cyberlink\mediashowespresso\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\mediashowespresso" updatewithcreateonce "software\cyberlink\mediashow espresso\5.0" mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe" mRun: [updateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0" mRun: [uCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\3.0" mRun: [YouCam Mirror Tray icon] "c:\program files\cyberlink\youcam\YouCamTray.exe" /s mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [DATAMNGR] c:\progra~1\search~1\datamngr\DATAMN~1.EXE StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\launch.lnk - c:\windows\installer\{4a65dad2-e914-4923-9c2a-81b968a68ce2}\_A685CC3126A7CC37D335DE.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\osd.lnk - c:\windows\installer\{73289228-1853-4623-982a-eb17ff0270ca}\_CCB0CAEC2D875359E0C287.exe mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} TCP: NameServer = 192.168.1.254 TCP: Interfaces\{B8D3022A-29F4-45DB-9556-5EB101D2A478} : DHCPNameServer = 192.168.1.254 Notify: igfxcui - igfxdev.dll AppInit_DLLs= c:\progra~2\browse~1\261040~1.25\{c16c1~1\browse~1.dll SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-6-18 211560] R1 RapportCerberus_53984;RapportCerberus_53984;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\53984\RapportCerberus32_53984.sys [2013-6-1 317424] R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2013-2-13 102680] R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2013-2-13 173880] R2 LiveGpdKBFilter;LiveGpdKBFilter;c:\windows\system32\drivers\LiveGpdKBFilter.sys [2009-9-1 4096] R2 LiveIO;LiveIO;c:\windows\system32\drivers\LiveIO.sys [2009-9-1 15312] R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 107392] R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2013-2-13 1124184] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-9-1 122368] R3 Livekbc;Livekbc;c:\windows\system32\drivers\Livekbc.sys [2009-9-1 4096] R3 Livemouclass;Livemouclass;c:\windows\system32\drivers\Livemouclass.sys [2009-9-1 3968] R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-6-20 295376] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-9-1 167936] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2013-2-13 102008] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-9-1 166912] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-1 52224] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-8 1343400] . =============== Created Last 30 ================ . 2013-08-07 12:05:41 -------- d-----w- c:\windows\system32\MRT 2013-08-07 11:58:44 698504 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{d2d58bd7-2ea0-41f9-bedc-875f22b11a57}\gapaengine.dll 2013-08-07 11:57:28 7143960 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{23fff231-9657-41f1-984a-24b114e682f2}\mpengine.dll 2013-08-07 10:42:15 7068072 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2013-08-06 10:24:23 -------- d-----w- c:\windows\ERUNT 2013-07-12 21:16:09 1247744 ----a-w- c:\windows\system32\DWrite.dll 2013-07-12 21:16:00 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-07-12 21:15:58 509440 ----a-w- c:\windows\system32\qedit.dll 2013-07-12 21:15:55 2347520 ----a-w- c:\windows\system32\win32k.sys 2013-07-12 21:14:53 988672 ----a-w- c:\program files\windows journal\JNTFiltr.dll 2013-07-12 21:14:53 936448 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll 2013-07-12 21:14:52 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll 2013-07-12 21:14:52 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL 2013-07-12 21:14:31 680960 ----a-w- c:\program files\windows defender\MpSvc.dll 2013-07-12 21:14:31 392704 ----a-w- c:\program files\windows defender\MpClient.dll 2013-07-12 21:14:31 224768 ----a-w- c:\program files\windows defender\MpCommu.dll . ==================== Find3M ==================== . 2013-06-18 20:50:08 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2013-06-18 20:50:08 107392 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2013-06-15 17:54:41 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-06-15 17:54:40 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-06-11 23:43:37 1767936 ----a-w- c:\windows\system32\wininet.dll 2013-06-11 23:43:00 2877440 ----a-w- c:\windows\system32\jscript9.dll 2013-06-11 23:42:58 61440 ----a-w- c:\windows\system32\iesetup.dll 2013-06-11 23:42:58 109056 ----a-w- c:\windows\system32\iesysprep.dll 2013-06-11 22:51:45 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2013-06-07 02:37:52 2706432 ----a-w- c:\windows\system32\mshtml.tlb 2013-05-13 04:45:55 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2013-05-13 04:45:55 1160192 ----a-w- c:\windows\system32\crypt32.dll 2013-05-13 04:45:55 103936 ----a-w- c:\windows\system32\cryptnet.dll 2013-05-13 03:08:10 903168 ----a-w- c:\windows\system32\certutil.exe 2013-05-13 03:08:06 43008 ----a-w- c:\windows\system32\certenc.dll . ============= FINISH: 11:21:13.83 ===============
  10. Thank you! The internet is working again. Ok, I'm so sorry I didn't listen to you, Borislav. From now on I will only do what you tell me to do. So what do you want me to do now? Just to let you know, since the system restore, the Junkware removal tool, AdwCleaner and RogueKiller are no longer on my desktop.
  11. I'm really sorry that I didn't listen to you. But now that my internet freezes up, how do I reinstall google chrome? It won't even let me into the website.
  12. Now pages aren't opening when I go on the internet. It's all gone very slow. What have I done?
  13. Quick question: I don't know if I should have but I deleted the infected files found on the RogueKiller scan. Should I have done that?
  14. Ok, hello. I've done all the scans and here are the logs from each scan: Junkware removal scan log: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.3.4 (08.06.2013:1) OS: Windows 7 Home Premium x86 Ran by karen on 06/08/2013 at 11:24:27.75 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\browserconnection.dll Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468} Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilividtoolbarguid Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\performersoft llc Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\torch Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\ilividtoolbarguid Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetup.exe Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ilividiehelper.dnsguard Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\ilividiehelper.dnsguard.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} ~~~ Files Successfully deleted [File] C:\Windows\system32\Tasks\CreateChoiceProcessTask Successfully deleted: [File] "C:\Windows\system32\roboot.exe" ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\babylon" Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess" Successfully deleted: [Folder] "C:\ProgramData\partner" Successfully deleted: [Folder] "C:\Users\karen\AppData\Roaming\performersoft" Successfully deleted: [Folder] "C:\Users\karen\appdata\local\ilivid" Successfully deleted: [Folder] "C:\Users\karen\appdata\local\torch" Successfully deleted: [Folder] "C:\Users\karen\appdata\locallow\babylontoolbar" Successfully deleted: [Folder] "C:\Users\karen\appdata\locallow\datamngr" Successfully deleted: [Folder] "C:\Users\karen\appdata\locallow\ilividtoolbarguid" Successfully deleted: [Folder] "C:\Users\karen\appdata\locallow\searchresultstb" Successfully deleted: [Folder] "C:\Program Files\file scout" Successfully deleted: [Folder] "C:\Program Files\search results toolbar" ~~~ Chrome Successfully deleted: [Folder] C:\Users\karen\appdata\local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 06/08/2013 at 11:27:16.38 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ AdwCleaner log: # AdwCleaner v2.306 - Logfile created 08/06/2013 at 11:33:58 # Updated 19/07/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (32 bits) # User : karen - KAREN-PC # Boot Mode : Normal # Running from : C:\Users\karen\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\user.js File Deleted : C:\Users\karen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk Folder Deleted : C:\Users\karen\AppData\Local\Temp\{f34c9277-6577-4dff-b2d7-7d58092f272f} Folder Deleted : C:\Users\karen\AppData\Roaming\StatusWinks ***** [Registry] ***** Key Deleted : HKCU\Software\59538fd9b335e841 Key Deleted : HKCU\Software\APN DTX Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0F4A166-B8D4-48B8-9D63-80849FE137CB} Key Deleted : HKLM\SOFTWARE\59538fd9b335e841 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF} Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\iLividSRTB Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope] Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [statuswinks@StatusWinks] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [statuswinks@StatusWinks] ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16635 [OK] Registry is clean. -\\ Google Chrome v28.0.1500.95 File : C:\Users\karen\AppData\Local\Google\Chrome\User Data\Default\Preferences ************************* AdwCleaner[R1].txt - [3892 octets] - [06/08/2013 11:32:51] AdwCleaner[s1].txt - [3718 octets] - [06/08/2013 11:33:58] ########## EOF - C:\AdwCleaner[s1].txt - [3778 octets] ########## Malwarebytes log: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.08.06.01 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 10.0.9200.16635 karen :: KAREN-PC [administrator] 06/08/2013 11:39:53 mbam-log-2013-08-06 (11-39-53).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 214388 Time elapsed: 10 minute(s), 58 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) RogueKiller log: RogueKiller V8.6.5 [Aug 5 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version Started in : Normal mode User : karen [Admin rights] Mode : Scan -- Date : 08/06/2013 11:55:39 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : Google Update ("C:\Users\karen\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-3242055426-2972767584-1155037981-1000\[...]\Run : Google Update ("C:\Users\karen\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> FOUND [HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 5 ¤¤¤ [V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-3242055426-2972767584-1155037981-1000UA.job : C:\Users\karen\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND [V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-3242055426-2972767584-1155037981-1000Core.job : C:\Users\karen\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND [V2][ROGUE ST] 4710 : wscript.exe - C:\Users\karen\AppData\Local\Temp\launchie.vbs //B -> FOUND [V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-3242055426-2972767584-1155037981-1000Core : C:\Users\karen\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND [V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-3242055426-2972767584-1155037981-1000UA : C:\Users\karen\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD3200BEVT-22ZCT0 +++++ --- User --- [MBR] f08fe5d52589f3410976386ed4852c11 [bSP] d0667b7db2bff96fbe4f482ba0ea7eb7 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 9500 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 19458048 | Size: 295743 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_08062013_115539.txt >> I hope that all makes sense to you and you can help me. Thank you.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.