Sign in to follow this  
Followers 0
Brigidmartin

This is my malware log I have the Yontoo 2.051 virus on my PC

7 posts in this topic

I have followed your instructions and these are the two reports that I got. I have the Yontoo 2.051 virus on my computer and would be very grateful for your help.

Thank you

Brigid .

The first one is to follow

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16490

Run by ray at 16:32:16 on 2013-06-14

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3325.1208 [GMT 1:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\LexmarkX84-X85\AcBtnMgr_X84-X85.exe

C:\Program Files\Lexmark X5400 Series\lxdvmon.exe

C:\Program Files\Lexmark X5400 Series\lxdvamon.exe

C:\Windows\PixArt\PAC7302\Monitor.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe

C:\Program Files\McAfee Security Scan\3.0.287\SSScheduler.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\system32\hasplms.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\ProgramData\IBUpdaterService\ibsvc.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Windows\system32\lxdvcoms.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

C:\Windows\system32\mfevtps.exe

C:\Windows\system32\PSIService.exe

C:\Program Files\Cyberlink\Shared files\RichVideo.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\rundll32.exe

C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\PROGRA~1\McAfee\MSC\McAPExe.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe

C:\Program Files\Freecorder 6\TbHelper2.exe

c:\PROGRA~1\mcafee\SITEAD~1\saui.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.co.uk/

mStart Page = hxxp://start.mysearchdial.com/?f=1&a=solimmsd&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtCtD0FtCtB0E0A0DtBzzzytN0D0Tzu0CyDtByEtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1L1H1H1B1Q&cr=1731386782&ir=

mDefault_Page_URL = hxxp://www.aldi.com/

uSearchURL,(Default) = hxxp://uk.search.yahoo.com/search?fr=mcafee&p=%s

uURLSearchHooks: ToolbarURLSearchHook Class: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - c:\program files\freecorder 6\tbhelper.dll

uURLSearchHooks: {462be121-2b54-4218-bf00-b9bf8135b23f} - <orphaned>

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll

BHO: Happy Lyrics: {59C0C5BD-2579-433A-BBB8-AFFD59642BAF} - c:\program files\happylyrics\hppylrc.dll

BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

BHO: TBSB00808 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - c:\program files\freecorder 6\tbcore3.dll

BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files\yontoo\YontooIEClient.dll

BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll

TB: &RoboForm: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\roboform.dll

TB: Freecorder 6: {6B34ACCF-1B63-4E1A-8633-461917C75544} - c:\program files\freecorder 6\tbcore3.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll

TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

TB: Freecorder 6: {6B34ACCF-1B63-4E1A-8633-461917C75544} - c:\program files\freecorder 6\tbcore3.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"

mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide

mRun: [iAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"

mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe

mRun: [skytel] c:\program files\realtek\audio\hda\Skytel.exe

mRun: [Lexmark X84-X85 Button Manager] c:\progra~1\lexmar~1\AcBtnMgr_X84-X85.exe

mRun: [PrinTray] c:\windows\system32\spool\drivers\w32x86\3\printray.exe

mRun: [lxdvmon.exe] "c:\program files\lexmark x5400 series\lxdvmon.exe"

mRun: [lxdvamon] "c:\program files\lexmark x5400 series\lxdvamon.exe"

mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe

mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [DivXMediaServer] c:\program files\divx\divx media server\DivXMediaServer.exe

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [mcpltui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

StartupFolder: c:\users\ray\appdata\roaming\microsoft\windows\start menu\programs\startup\TalkTalk Setup CD Reporting Tool.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.287\SSScheduler.exe

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.co...72741-17534-1/4

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html

IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{8E95E304-7C00-4260-8609-AAE68B9DBC1D} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{F0237129-DCF1-400F-9260-FE7C3C4B7109} : DHCPNameServer = 192.168.1.1

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.110\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2012-11-9 566656]

R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2013-2-13 102008]

R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-12-28 212432]

R1 RapportCerberus_53984;RapportCerberus_53984;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\53984\RapportCerberus32_53984.sys [2013-5-30 317424]

R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2013-2-13 102680]

R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2013-2-13 173880]

R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/04/21 15:55:00];c:\program files\homecinema\powerdvd9\000.fcl [2009-9-1 87536]

R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]

R2 hasplms;Sentinel Local License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]

R2 HomeNetSvc;McAfee Home Network;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2012-12-20 184728]

R2 IBUpdaterService;Updater Service;c:\programdata\ibupdaterservice\ibsvc.exe [2013-6-10 727584]

R2 lxdv_device;lxdv_device;c:\windows\system32\lxdvcoms.exe -service --> c:\windows\system32\lxdvcoms.exe -service [?]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-6-13 418376]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-6-13 701512]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2010-1-4 101552]

R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2012-12-20 184728]

R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2012-12-20 184728]

R2 mcpltsvc;McAfee Platform Services;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2012-12-20 184728]

R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\platform\mcsvchost\McSvHost.exe [2012-12-20 184728]

R2 mfecore;McAfee Anti-Malware Core;c:\program files\common files\mcafee\amcore\mcshield.exe [2012-12-20 638976]

R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2012-12-20 169320]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-12-20 172416]

R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2013-2-13 1124184]

R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2012-8-28 92632]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-11-9 60920]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-6-13 22856]

R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2012-11-9 235520]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-11-9 363432]

R3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\drivers\mfencbdc.sys [2013-2-18 257496]

R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2007-11-21 569344]

S2 ADExchange;ArcSoft Exchange Service;c:\program files\common files\arcsoft\esinter\bin\eservutil.exe --> c:\program files\common files\arcsoft\esinter\bin\eservutil.exe [?]

S2 CLKMSVC10_5CD8CF9A;CyberLink Product - 2011/09/03 23:10:55;c:\program files\homecinema\powerdvd9\navfilter\kmsvc.exe [2010-11-18 240112]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 lxdvCATSCustConnectService;lxdvCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdvserv.exe [2007-10-18 98984]

S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2012-6-20 39272]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]

S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2013-3-30 147472]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.287\McCHSvc.exe [2012-9-11 234776]

S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2012-11-9 65928]

S3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\drivers\mfencrk.sys [2013-2-18 80592]

S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]

S3 ST330;ST330;c:\windows\system32\drivers\st330.sys [2005-10-27 30464]

S3 STBUS;STBUS;c:\windows\system32\drivers\stbus.sys [2005-10-27 12672]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S4 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-5-14 3289208]

S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]

S4 Yontoo Desktop Updater;Yontoo Desktop Updater;c:\program files\yontoo\Y2Desktop.Updater.exe [2013-4-1 23552]

.

=============== Created Last 30 ================

.

2013-06-14 15:19:26 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{751158cb-aee7-4642-84e4-eb21b0a5287e}\offreg.dll

2013-06-14 15:14:50 7016152 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{751158cb-aee7-4642-84e4-eb21b0a5287e}\mpengine.dll

2013-06-13 09:32:23 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-06-13 09:32:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-06-12 14:43:11 443904 ----a-w- c:\windows\system32\win32spl.dll

2013-06-12 14:43:11 37376 ----a-w- c:\windows\system32\printcom.dll

2013-06-12 14:43:08 914792 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-06-12 14:43:08 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2013-06-12 14:42:57 985600 ----a-w- c:\windows\system32\crypt32.dll

2013-06-12 14:42:57 812544 ----a-w- c:\windows\system32\certutil.exe

2013-06-12 14:42:57 133120 ----a-w- c:\windows\system32\cryptsvc.dll

2013-06-12 14:42:56 98304 ----a-w- c:\windows\system32\cryptnet.dll

2013-06-12 14:42:56 41984 ----a-w- c:\windows\system32\certenc.dll

2013-06-12 14:42:40 3603832 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-06-12 14:42:39 3551096 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-06-12 14:42:11 24576 ----a-w- c:\windows\system32\cryptdlg.dll

2013-06-10 18:11:29 -------- d-----w- c:\users\ray\appdata\roaming\McAFee TechCheck

2013-06-10 18:07:54 244416 ----a-w- c:\windows\system32\Msflxgrd.ocx

2013-06-10 18:07:54 209192 ----a-w- c:\windows\system32\TABCTL32.OCX

2013-06-10 18:07:54 203976 ----a-w- c:\windows\system32\RICHTX32.OCX

2013-06-10 18:07:54 140288 ----a-w- c:\windows\system32\comdlg32.ocx

2013-06-10 18:07:49 -------- d-----w- c:\users\ray\appdata\roaming\TechCheck

2013-06-10 14:42:41 -------- d-----w- c:\users\ray\appdata\roaming\PerformerSoft

2013-06-10 14:41:50 18096 ----a-w- c:\windows\system32\roboot.exe

2013-06-10 14:41:50 -------- d-----w- c:\program files\MyPC Backup

2013-06-10 14:41:36 -------- d-----w- c:\users\ray\appdata\roaming\SpeedAnalysis2

2013-06-10 14:41:34 79360 ----a-w- c:\windows\system32\ff_vfw.dll

2013-06-10 14:41:33 -------- d-----w- c:\users\ray\appdata\roaming\PlusWinks

2013-06-10 14:41:21 -------- d-----w- c:\program files\ffdshow

2013-06-10 14:41:12 -------- d-----w- c:\users\ray\appdata\roaming\File Scout

2013-06-10 14:41:11 -------- d-----w- c:\programdata\IBUpdaterService

2013-06-07 19:58:49 -------- d-----w- c:\program files\HappyLyrics

2013-06-05 23:09:19 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1

2013-06-05 20:16:41 -------- d-----w- c:\users\ray\appdata\local\{CB329204-FBBA-41C9-8AD0-DFB59A87283D}

2013-06-01 11:48:50 -------- d-----w- c:\users\ray\appdata\local\{55D9282A-F487-40F3-B910-09290CCB1C20}

2013-05-29 17:47:45 -------- d-----w- c:\programdata\McAfee Security Scan

2013-05-29 17:47:10 0 ----a-w- c:\windows\system32\RENDDB5.tmp

2013-05-29 17:47:10 0 ----a-w- c:\windows\system32\RENDDB4.tmp

2013-05-29 00:53:57 -------- d-----w- C:\d4a0c10d4ea30d040ec83fb005

2013-05-29 00:02:06 64000 ----a-w- c:\windows\system32\smss.exe

2013-05-29 00:02:06 49152 ----a-w- c:\windows\system32\csrsrv.dll

2013-05-29 00:02:04 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-05-29 00:02:03 37376 ----a-w- c:\windows\system32\cdd.dll

2013-05-29 00:01:52 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-05-29 00:01:49 2049024 ----a-w- c:\windows\system32\win32k.sys

2013-05-29 00:01:47 2067968 ----a-w- c:\windows\system32\mstscax.dll

2013-05-29 00:01:45 376320 ----a-w- c:\windows\system32\winsrv.dll

2013-05-28 21:42:02 -------- d-----w- c:\users\ray\appdata\roaming\McAfee

2013-05-28 18:39:13 4167680 ----a-w- c:\program files\GUTC4D5.tmp

2013-05-28 18:39:13 -------- d-----w- c:\program files\GUMC206.tmp

2013-05-27 21:08:49 -------- d-----w- c:\program files\LyricsFan

2013-05-27 21:08:38 -------- d-----w- c:\users\ray\appdata\roaming\mysearchdial

2013-05-27 21:08:30 -------- d-----w- c:\program files\FindLyrics

2013-05-27 21:01:24 -------- d-----w- c:\users\ray\Qtrax

2013-05-27 21:01:14 -------- d-----w- c:\programdata\Symantec

2013-05-27 21:00:51 -------- d-----w- c:\program files\Norton Security Scan

2013-05-27 21:00:49 -------- d-----w- c:\programdata\Norton

2013-05-27 21:00:45 -------- d-----w- c:\programdata\NortonInstaller

2013-05-27 21:00:45 -------- d-----w- c:\program files\NortonInstaller

2013-05-27 21:00:26 -------- d-----w- c:\users\ray\appdata\roaming\WebCake

2013-05-27 21:00:24 -------- d-----w- c:\program files\WebCake

2013-05-24 00:51:23 -------- d-----w- c:\program files\ArcSoft(19)

2013-05-22 20:56:21 -------- d-----w- c:\users\ray\appdata\local\{CC7321B3-DF6F-45E3-9721-E8832A9E5EAC}

2013-05-20 12:20:10 -------- d-----w- c:\program files\common files\Java(77)

2013-05-20 12:07:39 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1(269)

.

==================== Find3M ====================

.

2013-06-12 18:31:35 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-06-12 18:31:35 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-16 22:39:39 1800704 ----a-w- c:\windows\system32\jscript9.dll

2013-05-16 22:28:26 1129472 ----a-w- c:\windows\system32\wininet.dll

2013-05-16 22:27:30 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2013-05-16 22:21:37 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2013-05-16 22:20:30 420864 ----a-w- c:\windows\system32\vbscript.dll

2013-05-16 22:16:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2013-05-02 01:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe

2013-04-03 12:53:24 60920 ----a-w- c:\windows\system32\drivers\cfwids.sys

2013-04-03 12:50:44 212432 ----a-w- c:\windows\system32\drivers\mfewfpk.sys

2013-04-03 12:50:34 172416 ----a-w- c:\windows\system32\mfevtps.exe

2013-04-03 12:48:22 566656 ----a-w- c:\windows\system32\drivers\mfehidk.sys

2013-04-03 12:47:32 363432 ----a-w- c:\windows\system32\drivers\mfefirek.sys

2013-04-03 12:47:10 65928 ----a-w- c:\windows\system32\drivers\mfebopk.sys

2013-04-03 12:46:52 235520 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2013-04-03 12:46:22 133992 ----a-w- c:\windows\system32\drivers\mfeapfk.sys

2013-03-23 01:09:28 354656 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl

.

============= FINISH: 16:33:27.83 ===============

The second log is here

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 14/06/2009 14:14:43

System Uptime: 14/06/2013 15:52:33 (1 hours ago)

.

Motherboard: MICRO-STAR INTERNATIONAL CO., LTD | | MS-7502

Processor: Intel® Core™2 Quad CPU Q8300 @ 2.50GHz | Socket 775 | 2498/333mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 912 GiB total, 315.537 GiB free.

D: is FIXED (FAT32) - 20 GiB total, 9.324 GiB free.

E: is CDROM ()

F: is Removable

G: is Removable

H: is Removable

J: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1421: 17/05/2013 04:26:34 - Scheduled Checkpoint

RP1423: 17/05/2013 19:41:44 - Installed ArcSoft ShowBiz

RP1424: 18/05/2013 11:29:45 - Scheduled Checkpoint

RP1425: 20/05/2013 10:44:12 - Scheduled Checkpoint

RP1426: 20/05/2013 13:18:28 - Installed Java 7 Update 21

RP1427: 21/05/2013 06:59:27 - Windows Update

RP1428: 21/05/2013 07:11:13 - Removed Corel MediaOne.

RP1429: 21/05/2013 07:15:10 - Removed CorelDRAW Essential Edition 3

RP1430: 22/05/2013 11:02:57 - Scheduled Checkpoint

RP1432: 22/05/2013 20:42:12 - Installed ArcSoft ShowBiz

RP1433: 24/05/2013 01:40:04 - Removed ShowBiz

RP1434: 24/05/2013 01:50:17 - Installed ShowBiz

RP1435: 24/05/2013 23:02:56 - Windows Update

RP1436: 26/05/2013 06:13:04 - Scheduled Checkpoint

RP1437: 27/05/2013 14:47:27 - Scheduled Checkpoint

RP1438: 28/05/2013 09:41:33 - Windows Update

RP1439: 28/05/2013 11:45:13 - Restore Operation

RP1440: 28/05/2013 11:59:24 - Windows Update

RP1441: 28/05/2013 19:16:19 - Restore Operation

RP1442: 28/05/2013 20:07:21 - Windows Update

RP1443: 29/05/2013 00:13:58 - Removed ShowBiz

RP1444: 29/05/2013 01:51:41 - Windows Update

RP1445: 29/05/2013 02:03:31 - Windows Update

RP1446: 29/05/2013 18:45:40 - Installed Java 7 Update 21

RP1447: 29/05/2013 18:56:10 - Removed Java 7 Update 21

RP1448: 31/05/2013 12:20:12 - Scheduled Checkpoint

RP1449: 01/06/2013 10:44:14 - Windows Update

RP1450: 02/06/2013 13:30:29 - Scheduled Checkpoint

RP1451: 05/06/2013 13:43:55 - Scheduled Checkpoint

RP1452: 05/06/2013 23:19:22 - Removed iTunes

RP1453: 06/06/2013 00:08:37 - Installed iTunes

RP1454: 07/06/2013 19:50:55 - Windows Update

RP1455: 08/06/2013 16:46:13 - Scheduled Checkpoint

RP1456: 09/06/2013 13:06:59 - Scheduled Checkpoint

RP1457: 11/06/2013 09:43:37 - Windows Update

RP1458: 12/06/2013 08:52:34 - Removed Bonjour

RP1459: 12/06/2013 15:32:39 - Windows Update

RP1460: 12/06/2013 16:13:55 - Windows Update

RP1461: 13/06/2013 10:57:40 - Removed Qtrax Player.

.

==== Installed Programs ======================

.

ABBYY FineReader 6.0 Sprint

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.5.5

Adobe Shockwave Player 11.5

AI RoboForm (All Users)

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Compatibility Pack for the 2007 Office system

Corel MediaOne

CorelDRAW Essential Edition 3

Coupon Printer

CyberLink MediaShow

CyberLink PhotoNow

CyberLink PowerDirector

CyberLink PowerDVD 9

CyberLink PowerDVD Copy

CyberLink PowerProducer

D3DX10

DivX Plus DirectShow Filters

DivX Setup

Dropbox

EN

EZ Vinyl/Tape Converter 7.7 by MixMeister

Facebook Video Calling 1.2.0.287

ffdshow v1.2.4422 [2012-04-09]

Freecorder 6

Freecorder 6 Applications (6.0.0.45)

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Happy Lyrics

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

iCloud

Intel® Matrix Storage Manager

iTunes

Java Auto Updater

JDownloader 0.9

Junk Mail filter update

Lexmark X5400 Series

LightScribe System Software

Malwarebytes Anti-Malware version 1.75.0.1300

McAfee Security Scan Plus

McAfee Total Protection

McAfee Virtual Technician

MCE Software Encoder 1.1

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Office File Validation Add-In

Microsoft Office Live Add-in 1.5

Microsoft Office PowerPoint Viewer 2003

Microsoft Office Professional Edition 2003

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Works

Microsoft Works 6-9 Converter

MSVCRT

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

neroxml

NVIDIA Display Control Panel

NVIDIA Drivers

NVIDIA PhysX

OGA Notifier 2.0.0048.0

PC Connectivity Solution

PC VGA Camer@ Plus

PVSonyDll

QuickTime

Rapport

Realtek High Definition Audio Driver

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Segoe UI

Shared C Run-time for x86

Skype Click to Call

Skype™ 6.0

System Requirements Lab

TomTom HOME

TomTom HOME Visual Studio Merge Modules

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update Manager

Updater Service

VC80CRTRedist - 8.0.50727.6195

Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinPcap 4.1.1

Yahoo! Toolbar

Yontoo 2.051

.

==== Event Viewer Messages From Past Week ========

.

14/06/2013 15:54:04, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxdvCATSCustConnectService service to connect.

14/06/2013 15:54:04, Error: Service Control Manager [7000] - The lxdvCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

13/06/2013 13:24:43, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect.

13/06/2013 13:24:43, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

13/06/2013 13:24:01, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}

13/06/2013 10:24:11, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

12/06/2013 15:36:16, Error: Service Control Manager [7022] - The McAfee Home Network service hung on starting.

12/06/2013 15:33:54, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Font Cache Service service to connect.

12/06/2013 15:33:54, Error: Service Control Manager [7000] - The Windows Font Cache Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

10/06/2013 15:50:03, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.

10/06/2013 15:50:03, Error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

10/06/2013 15:48:55, Error: EventLog [6008] - The previous system shutdown at 15:44:04 on 10/06/2013 was unexpected.

09/06/2013 23:42:26, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mfecore service.

09/06/2013 19:45:00, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee Platform Services service, but this action failed with the following error: An instance of the service is already running.

09/06/2013 19:44:00, Error: Service Control Manager [7031] - The McAfee Platform Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

09/06/2013 02:45:22, Error: EventLog [6008] - The previous system shutdown at 02:43:24 on 09/06/2013 was unexpected.

08/06/2013 18:15:56, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {A47979D2-C419-11D9-A5B4-001185AD2B89} to the user HOME\ray SID (S-1-5-21-874015975-200929412-1567091792-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

08/06/2013 01:32:00, Error: EventLog [6008] - The previous system shutdown at 01:26:52 on 08/06/2013 was unexpected.

07/06/2013 20:58:22, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the BrowserProtect service, but this action failed with the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

07/06/2013 20:57:52, Error: Service Control Manager [7031] - The BrowserProtect service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

07/06/2013 00:32:20, Error: EventLog [6008] - The previous system shutdown at 00:29:53 on 07/06/2013 was unexpected.

.

==== End Of File ===========================

Share this post


Link to post
Share on other sites

Welcome to the forum.

Have you tried to uninstall it from your add/remove programs??

Yontoo 2.051

MrC

Share this post


Link to post
Share on other sites

Hi Mr C,

yes I have tried to uninstall but it cannot find it to remove it, I get a message that reads: PROGRA-2/TARMAI~1889DF~ 1/SETUP data.

Error 2 while loading archive the sysytem cannot fiind the file specified

Share this post


Link to post
Share on other sites

Please download AdwCleaner from here and save it on your Desktop.

AdwCleaner is a reliable removal tool for Adware, Foistware, toolbars and potentially unwanted programs.

AdwCleaner is a tool that deletes :

· Adwares (software ads)

· PUP/LPI (Potentially Undesirable Program)

· Toolbars

· Hijacker (Hijack of the browser's homepage)

It works with a Search and Deletion method. It can be easily uninstalled using the "Uninstall" mode.

  1. Right-click on adwcleaner.exe and select Run As Administrator (for XP just double click) to launch the application.
  2. Now click on the Search tab.
  3. Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

Note:

Please look over what was found......especially any folders, we're going to permanently delete it all in the next step....if there's something you may want to keep...please let me know and I'll explain to why it shouldn't be on your system.

If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.

Please note that Antivir Webguard uses ASK Toolbar as part of its web security. If you remove ASK by using Adwcleaner, Antivir Webguard will no longer work properly. Therefore, if you use this program please use the instructions below to access the options screen where you should enable /DisableAskDetections before using AdwCleaner.

You can click on the question mark (?) in the upper left corner of the program and then click on Options. You will then be presented with a dialog where you can disable various detections. These options are described below:

/DisableAskDetection - This option disables Ask Toolbar detection.

MrC

Share this post


Link to post
Share on other sites

Hi Mr C

this is the result of running AdwCleaner, I don't know if there is anything on this list that shouldn't be deleted.

# AdwCleaner v2.303 - Logfile created 06/15/2013 at 16:56:47

# Updated 08/06/2013 by Xplode

# Operating system : Windows Vista Home Premium Service Pack 2 (32 bits)

# User : ray - HOME

# Boot Mode : Normal

# Running from : C:\Users\ray\Downloads\adwcleaner.exe

# Option [search]

***** [services] *****

Found : IBUpdaterService

Found : Yontoo Desktop Updater

***** [Files / Folders] *****

File Found : C:\END

File Found : C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrch.xml

File Found : C:\Users\Public\Desktop\eBay.lnk

File Found : C:\Users\ray\AppData\Roaming\Mozilla\Firefox\Profiles\nj1k4b90.default\searchplugins\Mysearchdial.xml

File Found : C:\Windows\system32\roboot.exe

Folder Found : C:\Program Files\Conduit

Folder Found : C:\Program Files\FindLyrics

Folder Found : C:\Program Files\HappyLyrics

Folder Found : C:\Program Files\TelevisionFanatic

Folder Found : C:\Program Files\WebCake

Folder Found : C:\Program Files\Yontoo

Folder Found : C:\ProgramData\Babylon

Folder Found : C:\ProgramData\DriverCure

Folder Found : C:\ProgramData\IBUpdaterService

Folder Found : C:\ProgramData\InstallMate

Folder Found : C:\ProgramData\ParetoLogic

Folder Found : C:\ProgramData\Premium

Folder Found : C:\ProgramData\SpeedMaxPc

Folder Found : C:\ProgramData\Tarma Installer

Folder Found : C:\Users\ray\AppData\Local\Conduit

Folder Found : C:\Users\ray\AppData\LocalLow\BabylonToolbar

Folder Found : C:\Users\ray\AppData\LocalLow\Conduit

Folder Found : C:\Users\ray\AppData\LocalLow\Delta

Folder Found : C:\Users\ray\AppData\LocalLow\facemoods.com

Folder Found : C:\Users\ray\AppData\LocalLow\Mysearchdial

Folder Found : C:\Users\ray\AppData\LocalLow\PriceGong

Folder Found : C:\Users\ray\AppData\LocalLow\ShoppingReport2

Folder Found : C:\Users\ray\AppData\LocalLow\TelevisionFanatic

Folder Found : C:\Users\ray\AppData\LocalLow\Toolbar4

Folder Found : C:\Users\ray\AppData\Roaming\Babylon

Folder Found : C:\Users\ray\AppData\Roaming\DriverCure

Folder Found : C:\Users\ray\AppData\Roaming\file scout

Folder Found : C:\Users\ray\AppData\Roaming\Mozilla\Firefox\Profiles\nj1k4b90.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}

Folder Found : C:\Users\ray\AppData\Roaming\Mysearchdial

Folder Found : C:\Users\ray\AppData\Roaming\PerformerSoft

Folder Found : C:\Users\ray\AppData\Roaming\SpeedAnalysis2

Folder Found : C:\Users\ray\AppData\Roaming\SpeedMaxPc

Folder Found : C:\Users\ray\AppData\Roaming\WebCake

Folder Found : C:\Users\ray\AppData\Roaming\Yontoo

***** [Registry] *****

Key Found : HKCU\Software\5b48fdce03ee448

Key Found : HKCU\Software\APN PIP

Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Found : HKCU\Software\AppDataLow\Software\Crossrider

Key Found : HKCU\Software\AppDataLow\Software\PriceGong

Key Found : HKCU\Software\AppDataLow\Software\ShoppingReport2

Key Found : HKCU\Software\AppDataLow\Software\SmartBar

Key Found : HKCU\Software\BabSolution

Key Found : HKCU\Software\Conduit

Key Found : HKCU\Software\DataMngr

Key Found : HKCU\Software\DataMngr_Toolbar

Key Found : HKCU\Software\InstallCore

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Updater Service

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Found : HKCU\Software\mysearchdial

Key Found : HKCU\Software\SmartBar

Key Found : HKCU\Software\SpeedMaxPC

Key Found : HKCU\Software\YahooPartnerToolbar

Key Found : HKLM\SOFTWARE\5b48fdce03ee448

Key Found : HKLM\Software\Babylon

Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}

Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}

Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE

Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE

Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL

Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe

Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler

Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1

Key Found : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc

Key Found : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1

Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr

Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1

Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}

Key Found : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}

Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}

Key Found : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}

Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}

Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}

Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}

Key Found : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}

Key Found : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}

Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}

Key Found : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}

Key Found : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}

Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}

Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}

Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}

Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}

Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}

Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}

Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}

Key Found : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}

Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}

Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}

Key Found : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}

Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}

Key Found : HKLM\SOFTWARE\Classes\Prod.cap

Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils

Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask

Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1

Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper

Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1

Key Found : HKLM\SOFTWARE\Classes\TBSB00808.IEToolbar

Key Found : HKLM\SOFTWARE\Classes\TBSB00808.IEToolbar.1

Key Found : HKLM\SOFTWARE\Classes\TBSB00808.TBSB00808

Key Found : HKLM\SOFTWARE\Classes\TBSB00808.TBSB00808.3

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3244149

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB00808

Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB00808.1

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}

Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook

Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1

Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api

Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1

Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers

Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1

Key Found : HKLM\Software\Conduit

Key Found : HKLM\Software\DataMngr

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

Key Found : HKLM\Software\InstallCore

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service

Key Found : HKLM\Software\mysearchdial

Key Found : HKLM\Software\PIP

Key Found : HKLM\SOFTWARE\Software

Key Found : HKLM\Software\SpeedMaxPC

Key Found : HKLM\Software\Tarma Installer

Key Found : HKU\S-1-5-21-874015975-200929412-1567091792-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}

Key Found : HKU\S-1-5-21-874015975-200929412-1567091792-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Found : HKU\S-1-5-21-874015975-200929412-1567091792-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]

Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]

Value Found : HKCU\Software\Mozilla\Firefox\Extensions [happylyrics@hpyproductions.net]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16490

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.mysearchdial.com/?f=1&a=solimmsd&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtCtD0FtCtB0E0A0DtBzzzytN0D0Tzu0CyDtByEtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1L1H1H1B1Q&cr=1731386782&ir=

-\\ Mozilla Firefox v [unable to get version]

File : C:\Users\ray\AppData\Roaming\Mozilla\Firefox\Profiles\nj1k4b90.default\prefs.js

Found : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=solimmsd&cd=2XzuyEtN2Y1L[...]

Found : user_pref("browser.search.selectedEngine", "Mysearchdial");

Found : user_pref("browser.search.defaultenginename", "Mysearchdial");

-\\ Google Chrome v27.0.1453.110

File : C:\Users\ray\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.2525] : homepage = "hxxp://www.delta-search.com/?affID=121845&babsrc=HP_ss&mntrId=02A50015AF72E192",

Found [l.3748] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?affID=121845&babsrc=HP_ss&mntrId=02A50015AF72E192" ]

*************************

AdwCleaner[R1].txt - [18495 octets] - [15/06/2013 16:56:47]

########## EOF - C:\AdwCleaner[R1].txt - [18556 octets] ##########

Share this post


Link to post
Share on other sites

It's all adware........

Lots of adware found....lets clear it out.....

  1. Please re-run AdwCleaner
  2. Click on Delete button.
  3. Confirm each time with OK if asked.
  4. Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

Reboot and let me know how it is.....MrC

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.