Computer Hope
Software => Computer viruses and spyware => Virus and spyware removal => Topic started by: ivanoe on August 26, 2013, 02:26:04 AM
-
Morning to all. as the title suggests its about those annoying ads, that pop up every 5 mins and keep flashing .is there anyway to get rid of them.
-
You need to tell us what you're talking about. SPECIFICALLY - WHAT ads? WHEN? WHERE?
-
I cant' give you specifics, they come up all the time ,for things like holidays/facial massage /clean up your computer.
the list goes' on. and they come up on any website. Amazon/ Argos/ Sky .there is one up now as I am typing ,Discover, music. Now that has changed to film fantasy. any ideas'.
-
Looks like malware problem. you should scan your computer for adware/malware. Please follow the guide from below before posting results.:
http://www.computerhope.com/forum/index.php/topic,46313.0.html
-
Please follow the instructions in the following link and post your logs in the thread you create (NOT in this thread):
http://www.computerhope.com/forum/index.php/topic,46313.0.html
-
Morning Allan. don't' know what I am doing but here goes'. can't download adwcleaner. been on lots of sites .C/net/ Softpedia Bleeping .com.
can't get a clean download they want me to download ,ADs for pc cleaners /video's /diets. can't find adwcleaner.exe anywhere. I have other logs, from malaware byte's,and security check 317 don't know if this is what you want.in malaware when I bring up results am I supposed to tick all the boxes. there is also a snap of adw cleaner from a download this came up a couple of times.
probably got it all wrong but I can try again. Good luck.
[recovering disk space, attachment deleted by admin]
-
Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.
1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.
If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
Please download AdwCleaner (http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner)by Xplode onto your Desktop.
- Please close all open programs and internet browsers.
- Double click on adwcleaner.exe to run the tool.
- Click on Delete.
- Confirm each time with OK
- Your computer will be rebooted automatically. A text file will open after the restart.
- Please post the content of that logfile in your reply.
- You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
*********************************************
(http://i424.photobucket.com/albums/pp322/digistar/mbamicontw5.gif) Please download Malwarebytes Anti-Malware from here. (http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe)
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Full Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
- Please save the log to a location you will remember.
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy and paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
*************************************************
Please download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.
•Warning! Once the scan is complete JRT will shut down your browser with NO warning.
•Shut down your protection software now to avoid potential conflicts.
•Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this (http://www.bleepingcomputer.com/forums/topic114351.html) link to see a list of security programs that should be disabled and how to disable them.
•Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator
•The tool will open and start scanning your system.
•Please be patient as this can take a while to complete depending on your system's specifications.
•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
•Copy and Paste the JRT.txt log into your next message.
-
HI DAVE. I am struggling I think this all above my head, I have redone the scans but they look the same to me.i have done all you asked but I
am probably not doing it right .you asked me to do CTRL.A CTRL.C CTRL V.I HAVE NOT GOT A CLUE WHAT YOU ARE TALKING ABOUT.
I think I am probably going to have to call it quits. And try something else .
I really appreciate your time and effort. But I seem to have found my limitations. Please don't fall out with me you have done your best.
Thanks once again.
-
dave sorry I forgot to send the new scans.
[recovering disk space, attachment deleted by admin]
-
1 more
[recovering disk space, attachment deleted by admin]
-
When I mention CTRL + A I mean to hold the Control key down while striking the letter A
You will need to run MBAM again and make sure all infections are checked and then hit "Remove Selected".
Please post the log and let me know if the ads are continuing.
-
Ok Dave lets try again.
aMalwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2013.08.27.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Frank :: FRANK-PC [administrator]
Protection: Enabled
27/08/2013 11:20:52
mbam-log-2013-08-27 (11-20-52).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 604037
Time elapsed: 1 hour(s), 59 minute(s), 27 second(s)
Memory Processes Detected: 4
C:\Program Files\Updater By Sweetpacks\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> 2056 -> No action taken.
C:\Program Files (x86)\BrowseFox\updateBrowseFox.exe (PUP.Optional.BrowseFox.A) -> 1376 -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> 2220 -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> 2512 -> No action taken.
Memory Modules Detected: 2
C:\Users\Frank\AppData\Roaming\BabSolution\Shared\enhancedNT.dll (PUP.Optional.A.BabSolution) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> No action taken.
Registry Keys Detected: 121
HKLM\SYSTEM\CurrentControlSet\Services\Updater By Sweetpacks (PUP.Optional.SweetPacks.A) -> No action taken.
HKCR\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\escort.escortIEPane.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\escort.escortIEPane (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialHlpr.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialHlpr (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} (PUP.Optional.Delta) -> No action taken.
HKCR\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> No action taken.
HKCR\delta.deltaHlpr.1 (PUP.Optional.Delta) -> No action taken.
HKCR\delta.deltaHlpr (PUP.Optional.Delta) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> No action taken.
HKCR\CLSID\{b9507101-e464-4b3b-a4cb-291aaedd94f2} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\TypeLib\{006232f7-dbd6-4631-84e8-66ea161b43c4} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\Interface\{BB9817CA-9B43-41EB-8706-44847957338D} (PUP.Optional.BrowseFox.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9507101-E464-4B3B-A4CB-291AAEDD94F2} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B9507101-E464-4B3B-A4CB-291AAEDD94F2} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B9507101-E464-4B3B-A4CB-291AAEDD94F2} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\SWEETIE.IEToolbar.1 (PUP.Optional.SweetPacks) -> No action taken.
HKCR\SWEETIE.IEToolbar (PUP.Optional.SweetPacks) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\Toolbar3.SWEETIE.1 (PUP.Optional.SweetPacks) -> No action taken.
HKCR\Toolbar3.SWEETIE (PUP.Optional.SweetPacks) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Optional.Delta.A) -> No action taken.
HKCR\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> No action taken.
HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Optional.Delta.A) -> No action taken.
HKCR\delta.deltadskBnd.1 (PUP.Optional.Delta.A) -> No action taken.
HKCR\delta.deltadskBnd (PUP.Optional.Delta.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> No action taken.
HKCR\AppID\{A2773ED4-83BD-488A-A186-73590706C916} (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> No action taken.
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Optional.Delta.A) -> No action taken.
HKCR\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} (PUP.Optional.Delta.A) -> No action taken.
HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Optional.Delta.A) -> No action taken.
HKCR\delta.deltaappCore.1 (PUP.Optional.Delta.A) -> No action taken.
HKCR\delta.deltaappCore (PUP.Optional.Delta.A) -> No action taken.
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} (PUP.Optional.Delta) -> No action taken.
HKCR\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} (PUP.Optional.Delta) -> No action taken.
HKCR\esrv.deltaESrvc.1 (PUP.Optional.Delta) -> No action taken.
HKCR\esrv.deltaESrvc (PUP.Optional.Delta) -> No action taken.
HKCR\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialdskBnd.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialdskBnd (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\esrv.mysearchdialESrvc.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\esrv.mysearchdialESrvc (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{DEDAF650-12B8-48f5-A843-BBA100716106} (PUP.SweetIM) -> No action taken.
HKCR\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13} (PUP.SweetIM) -> No action taken.
HKCR\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} (PUP.SweetIM) -> No action taken.
HKCR\Extension.ExtensionHelperObject.1 (PUP.SweetIM) -> No action taken.
HKCR\Extension.ExtensionHelperObject (PUP.SweetIM) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DEDAF650-12B8-48F5-A843-BBA100716106} (PUP.SweetIM) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DEDAF650-12B8-48F5-A843-BBA100716106} (PUP.SweetIM) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106} (PUP.SweetIM) -> No action taken.
HKCR\Typelib\{4599D05A-D545-4069-BB42-5895B4EAE05B} (PUP.Optional.Delta.A) -> No action taken.
HKCR\Interface\{1231839B-064E-4788-B865-465A1B5266FD} (PUP.Optional.Delta.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D6A9BBF-402C-4301-B1EF-28D04F71D761} (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AF6B0594-6008-4327-93E5-608AD710A6FA} (PUP.Optional.WebCake.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA} (PUP.Optional.WebCake.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA} (PUP.Optional.WebCake.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF190686-9E72-403C-B99D-682ABDB63C5B} (PUP.Optional.TopArcadeHits.A) -> No action taken.
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162} (PUP.Optional.Crossrider) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162} (PUP.Optional.Crossrider) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} (PUP.Optional.Delta.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> No action taken.
HKCR\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} (PUP.Optional.Delta) -> No action taken.
HKCR\d (PUP.Optional.Delta) -> No action taken.
HKCR\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialappCore.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialappCore (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\m (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken.
HKCR\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken.
HKCR\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken.
HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook.1 (PUP.Optional.SweetIM) -> No action taken.
HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook (PUP.Optional.SweetIM) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\Update BrowseFox (PUP.Optional.BrowseFox.A) -> No action taken.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr) -> No action taken.
HKCU\SOFTWARE\DELTA\DELTA (PUP.Optional.Delta) -> No action taken.
HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> No action taken.
HKCU\Software\mysearchdial.com (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\Software\BabSolution\Redir (PUP.Optional.Babylon.A) -> No action taken.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> No action taken.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> No action taken.
HKCU\Software\InstalledBrowserExtensions\installdaddy (PUP.Optional.CrossRider.A) -> No action taken.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken.
HKCU\SOFTWARE\MYSEARCHDIAL (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde (PUP.Optional.Delta.A) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh (PUP.WebCake) -> No action taken.
HKLM\SOFTWARE\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> No action taken.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} (PUP.Optional.BrowserDefender.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar (PUP.Optional.BabSolution.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\delta (PUP.Optional.Delta.A) -> No action taken.
Registry Values Detected: 18
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Data: 썛愘ᇜ犜ጀ유䞘 -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Data: Delta Toolbar -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Data: mysearchdial Toolbar -> No action taken.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|{DEDAF650-12B8-48F5-A843-BBA100716106} (PUP.SweetIM) -> Data: C:\Program Files\Updater By Sweetpacks\Firefox -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Data: -> No action taken.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions\{DEDAF650-12B8-48f5-A843-BBA100716106} (PUP.SweetIM) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGHELPERAPP.EXE (PUP.Optional.SweetIM) -> Data: 1 -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGTOOLBARPROXY.DLL (PUP.Optional.SweetIM) -> Data: 1 -> No action taken.
HKCU\SOFTWARE\Delta\Delta|tlbrSrchUrl (PUP.Optional.Delta) -> Data: -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Data: http://www1.delta-search.com/?babsrc=HP_ss&mntrId=220200FF87CC3046&affID=119776&tsp=4986 -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Data: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> No action taken.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: zr0DtO0Q1H2Y1G -> No action taken.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|NTRedirect (PUP.Optional.A.BabSolution) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Frank\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run -> No action taken.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 92545334713329177 -> No action taken.
HKCU\Software\mysearchdial|TM (PUP.Optional.MySearchDial.A) -> Data: 0138 -> No action taken.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 92545334713329177 -> No action taken.
Registry Data Items Detected: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.BrowserDefender.A) -> Bad: (c:\progra~3\browse~1\261562~1.220\{c16c1~1\browse~1.dll) Good: () -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Bad: (http://www1.delta-search.com/?babsrc=HP_ss&mntrId=220200FF87CC3046&affID=119776&tsp=4986) Good: (http://www.google.com) -> No action taken.
Folders Detected: 38
C:\Users\Frank\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial\bh (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\BrowseFox (PUP.Optional.BrowseFox.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> No action taken.
C:\Program Files (x86)\Delta\delta\1.8.24.6 (PUP.Optional.Delta.A) -> No action taken.
C:\Program Files (x86)\Delta\delta\1.8.24.6\bh (PUP.Optional.Delta.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\content (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\content\libraries (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\content\resources (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\locale (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\locale\en-US (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\skin (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\defaults (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\defaults\preferences (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\libraries (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\resources (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\mysearchdial\icons_2.2.4.731 (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\mysearchdial\UpdateProc (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Frank\AppData\Roaming\OpenCandy\1F34C43D0C6848ACAF7CF4C3FE3E197B (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Frank\AppData\Roaming\OpenCandy\OpenCandy_1F34C43D0C6848ACAF7CF4C3FE3E197B (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Frank\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> No action taken.
C:\Users\Frank\AppData\Local\Temp\mt_ffx (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Frank\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Frank\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Frank\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.24.6 (PUP.Optional.BundleInstaller.A) -> No action taken.
Files Detected: 110
C:\Program Files\Updater By Sweetpacks\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial\bh\mysearchdial.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll (PUP.Optional.Delta) -> No action taken.
C:\Program Files (x86)\BrowseFox\BrowseFoxBHO.dll (PUP.Optional.BrowseFox.A) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (PUP.Optional.SweetPacks) -> No action taken.
C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll (PUP.Optional.Delta.A) -> No action taken.
C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaApp.dll (PUP.Optional.Delta.A) -> No action taken.
C:\Program Files (x86)\Delta\delta\1.8.24.6\deltasrv.exe (PUP.Optional.Delta) -> No action taken.
C:\Program Files (x86)\Mysearchdial\mysearchdialTlbr.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial\mysearchdialsrv.exe (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Extension32.dll (PUP.SweetIM) -> No action taken.
C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaEng.dll (PUP.Optional.Delta) -> No action taken.
C:\Program Files (x86)\Installl_Converter\Installl_ConverterToolbarHelper.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial\mysearchdialApp.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial\mysearchdialEng.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> No action taken.
C:\ProgramData\BasicSeek\basicseek110.exe (PUP.Zwangi) -> No action taken.
C:\Users\Frank\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NUQXOFEF\FlashPlayerSetup__3145_i59943580_il430345.exe (PUP.Optional.Amonetize) -> No action taken.
C:\Users\Frank\AppData\Local\Temp\FlashPlayerSetup__3145_i59943580_il430345.exe (PUP.Optional.Amonetize) -> No action taken.
C:\Users\Frank\AppData\Local\Temp\791A8F73-BAB0-7891-A2A2-FC17831F8ED2\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\Frank\AppData\Local\Temp\791A8F73-BAB0-7891-A2A2-FC17831F8ED2\Latest\BUSolution.dll (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Frank\AppData\Local\Temp\791A8F73-BAB0-7891-A2A2-FC17831F8ED2\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> No action taken.
C:\Users\Frank\AppData\Local\Temp\791A8F73-BAB0-7891-A2A2-FC17831F8ED2\Latest\Setup.exe (PUP.Babylon.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\BabSolution\Shared\BabMaint.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Frank\Documents\Calibre Library\Downloads\iLividSetup-r1032-n-bc (1).exe (PUP.Optional.Bandoo) -> No action taken.
C:\Users\Frank\Documents\Calibre Library\Downloads\iLividSetup-r1032-n-bc.exe (PUP.Optional.Bandoo) -> No action taken.
C:\Windows\Installer\10de098.msi (PUP.Optional.SweetIM) -> No action taken.
C:\Windows.old.000\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.exe (PUP.Optional.Tarma.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial\Sqlite3.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial\FavIcon.ico (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial\uninst.dat (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial\uninstall.exe (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\BrowseFox\updateBrowseFox.InstallState (PUP.Optional.BrowseFox.A) -> No action taken.
C:\Program Files (x86)\BrowseFox\BrowseFox.Common.dll (PUP.Optional.BrowseFox.A) -> No action taken.
C:\Program Files (x86)\BrowseFox\BrowseFox.ico (PUP.Optional.BrowseFox.A) -> No action taken.
C:\Program Files (x86)\BrowseFox\BrowseFoxOPC.exe (PUP.Optional.BrowseFox.A) -> No action taken.
C:\Program Files (x86)\BrowseFox\BrowseFoxozr.exe (PUP.Optional.BrowseFox.A) -> No action taken.
C:\Program Files (x86)\BrowseFox\BrowseFoxUninstall.exe (PUP.Optional.BrowseFox.A) -> No action taken.
C:\Program Files (x86)\BrowseFox\Microsoft.Win32.TaskScheduler.dll (PUP.Optional.BrowseFox.A) -> No action taken.
C:\Program Files (x86)\BrowseFox\ppdjnkblmcjfnlogjjhpigpdgpcgdpll.crx (PUP.Optional.BrowseFox.A) -> No action taken.
C:\Program Files (x86)\BrowseFox\sqlite3.exe (PUP.Optional.BrowseFox.A) -> No action taken.
C:\Program Files (x86)\BrowseFox\updateBrowseFox.exe (PUP.Optional.BrowseFox.A) -> No action taken.
C:\Users\Frank\AppData\Local\mysearchdial_speedial_v9.0.2.crx (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\BabSolution\Shared\enhancedNT.dll (PUP.Optional.A.BabSolution) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\BabSolution\CR\Delta.crx (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\BabSolution\Shared\chu.js (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\BabSolution\Shared\Delta.ico (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\BabSolution\Shared\GUninstaller.exe (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\BabSolution\Shared\SetupParams.ini (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\BabSolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> No action taken.
C:\Program Files (x86)\Delta\delta\1.8.24.6\GUninstaller.exe (PUP.Optional.Delta.A) -> No action taken.
C:\Program Files (x86)\Delta\delta\1.8.24.6\uninstall.exe (PUP.Optional.Delta.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Extension64.dll (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\InstallerHelper.dll (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\unins000.dat (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\unins000.exe (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome.manifest (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\install.rdf (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\content\main.js (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\content\main.js.bak (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\content\main.xul (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\content\libraries\DataExchangeScript.js (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\content\resources\localscript.js (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\locale\en-US\overlay.dtd (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\skin\overlay.css (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\defaults\preferences\defaults.js (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\libraries\DataExchangeScript.js (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\resources\localscript.js (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\mysearchdial\icons_2.2.4.731\magnifying.ico (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\mysearchdial\icons_2.2.4.731\star2.ico (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\mysearchdial\UpdateProc\config.dat (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\mysearchdial\UpdateProc\TTL.DAT (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\OpenCandy\1F34C43D0C6848ACAF7CF4C3FE3E197B\2865.ico (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Frank\AppData\Roaming\OpenCandy\1F34C43D0C6848ACAF7CF4C3FE3E197B\avg.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Frank\AppData\Roaming\OpenCandy\1F34C43D0C6848ACAF7CF4C3FE3E197B\AVG923_p1v3.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Frank\AppData\Roaming\OpenCandy\1F34C43D0C6848ACAF7CF4C3FE3E197B\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Frank\AppData\Roaming\OpenCandy\1F34C43D0C6848ACAF7CF4C3FE3E197B\OCBrowserHelper_1.0.3.85.dll (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Frank\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-1381260898-2479351544-750526317-1001\$RHE8F9X\uninstaller.exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-1381260898-2479351544-750526317-1001\$RHE8F9X\updater.exe (Adware.GameVance) -> Quarantined and deleted successfully.
(end)
aMalwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2013.08.27.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Frank :: FRANK-PC [administrator]
Protection: Enabled
27/08/2013 11:20:52
mbam-log-2013-08-27 (11-20-52).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 604037
Time elapsed: 1 hour(s), 59 minute(s), 27 second(s)
Memory Processes Detected: 4
C:\Program Files\Updater By Sweetpacks\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> 2056 -> No action taken.
C:\Program Files (x86)\BrowseFox\updateBrowseFox.exe (PUP.Optional.BrowseFox.A) -> 1376 -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> 2220 -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> 2512 -> No action taken.
Memory Modules Detected: 2
C:\Users\Frank\AppData\Roaming\BabSolution\Shared\enhancedNT.dll (PUP.Optional.A.BabSolution) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> No action taken.
Registry Keys Detected: 121
HKLM\SYSTEM\CurrentControlSet\Services\Updater By Sweetpacks (PUP.Optional.SweetPacks.A) -> No action taken.
HKCR\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\escort.escortIEPane.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\escort.escortIEPane (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialHlpr.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialHlpr (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} (PUP.Optional.Delta) -> No action taken.
HKCR\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> No action taken.
HKCR\delta.deltaHlpr.1 (PUP.Optional.Delta) -> No action taken.
HKCR\delta.deltaHlpr (PUP.Optional.Delta) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> No action taken.
HKCR\CLSID\{b9507101-e464-4b3b-a4cb-291aaedd94f2} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\TypeLib\{006232f7-dbd6-4631-84e8-66ea161b43c4} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\Interface\{BB9817CA-9B43-41EB-8706-44847957338D} (PUP.Optional.BrowseFox.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9507101-E464-4B3B-A4CB-291AAEDD94F2} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B9507101-E464-4B3B-A4CB-291AAEDD94F2} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B9507101-E464-4B3B-A4CB-291AAEDD94F2} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\SWEETIE.IEToolbar.1 (PUP.Optional.SweetPacks) -> No action taken.
HKCR\SWEETIE.IEToolbar (PUP.Optional.SweetPacks) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\Toolbar3.SWEETIE.1 (PUP.Optional.SweetPacks) -> No action taken.
HKCR\Toolbar3.SWEETIE (PUP.Optional.SweetPacks) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> No action taken.
HKCR\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Optional.Delta.A) -> No action taken.
HKCR\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> No action taken.
HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Optional.Delta.A) -> No action taken.
HKCR\delta.deltadskBnd.1 (PUP.Optional.Delta.A) -> No action taken.
HKCR\delta.deltadskBnd (PUP.Optional.Delta.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> No action taken.
HKCR\AppID\{A2773ED4-83BD-488A-A186-73590706C916} (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> No action taken.
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Optional.Delta.A) -> No action taken.
HKCR\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} (PUP.Optional.Delta.A) -> No action taken.
HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Optional.Delta.A) -> No action taken.
HKCR\delta.deltaappCore.1 (PUP.Optional.Delta.A) -> No action taken.
HKCR\delta.deltaappCore (PUP.Optional.Delta.A) -> No action taken.
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} (PUP.Optional.Delta) -> No action taken.
HKCR\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} (PUP.Optional.Delta) -> No action taken.
HKCR\esrv.deltaESrvc.1 (PUP.Optional.Delta) -> No action taken.
HKCR\esrv.deltaESrvc (PUP.Optional.Delta) -> No action taken.
HKCR\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialdskBnd.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialdskBnd (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> No action taken.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\esrv.mysearchdialESrvc.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\esrv.mysearchdialESrvc (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{DEDAF650-12B8-48f5-A843-BBA100716106} (PUP.SweetIM) -> No action taken.
HKCR\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13} (PUP.SweetIM) -> No action taken.
HKCR\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} (PUP.SweetIM) -> No action taken.
HKCR\Extension.ExtensionHelperObject.1 (PUP.SweetIM) -> No action taken.
HKCR\Extension.ExtensionHelperObject (PUP.SweetIM) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DEDAF650-12B8-48F5-A843-BBA100716106} (PUP.SweetIM) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DEDAF650-12B8-48F5-A843-BBA100716106} (PUP.SweetIM) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106} (PUP.SweetIM) -> No action taken.
HKCR\Typelib\{4599D05A-D545-4069-BB42-5895B4EAE05B} (PUP.Optional.Delta.A) -> No action taken.
HKCR\Interface\{1231839B-064E-4788-B865-465A1B5266FD} (PUP.Optional.Delta.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D6A9BBF-402C-4301-B1EF-28D04F71D761} (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AF6B0594-6008-4327-93E5-608AD710A6FA} (PUP.Optional.WebCake.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA} (PUP.Optional.WebCake.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA} (PUP.Optional.WebCake.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF190686-9E72-403C-B99D-682ABDB63C5B} (PUP.Optional.TopArcadeHits.A) -> No action taken.
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162} (PUP.Optional.Crossrider) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162} (PUP.Optional.Crossrider) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} (PUP.Optional.Delta.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> No action taken.
HKCR\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} (PUP.Optional.Delta) -> No action taken.
HKCR\d (PUP.Optional.Delta) -> No action taken.
HKCR\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialappCore.1 (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\mysearchdial.mysearchdialappCore (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3} (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\m (PUP.Optional.MySearchDial.A) -> No action taken.
HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken.
HKCR\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken.
HKCR\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> No action taken.
HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook.1 (PUP.Optional.SweetIM) -> No action taken.
HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook (PUP.Optional.SweetIM) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\Update BrowseFox (PUP.Optional.BrowseFox.A) -> No action taken.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr) -> No action taken.
HKCU\SOFTWARE\DELTA\DELTA (PUP.Optional.Delta) -> No action taken.
HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> No action taken.
HKCU\Software\mysearchdial.com (PUP.Optional.MySearchDial.A) -> No action taken.
HKCU\Software\BabSolution\Redir (PUP.Optional.Babylon.A) -> No action taken.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> No action taken.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> No action taken.
HKCU\Software\InstalledBrowserExtensions\installdaddy (PUP.Optional.CrossRider.A) -> No action taken.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken.
HKCU\SOFTWARE\MYSEARCHDIAL (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde (PUP.Optional.Delta.A) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh (PUP.WebCake) -> No action taken.
HKLM\SOFTWARE\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> No action taken.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} (PUP.Optional.BrowserDefender.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar (PUP.Optional.BabSolution.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\delta (PUP.Optional.Delta.A) -> No action taken.
Registry Values Detected: 18
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Data: 썛愘ᇜ犜ጀ유䞘 -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Data: Delta Toolbar -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Data: mysearchdial Toolbar -> No action taken.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|{DEDAF650-12B8-48F5-A843-BBA100716106} (PUP.SweetIM) -> Data: C:\Program Files\Updater By Sweetpacks\Firefox -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Data: -> No action taken.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions\{DEDAF650-12B8-48f5-A843-BBA100716106} (PUP.SweetIM) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGHELPERAPP.EXE (PUP.Optional.SweetIM) -> Data: 1 -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGTOOLBARPROXY.DLL (PUP.Optional.SweetIM) -> Data: 1 -> No action taken.
HKCU\SOFTWARE\Delta\Delta|tlbrSrchUrl (PUP.Optional.Delta) -> Data: -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Data: http://www1.delta-search.com/?babsrc=HP_ss&mntrId=220200FF87CC3046&affID=119776&tsp=4986 -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Data: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> No action taken.
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: zr0DtO0Q1H2Y1G -> No action taken.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|NTRedirect (PUP.Optional.A.BabSolution) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Frank\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run -> No action taken.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 92545334713329177 -> No action taken.
HKCU\Software\mysearchdial|TM (PUP.Optional.MySearchDial.A) -> Data: 0138 -> No action taken.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: 92545334713329177 -> No action taken.
Registry Data Items Detected: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.BrowserDefender.A) -> Bad: (c:\progra~3\browse~1\261562~1.220\{c16c1~1\browse~1.dll) Good: () -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Bad: (http://www1.delta-search.com/?babsrc=HP_ss&mntrId=220200FF87CC3046&affID=119776&tsp=4986) Good: (http://www.google.com) -> No action taken.
Folders Detected: 38
C:\Users\Frank\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial\bh (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\BrowseFox (PUP.Optional.BrowseFox.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220 (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings (PUP.Optional.BrowserDefender.A) -> No action taken.
C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\BabSolution\CR (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> No action taken.
C:\Program Files (x86)\Delta\delta\1.8.24.6 (PUP.Optional.Delta.A) -> No action taken.
C:\Program Files (x86)\Delta\delta\1.8.24.6\bh (PUP.Optional.Delta.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\content (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\content\libraries (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\content\resources (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\locale (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\locale\en-US (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\chrome\skin (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\defaults (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Firefox\defaults\preferences (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\libraries (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\resources (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\mysearchdial (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\mysearchdial\icons_2.2.4.731 (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\mysearchdial\UpdateProc (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Frank\AppData\Roaming\OpenCandy\1F34C43D0C6848ACAF7CF4C3FE3E197B (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Frank\AppData\Roaming\OpenCandy\OpenCandy_1F34C43D0C6848ACAF7CF4C3FE3E197B (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Frank\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> No action taken.
C:\Users\Frank\AppData\Local\Temp\mt_ffx (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Frank\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Frank\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Frank\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.24.6 (PUP.Optional.BundleInstaller.A) -> No action taken.
Files Detected: 110
C:\Program Files\Updater By Sweetpacks\ExtensionUpdaterService.exe (PUP.Optional.SweetPacks.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial\bh\mysearchdial.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll (PUP.Optional.Delta) -> No action taken.
C:\Program Files (x86)\BrowseFox\BrowseFoxBHO.dll (PUP.Optional.BrowseFox.A) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (PUP.Optional.SweetPacks) -> No action taken.
C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll (PUP.Optional.Delta.A) -> No action taken.
C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaApp.dll (PUP.Optional.Delta.A) -> No action taken.
C:\Program Files (x86)\Delta\delta\1.8.24.6\deltasrv.exe (PUP.Optional.Delta) -> No action taken.
C:\Program Files (x86)\Mysearchdial\mysearchdialTlbr.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial\mysearchdialsrv.exe (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files\Updater By Sweetpacks\Extension32.dll (PUP.SweetIM) -> No action taken.
C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaEng.dll (PUP.Optional.Delta) -> No action taken.
C:\Program Files (x86)\Installl_Converter\Installl_ConverterToolbarHelper.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial\mysearchdialApp.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial\mysearchdialEng.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> No action taken.
C:\ProgramData\BasicSeek\basicseek110.exe (PUP.Zwangi) -> No action taken.
C:\Users\Frank\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NUQXOFEF\FlashPlayerSetup__3145_i59943580_il430345.exe (PUP.Optional.Amonetize) -> No action taken.
C:\Users\Frank\AppData\Local\Temp\FlashPlayerSetup__3145_i59943580_il430345.exe (PUP.Optional.Amonetize) -> No action taken.
C:\Users\Frank\AppData\Local\Temp\791A8F73-BAB0-7891-A2A2-FC17831F8ED2\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\Frank\AppData\Local\Temp\791A8F73-BAB0-7891-A2A2-FC17831F8ED2\Latest\BUSolution.dll (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Frank\AppData\Local\Temp\791A8F73-BAB0-7891-A2A2-FC17831F8ED2\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> No action taken.
C:\Users\Frank\AppData\Local\Temp\791A8F73-BAB0-7891-A2A2-FC17831F8ED2\Latest\Setup.exe (PUP.Babylon.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\BabSolution\Shared\BabMaint.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> No action taken.
C:\Users\Frank\Documents\Calibre Library\Downloads\iLividSetup-r1032-n-bc (1).exe (PUP.Optional.Bandoo) -> No action taken.
C:\Users\Frank\Documents\Calibre Library\Downloads\iLividSetup-r1032-n-bc.exe (PUP.Optional.Bandoo) -> No action taken.
C:\Windows\Installer\10de098.msi (PUP.Optional.SweetIM) -> No action taken.
C:\Windows.old.000\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\Setup.exe (PUP.Optional.Tarma.A) -> No action taken.
C:\Users\Frank\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial\Sqlite3.dll (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial\FavIcon.ico (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial\uninst.dat (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\Mysearchdial\uninstall.exe (PUP.Optional.MySearchDial.A) -> No action taken.
C:\Program Files (x86)\BrowseFox\updateBrowseFox.In<
-
You need to follow the instructions for MBAM and "Remove the infections."
-
Hi again Dave just done MBAM scan I did a full scan. When it finished it said no malicious Spyware/or infections or something.
Scan completed successfully. nothing about remove infections.so I did a quick scan, and it said the same. this as taken me ,two and half hours.
I have posted you what I have got ,but it looks the same to me..Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2013.09.06.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Frank :: FRANK-PC [administrator]
Protection: Enabled
07/09/2013 12:13:00
mbam-log-2013-09-07 (12-13-00).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 245589
Time elapsed: 2 minute(s), 37 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-
Are the ads still there?
-
Morning Dave Yes the ADS are still there but not half as bad, I think we are winning, is there some thing else I can do, PLEASE KEEP IT SIMPLE. ( ONLY KIDDING) Sorry to take up so much of your time. But if your still willing to help I do appreciate it.
-
Morning Dave yes the ADS are still there but not half as bad. I think we are winning is there anything else I can do .I am Sorry to take up so much of your time ,but if you are still willing to carry on I appreciate it.
-
Download Combofix from any of the links below, and save it to your DESKTOP.
If your version of Windows defaults to you download folder you will need to copy it to your desktop.
Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)
Link 3 (http://subs.geekstogo.com/ComboFix.exe)
To prevent your anti-virus application interfering with ComboFix we need to disable it. See here (http://www.pchelpforum.com/anti-virus/110194-how-disable-your-security-applications-4.html) for a tutorial regarding how to do so if you are unsure.
- Close any open windows and double click ComboFix.exe to run it.
You will see the following image:
(http://i424.photobucket.com/albums/pp322/digistar/NSIS_disclaimer_ENG.png)
Click I Agree to start the program.
ComboFix will then extract the necessary files and you will see this:
(http://i424.photobucket.com/albums/pp322/digistar/NSIS_extraction.png)
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7
It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
If you did not have it installed, you will see the prompt below. Choose YES.
(http://i424.photobucket.com/albums/pp322/digistar/RcAuto1.gif)
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
(http://i424.photobucket.com/albums/pp322/digistar/whatnext.png)
Click on Yes, to continue scanning for malware.
When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.
Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.
-
Once again Dave up and at um.(that's' Lancashire)anyhow done the Combofix.hopefully. here it is.
-
combofix
ComboFix 13-09-08.02 - Frank 09/09/2013 9:54.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3839.1966 [GMT 1:00]
Running from: c:\users\Frank\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJWETG00\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Frank\AppData\Roaming\.#
c:\users\Frank\AppData\Roaming\Microsoft\Windows\Recent\User Manual.url
c:\windows\wininit.ini
D:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-08-09 to 2013-09-09 )))))))))))))))))))))))))))))))
.
.
2013-09-09 09:05 . 2013-09-09 09:05 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-09 09:05 . 2013-09-09 09:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-08 14:31 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2072AA98-8C39-4D29-8B12-40B818D3F6A0}\mpengine.dll
2013-09-07 14:01 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-09-06 11:24 . 2013-09-06 11:23 965008 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{57ACA441-F9B1-4449-B46B-9F7C3A950167}\gapaengine.dll
2013-08-31 10:36 . 2013-08-31 15:37 -------- d-----w- c:\users\Frank\AppData\Roaming\Fighters
2013-08-31 10:36 . 2013-08-31 15:37 -------- d-----w- c:\programdata\Fighters
2013-08-30 08:49 . 2013-08-30 08:49 -------- d-----w- c:\program files (x86)\7-Zip
2013-08-30 08:42 . 2013-08-30 08:44 -------- d-----w- c:\program files (x86)\BearShare Applications
2013-08-30 08:17 . 2013-09-05 10:38 -------- dc----w- C:\AdwCleaner
2013-08-27 10:19 . 2013-08-31 09:09 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-27 10:19 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-25 11:27 . 2013-08-25 11:27 -------- d-----w- c:\program files\Defraggler
2013-08-25 10:18 . 2013-08-25 10:18 -------- d-----w- c:\users\Frank\AppData\Roaming\Thunderbird
2013-08-25 10:18 . 2013-08-25 10:18 -------- d-----w- c:\users\Frank\AppData\Local\Thunderbird
2013-08-25 10:18 . 2013-08-25 10:28 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2013-08-22 17:12 . 2013-08-22 17:12 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-08-22 17:12 . 2013-08-22 17:12 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-22 17:12 . 2013-08-22 17:12 -------- d-----w- c:\program files (x86)\Java
2013-08-21 10:02 . 2013-08-21 10:02 -------- d-----w- c:\windows\CD95F661A5C444F5A6AAECDD91C240DA.TMP
2013-08-20 09:11 . 2013-08-20 09:11 -------- d-----w- c:\users\Frank\AppData\Local\avgchrome
2013-08-15 06:02 . 2013-08-15 06:04 -------- d-----w- c:\windows\system32\MRT
2013-08-11 10:03 . 2012-05-11 14:47 32768 ----a-w- c:\windows\SysWow64\CMDLGFR.DLL
2013-08-11 10:03 . 2012-05-11 14:47 152848 ----a-w- c:\windows\SysWow64\COMDLG32.OCX
2013-08-11 10:03 . 2012-05-11 14:47 141312 ----a-w- c:\windows\SysWow64\MSCMCFR.DLL
2013-08-11 10:03 . 2012-05-11 14:47 119568 ----a-w- c:\windows\SysWow64\VB6FR.DLL
2013-08-11 10:03 . 2012-05-11 14:47 1081616 ----a-w- c:\windows\SysWow64\mscomctl.ocx
2013-08-11 10:03 . 2012-05-11 14:47 101888 ----a-w- c:\windows\SysWow64\VB6STKIT.DLL
2013-08-11 10:03 . 2013-08-11 10:03 -------- d-----w- c:\users\Frank\AppData\Roaming\TFP
2013-08-11 10:02 . 2013-08-11 10:02 -------- d-----w- c:\users\Frank\AppData\Local\Fuze Zip
2013-08-11 10:02 . 2013-08-11 10:06 -------- d-----w- c:\users\Frank\AppData\Local\FuzeZip
2013-08-11 10:00 . 2013-08-12 04:44 -------- d-----w- c:\program files (x86)\FuzeZip
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-23 14:50 . 2012-06-13 06:10 941720 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-08-22 17:12 . 2013-05-17 10:49 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-08-22 17:12 . 2013-05-17 10:49 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-22 10:45 . 2013-02-24 15:37 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-22 10:45 . 2013-02-24 15:37 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-15 06:02 . 2012-05-18 06:29 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-08-15 05:57 . 2013-05-04 08:30 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-07-21 13:44 . 2013-07-21 10:29 829264 ----a-w- c:\windows\system32\msvcr100.dll
2013-07-21 13:44 . 2013-07-21 10:29 608080 ----a-w- c:\windows\system32\msvcp100.dll
2013-07-09 04:45 . 2013-08-14 06:37 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-06-21 00:07 . 2013-07-31 10:56 203672 ----a-w- c:\windows\system32\drivers\ssudobex.sys
2013-06-21 00:07 . 2013-07-31 10:56 203672 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2013-06-21 00:07 . 2013-07-31 10:56 103448 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2013-06-18 20:50 . 2013-06-18 20:50 247216 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-18 20:50 . 2012-03-20 19:44 139616 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}]
2012-01-04 23:02 233288 ----a-w- c:\program files (x86)\Expat Shield\HssIE\ExpatIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{9359da42-06fb-46f2-9e4a-05c05b98a5ef}]
2013-04-29 08:57 62864 ----a-w- c:\program files (x86)\InboxAce_1g\bar\1.bin\1gSrcAs.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{3775afd7-5921-4571-968f-85a631203d1c}"= "c:\program files (x86)\InboxAce_1g\bar\1.bin\1gbar.dll" [2013-04-29 708168]
.
[HKEY_CLASSES_ROOT\clsid\{3775afd7-5921-4571-968f-85a631203d1c}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-19 11:28 222808 ----a-w- c:\users\Frank\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-19 11:28 222808 ----a-w- c:\users\Frank\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-19 11:28 222808 ----a-w- c:\users\Frank\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IE New Window Maximizer"="c:\program files (x86)\IE New Window Maximizer\iemaximizer.exe" [2003-01-24 348160]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2013-08-18 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
R2 ExpatShieldService;Expat Shield Service;c:\program files (x86)\Expat Shield\bin\openvpnas.exe;c:\program files (x86)\Expat Shield\bin\openvpnas.exe
R2 InboxAce_1gService;InboxAceService;c:\progra~2\INBOXA~2\bar\1.bin\1gbarsvc.exe;c:\progra~2\INBOXA~2\bar\1.bin\1gbarsvc.exe
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe
R2 Update BrowseFox;Update BrowseFox;c:\program files (x86)\BrowseFox\updateBrowseFox.exe;c:\program files (x86)\BrowseFox\updateBrowseFox.exe
R2 UtilityChest_49Service;Utility ChestService;c:\progra~2\UTILIT~2\bar\1.bin\49barsvc.exe;c:\progra~2\UTILIT~2\bar\1.bin\49barsvc.exe
R2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys
R3 ExpatTrayService;Expat Shield Tray Service;c:\program files (x86)\Expat Shield\bin\ExpatTrayService.EXE;c:\program files (x86)\Expat Shield\bin\ExpatTrayService.EXE
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys
R3 LVUVC64;Logitech QuickCam 3000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys
R3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudobex.sys;c:\windows\SYSNATIVE\DRIVERS\ssudobex.sys
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE
S2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe;c:\windows\SYSNATIVE\dgdersvc.exe
S2 ExpatSrv;Expat Shield Routing Service;c:\program files (x86)\Expat Shield\HssWPR\hsssrv.exe;c:\program files (x86)\Expat Shield\HssWPR\hsssrv.exe
S2 ExpatWd;Expat Shield Monitoring Service;c:\program files (x86)\Expat Shield\bin\hsswd.exe;c:\program files (x86)\Expat Shield\bin\hsswd.exe
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
S2 MBAMScheduler;MBAMScheduler;d:\malwarebytes' anti-malware\mbamscheduler.exe;d:\malwarebytes' anti-malware\mbamscheduler.exe
S2 MBAMService;MBAMService;d:\malwarebytes' anti-malware\mbamservice.exe;d:\malwarebytes' anti-malware\mbamservice.exe
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-24 10:45]
.
2013-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-14 05:39]
.
2013-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-14 05:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}]
2012-01-04 23:02 287048 ----a-w- c:\program files (x86)\Expat Shield\HssIE\ExpatIE_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-03-19 11:28 261704 ----a-w- c:\users\Frank\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-03-19 11:28 261704 ----a-w- c:\users\Frank\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-03-19 11:28 261704 ----a-w- c:\users\Frank\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 1356240]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <-loopback>
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: DhcpNameServer = 192.168.0.1
DPF: {34DC66DB-E913-40A1-A2DD-53A1B9E90CAC} - hxxps://col0-sec.mail.live.com/mail/resources/MailMigrationTool.cab
DPF: {55A2C0CD-3DE8-4264-9637-A0B40B05714E} - hxxps://col0-sec.mail.live.com/mail/MailMigrationCabFileHolder.aspx?n=131641694
DPF: {C6B95BE9-4373-4BF8-9D18-9FCEAE5563F0} - hxxps://col0-sec.mail.live.com/mail/MailMigrationCabFileHolder.aspx?n=2070962686
FF - ProfilePath - c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\f1fzkzex.default\
FF - ExtSQL: 2013-07-29 16:03; [email protected]; c:\users\Frank\AppData\Roaming\Mozilla\Extensions\[email protected]
FF - ExtSQL: 2013-08-16 10:11; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\f1fzkzex.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-08-20 09:54; [email protected]; c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\f1fzkzex.default\extensions\[email protected]
FF - ExtSQL: 2013-08-23 03:04; [email protected]; c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\f1fzkzex.default\extensions\[email protected]
FF - ExtSQL: 2013-08-30 21:37; [email protected]; c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\f1fzkzex.default\extensions\[email protected]
FF - ExtSQL: 2013-08-31 07:48; {d3d26710-52fd-44f2-8166-04aa85b93dc2}; c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\f1fzkzex.default\extensions\{d3d26710-52fd-44f2-8166-04aa85b93dc2}
FF - ExtSQL: 2013-08-31 11:35; {1122b43d-30ee-403f-9bfa-3cc99b0caddd}; c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\f1fzkzex.default\extensions\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}
FF - ExtSQL: 2013-09-03 10:50; {c9388641-af41-9113-10c5-54eb2becb636}; c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\f1fzkzex.default\extensions\{c9388641-af41-9113-10c5-54eb2becb636}
FF - ExtSQL: !HIDDEN! 2013-07-29 16:03; [email protected]; c:\users\Frank\AppData\Roaming\Mozilla\Extensions\[email protected]
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{1122b43d-30ee-403f-9bfa-3cc99b0caddd} - (no file)
BHO-{6ec74131-08b2-4f67-a9bc-5914ef1edb97} - (no file)
BHO-{d5a1d22b-9e17-454f-8ecd-83c578fb3983} - c:\progra~2\INBOXA~2\bar\1.bin\1gbar.dll
Toolbar-10 - (no file)
Toolbar-{cf67755f-9265-449c-87cf-b945519e073b} - c:\program files (x86)\UtilityChest_49\bar\1.bin\49bar.dll
Toolbar-{1122b43d-30ee-403f-9bfa-3cc99b0caddd} - (no file)
BHO-{31ad400d-1b06-4e33-a59a-90c2c140cba0} - (no file)
BHO-{DEDAF650-12B8-48f5-A843-BBA100716106} - c:\program files\Updater By Sweetpacks\Extension64.dll
Toolbar-10 - (no file)
WebBrowser-{B81767E1-672D-4DA1-B5CC-D277185815A6} - (no file)
WebBrowser-{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - (no file)
WebBrowser-{3BBD3C14-4C16-4989-8366-95BC9179779D} - (no file)
WebBrowser-{9427041A-A8DC-4D06-9A68-93873486E957} - (no file)
WebBrowser-{B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1} - (no file)
WebBrowser-{6EC74131-08B2-4F67-A9BC-5914EF1EDB97} - (no file)
AddRemove-Installl_Converter Toolbar - c:\program files (x86)\Installl_Converter\uninstall.exe
AddRemove-MixiDJ_V30 Toolbar - c:\program files (x86)\MixiDJ_V30\uninstall.exe
AddRemove-{6CEFA465-C891-A778-BC5F-58A9FA79F674} - c:\progra~3\INSTAL~1\{0DC28~1\Setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1381260898-2479351544-750526317-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-1381260898-2479351544-750526317-1001)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-1381260898-2479351544-750526317-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-09-09 10:18:50
ComboFix-quarantined-files.txt 2013-09-09 09:18
.
Pre-Run: 45,021,790,208 bytes free
Post-Run: 44,557,447,168 bytes free
.
- - End Of File - - 95038531F9F680253EC0EB82C0C915C9
A36C5E4F47E84449FF07ED3517B43A31
[recovering disk space, attachment deleted by admin]
-
- Download RogueKiller (http://tigzy.geekstogo.com/Tools/RogueKiller.exe) on the desktop
- Close all the running programs
- Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
- Otherwise just double-click on RogueKiller.exe
- Pre-scan will start. Let it finish.
- Click on SCAN button.
- A report (RKreport.txt) should open. Post its content in your next reply. (RKreport could also be found on your desktop)
- If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
-
Hi Dave not sure what im' doing here ran Rogue killer exe got this ,dont' know what it is hope you do.
V8.6.10 _x64_ [Sep 9 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Frank [Admin rights]
Mode : Remove -- Date : 09/10/2013 11:53:49
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 8 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRun (0) -> REPLACED (1)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Scheduled tasks : 4 ¤¤¤
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\Windows\TEMP\{0A298535-91A5-441D-A0A3-31E9ABD8849C}.exe - --uninstall=1 [ROGUE ST] 4679 : wscript.exe - C:\Users\Frank\AppData\Local\Temp\launchie.vbs //B -> DELETED
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv : C:\Windows\TEMP\{0A298535-91A5-441D-A0A3-31E9ABD8849C}.exe - --uninstall=1 [SUSP PATH] Test TimeTrigger : C:\Users\Frank\AppData\Local\Temp\Runner.exe - C:\Users\Frank\AppData\Local\Temp\DNS.exe
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: ST350041 8AS SCSI Disk Device +++++
--- User ---
[MBR] 327feecaefcca62ed4d7bef8437dce36
[BSP] 977398f066ce2496230036e50b1c4e16 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 133689 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 273795795 | Size: 343248 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive1: ST350041 8AS SCSI Disk Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive2: ST350041 8AS SCSI Disk Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive3: ST350041 8AS SCSI Disk Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!
+++++ PhysicalDrive4: ST350041 8AS SCSI Disk Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[0]_D_09102013_115349.txt >>
RKreport[0]_S_09102013_114703.txt
not sure what im' doing here.
-
I'd like to scan your machine with ESET OnlineScan
•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan (http://eset.com/onlinescan)
•Click the (http://i424.photobucket.com/albums/pp322/digistar/esetOnline.png) button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
- Click on (http://i424.photobucket.com/albums/pp322/digistar/esetSmartInstall.png) to download the ESET Smart Installer. Save it to your desktop.
- Double click on the (http://i424.photobucket.com/albums/pp322/digistar/esetSmartInstallDesktopIcon-1.png) icon on your desktop.
•Check (http://i424.photobucket.com/albums/pp322/digistar/esetAcceptTerms.png)
•Click the (http://i424.photobucket.com/albums/pp322/digistar/esetStart.png) button.
•Accept any security warnings from your browser.
- Leave the check mark next to Remove found threats.
•Check (http://i424.photobucket.com/albums/pp322/digistar/esetScanArchives.png)
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push (http://i424.photobucket.com/albums/pp322/digistar/esetListThreats.png)
•Push (http://i424.photobucket.com/albums/pp322/digistar/esetExport.png), and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the (http://i424.photobucket.com/albums/pp322/digistar/esetBack.png) button.
•Push (http://i424.photobucket.com/albums/pp322/digistar/esetFinish.png)
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt
-
Dave Hello again .sorry but its' beat me this time .I downloaded eset,followed your instructions ,then looked all over for the logs ,the only mention of eset was in c/drive when clicked on to open it was empty. I cant' find anything else. And it was scanning for about 1/12 hours.
so where it' gone beats me. Sorry.
-
So, how's your computer running now?
-
I would have to say it is running better. not perfect but the ads are not anywhere near as bad. I suppose we're always going to get some ads,
to put up with, but I think you have done a great job Dave. and I thank you .it's been a good experience talking to you and I think I have learned some things.so once again cheers mate.
-
I suppose we're always going to get some ads,
Could you please post a screenshot of those ads?
How to post screenshots or images (http://www.computerhope.com/forum/index.php/topic,61232.0.html)
-
Thanks for your support Evil. Fantasy But I don't have clue what I am 'doing I have been trying this all morning and I haven't got a photo of anything yet. , am I supposed to get a AD up on screen then do this PRTSCN. I am lost.
SORRY.
-
Thanks for your support Evil. Fantasy But I don't have clue what I am 'doing I have been trying this all morning and I haven't got a photo of anything yet. , am I supposed to get a AD up on screen then do this PRTSCN. I am lost.
SORRY.
Yes, wait until an ad pops up on the screen and then hit the "printscreen" button and then follow the instructions I've provided.
-
NO STILL CAN'T GET IT.been trying for a hour with this prtsc.don't' know how it works. I have paint on my PC. so I skipped the first part of your instructions and went straight to paint. You then ask me to click on edit/paste. but there is no edit on my paint. then save as type NOT THERE. choose jpeg save to desktop ,HOW. sent you a snap of my paint, also snaps of the ADS that come up on the bottom of the page every web paint I visit .
-
You then ask me to click on edit/paste. but there is no edit on my paint. then save as type NOT THERE. choose jpeg save to desktop ,HOW. sent you a snap of my paint, also snaps of the ADS that come up on the bottom of the page every web paint I visit .
All those instruction are dependant on you hitting the "printscreen" button first, then the paste option will show up.
-
Hello Dave (for the last time) I am doing everything you ask but I still cant' figure it out.i press prtscn, first then go to paint
on paint there is no edit.( see paint snap)but there is a paste sign, so I click that. But nothing comes up to tell me how to save it. so I go to the top left corner to the blue box click the arrow and in the box click save as.then it lets me put it in pictures.(my preferred location).then I send that to you, I don't' know what else to do.as I type this post there are ADS coming up on the bottom of the page flashing and changing all the time.so nothing as changed, except me( and I suspect you).
I think we have all had enough ,I am just getting more frustrated. I am sure that you and all the others that have tried to help me feel the same .so I THANK YOU ALL. but I think we should call it solved and move on.
I am sorry I let you down but I am obviously not clever enough on computers to solve this problem.
so once again thank you all. and have a good day.
-
Hi Dave, what about windows snipping tool, I find it easy.
You can delete this comment if you wish, Harry.
-
Hi Dave, what about windows snipping tool, I find it easy.
You can delete this comment if you wish, Harry.
Yes, the snipping tool may work if you have it.
-
Yes, the snipping tool may work if you have it.
http://www.softpedia.com/get/Multimedia/Graphic/Graphic-Capture/XP-Snipping-Tool.shtml