Let it finish. I know it may take countless hours. Be patient
Naat
Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!
Let it finish. I know it may take countless hours. Be patient
Naat
Hi
It's really strange. Let's try a different scanner.
Scan with aswMBR
Please download aswMBR by Avast! & Gmer and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Do NOT click Fix or FixMBR!
A file (MBR.dat) will be created on your desktop. Do NOT click or delete it!
Copy the contents of the logfile ans paste in into your next reply.
Do not forget to re-enable your previously switched-off protection software!
Edited by ztastorm, 29 July 2014 - 05:04 AM.
Hi there-
I edited bc I realized that I posted an incomplete scan logfile..so I reposted the complete logfile so you would have accurate info !
Here's the Hitman Log:
HitmanPro 3.7.9.221 www.hitmanpro.com Computer name . . . . : STEPHEN-PC Windows . . . . . . . : 6.1.1.7601.X64/2 User name . . . . . . : Stephen-PC\Stephen UAC . . . . . . . . . : Disabled License . . . . . . . : Free Scan date . . . . . . : 2014-07-29 16:15:05 Scan mode . . . . . . : Normal Scan duration . . . . : 38m 32s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 15 Traces . . . . . . . : 158 Objects scanned . . . : 1,997,809 Files scanned . . . . : 83,654 Remnants scanned . . : 600,526 files / 1,313,629 keys Malware _____________________________________________________________________ C:\Users\Stephen\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\components\xpcomponent.dll Size . . . . . . . : 103,936 bytes Age . . . . . . . : 630.8 days (2012-11-05 21:54:48) Entropy . . . . . : 6.5 SHA-256 . . . . . : 2E9BFFDB1A992D3DAABAA04976445BCDD34B85F06C4E115A45AFE0343C95FDF0 > Bitdefender . . . : Generic.Adware.GVance.8359ECC9 > Kaspersky . . . . : not-a-virus:AdWare.Win32.Persi.aw Fuzzy . . . . . . : 106.0 C:\Users\Stephen\Downloads\FLVPlayerSetup-N0qXyrwRy.exe Size . . . . . . . : 227,072 bytes Age . . . . . . . : 22.7 days (2014-07-06 23:17:21) Entropy . . . . . : 7.8 SHA-256 . . . . . : 4186BE743F5CD511CF5658E41D97472CEFEE055617E309BC527D074A42112973 RSA Key Size . . . : 2048 Authenticode . . . : Valid > Bitdefender . . . : Application.Bundler.Somoto.J > Kaspersky . . . . : not-a-virus:AdWare.Win32.Agent.allm Fuzzy . . . . . . : 107.0 C:\Users\Stephen\Downloads\FLVPlayerSetup-N5IhQtyon.exe Size . . . . . . . : 227,056 bytes Age . . . . . . . : 22.7 days (2014-07-06 23:18:05) Entropy . . . . . : 7.8 SHA-256 . . . . . : FE6C1942AC6F7B3AD6E5201F6E5AF618763109780118F661A9E72DDD7D424527 RSA Key Size . . . : 2048 Authenticode . . . : Valid > Bitdefender . . . : Application.Bundler.Somoto.J > Kaspersky . . . . : not-a-virus:AdWare.Win32.Agent.allm Fuzzy . . . . . . : 107.0 Forensic Cluster -37.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{B003DC48-80A0-4ED2-AE1B-5C81A45D1AF8} -33.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C9C0FD2D-750A-4D5B-9C5F-E5C33340C58A} -32.5s C:\Users\Stephen\AppData\Local\Microsoft\Internet Explorer\DOMStore\3QF5FBON\sub.unconsiderate[1].xml -2.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{0863090F-AC80-489A-B6CB-A73CE9BBD221} 0.0s C:\Users\Stephen\Downloads\FLVPlayerSetup-N5IhQtyon.exe 10.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{5AE28A71-ABB2-47EC-99C1-78350F87E161} 10.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{5AE28A71-ABB2-47EC-99C1-78350F87E161} 10.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{5AE28A71-ABB2-47EC-99C1-78350F87E161} 30.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{2300731C-89CD-49CB-A663-487D7E79F931} 32.8s C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch 32.9s C:\Users\Stephen\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config.cch 32.9s C:\Users\Stephen\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config.cch 32.9s C:\Users\Stephen\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config.cch 32.9s C:\Users\Stephen\AppData\Roaming\Microsoft\CLR Security Config\v2.0.50727.312\security.config.cch 32.9s C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch 32.9s C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch 32.9s C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch 43.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{385B1565-394C-4572-96D8-5F376F793B6E} 53.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{F5787DC0-DD8A-4E27-B80F-8B99D16F1AC2} 57.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{457F1403-BA97-49B1-9C5D-F697808DE2E5} 57.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{457F1403-BA97-49B1-9C5D-F697808DE2E5} 57.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{457F1403-BA97-49B1-9C5D-F697808DE2E5} 61.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{A2ED9FE5-0E14-487E-9CEE-EE579C5DE19F} 61.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{A2ED9FE5-0E14-487E-9CEE-EE579C5DE19F} 61.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{A2ED9FE5-0E14-487E-9CEE-EE579C5DE19F} 61.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{A2ED9FE5-0E14-487E-9CEE-EE579C5DE19F} 61.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{A2ED9FE5-0E14-487E-9CEE-EE579C5DE19F} 61.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{A2ED9FE5-0E14-487E-9CEE-EE579C5DE19F} 61.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{A2ED9FE5-0E14-487E-9CEE-EE579C5DE19F} 61.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{A2ED9FE5-0E14-487E-9CEE-EE579C5DE19F} 61.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{A2ED9FE5-0E14-487E-9CEE-EE579C5DE19F} 61.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{A2ED9FE5-0E14-487E-9CEE-EE579C5DE19F} 61.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{A2ED9FE5-0E14-487E-9CEE-EE579C5DE19F} 61.0s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{A2ED9FE5-0E14-487E-9CEE-EE579C5DE19F} C:\Users\Stephen\Downloads\Minecraft (1).exe Size . . . . . . . : 236,192 bytes Age . . . . . . . : 305.0 days (2013-09-27 16:53:51) Entropy . . . . . : 7.8 SHA-256 . . . . . : BB1BDE1E769BC1975E42C83E64478EEA9B4ACB95CD4E68DB8580857849952F23 Product . . . . . : Setup Publisher . . . . : Tuguu S.L.U Description Version . . . . . : 2.0 RSA Key Size . . . : 2048 LanguageID . . . . : 0 Authenticode . . . : Valid > Bitdefender . . . : Dropped:Trojan.Generic.11269951 > Kaspersky . . . . : not-a-virus:HEUR:AdWare.MSIL.DomaIQ.heur Fuzzy . . . . . . : 101.0 C:\Users\Stephen\Downloads\Minecraft (2).exe Size . . . . . . . : 236,208 bytes Age . . . . . . . : 305.0 days (2013-09-27 16:55:46) Entropy . . . . . : 7.8 SHA-256 . . . . . : E4CF0452B7629AE5D686F5024CAF05F7C03EB5D7FD2ECB935D202E69083C9D1D Product . . . . . : Setup Publisher . . . . : Tuguu S.L.U Description Version . . . . . : 2.0 RSA Key Size . . . : 2048 LanguageID . . . . : 0 Authenticode . . . : Valid > Bitdefender . . . : Dropped:Trojan.Generic.11269951 > Kaspersky . . . . : not-a-virus:AdWare.Win32.Lollipop.qp Fuzzy . . . . . . : 101.0 C:\Users\Stephen\Downloads\Player_Setup (1).exe Size . . . . . . . : 243,384 bytes Age . . . . . . . : 305.9 days (2013-09-26 18:12:26) Entropy . . . . . : 7.8 SHA-256 . . . . . : A9C3DCFCBEA6503990CEE5806199EC8DAA1C00C37C8184CA035A81E6008A0864 Product . . . . . : Setup Publisher . . . . : Tuguu S.L.U Description Version . . . . . : 2.0 RSA Key Size . . . : 2048 LanguageID . . . . : 0 Authenticode . . . : Valid > Bitdefender . . . : Dropped:Trojan.Generic.11296232 > Kaspersky . . . . : not-a-virus:HEUR:AdWare.MSIL.DomaIQ.heur Fuzzy . . . . . . : 101.0 C:\Users\Stephen\Downloads\Player_Setup (2).exe Size . . . . . . . : 243,256 bytes Age . . . . . . . : 305.9 days (2013-09-26 18:12:44) Entropy . . . . . : 7.8 SHA-256 . . . . . : 2F28D8AEA7FDAAC448EAFB32B669B6FF89B8EFE7F3081B1695216ED14F988C13 Product . . . . . : Setup Publisher . . . . : Tuguu S.L.U Description Version . . . . . : 2.0 RSA Key Size . . . : 2048 LanguageID . . . . : 0 Authenticode . . . : Valid > Bitdefender . . . : Dropped:Trojan.Generic.11296232 > Kaspersky . . . . : not-a-virus:HEUR:AdWare.MSIL.DomaIQ.heur Fuzzy . . . . . . : 101.0 C:\Users\Stephen\Downloads\Player_Setup (3).exe Size . . . . . . . : 243,240 bytes Age . . . . . . . : 305.9 days (2013-09-26 18:12:44) Entropy . . . . . : 7.8 SHA-256 . . . . . : 173EAB7D83B0DE477EBB737451011C7C04711D336277E3E29E9E0EE8516A27AF Product . . . . . : Setup Publisher . . . . : Tuguu S.L.U Description Version . . . . . : 2.0 RSA Key Size . . . : 2048 LanguageID . . . . : 0 Authenticode . . . : Valid > Bitdefender . . . : Dropped:Trojan.Generic.11296232 > Kaspersky . . . . : not-a-virus:HEUR:AdWare.MSIL.DomaIQ.heur Fuzzy . . . . . . : 101.0 C:\Users\Stephen\Downloads\Player_Setup.exe Size . . . . . . . : 243,240 bytes Age . . . . . . . : 305.9 days (2013-09-26 18:12:26) Entropy . . . . . : 7.8 SHA-256 . . . . . : BF3F7CEE0BCDCB7DC7CC1DE3E5B205D64549BFD4C12D66458BE1DD86492EB864 Product . . . . . : Setup Publisher . . . . : Tuguu S.L.U Description Version . . . . . : 2.0 RSA Key Size . . . : 2048 LanguageID . . . . : 0 Authenticode . . . : Valid > Bitdefender . . . : Dropped:Trojan.Generic.11296232 > Kaspersky . . . . : not-a-virus:HEUR:AdWare.MSIL.DomaIQ.heur Fuzzy . . . . . . : 101.0 C:\Users\Stephen\Downloads\Setup (1).exe Size . . . . . . . : 471,504 bytes Age . . . . . . . : 218.0 days (2013-12-23 16:21:41) Entropy . . . . . : 7.4 SHA-256 . . . . . : 29D61E501E10022508D72D3C0535C18127CA8D754D4BBC195E350463BE4C9D96 RSA Key Size . . . : 2048 Authenticode . . . : Valid > Kaspersky . . . . : not-a-virus:AdWare.Win32.DomaIQ.ekr Fuzzy . . . . . . : 103.0 C:\Users\Stephen\Downloads\setup (15).exe Size . . . . . . . : 774,568 bytes Age . . . . . . . : 20.0 days (2014-07-09 17:21:45) Entropy . . . . . : 7.9 SHA-256 . . . . . : 7799EC59FE5598B1904F754B162054E5F756AEAB33041A17083AADBDD4E72724 Product . . . . . : Software Updater Publisher . . . . : AirInstaller Description . . . : Software Updater Version . . . . . : 2.0.19.0 Copyright . . . . : (c) AirInstaller RSA Key Size . . . : 2048 LanguageID . . . . : 1033 Authenticode . . . : Valid > Kaspersky . . . . : not-a-virus:AdWare.Win32.AirAdInstaller.cdgd Fuzzy . . . . . . : 102.0 Forensic Cluster 0.0s C:\Users\Stephen\Downloads\setup (15).exe 0.0s C:\Users\Stephen\Downloads\setup (15).exe C:\Users\Stephen\Downloads\Setup (2).exe Size . . . . . . . : 462,264 bytes Age . . . . . . . : 186.9 days (2014-01-23 18:22:52) Entropy . . . . . : 7.4 SHA-256 . . . . . : E8D14AEAE0102C22C722E791EE32BDEFE91E2F7CC6B8ADCAE0A5B7F8C31E51EF RSA Key Size . . . : 2048 Authenticode . . . : Valid > Kaspersky . . . . : not-a-virus:AdWare.MSIL.DomaIQ.bgn Fuzzy . . . . . . : 103.0 C:\Users\Stephen\Downloads\Setup (3).exe Size . . . . . . . : 462,264 bytes Age . . . . . . . : 186.9 days (2014-01-23 18:45:26) Entropy . . . . . : 7.4 SHA-256 . . . . . : 9946DCC285C3F5826A4414A4D99931BA87C897B4EB52E468E667CAC62AD7553A RSA Key Size . . . : 2048 Authenticode . . . : Valid > Kaspersky . . . . : not-a-virus:AdWare.MSIL.DomaIQ.bgn Fuzzy . . . . . . : 103.0 C:\Users\Stephen\Downloads\Setup.exe Size . . . . . . . : 471,504 bytes Age . . . . . . . : 218.0 days (2013-12-23 16:01:49) Entropy . . . . . : 7.4 SHA-256 . . . . . : 5118461163435C2409A5AA59198954CA96B7AE76A0D04527C09FD8716C78DFF0 RSA Key Size . . . : 2048 Authenticode . . . : Valid > Kaspersky . . . . : not-a-virus:AdWare.Win32.DomaIQ.ekr Fuzzy . . . . . . : 103.0 C:\Users\Stephen\Downloads\SkyrimModsMale_downloader-If0WNgv6X.exe Size . . . . . . . : 229,384 bytes Age . . . . . . . : 32.1 days (2014-06-27 13:51:01) Entropy . . . . . : 7.7 SHA-256 . . . . . : 596E2D686F9266E151BDE746898B0AC4939B01A2144A32A16D3F2A3AB65FBF91 RSA Key Size . . . : 2048 Authenticode . . . : Valid > Bitdefender . . . : Application.Bundler.Somoto.J > Kaspersky . . . . : not-a-virus:AdWare.Win32.Agent.allm Fuzzy . . . . . . : 107.0 Suspicious files ____________________________________________________________ C:\Users\Stephen\Desktop\FRST64.exe Size . . . . . . . : 2,093,568 bytes Age . . . . . . . : 5.4 days (2014-07-24 07:23:20) Entropy . . . . . : 7.5 SHA-256 . . . . . : 70424066CD60A682FD582B66DD8D3AF350C802B96E4FE3DD161AC4780EB2F1FF Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. Forensic Cluster -1.8s C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_secure-us.imrworldwide.com_0.localstorage -1.7s C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_secure-us.imrworldwide.com_0.localstorage-journal 0.0s C:\Users\Stephen\Desktop\FRST64.exe 0.3s C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.457.Crwl Potential Unwanted Programs _________________________________________________ HKLM\SOFTWARE\Classes\Interface\{050000CE-F9D5-4145-9490-DB9E7E40FDF9}\ (Iminent) HKLM\SOFTWARE\Classes\Interface\{476DAA21-E0C3-4EEB-B27B-5F4123334ABA}\ (Iminent) HKLM\SOFTWARE\Classes\Interface\{7DE6769A-E482-4AB7-8ED9-0CAFEA11D687}\ (Iminent) HKLM\SOFTWARE\Classes\Interface\{813F8915-C940-44ED-ADED-8B782D85FA87}\ (Iminent) HKLM\SOFTWARE\Classes\Interface\{8D182E50-D646-49FF-B518-34B09BDF5375}\ (Iminent) HKLM\SOFTWARE\Classes\Interface\{9563917C-2D1F-4E92-A90F-01E470099B68}\ (Iminent) HKLM\SOFTWARE\Classes\Interface\{A182C848-76B5-4473-B742-A688D38982A1}\ (Iminent) HKLM\SOFTWARE\Classes\Interface\{AC5C40D0-DC3A-4406-A35C-9102C5FA4D7E}\ (Iminent) HKLM\SOFTWARE\Classes\Interface\{C336533A-5E74-457F-AD87-9598F4AADF49}\ (Iminent) HKLM\SOFTWARE\Classes\Interface\{C8C14216-4D34-4866-B66E-BC25B98FCCCA}\ (Iminent) HKLM\SOFTWARE\Classes\Interface\{E54B3747-7507-43B0-8537-A64189F28B35}\ (Iminent) HKLM\SOFTWARE\Classes\Interface\{F761BABE-0622-4DCE-A1B0-9D1BCA75DFEF}\ (Iminent) HKLM\SOFTWARE\Classes\Interface\{F98F0DE1-9B6F-4C87-8E08-6EE5928D8558}\ (Iminent) HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.dpliveupdate.oneclickctrl.9\ (DealPly) HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.dpliveupdate.update3webcontrol.3\ (DealPly) HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}\ (FLV Player) HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}\ (FLV Player) HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}\ (FLV Player) HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}\ (FLV Player) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{066D89E6-B457-4A57-888A-B0AEB11D5BF1}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{0E8990F4-2FC9-403C-883B-535D6271E740}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{1644E2E1-E15E-4E9E-9B25-5668536DD6A7}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{2BA83048-8B7C-4186-843B-D97FC1A6AE95}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{469960F8-8172-4386-BBB1-DF3590027D58}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{753C5ED0-B9AB-4F1E-8DAC-668E701CA569}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{80995911-5CF2-483F-A260-C736E8D0C691}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{821ED2B3-866E-4177-870E-52D995D123D0}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{9B4E4BF6-9346-4969-8428-C3CB81CD7A30}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{9BAC5A3B-33FD-4DB9-A4F1-B749498D4017}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{A6670033-7A4B-4F59-B8A9-A7CEBF3CE960}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{B1285825-F24F-4651-9F8A-2012460AD2FC}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{B3D38AE9-C808-4811-8417-F114839D6392}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{B8E64931-27EF-42BC-AF3B-0E2B25D17567}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{BE952BDF-6FDF-4A62-B318-E15D4487A2EF}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{C0233F6C-3110-4AEA-A798-C81DA43CED9E}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{CC5B7648-AAF8-4642-B53D-B7B5E4AE7241}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{D325B617-D6F9-4C72-90B2-A38E6D15C16E}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{DF51AD29-5239-441A-B921-E655C8162060}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{E515494B-7548-462A-B7E7-A3E6F8C4899C}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{E9ECFFF9-2011-439F-92EB-BE145ACD87DA}\ (DealPly) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{FBB92627-0DAA-4B69-97CC-9879236FE039}\ (DealPly) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\DealPlyLiveUpdateTaskMachineCore.job (DealPly) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\DealPlyLiveUpdateTaskMachineCore.job.fp (DealPly) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\DealPlyLiveUpdateTaskMachineUA.job (DealPly) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\DealPlyLiveUpdateTaskMachineUA.job.fp (DealPly) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964\ (FLV Player) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467\ (FLV Player) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026} (Iminent) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} (Iminent) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (Iminent) HKLM\SOFTWARE\Wow6432Node\Linksicle\ (Linksicle) HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Browsersafeguard_RASAPI32\ (BrowserSafeguard) HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Browsersafeguard_RASMANCS\ (BrowserSafeguard) HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\optprosetup_RASAPI32\ (PCOptimizerPro) HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}\ (DealPly) HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}\ (DealPly) HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026} (Iminent) HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} (Iminent) HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} (Iminent) HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) HKU\.DEFAULT\Software\Conduit\ (Conduit) HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Conduit\ (Conduit) HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) HKU\S-1-5-18\Software\Conduit\ (Conduit) HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) HKU\S-1-5-19\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) HKU\S-1-5-20\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) HKU\S-1-5-21-1681374496-981502570-3093737596-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow (22Find) HKU\S-1-5-21-1681374496-981502570-3093737596-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome (22Find) HKU\S-1-5-21-1681374496-981502570-3093737596-1001\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow (22Find) HKU\S-1-5-21-1681374496-981502570-3093737596-1001\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome (22Find) HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Conduit\ (Conduit) HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Crossrider\ (iPumper) HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\PriceGong\ (PriceGong) HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\SmartBar\ (Conduit) HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro) HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\ (Conduit) HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ (Babylon) HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}\ (AskBar) HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ (Rocketfuel) HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{F3B7318D-8501-4CF4-A89F-C79AAB5D3506}\ (Conduit) HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow (22Find) HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome (22Find) HKU\S-1-5-21-1681374496-981502570-3093737596-1004\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}\ (Conduit) HKU\S-1-5-21-1681374496-981502570-3093737596-1004\Software\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}\ (AskBar) HKU\S-1-5-21-1681374496-981502570-3093737596-1004\Software\Microsoft\Internet Explorer\SearchScopes\{F3B7318D-8501-4CF4-A89F-C79AAB5D3506}\ (Conduit) Repairs _____________________________________________________________________ Proxy server on this computer (User) 127.0.0.1:61896 Proxy server on this computer (User) 127.0.0.1:61896 Proxy server on this computer (User) 127.0.0.1:61896 Cookies _____________________________________________________________________ C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:a1.interclick.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.mlnadvertising.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.bridgetrack.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pointroll.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ar.atwola.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:atwola.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:eas.apm.emediate.eu C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:interclick.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:pointroll.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:realmedia.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:server.cpmstar.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:sparknetworks.112.2o7.net C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:specificclick.net C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:survey.g.doubleclick.net C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:tacoda.at.atwola.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com C:\Users\Stephen\AppData\Roaming\Microsoft\Windows\Cookies\3LBETWS1.txt C:\Users\Stephen\AppData\Roaming\Microsoft\Windows\Cookies\3NKBJPTO.txt C:\Users\Stephen\AppData\Roaming\Microsoft\Windows\Cookies\3SX26HHV.txt C:\Users\Stephen\AppData\Roaming\Microsoft\Windows\Cookies\6G968A4E.txt C:\Users\Stephen\AppData\Roaming\Microsoft\Windows\Cookies\C1WMRK52.txt C:\Users\Stephen\AppData\Roaming\Microsoft\Windows\Cookies\D5TM5G6J.txt C:\Users\Stephen\AppData\Roaming\Microsoft\Windows\Cookies\KGZGROCU.txt C:\Users\Stephen\AppData\Roaming\Microsoft\Windows\Cookies\PVKQPZBW.txt C:\Users\Stephen\AppData\Roaming\Microsoft\Windows\Cookies\QVF9351Z.txt
Hi
Update me on your current status. Are you experiencing any other issues?
Scan with ZOEK
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
createsrpoint; autoclean; resetIEproxy; C:\Users\Stephen\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384};fs {ec8030f7-c20a-464f-9b0e-13a3a9e97384};c C:\Users\Stephen\Downloads\FLVPlayerSetup-N0qXyrwRy.exe;f C:\Users\Stephen\Downloads\FLVPlayerSetup-N5IhQtyon.exe;f C:\Users\Stephen\Downloads\Minecraft (1).exe;f C:\Users\Stephen\Downloads\Minecraft (2).exe;f C:\Users\Stephen\Downloads\Player_Setup (1).exe;f C:\Users\Stephen\Downloads\Player_Setup (2).exe;f C:\Users\Stephen\Downloads\Player_Setup (3).exe;f C:\Users\Stephen\Downloads\Player_Setup.exe;f C:\Users\Stephen\Downloads\Setup (1).exe;f C:\Users\Stephen\Downloads\setup (15).exe;f C:\Users\Stephen\Downloads\Setup (2).exe;f C:\Users\Stephen\Downloads\Setup (3).exe;f C:\Users\Stephen\Downloads\Setup.exe;f C:\Users\Stephen\Downloads\SkyrimModsMale_downloader-If0WNgv6X.exe;f {050000CE-F9D5-4145-9490-DB9E7E40FDF9};c {476DAA21-E0C3-4EEB-B27B-5F4123334ABA};c {7DE6769A-E482-4AB7-8ED9-0CAFEA11D687};c {813F8915-C940-44ED-ADED-8B782D85FA87};c {8D182E50-D646-49FF-B518-34B09BDF5375};c {9563917C-2D1F-4E92-A90F-01E470099B68};c {A182C848-76B5-4473-B742-A688D38982A1};c {AC5C40D0-DC3A-4406-A35C-9102C5FA4D7E};c {C336533A-5E74-457F-AD87-9598F4AADF49};c {C8C14216-4D34-4866-B66E-BC25B98FCCCA};c {E54B3747-7507-43B0-8537-A64189F28B35};c {F761BABE-0622-4DCE-A1B0-9D1BCA75DFEF};c {F98F0DE1-9B6F-4C87-8E08-6EE5928D8558};c [-HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.dpliveupdate.oneclickctrl.9];r [-HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.dpliveupdate.update3webcontrol.3];r [-HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}];r [-HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}];r [-HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}];r [-HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}];r [-HKLM\SOFTWARE\Classes\Interface\{066D89E6-B457-4A57-888A-B0AEB11D5BF1}];r64 [-HKLM\SOFTWARE\Classes\Interface\{0E8990F4-2FC9-403C-883B-535D6271E740}];r64 [-HKLM\SOFTWARE\Classes\Interface\{1644E2E1-E15E-4E9E-9B25-5668536DD6A7}];r64 [-HKLM\SOFTWARE\Classes\Interface\{2BA83048-8B7C-4186-843B-D97FC1A6AE95}];r64 [-HKLM\SOFTWARE\Classes\Interface\{469960F8-8172-4386-BBB1-DF3590027D58}];r64 [-HKLM\SOFTWARE\Classes\Interface\{753C5ED0-B9AB-4F1E-8DAC-668E701CA569}];r64 [-HKLM\SOFTWARE\Classes\Interface\{80995911-5CF2-483F-A260-C736E8D0C691}];r64 [-HKLM\SOFTWARE\Classes\Interface\{821ED2B3-866E-4177-870E-52D995D123D0}];r64 [-HKLM\SOFTWARE\Classes\Interface\{9B4E4BF6-9346-4969-8428-C3CB81CD7A30}];r64 [-HKLM\SOFTWARE\Classes\Interface\{9BAC5A3B-33FD-4DB9-A4F1-B749498D4017}];r64 [-HKLM\SOFTWARE\Classes\Interface\{A6670033-7A4B-4F59-B8A9-A7CEBF3CE960}];r64 [-HKLM\SOFTWARE\Classes\Interface\{B1285825-F24F-4651-9F8A-2012460AD2FC}];r64 [-HKLM\SOFTWARE\Classes\Interface\{B3D38AE9-C808-4811-8417-F114839D6392}];r64 [-HKLM\SOFTWARE\Classes\Interface\{B8E64931-27EF-42BC-AF3B-0E2B25D17567}];r64 [-HKLM\SOFTWARE\Classes\Interface\{BE952BDF-6FDF-4A62-B318-E15D4487A2EF}];r64 [-HKLM\SOFTWARE\Classes\Interface\{C0233F6C-3110-4AEA-A798-C81DA43CED9E}];r64 [-HKLM\SOFTWARE\Classes\Interface\{CC5B7648-AAF8-4642-B53D-B7B5E4AE7241}];r64 [-HKLM\SOFTWARE\Classes\Interface\{D325B617-D6F9-4C72-90B2-A38E6D15C16E}];r64 [-HKLM\SOFTWARE\Classes\Interface\{DF51AD29-5239-441A-B921-E655C8162060}];r64 [-HKLM\SOFTWARE\Classes\Interface\{E515494B-7548-462A-B7E7-A3E6F8C4899C}];r64 [-HKLM\SOFTWARE\Classes\Interface\{E9ECFFF9-2011-439F-92EB-BE145ACD87DA}];r64 [-HKLM\SOFTWARE\Classes\Interface\{FBB92627-0DAA-4B69-97CC-9879236FE039}];r64 [-HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\DealPlyLiveUpdateTaskMachineCore.job];r [-HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\DealPlyLiveUpdateTaskMachineCore.job.fp];r [-HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\DealPlyLiveUpdateTaskMachineUA.job];r [-HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\DealPlyLiveUpdateTaskMachineUA.job.fp];r [-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964];r [-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467];r [-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026}];r [-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}];r [-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}];r [-HKLM\SOFTWARE\Linksicle];r64 [-HKLM\SOFTWARE\Microsoft\Tracing\Browsersafeguard_RASAPI32];r64 [-HKLM\SOFTWARE\Microsoft\Tracing\Browsersafeguard_RASMANCS];r64 [-HKLM\SOFTWARE\Microsoft\Tracing\optprosetup_RASAPI32];r64 [-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}];r64 [-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}];r64 [-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{58124A0B-DC32-4180-9BFF-E0E21AE34026}];r64 [-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}];r64 [-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}];r64 [-HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}];r [-HKU\.DEFAULT\Software\Conduit];r [-HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}];r [-HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Conduit];r [-HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}];r [-HKU\S-1-5-18\Software\Conduit];r [-HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}];r [-HKU\S-1-5-19\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}];r [-HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}];r [-HKU\S-1-5-20\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1001\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1001\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Conduit];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Crossrider];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\PriceGong];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\SmartBar];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975}];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{F3B7318D-8501-4CF4-A89F-C79AAB5D3506}];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1004\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1004\Software\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}];r [-HKU\S-1-5-21-1681374496-981502570-3093737596-1004\Software\Microsoft\Internet Explorer\SearchScopes\{F3B7318D-8501-4CF4-A89F-C79AAB5D3506}];r
Post its content into your next reply.
Scan with Security Check
Please download Security Check by Screen317 and save it to your desktop.
Please include the content of that document.
Hi there -
It is running better! Not as good as it was last week (slightly slower) but no extra popups lately!!
Here are the logs;
Hi
Can you tell me why UAC is disabled there?
If I were you, I'd consider enabling it, as leaving it that way is a risky trick.
Update outdated software
Staying always updated is crucial, not only for your operating system, but also for any third-party installed software.
Your logs clearly indicate that some of your apps need updating:
Updating Java manually
Please remember to always keep it up to date.
Updating Internet Explorer manually
IE is an integrated part of Windows core. Leaving it without updates is a great risk for your data security. Please remember to always keep it up to date.
Clean with DelFix
Please download DelFix by Xplode and save it to your desktop.
Include it for my review.
Hi Naat I have no idea what UAC is or how it got disabled lol I will go ahead w your instructions now!
UAC (User Account Control) is technology that limits user permissions, so you need to accept another warning before running any programs. This is made just to be sure that you know what you're doing. Leaving it disabled may be a security risk, as any programs will be able to run without your agreement.
Please post the DelFix log and tell me should the UAC stay disabled or not.
We're nearly done
Ok - can you please show me how to enable UAC? I tried to upload Java but it said I already had the latest version on my system! I was able to update IE and run the scan..here are the results..and yay almost there! Thanku so much for your time and patience!
# DelFix v10.8 - Logfile created 01/08/2014 at 00:09:50
# Updated 29/07/2014 by Xplode
# Username : Stephen - STEPHEN-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\logFileUI.txt
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2014-07-19-163142.log
Deleted : C:\zoek-results2014-07-19-191857.log
Deleted : C:\zoek-results2014-07-23-115613.log
Deleted : C:\Users\Stephen\Desktop\Addition.txt
Deleted : C:\Users\Stephen\Desktop\AdwCleaner[S0].txt
Deleted : C:\Users\Stephen\Desktop\aswMBR.exe
Deleted : C:\Users\Stephen\Desktop\aswMBR2.txt
Deleted : C:\Users\Stephen\Desktop\Fixlog.txt
Deleted : C:\Users\Stephen\Desktop\FRST.txt
Deleted : C:\Users\Stephen\Desktop\FRST64.exe
Deleted : C:\Users\Stephen\Desktop\JRT.txt
Deleted : C:\Users\Stephen\Desktop\MBR.dat
Deleted : C:\Users\Stephen\Desktop\OTL.Txt
Deleted : C:\Users\Stephen\Desktop\OTLExtras.Txt
Deleted : C:\Users\Stephen\Desktop\SecurityCheck.exe
Deleted : C:\Users\Stephen\Desktop\zoek - Shortcut.lnk
Deleted : C:\Users\Stephen\Desktop\zoek-results.txt
Deleted : C:\Users\Stephen\Desktop\zoek-results2.txt
Deleted : C:\Users\Stephen\Desktop\zoek-results73014.txt
Deleted : C:\Users\Stephen\Downloads\Addition.txt
Deleted : C:\Users\Stephen\Downloads\AdwCleaner.exe
Deleted : C:\Users\Stephen\Downloads\esetsmartinstaller_enu.exe
Deleted : C:\Users\Stephen\Downloads\Extras.Txt
Deleted : C:\Users\Stephen\Downloads\JRT.exe
Deleted : C:\Users\Stephen\Downloads\OTL.exe
Deleted : C:\Users\Stephen\Downloads\Sinon (modify CS).docx
Deleted : C:\Users\Stephen\Downloads\Sinon CS.pdf
Deleted : C:\Users\Stephen\Downloads\zoek (1).exe
Deleted : C:\Users\Stephen\Downloads\zoek (4).exe
Deleted : C:\Users\Stephen\Downloads\zoek.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR
~ Cleaning system restore ...
Deleted : RP #944 [Scheduled Checkpoint | 07/20/2014 23:33:14]
Deleted : RP #945 [zoek.exe restore point | 07/23/2014 11:00:16]
Deleted : RP #946 [Windows Update | 07/23/2014 20:49:42]
Deleted : RP #947 [Windows Update | 07/25/2014 07:00:10]
Deleted : RP #948 [Windows Update | 07/29/2014 05:04:41]
Deleted : RP #949 [zoek.exe restore point | 07/31/2014 01:45:06]
Deleted : RP #950 [Windows Modules Installer | 08/01/2014 01:06:44]
Deleted : RP #951 [Windows Modules Installer | 08/01/2014 01:08:05]
Deleted : RP #952 [Windows Modules Installer | 08/01/2014 01:08:36]
New restore point created !
~ Resetting system settings ... OK
########## - EOF - ##########
|
Security →
Virus, Spyware, Malware Removal →
Having Powersheel.exe Issues ... Need fixlist.txtStarted by raj0171 , 19 Mar 2024 Virus, HELP, Malwarebytes |
|
|
|
|
Security →
Virus, Spyware, Malware Removal →
HP desktop - google.com is in Norwegian [Solved]Started by wayneman50 , 23 Jul 2023 internet, google, virus and 1 more... |
|
|
|
|
Security →
Virus, Spyware, Malware Removal →
Possible Malware infection - help request [Solved]Started by Maffu , 07 May 2023 malware, advapi and 1 more... |
|
|
|
|
Security →
Virus, Spyware, Malware Removal →
Help getting started checking laptop for malware [Solved]Started by triedeverything , 12 Apr 2023 help, malware, spyware |
|
|
|
Security →
Virus, Spyware, Malware Removal →
Virus InfectionStarted by ForrestGump , 05 Oct 2022 Virus |
|
|
0 members, 0 guests, 0 anonymous users
Community Forum Software by IP.Board
Licensed to: Geeks to Go, Inc.