Hello,
A few items to fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemOpen notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DATAMNGR] => C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-34093915-3463128723-2035712980-1000\...\MountPoints2: {3b962381-e6c6-11e2-9e05-b870f4aba032} - F:\LaunchU3.exe -a
HKU\S-1-5-21-34093915-3463128723-2035712980-1000\...\MountPoints2: {9d73ff68-e120-11e2-9abc-c0f8da6448f3} - E:\AutoRun.exe
HKU\S-1-5-21-34093915-3463128723-2035712980-1000\...\MountPoints2: {9d73ff74-e120-11e2-9abc-c0f8da6448f3} - F:\AutoRun.exe
HKU\S-1-5-21-34093915-3463128723-2035712980-1000\...\MountPoints2: {f2a6491a-fe9c-11e3-98ec-b870f4aba032} - F:\LaunchU3.exe
HKU\S-1-5-21-34093915-3463128723-2035712980-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL => C:\PROGRA~3\Wincert\WIN64C~1.DLL File Not Found
AppInit_DLLs: c:\progra~2\movies~1\datamngr\x64\mgrldr.dll => c:\progra~2\movies~1\datamngr\x64\mgrldr.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL => "C:\PROGRA~3\Wincert\WIN32C~1.DLL" File Not Found
AppInit_DLLs-x32: c:\progra~2\movies~1\datamngr\mgrldr.dll => "c:\progra~2\movies~1\datamngr\mgrldr.dll" File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll <===== ATTENTION
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll <===== ATTENTION
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
URLSearchHook: HKU\S-1-5-21-34093915-3463128723-2035712980-1000 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
URLSearchHook: HKU\S-1-5-21-34093915-3463128723-2035712980-1000 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
SearchScopes: HKU\S-1-5-21-34093915-3463128723-2035712980-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3324337&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP24960BAF-2A97-4A14-8234-D4733296F4B3&q={searchTerms}&SSPV=
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO: No Name -> {93DBF2BB-A2B3-4683-A92E-57E60751F346} -> No File
BHO: No Name -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> No File
BHO: No Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL No File
BHO-x32: No Name -> {0F552F02-7265-4D06-A7F2-07C4D36CD698} -> No File
BHO-x32: No Name -> {11111111-1111-1111-1111-110511161180} -> No File
BHO-x32: No Name -> {26c9e18c-3717-4be1-a225-04e4471f5b6e} -> No File
BHO-x32: No Name -> {61e0ef7a-9bc0-45ea-9b2f-f3e9f02692bd} -> No File
BHO-x32: No Name -> {93DBF2BB-A2B3-4683-A92E-57E60751F346} -> No File
BHO-x32: No Name -> {D4577823-AE59-9BEE-A566-C5F9387A2D50} -> No File
BHO-x32: No Name -> {ec2bae47-25af-4ce9-9e78-10627a49c9ea} -> No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll [2008-07-28] (Yahoo! Inc.)
Toolbar: HKU\S-1-5-21-34093915-3463128723-2035712980-1000 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKU\S-1-5-21-34093915-3463128723-2035712980-1000 -> No Name - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - No File
Toolbar: HKU\S-1-5-21-34093915-3463128723-2035712980-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF NewTab: hxxp://search.conduit.com/?ctid=CT3324337&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=4&UP=SP24960BAF-2A97-4A14-8234-D4733296F4B3
FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3295549&CUI=UN12328380798050516&UM=2&SearchSource=3&q={searchTerms}
FF Homepage: hxxp://search.conduit.com/?ctid=CT3324337&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP24960BAF-2A97-4A14-8234-D4733296F4B3&SSPV=
FF Keyword.URL: hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuTU&co=GB&userid=8d5228b3-f754-9e21-b046-4a9f9c08bcb9&searchtype=ds&installDate=14/02/2014&q=
FF user.js: detected! => C:\Users\FrancescaMM\AppData\Roaming\Mozilla\Firefox\Profiles\sf2ctg9a.default\user.js [2015-04-12]
FF Extension: No Name - C:\Program Files\AVAST Software\Avast\WebRep\FF [Not Found]
2015-04-09 16:57 - 2012-01-25 18:10 - 00000000 ____D () C:\Program Files (x86)\Premiumplay Codec-C
Task: {21C467C5-7AD1-4833-A6F4-DD5E815D8F88} - \Funmoods No Task File <==== ATTENTION
Task: {3D9AEBAD-9626-48CC-B077-EF432252E17B} - \Feven Pro 1.1-codedownloader No Task File <==== ATTENTION
Task: {F0173569-C77D-4A49-A5D7-EACA518420D7} - \LaunchApp No Task File <==== ATTENTION
Task: {FC661F72-B75C-4F34-938C-EA6A75BD3035} - \Feven Pro 1.1-chromeinstaller No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
CMD: ipconfig /flushdns
hosts:
Emptytemp:
reboot:
end
Click Format and ensure Wordwrap is unchecked.
Save as
Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the
Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop
(Fixlog.txt). Please post it to your reply.
Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.
Post the fixlog.txt. That log will automatically be saved to the desktop after fix has run.