Quantcast
Channel: Tech Support Guy - Virus & Other Malware Removal
Viewing all 4746 articles
Browse latest View live

AVG blocked by group policy program

0
0
Dear Askey127,

I just restarted and tried to update the virus definitions and I received the error box. What I wrote above about Microsoft Security Essentials worked a couple times and now it appears to not be working (allowing me to update its definitions).

Thanks again,
Chuck

Windows 7 PC infected

0
0
Our computer seems to have caught viruses we ran avast, a boot time scan, and it caught a lot of stuff and fixed it but its still having viruses. avast is popping up notices that we have viruses. I'm thinking of starting in safe mode and using HijackThis and ComboFix. I haven't used ComboFix and hijack this in a while so I could use some direction.

defender-pro

0
0
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 4061 Mb
Graphics Card: Intel(R) G45/G43 Express Chipset, 1806 Mb
Hard Drives: C: Total - 592378 MB, Free - 509746 MB;
Motherboard: Acer, WG43M
Antivirus: PC Cleaners, Updated: Yes, On-Demand Scanner: Disabled


How do you remove defender pro from a window 7 computer?

Help me please!

0
0
Quote:

Originally Posted by ajvarbre (Post 9017268)
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1 Pro, 64 bit
Processor: Intel(R) Celeron(R) CPU E3400 @ 2.60GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 4095 Mb
Graphics Card: AMD RADEON HD 6450, 1024 Mb
Hard Drives: C: Total - 122528 MB, Free - 65299 MB; D: Total - 354057 MB, Free - 292435 MB; E: Total - 74069 MB, Free - 26124 MB;
Motherboard: ASRock, G41M-VS3.
Antivirus: AVG AntiVirus Free Edition 2015, Updated and Enabled

I'm not really sure what this might be, but it looks like malware or some kind of virus.

Problems:
-Google search page looks very strange (Proof)
-I can't download from some sites
-I can't stream from some sites
-When I log in as guest user I don't have any of these problems above

I've tried using Malwarebyte, ADWcleaned, CCleaner(Registry fix too), AVG.
What should I do?

howdy, and welcome to TSG. :)

What should you do? the top post in the forum you posted in is listed as: Everyone MUST read this BEFORE posting for help in this forum.

Second thing is be patient. :) We are all volunteers working for free, so if you do not see a response in 48 hours, please type 'bump' in the quick reply box to move to the top of the queue.

thanks,

v

My Computer has gone Insane!

0
0
Something has gone terribly wrong with my computer which started yesterday and has gotten worse today.
I'm not good at technical terms, have no idea how to correct much at all, so, first, I will apologize if I have to ask too much from you Computer Wizards.
I'll try to keep it simple but it probably won't be, so here goes:
My cousin gave me his office computer a few months ago. It's a Dell with Windows 7. I have McAfee virus protection/fire wall. Tried to burn CDs on it before I realized it was not equipped for that, so that was the first big disappointment.
The comp. got sluggish yesterday and kept getting slower. Today, it takes 3 minutes for my email to show up at my home page. When I click onto "my favorites", half the time it will do nothing, just sit there. When I click onto the Search Engine, it will go to the next page and show me 2 "search" windows (google, powered by ask.com), but will do NOTHING. I can't "search". The page is frozen, just looks at me. But if I change my homepage to Yahoo or another, I can Search with no problem.
When I try to play games at WorldWinner, the games are sluggish and hard to move until they finally stop altogether. Tried to download a couple of PC games today and they froze up, would not play. Games and websites won't "Close" when I click on "close".
I have to Refresh often, including the email site.
I've done full scans with McAfee which result in finding nothing.
I tried Microsoft's Malware detection which took over 17 hours which resulted in finding nothing wrong. I've defragmented, cleared cookies, got rid of old programs. Nothing helped.
Here are some of the problems/error messages I've been getting:
1. RunDll: There was a problem starting \3\LXCQtime.dll. This specified module could not be found.
2. No Internet Access (I find this often when checking the connection).
3. [webpage] is not responding: Recover webpage (I get this message at bottom of page on several websites many times).
4. This Page Cannot be Displayed (I get this many, many times!).
5. Powershell has stopped working.
6. I try to download PDF files and always get an error message that Security will not Allow, so I go to Internet Options, apply "default" in Security, so they will download (other files, too) EVERY TIME.
7. I tried System Restore but it will not show any "earlier time" date past today's so I can't move it back.

Just wondering, is the computer a dud or is it a bad connection (had to have dial-up in this remote area until around the same time I got this computer. Broadband service is very new here). Is there an answer? It might be here somewhere at this website but it's 1:30 a.m. and I've got to go to work in the morning, can't hunt for it right now, but will try tomorrow. If you send suggestions, please simplify it the best you can. I'm not real smart. Thanks so much!
(Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 8091 Mb
Graphics Card: Intel(R) Q45/Q43 Express Chipset, -274 Mb
Hard Drives: C: Total - 238372 MB, Free - 160487 MB;
Motherboard: Dell Inc., 0200DY
Antivirus: McAfee Anti-Virus and Anti-Spyware, Updated and Enabled)

Computer being slowed by virus/malware?

0
0
This is for my elderly parents' computer. They are very unaware and gullible and unfortunately have a habit of clicking on things they shouldn't be every once in a while. I have been able to clean their machine remotely through Teamviewer in the past, but I can't seem to find anything specific, yet they have been reporting symptoms that to me indicate an infection.

They say everything is very slow at times. They report trying to open up their email for example and it just sits and spins for 5-10 minutes before anything happens. They also report getting booted out of games, like solitaire, at random times going back to the desktop. Long startup times are a problem too. My mother says she will click on something and nothing happens she will have to leave the room and come back 5-10 minutes later to see if it did anything.

I have not seen these symptoms firsthand, as I have only been on their machine sporadically to do specific things for them, run scans, etc. It is very frustrating to them, with my 85 yr old father wanting to throw the computer out the window and buy a new one.

These symptoms have been going on for quite some time. My father said he thinks it started when he did something and installed Windows 8.1. I have theorized that it is possible that he got the installation file from an unscrupulous source and it installed something bad on their machine, but it's something I haven't been able to find.

I've run various scans in the past, but I would like to start from scratch....assume I haven't done anything.

Any help or suggestions one could give would greatly be appreciated! TIA.

I'm also slightly curious...I haven't been here in a couple of years....why no more HJT logs in the 1st post?


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i3-2130 CPU @ 3.40GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 6013 Mb
Graphics Card: Intel(R) HD Graphics, -1988 Mb
Hard Drives: C: Total - 940473 MB, Free - 870014 MB;
Motherboard: Dell Inc., 0478VN
Antivirus: Avira Desktop, Updated and Enabled

winlogon.exe - Bad Image in windows 7

0
0
Hi!

I'd like to seek your advice regarding a 'winlogon.exe - Bad Image' pop up that appeared when i boot my laptop.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 32 bit
Processor: AMD E-450 APU with Radeon(tm) HD Graphics, x64 Family 20 Model 2 Stepping 0
Processor Count: 2
RAM: 3578 Mb
Graphics Card: AMD Radeon HD 6320 Graphics, 384 Mb
Hard Drives: C: Total - 286753 MB, Free - 148287 MB; D: Total - 14226 MB, Free - 1557 MB; E: Total - 4055 MB, Free - 1124 MB; F: Total - 953767 MB, Free - 279897 MB;
Motherboard: Hewlett-Packard, 3387
Antivirus: Microsoft Security Essentials, Updated and Enabled

the model is an hp dm1 notebook pc

so my notebook was having the winlogon.exe bad image issue. then i copied all files to an external drive for back up prior to raising the problem here for assistance. then after clearing out all files, i restarted my unit to reread the pop up dialogs. but, to my surprise, the pop ups had not come up anymore.
i'm not sure if the problem is entirely solved, though. maybe it'll come up in another day? anyways, can you please tell me how i can make sure if the issue is solved?
is it really a virus or malware? is there a possibility that my external drive is infected (from when i made a back up of my files)?
please help.
thanks so much! happy new year!

Remove Block and Surf!

0
0
Hi everyone!
Last week I downloaded a screencamera program (do not ask me why) and after that I can't use my browser because ads are everywhere and everywhere. It is impossible to see clear when these ads just spread and I can't stand killing my PC. And my computer runs very slowly.

I checked Programs to uninstall Block&Surf, but it was not there. I use Google Chrome so I checked Extensions but there was no B&S.
I was hopeless and desperated until I found this topic: http://forums.techguy.org/virus-othe...ove-block.html

I have read it, Lindsey's problem was solved, which is the same as mine. But this topic is closed so I could not reply and I wanted to send a PM to the Hero (who helped her :D ) but I didn't manage to.

So, please HELP me! Useful things to know: Windows 8.1, Google Chrome, and probably other things are important too, so please let me know what information do you need. I am not competent in PC's things, please write down clearly every single process. And another thing: sorry for grammatical mistakes, I learn English as a foreign language.

Thank you,
Maya

Can't Get Rid of Trojan Horse Viruses

0
0
When I ran a 2015 AVG whole computer scan multiple Trojan horse Generic_r.EJI viruses were identified with one fixed. First I clicked "remove all", and the response was "Cannot be removed - element not found."


Then I opened Windows 7 in Safe Mode and ran a whole computer scan selecting "Clean automatically." This did not correct anything, so I ran the scan in Safe Mode selecting "Move infected files to the virus vault," and after doing this, when I then ran a scan in Normal Mode, no threats were detected. However, shortly thereafter the Trojan horse viruses returned.


Again I ran a scan in Safe Mode, which got rid of the threats. Unfortunately they returned shortly thereafter.


This cycle seems to keep repeating. What can I do?

File encryption virus led to more problems

0
0
Hi guys,

A week ago or so after rebooting my wallpaper had turned all black and literally all my pictures and documents were encrypted by CTB-Locker virus saying I had to pay to get it decrypted. I didn't even check the link in the image they gave me, but googling the virus said it would cost ~$120 to get it decrypted, but they had no information on weather they would actually keep their promise, so I just gave up on that option. I (think I) managed to get rid of the virus, but I still haven't found out how to decrypt my files. Unfortunately I had never made a backup to restore, so I'm not sure if it's even do-able.. I'll probably end up trying to pay if I can't find a way to restore or unlock them!

Unfortunately after this drama I have gotten new problems. In all my browsers, (IE/Google/FF) a lot of pages loads extremely slow, or doesn't load at all. My computer (and the internet) works fine on everything else, so I can't find out what is causing this problem!

I would just format everything and re-install Windows, but since I have no clue how to install the raid I have with my SSD and haven't quite given up on the lost files yet I'm going to try a bit more before I hand my computer back in where I bought it! Unfortunately the computer is my work place and it still works for most of what I do, so I am reluctant to be a few days or more without it just yet...

The special instructions left instructions that I should copy paste from the SysInfo file, so here goes!:
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i7 CPU 970 @ 3.20GHz, Intel64 Family 6 Model 44 Stepping 2
Processor Count: 12
RAM: 12279 Mb
Graphics Card: NVIDIA GeForce GTS 450, 1024 Mb
Hard Drives: C: Total - 122001 MB, Free - 20891 MB; D: Total - 1907726 MB, Free - 2004 MB;
Motherboard: ASUSTeK Computer INC., P6T7 WS SUPERCOMPUTER
Antivirus: Microsoft Security Essentials, Updated and Enabled

Any help with restoring or decrypting the documents and pictures and sorting the surfing problem would be greatly appreciated!

Thank you!

JD

Edit: Even this page just keeps loading and it says "Connecting to www.google-analtyics.com...." on the left bottom

System process 50%, unable to clean it up

0
0
Dear guys,

My process System NT kernel is using about 50% cpu.
I did an HijackThis scan and I tried without any success to remove strange lines O23.
Would you please help my to fix this ?

Please find my logs

FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-01-2015
Ran by valentin (administrator) on C2D on 03-01-2015 00:30:35
Running from C:\Users\valentin\Downloads
Loaded Profiles: valentin & UpdatusUser (Available profiles: valentin & UpdatusUser)
Platform: Microsoft Windows 7 Professionnel Service Pack 1 (X86) OS Language: Français (France)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Almico Software (www.almico.com)) C:\Program Files\SpeedFan\speedfan.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\heure.bat - Raccourci.lnk
ShortcutTarget: heure.bat - Raccourci.lnk -> C:\_scripts\heure.bat ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpeedFan.lnk
ShortcutTarget: SpeedFan.lnk -> C:\Program Files\SpeedFan\speedfan.exe (Almico Software (www.almico.com))

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2186584619-3617180529-7830830-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
HKU\S-1-5-21-2186584619-3617180529-7830830-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2186584619-3617180529-7830830-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/Driver...aSmartScan.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240

FireFox:
========
FF ProfilePath: C:\Users\valentin\AppData\Roaming\Mozilla\Firefox\Profiles\lebhwo9p.default
FF Homepage: hxxp://www.valfr.com/home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Forecastfox - C:\Users\valentin\AppData\Roaming\Mozilla\Firefox\Profiles\lebhwo9p.default \Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2013-05-18]
FF Extension: DownloadHelper - C:\Users\valentin\AppData\Roaming\Mozilla\Firefox\Profiles\lebhwo9p.default \Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-20]
FF Extension: Bitdefender QuickScan - C:\Users\valentin\AppData\Roaming\Mozilla\Firefox\Profiles\lebhwo9p.default \Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2015-01-02]
FF Extension: Firebug - C:\Users\valentin\AppData\Roaming\Mozilla\Firefox\Profiles\lebhwo9p.default \Extensions\firebug@software.joehewitt.com.xpi [2012-06-14]
FF Extension: Gmail Watcher - C:\Users\valentin\AppData\Roaming\Mozilla\Firefox\Profiles\lebhwo9p.default \Extensions\gmailwatcher@sonthakit.xpi [2012-06-14]
FF Extension: Media Hint - C:\Users\valentin\AppData\Roaming\Mozilla\Firefox\Profiles\lebhwo9p.default \Extensions\mediahint@jetpack.xpi [2013-08-02]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\valentin\AppData\Roaming\Mozilla\Firefox\Profiles\lebhwo9p.default \Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2014-12-06]
FF Extension: CacheViewer Continued - C:\Users\valentin\AppData\Roaming\Mozilla\Firefox\Profiles\lebhwo9p.default \Extensions\{30E08C68-889E-11E0-95EF-DA7E4824019B}.xpi [2013-08-02]
FF Extension: SoundCloud Downloader - Technowise - C:\Users\valentin\AppData\Roaming\Mozilla\Firefox\Profiles\lebhwo9p.default \Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2014-01-31]
FF Extension: Greasemonkey - C:\Users\valentin\AppData\Roaming\Mozilla\Firefox\Profiles\lebhwo9p.default \Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-08-02]

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [661160 2009-09-12] (Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2326920 2012-04-19] (Acronis)
S3 usnjsvc; C:\Program Files\Windows Live\Messenger\usnsvc.exe [98328 2007-10-18] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 ATITool; C:\Windows\System32\DRIVERS\ATITool.sys [24064 2006-11-10] () [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-06-11] (DT Soft Ltd)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R0 tdrpman251; C:\Windows\System32\DRIVERS\tdrpm251.sys [902432 2012-04-19] (Acronis)
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
S3 WmHidLo; C:\Windows\System32\drivers\WmHidLo.sys [31816 2010-04-27] (Logitech Inc.)
S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-03 00:30 - 2015-01-03 00:32 - 00008012 _____ () C:\Users\valentin\Downloads\FRST.txt
2015-01-03 00:30 - 2015-01-03 00:30 - 00000000 ____D () C:\FRST
2015-01-03 00:26 - 2015-01-03 00:27 - 01115136 _____ (Farbar) C:\Users\valentin\Downloads\FRST.exe
2015-01-03 00:21 - 2015-01-03 00:24 - 00000000 ____D () C:\AdwCleaner
2015-01-03 00:20 - 2015-01-03 00:21 - 02123264 _____ (Farbar) C:\Users\valentin\Downloads\FRST64.exe
2015-01-03 00:20 - 2015-01-03 00:20 - 02173952 _____ () C:\Users\valentin\Downloads\AdwCleaner.exe
2015-01-03 00:07 - 2015-01-03 00:07 - 00229321 _____ () C:\Users\valentin\AppData\Local\census.cache
2015-01-03 00:07 - 2015-01-03 00:07 - 00131138 _____ () C:\Users\valentin\AppData\Local\ars.cache
2015-01-03 00:04 - 2015-01-03 00:04 - 00000010 _____ () C:\Users\valentin\AppData\Local\sponge.last.runtime.cache
2015-01-02 23:51 - 2015-01-02 23:51 - 00000036 _____ () C:\Users\valentin\AppData\Local\housecall.guid.cache
2015-01-02 23:48 - 2015-01-02 23:48 - 00000000 ____D () C:\Users\valentin\AppData\Local\Adobe
2015-01-02 23:43 - 2015-01-02 23:43 - 00000000 ____D () C:\Users\valentin\AppData\Roaming\QuickScan
2015-01-02 23:39 - 2015-01-02 23:39 - 02073112 _____ (Trend Micro Inc.) C:\Users\valentin\Downloads\HousecallLauncher.exe
2015-01-02 23:25 - 2015-01-03 00:10 - 00000000 ____D () C:\Users\valentin\Desktop\backups
2015-01-02 23:24 - 2015-01-03 00:08 - 00018236 _____ () C:\Users\valentin\Desktop\hijackthis.log
2015-01-02 23:20 - 2015-01-02 23:20 - 00388608 _____ (Trend Micro Inc.) C:\Users\valentin\Desktop\HijackThis.exe
2015-01-02 21:22 - 2015-01-02 21:23 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-02 21:20 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-02 21:20 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-02 21:20 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-02 21:20 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-02 21:20 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-02 21:19 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-02 21:19 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-02 21:19 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-02 21:19 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-02 21:19 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-02 21:19 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-02 21:19 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-02 21:19 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-01-02 21:19 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-12-21 17:27 - 2014-11-21 08:18 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-21 17:27 - 2014-11-21 08:17 - 14364672 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-21 17:27 - 2014-11-21 08:17 - 01762816 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-21 17:27 - 2014-11-21 08:17 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-21 17:27 - 2014-11-21 08:17 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-21 17:27 - 2014-11-21 08:17 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-21 17:27 - 2014-11-21 08:17 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-21 17:27 - 2014-11-21 08:16 - 13758976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-21 17:27 - 2014-11-21 08:16 - 02861568 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-21 17:27 - 2014-11-21 08:16 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-21 17:27 - 2014-11-21 08:16 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-21 17:27 - 2014-11-21 08:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-21 17:27 - 2014-11-21 08:16 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-21 17:27 - 2014-11-21 08:16 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-21 17:27 - 2014-11-21 08:16 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-21 17:27 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-21 17:27 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-21 17:27 - 2014-11-21 08:16 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-12-21 17:27 - 2014-11-21 08:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-21 17:27 - 2014-11-21 08:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-21 17:27 - 2014-11-21 08:16 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-21 17:27 - 2014-11-21 07:54 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-21 17:27 - 2014-11-21 07:24 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-21 17:27 - 2014-11-21 06:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-12-21 17:27 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-21 17:27 - 2014-08-29 02:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-12-21 17:27 - 2014-05-08 10:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-12-07 11:05 - 2009-10-17 12:30 - 01049600 _____ (Hazar Co.) C:\Users\valentin\Desktop\Remove WAT.exe
2014-12-07 10:52 - 2012-08-23 15:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-12-07 10:52 - 2012-08-23 15:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-12-07 10:52 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-12-07 10:51 - 2013-10-02 01:42 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-12-07 10:51 - 2013-10-02 01:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-12-07 10:51 - 2013-10-02 01:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-12-07 10:51 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-12-07 10:51 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-12-07 10:51 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-12-07 10:51 - 2013-10-02 00:45 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-12-07 10:51 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-12-07 10:51 - 2013-10-02 00:00 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-12-07 10:51 - 2013-10-01 23:53 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-12-07 10:51 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-12-07 10:45 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-12-07 10:43 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-12-07 10:43 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-12-07 10:42 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-12-07 10:39 - 2014-12-07 10:39 - 00000000 ____D () C:\Windows\Sun
2014-12-06 11:40 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-12-06 11:40 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-12-06 11:39 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-12-06 11:39 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-12-06 11:39 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-12-06 11:39 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-12-06 11:39 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-12-06 11:39 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-12-06 11:39 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-12-06 11:39 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-12-06 11:39 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-12-06 11:39 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-12-06 11:39 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-06 11:39 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-12-06 11:39 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-12-06 11:39 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-12-06 11:39 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-12-06 11:39 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-12-06 11:39 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-12-06 11:39 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-12-06 11:39 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-12-06 11:39 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-12-06 11:39 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-12-06 11:39 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-12-06 11:39 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-12-06 11:39 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-12-06 11:39 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-12-06 11:39 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-12-06 11:39 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-12-06 11:38 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-12-06 11:38 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-12-06 11:38 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-12-06 11:38 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-12-06 11:38 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-03 00:31 - 2012-03-29 19:29 - 01530245 _____ () C:\Windows\WindowsUpdate.log
2015-01-03 00:25 - 2012-06-11 17:15 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-03 00:25 - 2012-06-10 10:57 - 00000000 ____D () C:\Program Files\SpeedFan
2015-01-03 00:25 - 2012-03-31 18:40 - 00023741 _____ () C:\Windows\setupact.log
2015-01-03 00:25 - 2012-03-31 15:06 - 00095458 _____ () C:\Windows\PFRO.log
2015-01-03 00:25 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-03 00:22 - 2012-03-29 19:32 - 00846104 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-03 00:18 - 2009-07-14 05:34 - 00013648 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-03 00:18 - 2009-07-14 05:34 - 00013648 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-02 23:57 - 2012-03-29 20:28 - 00007624 _____ () C:\Users\valentin\AppData\Local\Resmon.ResmonCfg
2015-01-02 21:24 - 2012-06-11 17:08 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-02 21:20 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-12-22 10:47 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-12-22 00:25 - 2012-06-13 21:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-21 18:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-12-07 12:31 - 2012-05-12 21:39 - 00002312 ____H () C:\Users\valentin\Documents\Default.rdp
2014-12-07 12:24 - 2012-04-20 20:44 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-07 12:24 - 2012-04-20 20:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-07 12:15 - 2009-07-14 05:33 - 00287336 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-07 12:14 - 2009-07-14 03:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-07 12:11 - 2009-07-14 09:39 - 00000000 ____D () C:\Windows\system32\Drivers\fr-FR

Some content of TEMP:
====================
C:\Users\valentin\AppData\Local\Temp\14-4-win7-win8-win8.1-32-dd-ccc-whql.exe
C:\Users\valentin\AppData\Local\Temp\AskSLib.dll
C:\Users\valentin\AppData\Local\Temp\cpqma-187b427.dll
C:\Users\valentin\AppData\Local\Temp\DownloadManager.exe
C:\Users\valentin\AppData\Local\Temp\DrvInst64.exe
C:\Users\valentin\AppData\Local\Temp\HpqKbHook-187b427.dll
C:\Users\valentin\AppData\Local\Temp\ICReinstall_switchsetup.exe
C:\Users\valentin\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\valentin\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\valentin\AppData\Local\Temp\MP3_Launcher_1_13_0_0.exe
C:\Users\valentin\AppData\Local\Temp\ose00000.exe
C:\Users\valentin\AppData\Local\Temp\ose00001.exe
C:\Users\valentin\AppData\Local\Temp\ose00002.exe
C:\Users\valentin\AppData\Local\Temp\Quarantine.exe
C:\Users\valentin\AppData\Local\Temp\sfamcc00001.dll
C:\Users\valentin\AppData\Local\Temp\sfareca00001.dll
C:\Users\valentin\AppData\Local\Temp\sfextra.dll
C:\Users\valentin\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-30 13:48

==================== End Of Log ============================



AdwCleaner

# AdwCleaner v4.106 - Rapport créé le 03/01/2015 à 00:24:12
# Mis à jour le 21/12/2014 par Xplode
# Database : 2015-01-01.1 [Live]
# Système d'exploitation : Windows 7 Professional Service Pack 1 (32 bits)
# Nom d'utilisateur : valentin - C2D
# Exécuté depuis : C:\Users\valentin\Downloads\AdwCleaner.exe
# Option : Nettoyer

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\ProgramData\NCH Software
Dossier Supprimé : C:\Program Files\NCH Software
Dossier Supprimé : C:\Users\valentin\AppData\Roaming\dvdvideosoftiehelpers
Dossier Supprimé : C:\Users\valentin\AppData\Roaming\NCH Software
Dossier Supprimé : C:\Users\valentin\AppData\Roaming\Mozilla\Firefox\Profiles\lebhwo9p.default \Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
Dossier Supprimé : C:\Users\valentin\AppData\Roaming\Mozilla\Firefox\Profiles\lebhwo9p.default .BAK\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}

***** [ Tâches planifiées ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****

Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Clé Supprimée : HKCU\Software\Conduit
Clé Supprimée : HKLM\SOFTWARE\Conduit

***** [ Navigateurs ] *****

-\\ Internet Explorer v10.0.9200.17183


-\\ Mozilla Firefox v34.0.5 (x86 fr)


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [1590 octets] - [03/01/2015 00:21:34]
AdwCleaner[S0].txt - [1521 octets] - [03/01/2015 00:24:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1581 octets] ##########


HijackThis

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 00:08:03, on 03/01/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.17183)

FIREFOX: 34.0.5 (x86 fr)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe
C:\Users\valentin\AppData\Local\Temp\HouseCall\housecall.bin
C:\Users\valentin\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - Global Startup: heure.bat - Raccourci.lnk = C:\_scripts\heure.bat
O4 - Global Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/Driver...aSmartScan.cab
O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Programme d’installation pour les modules Windows (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: Temps Windows (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 18234 bytes

System performance issues

0
0
Hello, over the past several months I have been experiencing system performance issues-slow response, both on and off the internet. More recently, I have been getting pop up messages that my computer is not running genuine Windows. Windows Updates have been unable to install. I am wondering if I have malware or if the computer has reached its useful life. Any help would be appreciated. Jay.


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 2008 Mb
Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 780 Mb
Hard Drives: C: Total - 223434 MB, Free - 150591 MB;
Motherboard: Dell Inc., 0G848F
Antivirus: avast! Antivirus, Updated and Enabled

pop ups and hijacking my browser. please help

0
0
One of those bundled program items found it way into my system. It is hijacking my browser and constantly trying to download programs to my system. I have manually removed obvious ones using uninstall programs. I have also downloaded and ran ADWCleaner and have ran it twice and cleaned after each one. Computer is running really slow and it is obviously still corrupted. Please help me find and remove these. I need my computer back asap. I did my best to read and follow the newbie instructions but is hard with all the pop ups and redirects. ADWCleaner reports are below. Thank you.


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: AMD Turion(tm) 64 Mobile Technology MT-30, x86 Family 15 Model 36 Stepping 2
Processor Count: 1
RAM: 1151 Mb
Graphics Card: ATI RADEON XPRESS 200M Series, 128 Mb
Hard Drives: C: Total - 76308 MB, Free - 64122 MB;
Motherboard: To be filled by O.E.M., To be filled by O.E.M.
Antivirus: Microsoft Security Essentials, Updated: Yes, On-Demand Scanner: Enabled


# AdwCleaner v3.022 - Report created 02/01/2015 at 19:25:50
# Updated 13/03/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Robert - ROBERT-5591AD21
# Running from : C:\Documents and Settings\Robert\My Documents\Downloads\AdwCleaner Setup [1].exe
# Option : Scan

***** [ Services ] *****

Service Found : CltMngSvc

***** [ Files / Folders ] *****

File Found : C:\END
Folder Found C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect
Folder Found C:\Documents and Settings\Robert\Application Data\AnyProtectEx
Folder Found C:\Documents and Settings\Robert\Local Settings\Application Data\SearchProtect
Folder Found C:\Documents and Settings\Robert\My Documents\Optimizer Pro
Folder Found C:\Program Files\AnyProtectEx
Folder Found C:\Program Files\predm
Folder Found C:\Program Files\SearchProtect

***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SearchProtect\SearchProtect\bin\VC32Loader.dll
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\Crossrider
Key Found : HKCU\Software\DynConIE
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\Tutorials
Key Found : HKCU\Software\TutoTag
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\Software\Crossrider
Key Found : HKLM\Software\InstallCore
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\Tutorials

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3332410&octid=EB_ORIGINAL_CTID&ISID=IA1B98AA0-21C4-4F82-B1CB-48B03217D820&SearchSource=55&CUI=&UM=8&UP=SPEFFF6703-78A4-449D-BE30-D913B07F9396&SSPV=

-\\ Google Chrome v39.0.2171.95

[ File : C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : icon_url
Found : suggest_url
Found : keyword

*************************

AdwCleaner[R0].txt - [2819 octets] - [02/01/2015 19:25:50]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2879 octets] ##########


# AdwCleaner v3.022 - Report created 02/01/2015 at 20:33:33
# Updated 13/03/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Robert - ROBERT-5591AD21
# Running from : C:\Documents and Settings\Robert\My Documents\Downloads\AdwCleaner Setup [1].exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Tutorials
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\Software\Tutorials

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Google Chrome v39.0.2171.95

[ File : C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2959 octets] - [02/01/2015 19:25:50]
AdwCleaner[R1].txt - [1000 octets] - [02/01/2015 20:33:33]
AdwCleaner[S0].txt - [2858 octets] - [02/01/2015 19:27:53]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1120 octets] ##########



# AdwCleaner v3.022 - Report created 02/01/2015 at 19:27:53
# Updated 13/03/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Robert - ROBERT-5591AD21
# Running from : C:\Documents and Settings\Robert\My Documents\Downloads\AdwCleaner Setup [1].exe
# Option : Clean

***** [ Services ] *****

Service Deleted : CltMngSvc

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\AnyProtectEx
Folder Deleted : C:\Program Files\predm
Folder Deleted : C:\Program Files\SearchProtect
Folder Deleted : C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect
Folder Deleted : C:\Documents and Settings\Robert\Local Settings\Application Data\SearchProtect
Folder Deleted : C:\Documents and Settings\Robert\Application Data\AnyProtectEx
Folder Deleted : C:\Documents and Settings\Robert\My Documents\Optimizer Pro
File Deleted : C:\END

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\DynConIE
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\Crossrider
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Tutorials
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SearchProtect\SearchProtect\bin\VC32Loader.dll

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v39.0.2171.95

[ File : C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

*************************

AdwCleaner[R0].txt - [2959 octets] - [02/01/2015 19:25:50]
AdwCleaner[S0].txt - [2718 octets] - [02/01/2015 19:27:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2778 octets] ##########



# AdwCleaner v3.022 - Report created 02/01/2015 at 20:34:32
# Updated 13/03/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Robert - ROBERT-5591AD21
# Running from : C:\Documents and Settings\Robert\My Documents\Downloads\AdwCleaner Setup [1].exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKLM\Software\Tutorials

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Google Chrome v39.0.2171.95

[ File : C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2959 octets] - [02/01/2015 19:25:50]
AdwCleaner[R1].txt - [1200 octets] - [02/01/2015 20:33:33]
AdwCleaner[S0].txt - [2858 octets] - [02/01/2015 19:27:53]
AdwCleaner[S1].txt - [1129 octets] - [02/01/2015 20:34:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1189 octets] ##########

virus infected

0
0
Hi and thank you in advance for your assistance

I am unable to locate or remove AdChoices from my PC...I have it
on Chrome 40.0 Firefox 35.0 and IE 11


I have run scans with malwarebytes SAS JRT and AdwCleaner
but none of them find/remove anything listed as AdChoices

These ads just bog down my computer and/or lock me up
to the point where I have to reboot

Please help me rid my PC of this pesky thing


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 8
RAM: 16344 Mb
Graphics Card: NVIDIA GeForce GT 620, 1024 Mb
Hard Drives: C: Total - 1907376 MB, Free - 1836324 MB;
Motherboard: Dell Inc., 0NW73C
Antivirus: Windows Defender, Disabled

video popup and text link popup help please

0
0
Thanks for the update, hope your finger heals up quickly with no lasting damage....ouch!!

Just post logs whenever you`re ready, take as much time as you need...

Regards,

Kevin..

[Windows] Urgent help needed: potential virus?

0
0
Hey so yesterday i booted my computer running windows 8.1 and it successfully loaded up windows. But when i tried to enter my password for logging in , the authentication circle kept spinning for hours. So i closed the computer from the cpu and restarted it again. Got to the user login page successfully but still the same infinitely spinning circle Eventually after many tries i was able to login but computer was performing extremely slow.None of the built in windows features were working. Such as when i tried to open control panel nothing happened. The same problem occurred when i tried to open disk defragment, and pretty much any other windows feature. The one exception to this however is that im able to access the metro tile screen, but even from there windows software which includes things like system and the email client refuse to open. But i am able to access the google browser from the metro view or firefox/chrome from the desktop view. But my antivirus(McAfee) and malwarebytes was not opening.Even many other random programs i have downloaded seem to be working fine. When i tried to switch the pc off from the charms bar, the monitor went black but the cpu light continued to stay on. After that i haven't been able to login again and every time the circle keeps spinning. Even if i try to shutdown without logging in, the monitor turns off and the cpu continues to stay on. When i put the computer to sleep it doesnt come back. Initially i thought it was a virus so i followed some instructions and activated command prompt from my windows installation disk through which i managed to get the option to boot into safe mode by pressing f8 repeatedly usable. I can boot into safe mode properly where the computer functions perfectly. I ran a full antivirus scan from there which detected nothing. Please help me as i have been unable to find a solution to the problem.
My copy of windows is genuine and so is my antivirus
Incase you require it i have a desktop (Which is why i know the cpu continues to run)
Intel i5 3rd gen
4gb ram (i think its DDR3)
1 gb dedicated nvidia graphics 640m
1 tb hard drive

Win 8.1 Browser Hacked

0
0
Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to download and run the 64 bit version
  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • under the optional; scans, please also select shorcuts
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Also upload the shortcuts.txt file

Badly Infected - Need Help Removing

0
0
Hello there! My name is Chris and I need a lot of help with removing viruses. Before we get started, and to make things easier, I'll paste my computer information below:

OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 8
RAM: 8139 Mb
Graphics Card: Radeon (TM) HD 7470M, 1024 Mb
Hard Drives: C: Total - 690371 MB, Free - 430754 MB; D: Total - 20768 MB, Free - 2208 MB; E: Total - 4054 MB, Free - 1092 MB;
Motherboard: Hewlett-Packard, 17F9
Antivirus: ThreatTrack Security VIPRE, Updated and Enabled

I figured anyone helping me may want or need that sort of information. Now I read the first post about backing up information, but I'm actually so badly infected that I can't back up anything, nor do I have any resources to back anything into. I can't even create a restore point. With that aside, any of my documents, photos, music, and emails aren't important to begin with.

Now then, I downloaded VIPRE a few months ago, but that was after the infected files were already on my computer. Whenever I try to delete one by using the "securely delete" option that VIPRE gives me, it doesn't work, as usual. I ran a free version scan with SpyHunter 4 and it found a whopping 98 viruses, which I'll list below now.

Rogue.Windows Web Shield (1 infection)
- [RV] {Rogue.Windows Web Shield} LowRickFile Types

Trojan.Poweliks (3 infections)
- [RV] {Trojan.Poweliks} 1803
- [RV] {Trojan.Poweliks}
- [RV] {Trojan.Poweliks} a

Conduit Search/Toolbar (3 infections)
- [D] {Conduit Search/Toolbar} Conduit
- [D] {Conduit Search/Toolbar} SearchProtect
- [D] {Conduit Search/Toolbar} Logs

Search.ividi.org (2 infections)
- [RK] {Search.ividi.org} ividi.org
- [RK] {Search.ividi.org} plug-in

Adtech (1 infection)
- [C] {Adtech} JEB2.BSF8QV92.txt

Advert (1 infection)
- [C] {Advert} uuid.9IJQ4RXT.txt

Adware Helpers (3 infections)
- [RV] {Adware Helpers} {4d2d3b0f-69be-477a-90f5-fddb05357975}
- [RV] {Adware Helpers} bprotectnewtabpageshow
- [RV] {Adware Helpers} bprotectshowtabswelcome

Adware.PassShow (5 infections)
- [D] {Adware.PassShow} PassShow-soft
- [F] {Adware.PassShow} 170.dat
- [F] {Adware.PassShow} a.db
- [F] {Adware.PassShow} b.db
- [F] {Adware.PassShow} Sqlite3.dll

Adware.PlayBryte (1 infection)
- {Adware.PlayBryte} playbryte:prefs.js

Adware.Superfish Window Shopper (6 infections)
- [RK] {Adware.Superfish Window Shopper} superfish.com
- [RV] {Adware.Superfish Window Shopper} NumberOfSubdomains
- [RV] {Adware.Superfish Window Shopper} Total
- [RK] {Adware.Superfish Window Shopper} www.superfish.com
- [F] {Adware.Superfish Window Shopper} www.superfish[1].xml
- [F] {Adware.Superfish Window Shopper} www.superfish[1].xml

Adware.WebSpeed (5 infections)
- [RK] {Adware.WebSpeed} tempo runner
- [RV] {Adware.WebSpeed} Id
- [RV] {Adware.WebSpeed} Index
- [F] {Adware.WebSpeed} Tempo Runner
- [F] {Adware.WebSpeed} Tempo Runner.job

Blingee Plus Toolbar (1 infection)
- [RK] {Blingee Plus Toolbar} blingee.com

PUP.Reimage Repair (64 infections)
- [F] {PUP.Reimage Repair} ttjVSXZ7O69.js
- [F] {PUP.Reimage Repair} ttjAVFI3BAO.js
- [F] {PUP.Reimage Repair} ttjAFXE4KXR.js
- [F] {PUP.Reimage Repair} ttjC6O2ESWH.js
- [F] {PUP.Reimage Repair} ttjGBJSKDCS.js
- [F] {PUP.Reimage Repair} ttjMNBA2RG2.js
- [F] {PUP.Reimage Repair} ttjO8A63DS8.js
- [F] {PUP.Reimage Repair} ttjOSHWSOA1.js
- [F] {PUP.Reimage Repair} ttjRJMCPKLI.js
- [F] {PUP.Reimage Repair} ttj14P786Q3.js
- [F] {PUP.Reimage Repair} ttjAEEJPAWS.js
- [F] {PUP.Reimage Repair} ttjCTMBYAO3.js
- [F] {PUP.Reimage Repair} ttjFFVDGDAK.js
- [F] {PUP.Reimage Repair} ttjJOWD63AM.js
- [F] {PUP.Reimage Repair} ttjLEPO7XSL.js
- [F] {PUP.Reimage Repair} ttjPEU2IZPQ.js
- [F] {PUP.Reimage Repair} ttjQZJVIXVF.js
- [F] {PUP.Reimage Repair} ttjLDTSPZYF.js
- [F] {PUP.Reimage Repair} ttj56A6HCAV.js
- [F] {PUP.Reimage Repair} ttjI86GXUWK.js
- [F] {PUP.Reimage Repair} ttjJXW49LER.js
- [F] {PUP.Reimage Repair} ttjQ07KHKD2.js
- [F] {PUP.Reimage Repair} ttjT0K3GKN3.js
- [F] {PUP.Reimage Repair} ttjV51WEFNP.js
- [F] {PUP.Reimage Repair} ttj[3].js
- [F] {PUP.Reimage Repair} ttj[1].js
- [F] {PUP.Reimage Repair} ttjN05WUWH1.js
- [F] {PUP.Reimage Repair} ttj[6].js
- [F] {PUP.Reimage Repair} ttjAQIILD0V.js
- [F] {PUP.Reimage Repair} ttj38DN9SN3.js
- [F] {PUP.Reimage Repair} ttjDZPB0L1V.js
- [F] {PUP.Reimage Repair} ttj99LVQRNH.js
- [F] {PUP.Reimage Repair} ttjCHKMCSQT.js
- [F] {PUP.Reimage Repair} ttjALRQUOVU.js
- [F] {PUP.Reimage Repair} ttj9S40AJBC.js
- [F] {PUP.Reimage Repair} ttjGTZI1XUZ.js
- [F] {PUP.Reimage Repair} ttj4EASPF07.js
- [F] {PUP.Reimage Repair} ttjKXFDLUON.js
- [F] {PUP.Reimage Repair} ttjRHTSBUZB.js
- [F] {PUP.Reimage Repair} ttjS47DH395.js
- [F] {PUP.Reimage Repair} ttjSDS53N6Q
- [F] {PUP.Reimage Repair} ttjT0R7HWAU.js
- [F] {PUP.Reimage Repair} ttjVSKYECG4.js
- [F] {PUP.Reimage Repair} ttjAJ243ZV8.js
- [F] {PUP.Reimage Repair} ttj6Y1LEZO4.js
- [F] {PUP.Reimage Repair} ttjOSWQIU8P.js
- [F] {PUP.Reimage Repair} ttj[1].js
- [F] {PUP.Reimage Repair} ttj2GZSGHFO.js
- [F] {PUP.Reimage Repair} ttjACVTG47J.js
- [F] {PUP.Reimage Repair} ttjBRWHI1PU.js
- [F] {PUP.Reimage Repair} ttjHCQZQUSR.js
- [F] {PUP.Reimage Repair} ttjSNYJX4XN.js
- [F] {PUP.Reimage Repair} ttjVEWEI06F.js
- [F] {PUP.Reimage Repair} ttjW20ME9LK.js
- [F] {PUP.Reimage Repair} ttjX7DGUM8F.js
- [F] {PUP.Reimage Repair} ttjY7L74ERD.js
- [F] {PUP.Reimage Repair} ttjFXVL2G62.js
- [F] {PUP.Reimage Repair} ttj4UFWA9KT.js
- [F] {PUP.Reimage Repair} ttjBO984QGX.js
- [F] {PUP.Reimage Repair} ttjCTGD7UZ1.js
- [F] {PUP.Reimage Repair} ttjT2H27XQG.js
- [F] {PUP.Reimage Repair} ttjT7N26DFH.js
- [F] {PUP.Reimage Repair} ttjXW4T4ZDI.js
- [F] {PUP.Reimage Repair} ttjNA6A57SG.js

Statcounter (2 infections)
- [C] {Statcounter} is_unique
- [C] {Statcounter} is_visitor_unique

Aside from these viruses, I have a thing that's called dvdupgrd.exe and it's a virus in my System 32 folder. I can't delete it, but it's a big problem. Any and all help would be greatly appreciated. What brought my attention to this happened to be VIPRE blocking something from opening countless times. I also want to say that Google Chrome takes forever to load pages sometimes, and this has only happened about three to four days ago. Also, my games start lagging really badly, which is unusual for me. I lag, but I don't lag as bad as this.

Thank you in advance and I hope we can resolve this issue quickly without ruining my computer.

Another Safesearch Sufferer

0
0
After trying numerous antivirus and anti-spyware solutions, I discovered another program (I will not mention its name unless I am privately messaged), and lo and behold! the offending SafeSearch was removed (after rebooting).

I am marking this issue solved. I am appalled how difficult that malware was to remove! But what a relief now that it is gone!

:up:

threats

0
0
Folder Deleted : C:\Users\Marianne\AppData\Local\iMesh
Folder Deleted : C:\Users\Marianne\AppData\Roaming\DownLite
File Deleted : C:\Users\Marianne\daemonprocess.txt
File Deleted : C:\Users\Marianne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk

***** [ Scheduled Tasks ] *****

Task Deleted : UpdaterEX

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.AudioCD
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.Device
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.file
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Ha ndlers\IMPlayCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Ha ndlers\IMRipCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Ha ndlers\IMShowCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Ha ndlers\IMShowVolumeOnArrival
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BackgroundHost.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{969D2C61-9B16-407C-86B7-397BF4579BE6}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{969D2C61-9B16-407C-86B7-397BF4579BE6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2C353E32-B8AC-4B82-B988-4C2D3394388A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\UpdaterEX
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\Imesh
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX

***** [ Browsers ] *****Folder Deleted : C:\Users\Marianne\AppData\Local\iMesh
Folder Deleted : C:\Users\Marianne\AppData\Roaming\DownLite
File Deleted : C:\Users\Marianne\daemonprocess.txt
File Deleted : C:\Users\Marianne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk

***** [ Scheduled Tasks ] *****

Task Deleted : UpdaterEX

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.AudioCD
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.Device
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.file
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Ha ndlers\IMPlayCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Ha ndlers\IMRipCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Ha ndlers\IMShowCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Ha ndlers\IMShowVolumeOnArrival
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BackgroundHost.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{969D2C61-9B16-407C-86B7-397BF4579BE6}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{969D2C61-9B16-407C-86B7-397BF4579BE6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2C353E32-B8AC-4B82-B988-4C2D3394388A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\UpdaterEX
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\Imesh
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX

***** [ Browsers ] *****
Viewing all 4746 articles
Browse latest View live




Latest Images