Sponsored By

Sign in to follow this  
lamiyasmommye25

Pop ups

Recommended Posts

Howdy Lamiya and welcome to BestTechie !!!  

My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.

Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !!

If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!
Do Not Remove anything or run any tools/programs until advised to do so !

Perform all actions in the order given.

Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up !  

Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections.  

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.  


===================================


AdwCleaner
       
Please download adwcleaner by Xplode onto your desktop.
Double click on AdwCleaner.exe to run the tool again.
       Windows XP : Double click on the icon to run it.

       Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

    *Click on the Scan button.
    *AdwCleaner will begin to scan your computer like it did before.
    *After the scan has finished .......
    
    This time, click on the Clean button.
    
    *Press OK when asked to close all programs and follow the onscreen prompts.
    *Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    *After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
    *Copy and paste the contents of that logfile in your next reply.
    *A copy of that logfile will also be saved in the C:\AdwCleaner folder.



NEXT

thisisujrt-1.gif
    Please download Junkware Removal Tool and save to your desk top.

    Shut down your protection software now to avoid potential conflicts.

    * Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    * The tool will open and start scanning your system.
    * Please be patient as this can take a while to complete depending on your system's specifications.
    * On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    * Post the contents of JRT.txt into your next reply !

Re-Boot your computer now !!


NEXT


MALWAREBYTES with Pics:

Please download Malwarebytes' Anti-Malware to your desktop.


    * Double-click  mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to  Update Malwarebytes' Anti-Malware and  Launch Malwarebytes' Anti-Malware, then click  Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select  Perform quick scan, then click Scan.

mbam-1.jpg


When the scan is complete, click  OK, then  Show Results to view the results.

scan-finished.jpg

    *  Then click  Remove Selected .
    * When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
    * Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
    Or via the Logs tab when the application is started.



Please don't attach the scans / logs, use "copy/paste".


Post next:
1. AdwCleaner Log
2. Junkware Removal Log
3. Malwarebytes log
Thanks
Chuck
 

Share this post


Link to post
Share on other sites

# AdwCleaner v3.014 - Report created 08/12/2013 at 18:30:47 # Updated 01/12/2013 by Xplode # Operating System : Windows 8 (64 bits) # Username : KatrinaGose - LAMIYASMOMMY # Running from : C:\Users\KatrinaGose\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OAVS9ITP\adwcleaner.exe # Option : Clean

***** [ Services ] *****

[#] Service Deleted : BackupStack Service Deleted : CltMngSvc Service Deleted : lssvc Service Deleted : vToolbarUpdater17.1.2

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar Folder Deleted : C:\ProgramData\Conduit Folder Deleted : C:\ProgramData\PCFixSpeed Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Kit Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar Folder Deleted : C:\Program Files (x86)\Conduit Folder Deleted : C:\Program Files (x86)\Giant Savings Extension Folder Deleted : C:\Program Files (x86)\Linksicle Folder Deleted : C:\Program Files (x86)\MyPC Backup Folder Deleted : C:\Program Files (x86)\PC Health Kit Folder Deleted : C:\Program Files (x86)\PCFixSpeed Folder Deleted : C:\Program Files (x86)\PricePeep Folder Deleted : C:\Program Files (x86)\Searchprotect Folder Deleted : C:\Program Files (x86)\InternetHelper3.7 Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search Folder Deleted : C:\Program Files\Linksicle Folder Deleted : C:\Users\KatrinaGose\AppData\Local\AVG SafeGuard toolbar Folder Deleted : C:\Users\KatrinaGose\AppData\Local\Conduit Folder Deleted : C:\Users\KatrinaGose\AppData\Local\Giant Savings Extension Folder Deleted : C:\Users\KATRIN~1\AppData\Local\Temp\AirInstaller Folder Deleted : C:\Users\KatrinaGose\AppData\LocalLow\AVG SafeGuard toolbar Folder Deleted : C:\Users\KatrinaGose\AppData\LocalLow\Conduit Folder Deleted : C:\Users\KatrinaGose\AppData\LocalLow\InternetHelper3.7 Folder Deleted : C:\Users\KatrinaGose\AppData\Roaming\PC Health Kit Folder Deleted : C:\Users\KatrinaGose\AppData\Roaming\PCFixSpeed Folder Deleted : C:\Users\KatrinaGose\AppData\Roaming\Searchprotect Folder Deleted : C:\Users\KatrinaGose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup Folder Deleted : C:\Users\KatrinaGose\Documents\PC Health Kit Folder Deleted : C:\Users\KatrinaGose\AppData\Local\Google\Chrome\User Data\Default\Extensions\halffneccaebicfdfajnbfgpglahfgoe File Deleted : C:\END File Deleted : C:\Users\Public\Desktop\eBay.lnk File Deleted : C:\Users\KatrinaGose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk File Deleted : C:\Users\KatrinaGose\Desktop\MyPC Backup.lnk File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [backgroundContainer] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [PC Health Kit] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchProtect] Key Deleted : HKLM\SOFTWARE\Classes\AppID\PricePeep.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1 Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1 Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1 Key Deleted : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho Key Deleted : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho.1 Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1 Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1 Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [PCFixSpeed] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021810.BHO Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021810.BHO.1 Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021810.Sandbox Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021810.Sandbox.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3315828 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110211181110} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8E2479DE-6096-41F3-90AB-83BE9946AA2D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B052E68E-A114-4480-B416-C8E617D346A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220222182210} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255185510} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186610} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440244184410} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211181110} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E2479DE-6096-41F3-90AB-83BE9946AA2D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211181110} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E2479DE-6096-41F3-90AB-83BE9946AA2D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211181110} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E2479DE-6096-41F3-90AB-83BE9946AA2D} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181110} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B052E68E-A114-4480-B416-C8E617D346A9} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181110} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181110} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC46E44B-B03E-445B-AF20-9F3FA491BC44} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9421FD2-7A3A-43EB-9988-C2B40E6A25DB} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8E2479DE-6096-41F3-90AB-83BE9946AA2D}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{8E2479DE-6096-41F3-90AB-83BE9946AA2D}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{8E2479DE-6096-41F3-90AB-83BE9946AA2D}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{8E2479DE-6096-41F3-90AB-83BE9946AA2D}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255185510} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186610} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Value Deleted : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1] Key Deleted : HKCU\Software\AVG SafeGuard toolbar Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Cr_Installer Key Deleted : HKCU\Software\InstallCore Key Deleted : HKCU\Software\installedbrowserextensions Key Deleted : HKCU\Software\PC Health Kit Key Deleted : HKCU\Software\SearchProtect Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider Key Deleted : HKCU\Software\AppDataLow\Software\Giant Savings Extension Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\AppDataLow\Software\InternetHelper3.7 Key Deleted : HKLM\Software\AVG SafeGuard toolbar Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\SearchProtect Key Deleted : HKLM\Software\InternetHelper3.7 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Giant Savings Extension Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Health Kit_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]

*************************

Share this post


Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.8 (11.05.2013:1) OS: Windows 8 x64 Ran by KatrinaGose on Sun 12/08/2013 at 18:42:45.45 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1 Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{21814ACA-7665-4839-85DA-BEF1D4D24443} Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66516A07-F617-488A-90CF-4E690CFB3C5F} Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66516A07-F617-488A-90CF-4E690CFB3C5F}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Users\KatrinaGose\appdata\locallow\myfuncards_5mei" Failed to delete: [Folder] "C:\Program Files (x86)\myfuncards_5mei" Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pc fix speed"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sun 12/08/2013 at 18:46:58.23 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Share this post


Link to post
Share on other sites

Lam ..... i think i got your log straightened out, this is what it should of looked like !!

 

This has to be filled with more stuff to remove than i think i have seen ......... surprised it even runs !! But i think we can clean it all up !

 

# AdwCleaner v3.014 - Report created 08/12/2013 at 18:30:47 # Updated 01/12/2013 by Xplode # Operating System :
Windows 8 (64 bits) # Username : KatrinaGose - LAMIYASMOMMY # Running from :
 C:\Users\KatrinaGose\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OAVS9ITP\
adwcleaner.exe # Option : Clean ***** [ Services ] ***** [#] Service Deleted :
 BackupStack Service Deleted : CltMngSvc Service Deleted :
 lssvc Service Deleted :
vToolbarUpdater17.1.2 ***** [ Files / Folders ] ***** Folder Deleted :
C:\ProgramData\AVG SafeGuard toolbar Folder Deleted :
C:\ProgramData\Conduit Folder Deleted :
C:\ProgramData\PCFixSpeed Folder Deleted :
 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Kit Folder Deleted :
 C:\Program Files (x86)\AVG SafeGuard toolbar Folder Deleted :
C:\Program Files (x86)\Conduit Folder Deleted :
C:\Program Files (x86)\Giant Savings Extension Folder Deleted :
 C:\Program Files (x86)\Linksicle Folder Deleted :
 C:\Program Files (x86)\MyPC Backup Folder Deleted :
 C:\Program Files (x86)\PC Health Kit Folder Deleted :
 C:\Program Files (x86)\PCFixSpeed Folder Deleted :
 C:\Program Files (x86)\PricePeep Folder Deleted :
 C:\Program Files (x86)\Searchprotect Folder Deleted :
C:\Program Files (x86)\InternetHelper3.7 Folder Deleted :
 C:\Program Files (x86)\Common Files\AVG Secure Search Folder Deleted :
C:\Program Files\Linksicle Folder Deleted :
 C:\Users\KatrinaGose\AppData\Local\AVG SafeGuard toolbar Folder Deleted :
 C:\Users\KatrinaGose\AppData\Local\Conduit Folder Deleted :
C:\Users\KatrinaGose\AppData\Local\Giant Savings Extension Folder Deleted :
 C:\Users\KATRIN~1\AppData\Local\Temp\AirInstaller Folder Deleted :
 C:\Users\KatrinaGose\AppData\LocalLow\AVG SafeGuard toolbar Folder Deleted :
 C:\Users\KatrinaGose\AppData\LocalLow\Conduit Folder Deleted :
 C:\Users\KatrinaGose\AppData\LocalLow\InternetHelper3.7 Folder Deleted :
 C:\Users\KatrinaGose\AppData\Roaming\PC Health Kit Folder Deleted :
 C:\Users\KatrinaGose\AppData\Roaming\PCFixSpeed Folder Deleted :
 C:\Users\KatrinaGose\AppData\Roaming\Searchprotect Folder Deleted :
 C:\Users\KatrinaGose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup Folder Deleted :
 C:\Users\KatrinaGose\Documents\PC Health Kit Folder Deleted :
 C:\Users\KatrinaGose\AppData\Local\Google\Chrome\User Data\Default\Extensions\halffneccaebicfdfajnbfgpglahfgoe File Deleted :
 C:\END File Deleted : C:\Users\Public\Desktop\eBay.lnk File Deleted :
 C:\Users\KatrinaGose\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk File Deleted :
 C:\Users\KatrinaGose\Desktop\MyPC Backup.lnk File Deleted :
 C:\Windows\System32\Tasks\BackgroundContainer Startup Task ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted :
HKCU\Software\Microsoft\Windows\CurrentVersion\Run [backgroundContainer] Value Deleted :
 HKCU\Software\Microsoft\Windows\CurrentVersion\Run [PC Health Kit] Value Deleted :
 HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchProtect] Key Deleted :
 HKLM\SOFTWARE\Classes\AppID\PricePeep.DLL Key Deleted :
HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted :
 HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL Key Deleted :
 HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE Key Deleted :
 HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted :
 HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI Key Deleted :
 HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1 Key Deleted :
 HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj Key Deleted :
 HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1 Key Deleted :
 HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler Key Deleted :
 HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1 Key Deleted :
 HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho Key Deleted :
 HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho.1 Key Deleted :
 HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Deleted :
 HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted :
 HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted :
 HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils Key Deleted :
 HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1 Key Deleted :
 HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager Key Deleted :
 HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1 Key Deleted :
 HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager Key Deleted :
HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1 Key Deleted :
 HKLM\SOFTWARE\Classes\TbHelper.TbRequest Key Deleted :
 HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1 Key Deleted :
 HKLM\SOFTWARE\Classes\TbHelper.TbTask Key Deleted :
 HKLM\SOFTWARE\Classes\TbHelper.TbTask.1 Key Deleted :
 HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper Key Deleted :
 HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1 Key Deleted :
 HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier Key Deleted :
 HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1 Key Deleted :
 HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl Key Deleted :
 HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1 Key Deleted :
 HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager Key Deleted :
 HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1 Key Deleted :
 HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook Key Deleted :
 HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1 Key Deleted :
 HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted :
 HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup Value Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [PCFixSpeed] Value Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll] Value Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Key Deleted :
 HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted :
 HKLM\SOFTWARE\Classes\CrossriderApp0021810.BHO Key Deleted :
HKLM\SOFTWARE\Classes\CrossriderApp0021810.BHO.1 Key Deleted :
 HKLM\SOFTWARE\Classes\CrossriderApp0021810.Sandbox Key Deleted :
 HKLM\SOFTWARE\Classes\CrossriderApp0021810.Sandbox.1 Key Deleted :
 HKLM\SOFTWARE\Classes\Toolbar.CT3315828 Key Deleted :
 HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted :
 HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted :
 HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892} Key Deleted :
 HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} Key Deleted :
 HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted :
 HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D} Key Deleted :
HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110211181110} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{8E2479DE-6096-41F3-90AB-83BE9946AA2D} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{B052E68E-A114-4480-B416-C8E617D346A9} Key Deleted :
 HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220222182210} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003} Key Deleted :
HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255185510} Key Deleted :
 HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186610} Key Deleted
: HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE} Key Deleted :
 HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408} Key Deleted :
 HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted :
 HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted :
 HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148} Key Deleted :
 HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted :
 HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C} Key Deleted :
 HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440244184410} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211181110} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E2479DE-6096-41F3-90AB-83BE9946AA2D} Key Deleted :
 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted :
 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} Key Deleted :
 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted :
 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted :
 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted :
 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} Key Deleted :
 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211181110} Key Deleted :
 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E2479DE-6096-41F3-90AB-83BE9946AA2D} Key Deleted :
 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted :
 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} Key Deleted :
 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted :
 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted :
 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} Key Deleted :
 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211181110} Key Deleted :
 HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E2479DE-6096-41F3-90AB-83BE9946AA2D} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181110} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B052E68E-A114-4480-B416-C8E617D346A9} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted:
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181110} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181110} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC46E44B-B03E-445B-AF20-9F3FA491BC44} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9421FD2-7A3A-43EB-9988-C2B40E6A25DB} Key Deleted :
 HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted :
 HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted :
 HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted :
 HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Value Deleted :
 HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Deleted :
 HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}] Value Deleted :
 HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8E2479DE-6096-41F3-90AB-83BE9946AA2D}] Value Deleted :
 HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{8E2479DE-6096-41F3-90AB-83BE9946AA2D}] Value Deleted :
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{8E2479DE-6096-41F3-90AB-83BE9946AA2D}] Value Deleted :
 HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{8E2479DE-6096-41F3-90AB-83BE9946AA2D}] Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\CLSID\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B} Key Deleted :
[x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Key Deleted :
[x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255185510} Key Deleted :
 [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186610} Key Deleted :
 [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} Key Deleted :
 [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted :
 [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted :
 [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Value Deleted :
 HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1] Key Deleted :
 HKCU\Software\AVG SafeGuard toolbar Key Deleted :
 HKCU\Software\Conduit Key Deleted :
HKCU\Software\Cr_Installer Key Deleted :
 HKCU\Software\InstallCore Key Deleted :
 HKCU\Software\installedbrowserextensions Key Deleted :
 HKCU\Software\PC Health Kit Key Deleted :
 HKCU\Software\SearchProtect Key Deleted :
 HKCU\Software\AppDataLow\Toolbar Key Deleted :
 HKCU\Software\AppDataLow\Software\BackgroundContainer Key Deleted :
 HKCU\Software\AppDataLow\Software\Conduit Key Deleted :
 HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted :
 HKCU\Software\AppDataLow\Software\Crossrider Key Deleted :
 HKCU\Software\AppDataLow\Software\Giant Savings Extension Key Deleted :
 HKCU\Software\AppDataLow\Software\SmartBar Key Deleted :
 HKCU\Software\AppDataLow\Software\InternetHelper3.7 Key Deleted :
 HKLM\Software\AVG SafeGuard toolbar Key Deleted :
 HKLM\Software\AVG Security Toolbar Key Deleted :
 HKLM\Software\Conduit Key Deleted :
 HKLM\Software\SearchProtect Key Deleted :
 HKLM\Software\InternetHelper3.7 Key Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar Key Deleted :
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Giant Savings Extension Key Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Health Kit_is1 Key Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep Key Deleted :
 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect Key Deleted :
 [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16537 Setting Restored :
 HKCU\Software\Microsoft\Internet Explorer\Main [start Page] *************************

Share this post


Link to post
Share on other sites

Lam ...... Malwarebytes log can be found under the Logs (Tab) when you open Malwarebytes. Open (click) Logs tab > then open the log found there > it will open in Notepad copy & paste it into your topic !!

 

 

Thanks

Chuck
 

Share this post


Link to post
Share on other sites

Hi Lam, after you post the Malwarebytes log i need you to run these programs and post their logs !

 

Security Check

Please download and save SecurityCheck.exe to your Desktop from one of the links below.

Link 1 >>> http://screen317.spywareinfoforum.org/SecurityCheck.exe.

Link 2 >>> http://screen317.changelog.fr/SecurityCheck.exe

    * Double click SecurityCheck.exe and follow the onscreen instructions inside the black box.
    * A Notepad document should open automatically called checkup.txt
    * Please post the contents of that document in your next reply.

 

 

=======================

 

 

 

Run RogueKiller

IMPORTANT: Do not reboot your computer if at all possible otherwise the malware will reactivate and you will have to run RogueKiller again

Download RogueKiller to your desktop. >>> http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

    close all running programs
    for Windows Vista/Seven, right click -> run as administrator, for XP simply double-click on RogueKiller.exe
    when the prescan is finished, click on Scan
    click on Report and copy/paste the content in your next post.[/list
    If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe

Please post the contents of the RKreport.txt in your next reply.

 

 

 

====================

 

 

 

Download DDS and save it to your Desktop.  >>> DDS


    Double click dds.scr to run the tool.
    If using Vista or Windows 7 you will be prompted by UAC, please allow the prompt.
    DDS will now scan your computer.
    When the scan is complete, DDS will open two (2) logs:
        DDS.txt
        Attach.txt
    If not saved these logs will be automatically deleted when closed, so save both to your Desktop.
    Please note it is important that you post BOTH logs in your topic.


Please note: DDS will ask you to attach the second log (Attach.txt), please ignore this notice and post the log instead.


 

 

I need these logs next:

1. SecurityCheck log

2. RogueKiller log

3. DDS log(s)

 

Thanks

Chuck

Share this post


Link to post
Share on other sites

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.08.04

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16721
KatrinaGose :: LAMIYASMOMMY [administrator]

Protection: Enabled

12/8/2013 7:04:57 PM
mbam-log-2013-12-08 (19-04-57).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 214274
Time elapsed: 6 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKCU\Software\PCFixSpeed (PUP.Optional.PCFixSpeed) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\PCFixSpeed (PUP.Optional.PCFixSpeed) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Users\KatrinaGose\AppData\Local\Temp\ct3315828 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

Files Detected: 23
C:\Users\KatrinaGose\AppData\Local\Temp\air44F3.exe (PUP.Optional.Linksicle) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\AppData\Local\Temp\nshE75D.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\AppData\Local\Temp\nsqCAD9.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\AppData\Local\Temp\ct3315828\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\AppData\Local\Temp\ct3315828\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\AppData\Local\Temp\ct3315828\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\AppData\Local\Temp\ct3315828\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\AppData\Local\Temp\is754907076\9678114_Setup.EXE (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\AppData\Local\Temp\is754907076\PCFixSpeedSetup.exe (PUP.Optional.PCFixSpeed) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\Local Settings\Temporary Internet Files\Content.IE5\NSIOIEWE\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\Local Settings\Temporary Internet Files\Content.IE5\NSIOIEWE\InternetHelper3.7[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\Local Settings\Temporary Internet Files\Content.IE5\NSIOIEWE\MyFunCards.exe (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\Local Settings\Temporary Internet Files\Content.IE5\NSIOIEWE\setup.exe (PUP.Optional.AirInstaller) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\Local Settings\Temporary Internet Files\Content.IE5\OAVS9ITP\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\Local Settings\Temporary Internet Files\Content.IE5\TGE8Y98G\CouponXplorer.exe (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\Local Settings\Temporary Internet Files\Content.IE5\TGE8Y98G\FacebookVideoCallSetup_v1.2.205.0.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\Local Settings\Temporary Internet Files\Content.IE5\TGE8Y98G\stublogic[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\Local Settings\Temporary Internet Files\Content.IE5\W53K42BC\linksicle-setup-1.8.2.0[1].exe (PUP.Optional.Linksicle) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\Local Settings\Temporary Internet Files\Content.IE5\W53K42BC\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\Desktop\PC Health Kit.lnk (Rogue.PCHealthKit) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\AppData\Local\Temp\ct3315828\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\KatrinaGose\AppData\Local\Temp\ct3315828\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

(end)

Share this post


Link to post
Share on other sites

Please continue with my post above !! Run Security check, Rouge killer & DDS programs & post the logs for me.

 

 

Thanks

Chuck

Share this post


Link to post
Share on other sites

Just leave Malwarebytes & all the tools we are using in case we have to run them again, we will remove all after we are done cleaning

!!

Just close any program or log that we are not using now !!

Share this post


Link to post
Share on other sites

You posted the Malwarebytes log ! That's it, it cleaned everything it found bad !! So on to the next program !

 

Chuck

Share this post


Link to post
Share on other sites

Lam. Run Security check, Rouge killer & DDS programs & post the logs for me !! Instructions are above !

Share this post


Link to post
Share on other sites

I just replied on the last page !!!    page 1 ........... Post #7 from me ! If you look to the direct right of your name it will give you the post # ......... please do #7 and post the logs !!!

 

Chuck

Share this post


Link to post
Share on other sites

Lami, do Next !! Just click & run, there will be a log from each program !! Copy & Paste into your topic !

 

 

Security Check

Please download and save SecurityCheck.exe to your Desktop from one of the links below.

Link 1 >>> http://screen317.spywareinfoforum.org/SecurityCheck.exe.

Link 2 >>> http://screen317.changelog.fr/SecurityCheck.exe

    * Double click SecurityCheck.exe and follow the onscreen instructions inside the black box.
    * A Notepad document should open automatically called checkup.txt
    * Please post the contents of that document in your next reply.

 

 

 

 

NEXT

 

 

 

 

Run RogueKiller

IMPORTANT: Do not reboot your computer if at all possible otherwise the malware will reactivate and you will have to run RogueKiller again

Download RogueKiller to your desktop. >>> http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

    close all running programs
    for Windows Vista/Seven, right click -> run as administrator, for XP simply double-click on RogueKiller.exe
    when the prescan is finished, click on Scan
    click on Report and copy/paste the content in your next post.[/list
    If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe

Please post the contents of the RKreport.txt in your next reply.

 

 

 

 

 

NEXT

 

 

 

 

Download DDS and save it to your Desktop.  >>> DDS


    Double click dds.scr to run the tool.
    If using Vista or Windows 7 you will be prompted by UAC, please allow the prompt.
    DDS will now scan your computer.
    When the scan is complete, DDS will open two (2) logs:
        DDS.txt
        Attach.txt
    If not saved these logs will be automatically deleted when closed, so save both to your Desktop.
    Please note it is important that you post BOTH logs in your topic.


Please note: DDS will ask you to attach the second log (Attach.txt), please ignore this notice and post the log instead.

 

 

 

I need these logs next:

1. SecurityCheck log

2. RogueKiller log

3. DDS log(s)

 

Thanks

Chuck

Share this post


Link to post
Share on other sites

5 days with no reply this topic is now closed. If you need it re-opened please PM me or another Mod !

 

Thanks

Chuck

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this