Friday
2019-10-29, 14:47
The following instructions have been created to help you to get rid of "PU.Mindspark.OryteTV" manually.
Use this guide at your own risk; software should usually be better suited to remove malware, since it is able to look deeper.
If this guide was helpful to you, please consider donating towards this site (http://www.safer-networking.org/index.php?page=donate).
Threat Details:
Categories:
pups
Description:
PU.Mindspark.OryteTV installs a toolbar by Mindspark Interactive Network.
Removal Instructions:
Autorun:
Important: There are more autorun entries that cannot be safely described in simple words. Please use Spybot-S&D (http://www.safer-networking.org/index.php?page=spybotsd) to remove them.
Installed Software List:
You can try to uninstall products with the names listed below; for items identified by other properties or to avoid malware getting active again on uninstallation, use Spybot-S&D (http://www.safer-networking.org/index.php?page=spybotsd) or RunAlyzer (http://www.safer-networking.org/index.php?page=runalyzer) to locate and get rid of these entries.
Products that have a key or property named "OryteTV???bar Uninstall".
Files:
Important: There are more files that cannot be safely described in simple words. Please use Spybot-S&D (http://www.safer-networking.org/index.php?page=spybotsd) to remove them.
Folders:
Please use Windows Explorer or another file manager of your choice to locate and delete these folders.
The directory at "<$PROGRAMFILES>\OryteTV_4g\bar\Message".
The directory at "<$PROGRAMFILES>\OryteTV_4g\bar\Settings".
The directory at "<$PROGRAMFILES>\OryteTV_4g\bar".
The directory at "<$PROGRAMFILES>\OryteTV_4g".
Make sure you set your file manager to display hidden and system files. If PU.Mindspark.OryteTV uses rootkit technologies, use our RootAlyzer (http://forums.spybot.info/downloads.php?id=8) or our Total Commander anti-rootkit plugins (http://forums.spybot.info/downloads.php?id=3).
You will have to use a global search for files without a name specified. Be extra careful, because just the name might not be enough to identify folders!
Important: There are more files that cannot be safely described in simple words. Please use Spybot-S&D (http://www.safer-networking.org/index.php?page=spybotsd) to remove them.
Registry:
You can use regedit.exe (included in Windows) to locate and delete these registry entries.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.DataControl.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.DataControl", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.DynamicBarButton.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.DynamicBarButton", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.FeedManager.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.FeedManager", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.HTMLMenu.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.HTMLMenu", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.HTMLPanel.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.HTMLPanel", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.MultipleButton.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.MultipleButton", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.PseudoTransparentPlugin.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.PseudoTransparentPlugin", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.Radio.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.Radio", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.RadioSettings.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.RadioSettings", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.ScriptButton.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.ScriptButton", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.SettingsPlugin.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.SettingsPlugin", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.ThirdPartyInstaller.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.ThirdPartyInstaller", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.ToolbarPlugin.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.ToolbarPlugin", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.UrlAlertButton.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.UrlAlertButton", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.XMLSessionPlugin.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.XMLSessionPlugin", plus associated values.
Delete the registry key "@OryteTV_4g.com/Plugin" at "HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\".
Delete the registry key "{00FF3E44-749E-4FAF-8209-3E6AE71A1F27}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{023DC239-90F6-42B6-AA44-CD5AA0118174}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{0DB2267B-86D8-4411-B089-24B4EC1958D1}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{1697b806-3c8f-4ad6-a2c6-7cd2e10b4f8d}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{1697b806-3c8f-4ad6-a2c6-7cd2e10b4f8d}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\".
Delete the registry key "{176F645C-8BA0-471A-98E9-0CA16FECD81C}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{17E4F490-7FC8-4CD2-B68D-A238706CFD6C}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{1be7a164-3ffd-45f5-85ee-f653964c76c2}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{1c865c62-fe2a-4265-903d-8eefa7232c4f}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\".
Delete the registry key "{1D76D826-36D8-43C0-B97D-3050F66C323F}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{2525EDC8-CDD1-4E03-9DE4-D54F3D5A6C61}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{28C314F6-C57B-4AC3-B2E3-87FFA581169E}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{2cff2f06-22aa-4c6f-a20b-6539e57e4bf0}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{2cff2f06-22aa-4c6f-a20b-6539e57e4bf0}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\".
Delete the registry key "{2D5E2316-CB21-4469-9CDE-D63EB2EE2A5E}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{2d62a830-a1c1-4139-82f4-0c5b7a2c4750}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{308e3a5f-a22a-43c7-8e23-7b1895409fff}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{37c95f22-a8ef-4c20-ab72-a0aa9ae46dbc}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{37c95f22-a8ef-4c20-ab72-a0aa9ae46dbc}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\".
Delete the registry key "{455EBFCF-6C69-4A66-8010-14034A798B6D}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{469EB0DF-AA0A-4208-85F0-7A624767DB2C}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{4CA1700C-38B4-4B08-9197-564945C47F51}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{4E9E0BAC-00C2-4906-82CB-9FF04BC9FEA1}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{52ec799a-6138-42d2-b29d-ab06be00505e}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{537dde78-aa38-43fa-abd4-03658892117b}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{537dde78-aa38-43fa-abd4-03658892117b}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\".
Delete the registry key "{57458B18-C825-4938-A94D-CE4FDD5FF765}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{593E8C47-E19B-4A96-996E-9D8A95409291}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{5BD2575B-A4F0-4CB0-884E-AB28E5229551}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{5D3CDE92-424C-4BF1-AC14-2FCB719C9C50}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{5d3cde92-424c-4bf1-ac14-2fcb719c9c50}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\".
Delete the registry key "{5EE8C8BC-753E-48BD-A50F-3881D02B2AD7}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{5fc8ff1f-c136-4abb-9a78-9c7cd19d21e2}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{62404C15-B2F6-4CD5-A265-FB4AA1462935}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{66686345-3548-4E80-AB1A-F8A8E05CF052}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{694ddfd1-d4e8-4646-b7ec-4e4892ca7fe9}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{6b7c4c9c-1fdd-4115-a189-d230db6d0902}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{6bb5f1d0-990e-441d-9ac0-d61ffda48adc}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{6D88C29D-0EC8-454B-A9A7-17DE2F0CDCE0}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{6e54a1f9-dbeb-45b0-9f1b-c131a7e16d8e}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{76368F0C-6D93-4570-95F6-BB05E95E5052}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{78C66AA1-E56B-4C66-8E98-FADD9BE5008A}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{80ae1299-e453-476e-a820-091db2100b7f}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{80ae1299-e453-476e-a820-091db2100b7f}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\".
Delete the registry key "{84772DDE-A160-4AF8-BA0C-E9C255836B99}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{881B02F9-92DB-4200-8FD6-3875AC071812}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{89150cb7-b723-40e4-9ca5-736523889530}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{89150cb7-b723-40e4-9ca5-736523889530}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\".
Delete the registry key "{919e46da-baf7-464a-8f04-3291932e138e}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\".
Delete the registry key "{9F3AFAF7-B62A-4F74-B7D9-89F3D0975ED4}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{A3FFBE76-F3CB-40EE-935E-A74035038AD9}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{A92209F6-06C4-4B99-BC7B-15F0F8940485}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{AD53FB4C-BCA3-4D12-A51C-04631C9F1B43}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{BDBBE526-6DA5-4A20-8B95-96379751B9FC}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{c5379ba3-1b16-4e5f-9489-e22af468edf5}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{c5379ba3-1b16-4e5f-9489-e22af468edf5}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\".
Delete the registry key "{C8EA3C87-7ACC-4B6B-876C-736228CB7A76}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{CC17D0F2-1A6E-4DE0-9ECE-AA8BB3EE53EA}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{ceb2fb97-4dfa-4daa-8d95-f47fcc0c9c64}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{CEF07A72-E745-472A-B12B-C2B948306897}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{cef07a72-e745-472a-b12b-c2b948306897}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\".
Delete the registry key "{D2782919-4418-433B-802F-0C7E90491032}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{d3b02e0d-c0a3-4fcf-9a3e-82e6002a19c3}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{d3b02e0d-c0a3-4fcf-9a3e-82e6002a19c3}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\".
Delete the registry key "{d3e23136-8c59-42ec-b267-b9aeac463232}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{d3e23136-8c59-42ec-b267-b9aeac463232}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\".
Delete the registry key "{d4b65646-40fa-4599-a542-5710a82b88bf}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{DB47C1A4-0CAD-4676-B03F-6F0427EC0BE2}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{E41D8DFF-5FF6-4445-B03D-2949319A6F4A}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{E6358211-7AEA-49CF-9E26-AE5C59478448}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{eacd9194-fb15-4e03-9a19-c38134bead1e}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{eb7636a4-e5ba-45df-9b08-c37a5464c5e0}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{FDD31892-364E-4683-A723-C4F199194F1C}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{FF54B87E-0F1B-4DD8-92A0-C11008A310E0}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{FFE46F9D-8808-4DB4-8740-C4950F7B32E1}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{FFE46F9D-8808-4DB4-8740-C4950F7B32E1}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\".
Delete the registry key "OryteTV_4g" at "HKEY_CURRENT_USER\Software\".
Delete the registry key "OryteTV_4g" at "HKEY_LOCAL_MACHINE\SOFTWARE\".
Delete the registry key "OryteTV_4gService" at "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\".
Delete the registry key "OryteTV_4gService" at "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\".
Delete the registry key "OryteTV_4gService" at "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\".
Delete the registry value "{308e3a5f-a22a-43c7-8e23-7b1895409fff}" at "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\".
Delete the registry value "{5fc8ff1f-c136-4abb-9a78-9c7cd19d21e2}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\".
Delete the registry value "4gffxtbr@OryteTV_4g.com" at "HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\".
If PU.Mindspark.OryteTV uses rootkit technologies, use our RegAlyzer (http://www.safer-networking.org/index.php?page=regalyzer), RootAlyzer (http://forums.spybot.info/downloads.php?id=8) or our Total Commander anti-rootkit plugins (http://forums.spybot.info/downloads.php?id=3).
Final Words:
If neither Spybot-S&D nor self help did resolve the issue or you would prefer one on one help,
Please read these instructions (http://forums.spybot.info/showthread.php?t=288) before requesting assistance,
Then start your own thread in the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22) where a volunteer analyst will advise you as soon as available.
Use this guide at your own risk; software should usually be better suited to remove malware, since it is able to look deeper.
If this guide was helpful to you, please consider donating towards this site (http://www.safer-networking.org/index.php?page=donate).
Threat Details:
Categories:
pups
Description:
PU.Mindspark.OryteTV installs a toolbar by Mindspark Interactive Network.
Removal Instructions:
Autorun:
Important: There are more autorun entries that cannot be safely described in simple words. Please use Spybot-S&D (http://www.safer-networking.org/index.php?page=spybotsd) to remove them.
Installed Software List:
You can try to uninstall products with the names listed below; for items identified by other properties or to avoid malware getting active again on uninstallation, use Spybot-S&D (http://www.safer-networking.org/index.php?page=spybotsd) or RunAlyzer (http://www.safer-networking.org/index.php?page=runalyzer) to locate and get rid of these entries.
Products that have a key or property named "OryteTV???bar Uninstall".
Files:
Important: There are more files that cannot be safely described in simple words. Please use Spybot-S&D (http://www.safer-networking.org/index.php?page=spybotsd) to remove them.
Folders:
Please use Windows Explorer or another file manager of your choice to locate and delete these folders.
The directory at "<$PROGRAMFILES>\OryteTV_4g\bar\Message".
The directory at "<$PROGRAMFILES>\OryteTV_4g\bar\Settings".
The directory at "<$PROGRAMFILES>\OryteTV_4g\bar".
The directory at "<$PROGRAMFILES>\OryteTV_4g".
Make sure you set your file manager to display hidden and system files. If PU.Mindspark.OryteTV uses rootkit technologies, use our RootAlyzer (http://forums.spybot.info/downloads.php?id=8) or our Total Commander anti-rootkit plugins (http://forums.spybot.info/downloads.php?id=3).
You will have to use a global search for files without a name specified. Be extra careful, because just the name might not be enough to identify folders!
Important: There are more files that cannot be safely described in simple words. Please use Spybot-S&D (http://www.safer-networking.org/index.php?page=spybotsd) to remove them.
Registry:
You can use regedit.exe (included in Windows) to locate and delete these registry entries.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.DataControl.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.DataControl", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.DynamicBarButton.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.DynamicBarButton", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.FeedManager.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.FeedManager", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.HTMLMenu.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.HTMLMenu", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.HTMLPanel.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.HTMLPanel", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.MultipleButton.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.MultipleButton", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.PseudoTransparentPlugin.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.PseudoTransparentPlugin", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.Radio.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.Radio", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.RadioSettings.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.RadioSettings", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.ScriptButton.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.ScriptButton", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.SettingsPlugin.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.SettingsPlugin", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.ThirdPartyInstaller.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.ThirdPartyInstaller", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.ToolbarPlugin.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.ToolbarPlugin", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.UrlAlertButton.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.UrlAlertButton", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.XMLSessionPlugin.1", plus associated values.
A key in HKEY_CLASSES_ROOT\ named "OryteTV_4g.XMLSessionPlugin", plus associated values.
Delete the registry key "@OryteTV_4g.com/Plugin" at "HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\".
Delete the registry key "{00FF3E44-749E-4FAF-8209-3E6AE71A1F27}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{023DC239-90F6-42B6-AA44-CD5AA0118174}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{0DB2267B-86D8-4411-B089-24B4EC1958D1}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{1697b806-3c8f-4ad6-a2c6-7cd2e10b4f8d}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{1697b806-3c8f-4ad6-a2c6-7cd2e10b4f8d}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\".
Delete the registry key "{176F645C-8BA0-471A-98E9-0CA16FECD81C}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{17E4F490-7FC8-4CD2-B68D-A238706CFD6C}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{1be7a164-3ffd-45f5-85ee-f653964c76c2}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{1c865c62-fe2a-4265-903d-8eefa7232c4f}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\".
Delete the registry key "{1D76D826-36D8-43C0-B97D-3050F66C323F}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{2525EDC8-CDD1-4E03-9DE4-D54F3D5A6C61}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{28C314F6-C57B-4AC3-B2E3-87FFA581169E}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{2cff2f06-22aa-4c6f-a20b-6539e57e4bf0}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{2cff2f06-22aa-4c6f-a20b-6539e57e4bf0}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\".
Delete the registry key "{2D5E2316-CB21-4469-9CDE-D63EB2EE2A5E}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{2d62a830-a1c1-4139-82f4-0c5b7a2c4750}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{308e3a5f-a22a-43c7-8e23-7b1895409fff}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{37c95f22-a8ef-4c20-ab72-a0aa9ae46dbc}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{37c95f22-a8ef-4c20-ab72-a0aa9ae46dbc}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\".
Delete the registry key "{455EBFCF-6C69-4A66-8010-14034A798B6D}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{469EB0DF-AA0A-4208-85F0-7A624767DB2C}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{4CA1700C-38B4-4B08-9197-564945C47F51}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{4E9E0BAC-00C2-4906-82CB-9FF04BC9FEA1}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{52ec799a-6138-42d2-b29d-ab06be00505e}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{537dde78-aa38-43fa-abd4-03658892117b}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{537dde78-aa38-43fa-abd4-03658892117b}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\".
Delete the registry key "{57458B18-C825-4938-A94D-CE4FDD5FF765}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{593E8C47-E19B-4A96-996E-9D8A95409291}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{5BD2575B-A4F0-4CB0-884E-AB28E5229551}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{5D3CDE92-424C-4BF1-AC14-2FCB719C9C50}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{5d3cde92-424c-4bf1-ac14-2fcb719c9c50}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\".
Delete the registry key "{5EE8C8BC-753E-48BD-A50F-3881D02B2AD7}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{5fc8ff1f-c136-4abb-9a78-9c7cd19d21e2}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{62404C15-B2F6-4CD5-A265-FB4AA1462935}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{66686345-3548-4E80-AB1A-F8A8E05CF052}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{694ddfd1-d4e8-4646-b7ec-4e4892ca7fe9}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{6b7c4c9c-1fdd-4115-a189-d230db6d0902}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{6bb5f1d0-990e-441d-9ac0-d61ffda48adc}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{6D88C29D-0EC8-454B-A9A7-17DE2F0CDCE0}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{6e54a1f9-dbeb-45b0-9f1b-c131a7e16d8e}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{76368F0C-6D93-4570-95F6-BB05E95E5052}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{78C66AA1-E56B-4C66-8E98-FADD9BE5008A}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{80ae1299-e453-476e-a820-091db2100b7f}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{80ae1299-e453-476e-a820-091db2100b7f}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\".
Delete the registry key "{84772DDE-A160-4AF8-BA0C-E9C255836B99}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{881B02F9-92DB-4200-8FD6-3875AC071812}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{89150cb7-b723-40e4-9ca5-736523889530}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{89150cb7-b723-40e4-9ca5-736523889530}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\".
Delete the registry key "{919e46da-baf7-464a-8f04-3291932e138e}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\".
Delete the registry key "{9F3AFAF7-B62A-4F74-B7D9-89F3D0975ED4}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{A3FFBE76-F3CB-40EE-935E-A74035038AD9}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{A92209F6-06C4-4B99-BC7B-15F0F8940485}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{AD53FB4C-BCA3-4D12-A51C-04631C9F1B43}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{BDBBE526-6DA5-4A20-8B95-96379751B9FC}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{c5379ba3-1b16-4e5f-9489-e22af468edf5}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{c5379ba3-1b16-4e5f-9489-e22af468edf5}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\".
Delete the registry key "{C8EA3C87-7ACC-4B6B-876C-736228CB7A76}" at "HKEY_CLASSES_ROOT\TypeLib\".
Delete the registry key "{CC17D0F2-1A6E-4DE0-9ECE-AA8BB3EE53EA}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{ceb2fb97-4dfa-4daa-8d95-f47fcc0c9c64}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{CEF07A72-E745-472A-B12B-C2B948306897}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{cef07a72-e745-472a-b12b-c2b948306897}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\".
Delete the registry key "{D2782919-4418-433B-802F-0C7E90491032}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{d3b02e0d-c0a3-4fcf-9a3e-82e6002a19c3}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{d3b02e0d-c0a3-4fcf-9a3e-82e6002a19c3}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\".
Delete the registry key "{d3e23136-8c59-42ec-b267-b9aeac463232}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{d3e23136-8c59-42ec-b267-b9aeac463232}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\".
Delete the registry key "{d4b65646-40fa-4599-a542-5710a82b88bf}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{DB47C1A4-0CAD-4676-B03F-6F0427EC0BE2}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{E41D8DFF-5FF6-4445-B03D-2949319A6F4A}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{E6358211-7AEA-49CF-9E26-AE5C59478448}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{eacd9194-fb15-4e03-9a19-c38134bead1e}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{eb7636a4-e5ba-45df-9b08-c37a5464c5e0}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{FDD31892-364E-4683-A723-C4F199194F1C}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{FF54B87E-0F1B-4DD8-92A0-C11008A310E0}" at "HKEY_CLASSES_ROOT\Interface\".
Delete the registry key "{FFE46F9D-8808-4DB4-8740-C4950F7B32E1}" at "HKEY_CLASSES_ROOT\CLSID\".
Delete the registry key "{FFE46F9D-8808-4DB4-8740-C4950F7B32E1}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\".
Delete the registry key "OryteTV_4g" at "HKEY_CURRENT_USER\Software\".
Delete the registry key "OryteTV_4g" at "HKEY_LOCAL_MACHINE\SOFTWARE\".
Delete the registry key "OryteTV_4gService" at "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\".
Delete the registry key "OryteTV_4gService" at "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\".
Delete the registry key "OryteTV_4gService" at "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\".
Delete the registry value "{308e3a5f-a22a-43c7-8e23-7b1895409fff}" at "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\".
Delete the registry value "{5fc8ff1f-c136-4abb-9a78-9c7cd19d21e2}" at "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\".
Delete the registry value "4gffxtbr@OryteTV_4g.com" at "HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\".
If PU.Mindspark.OryteTV uses rootkit technologies, use our RegAlyzer (http://www.safer-networking.org/index.php?page=regalyzer), RootAlyzer (http://forums.spybot.info/downloads.php?id=8) or our Total Commander anti-rootkit plugins (http://forums.spybot.info/downloads.php?id=3).
Final Words:
If neither Spybot-S&D nor self help did resolve the issue or you would prefer one on one help,
Please read these instructions (http://forums.spybot.info/showthread.php?t=288) before requesting assistance,
Then start your own thread in the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22) where a volunteer analyst will advise you as soon as available.