Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Computer is full of malware and I can't reinstall Windows

  1. 2014-06-01, 22:41 #1
    pvals
    pvals is offline
    Junior Member
    Join Date
    Jun 2014
    Posts
    5

    Default Computer is full of malware and I can't reinstall Windows

    Hi guys,

    New to the forum. My brother's laptop has popups and random software on his Windows 7 laptop that I'm finding very difficult to remove. I was told by my IT guy at work to come here for some help. You would be able to help me run a few tests and identify the problems.

    He doesn't want to backup any files so I tried reinstalling windows. I made a backup dvd and then when I did the reinstall windows program it couldn't read the disc. I tried multiple times with dvds and cds but I can't get it to work. Is a virus or malware hindering the process?

    Hoping this community can give me a hand. Let me know what to do next. I just want to refresh this computer with a clean slate.

    Thank you!
  2. 2014-06-02, 01:04 #2
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default



    http://forums.spybot.info/showthread...ng-Assistance)

    Please read the above and go to Post # 2 and provide the DDS and aswMbr logs that are requested so that we can analyze your system and see whats going on
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  3. 2014-06-02, 04:08 #3
    pvals
    pvals is offline
    Junior Member
    Join Date
    Jun 2014
    Posts
    5

    Default

    I'm new to this so I will follow the instructions and get the details to you as soon as I can. Is there a video online I can watch on how to get these logs?

    Hope this doesn't get too buried.
  4. 2014-06-02, 12:09 #4
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Sorry, no videos, here are the instuctions

    Download DDS from one of the links below to your desktop

    Link 1
    Link 2

    • Double click the tool to run it.
    • A black Screen will open, just read the contents and do nothing.
    • When the tool finishes, it will open 2 reports, DDS.txt and attach.txt
    • Copy/Paste the contents of 'DDS.txt' into your post.
    • 'attach.txt' should be zipped using Windows native zip utility and attached to your post. Compress and uncompress files (zip files)






    Download aswMBR.exe ( 511KB ) to your desktop.

    Double click the aswMBR.exe to run it

    Click the "Scan" button to start scan


    On completion of the scan click save log, save it to your desktop and post in your next reply
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  5. 2014-06-03, 02:28 #5
    pvals
    pvals is offline
    Junior Member
    Join Date
    Jun 2014
    Posts
    5

    Default

    Okay, thank you for your help. That was very straightforward.

    I've attached the necessary files including the zipped file.

    DDS text below

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.17.2
    Run by Georgios Vallas at 20:07:23 on 2014-06-02
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.6046.3705 [GMT -4:00]
    .
    AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
    SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    C:\Windows\system32\CxAudMsg64.exe
    C:\Users\Georgios Vallas\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Windows\system32\mfevtps.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
    C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\PROGRA~2\SearchProtect\SearchProtect\bin\cltmng.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\SysWOW64\Rundll32.exe
    C:\PROGRA~2\SearchProtect\UI\bin\cltmngui.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
    C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
    C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
    C:\Program Files (x86)\FantastiGames\GPlayer.exe
    C:\Program Files (x86)\Samsung\Kies\Kies.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Windows\System32\StikyNot.exe
    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\LockKey\LockKey.exe
    C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
    C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
    C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\BackUpDutyLite\BackUpDutyLite.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\SysWOW64\rundll32.exe
    c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files\mcafee.com\agent\mcagent.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.mysearchresults.com/?c=4005&t=01
    uSearch Bar = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=7d1be068-67a0-43cf-9af3-47063bbb6cf2&searchtype=ds&q={searchTerms}&installDate=28/06/2013
    uSearch Page = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=7d1be068-67a0-43cf-9af3-47063bbb6cf2&searchtype=ds&q={searchTerms}&installDate=28/06/2013
    uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
    mStart Page = hxxp://lenovo.msn.com
    uSearchAssistant = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=7d1be068-67a0-43cf-9af3-47063bbb6cf2&searchtype=ds&q={searchTerms}&installDate=28/06/2013
    mURLSearchHooks: KeyBar 1.6 Toolbar: {65f9f6b7-2dae-46fc-bfaf-f88e4af1beca} -
    mWinlogon: Userinit = userinit.exe
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: KeyBar 1.6 Toolbar: {65f9f6b7-2dae-46fc-bfaf-f88e4af1beca} -
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120909151235.dll
    BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Georgios Vallas\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
    BHO: Better-Surf: {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} -
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
    BHO: Webexp Enhanced: {b3e07bd1-929e-48e7-8aef-058bc987ca46} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha9619\ie\WebexpEnhancedV1alpha9619.dll
    BHO: Video Player: {cab4b5bb-f279-4783-a6bf-27235ac4ddb2} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta628\ie\VideoPlayerV3beta628.dll
    BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} -
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} -
    TB: KeyBar 1.6 Toolbar: {65F9F6B7-2DAE-46FC-BFAF-F88E4AF1BECA} -
    TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
    TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} -
    TB: KeyBar 1.6 Toolbar: {65f9f6b7-2dae-46fc-bfaf-f88e4af1beca} -
    uRun: [Exetender] "C:\Program Files (x86)\FantastiGames\GPlayer.exe" /runonstartup
    uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
    uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
    uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
    uRun: [Facebook Update] "C:\Users\Georgios Vallas\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    uRun: [BackgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Georgios Vallas\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
    uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
    mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [LockKey] C:\Program Files (x86)\LockKey\LockKey.exe
    mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
    mRun: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [Intelligent Touchpad] C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
    mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
    mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
    mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
    mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
    mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    mRun: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
    mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [OtShot] C:\Program Files (x86)\OtShot\otshot.exe -minimize
    mRun: [BackupDutyLite] C:\Program Files (x86)\BackUpDutyLite\BackUpDutyLite.exe
    mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    dRun: [Exetender] "C:\Program Files (x86)\FantastiGames\GPlayer.exe" /runonstartup
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
    TCP: NameServer = 192.168.2.1
    TCP: Interfaces\{CFDD6604-A802-40A0-9D63-DF19C2074BFA} : DHCPNameServer = 192.168.2.1
    TCP: Interfaces\{CFDD6604-A802-40A0-9D63-DF19C2074BFA}\35865627964616E602745756374702143636563737 : DHCPNameServer = 142.55.2.28
    TCP: Interfaces\{CFDD6604-A802-40A0-9D63-DF19C2074BFA}\76275656B686561647 : DHCPNameServer = 192.168.2.1
    TCP: Interfaces\{CFDD6604-A802-40A0-9D63-DF19C2074BFA}\C696E6B6379737 : DHCPNameServer = 64.71.255.198
    TCP: Interfaces\{CFDD6604-A802-40A0-9D63-DF19C2074BFA}\E45445745414259373 : DHCPNameServer = 192.168.1.1
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    Notify: SDWinLogon - SDWinLogon.dll
    AppInit_DLLs= C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-mStart Page = hxxp://lenovo.msn.com
    x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\SystemCore\ScriptSn.20120902184852.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
    x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [SynLenovoGestureMgr] C:\Program Files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe
    x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
    x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
    x64-Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
    x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
    x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Georgios Vallas\AppData\Roaming\Mozilla\Firefox\Profiles\k3p7w7nh.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&CUI=UN33019647043755252&UM=2&SearchSource=3&q={searchTerms}

    FF - prefs.js: browser.search.selectedEngine - Web Search

    FF - prefs.js: browser.startup.homepage - hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=7d1be068-67a0-43cf-9af3-47063bbb6cf2&searchtype=hp&installDate=28/06/2013

    FF - prefs.js: keyword.URL - hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=7d1be068-67a0-43cf-9af3-47063bbb6cf2&searchtype=ds&installDate=28/06/2013&q=

    FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\FantastiGames\npExentCtl.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
    FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 fbfmon;fbfmon;C:\Windows\System32\drivers\fbfmon.sys [2012-6-3 57952]
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-3-14 16152]
    R0 LHDmgr;LHDmgr;C:\Windows\System32\drivers\LhdX64.sys [2012-6-3 39008]
    R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-3-13 752672]
    R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2011-3-13 335784]
    R1 BPntDrv;BPntDrv;C:\Windows\System32\drivers\BPntDrv.sys [2012-6-3 13408]
    R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-5 659968]
    R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-5 135952]
    R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-4-11 1390720]
    R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-4-11 1764992]
    R2 CltMngSvc;Search Protect by Conduit Service;C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe --> C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [?]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
    R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2012-6-3 198784]
    R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\Georgios Vallas\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-3-19 107520]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-6-3 13592]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-3 628448]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-6-3 161560]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-22 201304]
    R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-22 201304]
    R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-22 201304]
    R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-22 201304]
    R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-6-3 237920]
    R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-6-3 218320]
    R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-6-3 177144]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-6-1 1738200]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-6-1 2081752]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-6-1 171928]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-6-3 363800]
    R2 X5XSEx;X5XSEx;C:\Program Files (x86)\FantastiGames\X5XSEx.sys [2012-10-15 55400]
    R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2011-12-8 594704]
    R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\Windows\System32\drivers\AcpiVpc.sys [2011-12-15 30816]
    R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2011-12-5 195584]
    R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2011-3-13 69672]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2011-1-29 31088]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-3-15 331264]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-3-14 356120]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-3-14 788760]
    R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-12-20 25496]
    R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-12-23 111216]
    R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2011-3-13 300392]
    R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2011-3-13 513456]
    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
    R3 vm332avs;Lenovo Camera2;C:\Windows\System32\drivers\vm332avs.sys [2012-6-3 958800]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
    S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2011-12-5 195584]
    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-2-17 102368]
    S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-10-22 196440]
    S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-12-20 34200]
    S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-6-3 225216]
    S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2011-3-13 106112]
    S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-8 273168]
    S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2012-6-3 313960]
    S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-2-17 203104]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-9-5 1255736]
    S3 wsvd;wsvd;C:\Windows\System32\drivers\wsvd.sys [2009-7-21 121840]
    S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-10-22 201304]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2014-06-02 00:33:27 21040 ----a-w- C:\Windows\System32\sdnclean64.exe
    2014-06-02 00:33:25 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2014-06-02 00:33:21 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
    .
    ==================== Find3M ====================
    .
    2014-05-23 16:14:59 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-05-23 16:14:59 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-10-15 18:25:52 4096000 ----a-w- C:\Program Files (x86)\GUT8A26.tmp
    .
    ============= FINISH: 20:08:11.15 ===============
    Attached Files Attached Files
  6. 2014-06-03, 02:37 #6
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Hi,

    Thanks for the logs, your doing fine.

    aswMBR checks for a rootkit type of infection and that log is fine, no rootkit

    Not looking at any actual viruses but you have a lot of bogus toolbars and search engines that are really lousing up your system. For the rest of the logs and reports I ask for please just copy and paste them in like you did for DDS in lew of attaching them unless I ask for it to be attached



    -AdwCleaner-by Xplode

    Click on this link to download : ADWCleaner
    Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

    Do not click on any links in the top Advertisment.


    • Double click on AdwCleaner.exe to run the tool.
      Vista/Windows 7/8 users right-click and select Run As Administrator.
    • Click on the Scan button.
    • AdwCleaner will begin...be patient as the scan may take some time to complete.
    • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
    • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  7. 2014-06-03, 03:43 #7
    pvals
    pvals is offline
    Junior Member
    Join Date
    Jun 2014
    Posts
    5

    Default

    Ran the ADW tool. Removed some of my toolbars. The browser looks normal for once! Log is below. Please let me know if you need any other logs.

    Also, do you see anything in the logs that is telling me why I can't run a proper reinstall of Windows from the disc?

    # AdwCleaner v3.211 - Report created 02/06/2014 at 20:59:51
    # Updated 26/05/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Georgios Vallas - GEORGIOSVALLAS
    # Running from : C:\Users\Georgios Vallas\Downloads\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****

    Service Found : CltMngSvc
    Service Found : DefaultTabUpdate

    ***** [ Files / Folders ] *****

    File Found : C:\END
    File Found : C:\Program Files (x86)\Mozilla Firefox\nsprotector.js
    File Found : C:\Program Files (x86)\Mozilla Firefox\user.js
    File Found : C:\Users\Georgios Vallas\AppData\Roaming\Mozilla\Firefox\Profiles\k3p7w7nh.default\Extensions\addon@defaulttab.com.xpi
    File Found : C:\Users\Georgios Vallas\AppData\Roaming\Mozilla\Firefox\Profiles\k3p7w7nh.default\searchplugins\Web Search.xml
    File Found : C:\Users\Georgios Vallas\AppData\Roaming\Mozilla\Firefox\Profiles\k3p7w7nh.default\user.js
    File Found : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
    File Found : C:\Windows\System32\Tasks\Dealply
    File Found : C:\Windows\System32\Tasks\DealPlyUpdate
    File Found : C:\Windows\System32\Tasks\DTReg
    File Found : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
    File Found : C:\Windows\System32\Tasks\VisualBeeRecovery
    Folder Found : C:\Program Files (x86)\Conduit
    Folder Found : C:\Program Files (x86)\DefaultTab
    Folder Found : C:\Program Files (x86)\FantastiGames
    Folder Found : C:\Program Files (x86)\iLivid
    Folder Found : C:\Program Files (x86)\SearchProtect
    Folder Found : C:\Program Files (x86)\VideoPlayerV3
    Folder Found : C:\Program Files (x86)\WebexpEnhancedV1
    Folder Found : C:\ProgramData\Ask
    Folder Found : C:\ProgramData\FantastiGames
    Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\otshot
    Folder Found : C:\ProgramData\ParetoLogic
    Folder Found : C:\ProgramData\Partner
    Folder Found : C:\ProgramData\Tarma Installer
    Folder Found : C:\ProgramData\Trymedia
    Folder Found : C:\ProgramData\VisualBee
    Folder Found : C:\SearchProtect
    Folder Found : C:\Users\GEORGI~1\AppData\Local\Temp\CT3284668
    Folder Found : C:\Users\GEORGI~1\AppData\Local\Temp\CT3298566
    Folder Found : C:\Users\Georgios Vallas\AppData\Local\apn
    Folder Found : C:\Users\Georgios Vallas\AppData\Local\Conduit
    Folder Found : C:\Users\Georgios Vallas\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
    Folder Found : C:\Users\Georgios Vallas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen
    Folder Found : C:\Users\Georgios Vallas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen
    Folder Found : C:\Users\Georgios Vallas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
    Folder Found : C:\Users\Georgios Vallas\AppData\Local\Ilivid Player
    Folder Found : C:\Users\Georgios Vallas\AppData\Local\SearchProtect
    Folder Found : C:\Users\Georgios Vallas\AppData\Local\SwvUpdater
    Folder Found : C:\Users\Georgios Vallas\AppData\Local\VisualBeeExe
    Folder Found : C:\Users\Georgios Vallas\AppData\Local\Zoom_Downloader
    Folder Found : C:\Users\Georgios Vallas\AppData\LocalLow\AskToolbar
    Folder Found : C:\Users\Georgios Vallas\AppData\LocalLow\BabylonToolbar
    Folder Found : C:\Users\Georgios Vallas\AppData\LocalLow\Conduit
    Folder Found : C:\Users\Georgios Vallas\AppData\LocalLow\KeyBar_1.6
    Folder Found : C:\Users\Georgios Vallas\AppData\LocalLow\PriceGong
    Folder Found : C:\Users\Georgios Vallas\AppData\LocalLow\searchquband
    Folder Found : C:\Users\Georgios Vallas\AppData\LocalLow\searchresultstb
    Folder Found : C:\Users\Georgios Vallas\AppData\Roaming\DealPly
    Folder Found : C:\Users\Georgios Vallas\AppData\Roaming\DefaultTab
    Folder Found : C:\Users\Georgios Vallas\AppData\Roaming\DriverCure
    Folder Found : C:\Users\Georgios Vallas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games
    Folder Found : C:\Users\Georgios Vallas\AppData\Roaming\Mozilla\Firefox\Profiles\k3p7w7nh.default\CT3298566
    Folder Found : C:\Users\Georgios Vallas\AppData\Roaming\Mozilla\Firefox\Profiles\k3p7w7nh.default\Extensions\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}
    Folder Found : C:\Users\Georgios Vallas\AppData\Roaming\Mozilla\Firefox\Profiles\k3p7w7nh.default\Extensions\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}
    Folder Found : C:\Users\Georgios Vallas\AppData\Roaming\Mozilla\Firefox\Profiles\k3p7w7nh.default\Extensions\{65f9f6b7-2dae-46fc-bfaf-f88e4af1beca}
    Folder Found : C:\Users\Georgios Vallas\AppData\Roaming\Mozilla\Firefox\Profiles\k3p7w7nh.default\Extensions\{7aeae561-714b-45f6-ace3-4a8aed6e227b}
    Folder Found : C:\Users\Georgios Vallas\AppData\Roaming\Mozilla\Firefox\Profiles\k3p7w7nh.default\Extensions\{bb45ef8e-1e36-4535-a017-ec908fb1e335}
    Folder Found : C:\Users\Georgios Vallas\AppData\Roaming\Mozilla\Firefox\Profiles\k3p7w7nh.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
    Folder Found : C:\Users\Georgios Vallas\AppData\Roaming\Mozilla\Firefox\Profiles\k3p7w7nh.default\Extensions\toolbar@ask.com
    Folder Found : C:\Users\Georgios Vallas\AppData\Roaming\ParetoLogic
    Folder Found : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
    Folder Found : C:\Windows\SysWOW64\SearchProtect

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
    Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
    Key Found : HKCU\Software\APN
    Key Found : HKCU\Software\APN DTX
    Key Found : HKCU\Software\AppDataLow\Software
    Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
    Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainer
    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Found : HKCU\Software\AppDataLow\Software\DefaultTab
    Key Found : HKCU\Software\AppDataLow\Software\KeyBar_1.6
    Key Found : HKCU\Software\AppDataLow\Software\PriceGong
    Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar
    Key Found : HKCU\Software\AppDataLow\Software\SmartBar
    Key Found : HKCU\Software\AppDataLow\Toolbar
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\Default Tab
    Key Found : HKCU\Software\DefaultTab
    Key Found : HKCU\Software\Google\Chrome\Extensions\fdkednngfjmpnljkolbapdednncafhen
    Key Found : HKCU\Software\Google\Chrome\Extensions\fdkednngfjmpnljkolbapdednncafhen
    Key Found : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
    Key Found : HKCU\Software\ilivid
    Key Found : HKCU\Software\InstallCore
    Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{65F9F6B7-2DAE-46FC-BFAF-F88E4AF1BECA}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1824FF90-C98E-48A6-838F-E3B6572B0C77}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{65F9F6B7-2DAE-46FC-BFAF-F88E4AF1BECA}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3E2E670-AEE3-4ED8-A380-1E7284307F73}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
    Key Found : HKCU\Software\ParetoLogic
    Key Found : HKCU\Software\SmartBar
    Key Found : HKCU\Software\Softonic
    Key Found : HKCU\Software\visualbee
    Key Found : [x64] HKCU\Software\APN
    Key Found : [x64] HKCU\Software\APN DTX
    Key Found : [x64] HKCU\Software\Conduit
    Key Found : [x64] HKCU\Software\Default Tab
    Key Found : [x64] HKCU\Software\DefaultTab
    Key Found : [x64] HKCU\Software\ilivid
    Key Found : [x64] HKCU\Software\InstallCore
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
    Key Found : [x64] HKCU\Software\ParetoLogic
    Key Found : [x64] HKCU\Software\SmartBar
    Key Found : [x64] HKCU\Software\Softonic
    Key Found : [x64] HKCU\Software\visualbee
    Key Found : HKLM\Software\APN
    Key Found : HKLM\Software\AskToolbar
    Key Found : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
    Key Found : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
    Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{65F9F6B7-2DAE-46FC-BFAF-F88E4AF1BECA}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{D3E2E670-AEE3-4ED8-A380-1E7284307F73}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
    Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
    Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
    Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
    Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
    Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
    Key Found : HKLM\SOFTWARE\Classes\ilivid
    Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
    Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    Key Found : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Key Found : HKLM\SOFTWARE\Classes\Prod.cap
    Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
    Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3101810
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3268494
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3284668
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3298566
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\Software\Default Tab
    Key Found : HKLM\Software\DefaultTab
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fdkednngfjmpnljkolbapdednncafhen
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fdkednngfjmpnljkolbapdednncafhen
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
    Key Found : HKLM\Software\ilivid
    Key Found : HKLM\Software\KeyBar_1.6
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{618F2DFF-CDE9-4B7C-A3C9-C78E2734D7DB}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\pricepeep_130001_0101_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\pricepeep_130001_0101_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wsconduit__166_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wsconduit__166_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65F9F6B7-2DAE-46FC-BFAF-F88E4AF1BECA}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3E2E670-AEE3-4ED8-A380-1E7284307F73}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
    Key Found : HKLM\Software\ParetoLogic
    Key Found : HKLM\Software\Trymedia Systems
    Key Found : HKLM\Software\visualbee
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{65F9F6B7-2DAE-46FC-BFAF-F88E4AF1BECA}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{65F9F6B7-2DAE-46FC-BFAF-F88E4AF1BECA}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{65F9F6B7-2DAE-46FC-BFAF-F88E4AF1BECA}]
    Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
    Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
    Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]

    ***** [ Browsers ] *****

    -\\ Internet Explorer v9.0.8112.16464

    Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=7d1be068-67a0-43cf-9af3-47063bbb6cf2&searchtype=ds&q={searchTerms}&installDate=28/06/2013
    Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=7d1be068-67a0-43cf-9af3-47063bbb6cf2&searchtype=ds&q={searchTerms}&installDate=28/06/2013
    Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=7d1be068-67a0-43cf-9af3-47063bbb6cf2&searchtype=ds&q={searchTerms}&installDate=28/06/2013
    Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=7d1be068-67a0-43cf-9af3-47063bbb6cf2&searchtype=ds&q={searchTerms}&installDate=28/06/2013
    Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=7d1be068-67a0-43cf-9af3-47063bbb6cf2&searchtype=ds&q={searchTerms}&installDate=28/06/2013

    -\\ Mozilla Firefox v17.0.1 (en-US)

    [ File : C:\Users\Georgios Vallas\AppData\Roaming\Mozilla\Firefox\Profiles\k3p7w7nh.default\prefs.js ]

    Line Found : user_pref("CT3101810.autoDisableScopes", 10);
    Line Found : user_pref("CT3101810.installDate", "21/1/2013 20:48:37");
    Line Found : user_pref("CT3268494.UserID", "UN14902018019091251");
    Line Found : user_pref("CT3268494.addressUrlXPETakeover", "true");
    Line Found : user_pref("CT3268494.autoDisableScopes", -1);
    Line Found : user_pref("CT3268494.browser.search.defaultthis.engineName", "true");
    Line Found : user_pref("CT3268494.defaultSearchXPETakeover", "true");
    Line Found : user_pref("CT3268494.installDate", "20/1/2013 20:43:00");
    Line Found : user_pref("CT3268494.keyword", "true");
    Line Found : user_pref("CT3284668.FF19Solved", "true");
    Line Found : user_pref("CT3284668.UserID", "UN10755550243075280");
    Line Found : user_pref("CT3284668.addressUrlXPETakeover", "true");
    Line Found : user_pref("CT3284668.autoDisableScopes", 10);
    Line Found : user_pref("CT3284668.browser.search.defaultthis.engineName", "true");
    Line Found : user_pref("CT3284668.defaultSearchXPETakeover", "true");
    Line Found : user_pref("CT3284668.installDate", "19/3/2013 11:22:12");
    Line Found : user_pref("CT3284668.installerVersion", "1.3.6.5");
    Line Found : user_pref("CT3284668.keyword", "true");
    Line Found : user_pref("CT3298566.FF19Solved", "true");
    Line Found : user_pref("CT3298566.UserID", "UN33019647043755252");
    Line Found : user_pref("CT3298566.addressUrlXPETakeover", "true");
    Line Found : user_pref("CT3298566.autoDisableScopes", 0);
    Line Found : user_pref("CT3298566.browser.search.defaultthis.engineName", "true");
    Line Found : user_pref("CT3298566.defaultSearchXPETakeover", "true");
    Line Found : user_pref("CT3298566.fullUserID", "UN33019647043755252.IN.2013062821314");
    Line Found : user_pref("CT3298566.installDate", "28/06/2013 2:13:13");
    Line Found : user_pref("CT3298566.installSessionId", "{96AA4369-7C8F-4DEF-BB19-762B6C985540}");
    Line Found : user_pref("CT3298566.installSp", "TRUE");
    Line Found : user_pref("CT3298566.installerVersion", "1.5.4.1");
    Line Found : user_pref("CT3298566.keyword", "true");
    Line Found : user_pref("CT3298566.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3268494&octid=CT3268494&SearchSource=61&CUI=SB_CUI&UP=SP6B300A60-2270-475A-9046-4ACF390CFF17");
    Line Found : user_pref("CT3298566.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3284668&SearchSource=2&CUI=UN10755550243075280&UM=2&q=");
    Line Found : user_pref("CT3298566.originalSearchEngine", "KeyBar 1.6 Customized Web Search");
    Line Found : user_pref("CT3298566.searchRevert", "false");
    Line Found : user_pref("CT3298566.searchUserMode", "2");
    Line Found : user_pref("CT3298566.smartbar.homepage", "true");
    Line Found : user_pref("CT3298566.startPageXPETakeover", "true");
    Line Found : user_pref("CT3298566.versionFromInstaller", "10.16.4.710");
    Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3284668&SearchSource=2&CUI=UN10755550243075280&UM=2&q=");
    Line Found : user_pref("browser.search.defaultengine", "Ask.com Search");
    Line Found : user_pref("browser.search.defaultenginename", "Ask.com Search");
    Line Found : user_pref("browser.search.defaultthis.engineName", "MixiDJ V30 Customized Web Search");
    Line Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&CUI=UN33019647043755252&UM=2&SearchSource=3&q={searchTerms}");
    Line Found : user_pref("browser.search.order.1", "Ask.com Search");
    Line Found : user_pref("browser.search.selectedEngine", "Web Search");
    Line Found : user_pref("browser.startup.homepage", "hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=7d1be068-67a0-43cf-9af3-47063bbb6cf2&searchtype=hp&installDate=28/06/2013");
    Line Found : user_pref("ct3268494.UserID", "UN14902018019091251");
    Line Found : user_pref("extensions.asktb.ff-original-keyword-url", "");
    Line Found : user_pref("keyword.URL", "hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=7d1be068-67a0-43cf-9af3-47063bbb6cf2&searchtype=ds&installDate=28/06/2013&q=");
    Line Found : user_pref("smartbar.addressBarOwnerCTID", "CT3298566");
    Line Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3268494&octid=CT3268494&SearchSource=61&CUI=SB_CUI&UP=SP6B300A60-2270-475A-9046-4ACF390CFF17,hxxp://search.conduit.com/?cti[...]
    Line Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3268494&SearchSource=2&CUI=UN14902018019091251&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3[...]
    Line Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT3298566");
    Line Found : user_pref("smartbar.homePageOwnerCTID", "CT3298566");
    Line Found : user_pref("smartbar.machineId", "NYNTRXGHJGDFHTA/TZ7NV+HJTYFHCXNG4IXIMTPPGIELH2XNX4Z9SA+BYFJ6AL2+BEO97YYXBPEVJW3M2W1JYW");
    Line Found : user_pref("smartbar.originalHomepage", "hxxp://www.searchnu.com/406");
    Line Found : user_pref("smartbar.originalSearchAddressUrl", "hxxp://dts.search-results.com/sr?src=ffb&appid=384&systemid=406&sr=0&q=");
    Line Found : user_pref("smartbar.originalSearchEngine", "Google");

    -\\ Google Chrome v35.0.1916.114

    [ File : C:\Users\Georgios Vallas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Found [Homepage] : hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=CA&userid=7d1be068-67a0-43cf-9af3-47063bbb6cf2&searchtype=hp&installDate=28/06/2013
    Found [Extension] : amfclgbdpgndipgoegfpkkgobahigbcl
    Found [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
    Found [Extension] : fdkednngfjmpnljkolbapdednncafhen
    Found [Extension] : flpcjncodpafbgdpnkljologafpionhb
    Found [Extension] : kdidombaedgpfiiedeimiebkmbilgmlc

    *************************

    AdwCleaner[R0].txt - [27301 octets] - [02/06/2014 20:59:51]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [27362 octets] ##########
  8. 2014-06-03, 04:05 #8
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    What you need to do now is run AdwCleaner again and remove it all. All those entries in there need to go

    Not sure about reinstalling windows at this point, sometimes malware can prevent it but I am not looking at anything on your logs that can cause that


    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Scan.
    • After the scan is complete click on "Clean"
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.





    Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  9. 2014-06-05, 19:16 #9
    pvals
    pvals is offline
    Junior Member
    Join Date
    Jun 2014
    Posts
    5

    Default

    Sorry for the delay. I will do this tonight and post the results!
  10. 2014-06-10, 16:15 #10
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Still with me ?
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules