|
Post by mynn30 on Mar 29, 2015 20:16:08 GMT -8
|
|
|
Post by mynn30 on Mar 29, 2015 20:18:10 GMT -8
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Mar 29, 2015 20:46:26 GMT -8
Press the + R Keys on your keyboard at the same time. Type notepad and click OK. Copy the entire content of the codebox below and paste into the notepad (Including start and end) start (Bandoo Media Inc.) C:\Users\Melinda\AppData\Local\iLivid\iLivid.exe (BitTorrent Inc.) C:\Users\Melinda\AppData\Roaming\uTorrent\uTorrent.exe C:\Users\Melinda\AppData\Local\iLivid HKLM\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd HKLM-x32\...\Run: [fst_au_4] => [X] HKU\S-1-5-21-1928993011-843862175-2304439907-1001\...\Run: [Startw3i] => C:\Program Files (x86)\PC Speed Maximizer\Startw3i.exe C:\Program Files (x86)\PC Speed Maximizer HKU\S-1-5-21-1928993011-843862175-2304439907-1001\...\Run: [BackgroundContainer] => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Melinda\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION C:\Users\Melinda\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll C:\Users\Melinda\AppData\Local\Conduit HKU\S-1-5-21-1928993011-843862175-2304439907-1001\...\Run: [OutfoxTV] => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe HKU\S-1-5-21-1928993011-843862175-2304439907-1001\...\Run: [iLivid] => C:\Users\Melinda\AppData\Local\iLivid\iLivid.exe [6827008 2013-09-09] (Bandoo Media Inc.) HKU\S-1-5-21-1928993011-843862175-2304439907-1001\...\Run: [uTorrent] => C:\Users\Melinda\AppData\Roaming\uTorrent\uTorrent.exe [1442384 2015-03-27] (BitTorrent Inc.) Startup: C:\Users\Melinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Legalsounds Download Manager.lnk ShortcutTarget: Legalsounds Download Manager.lnk -> C:\Program Files (x86)\Legalsounds Download Manager\Legalsounds Download Manager.exe (No File) Startup: C:\Users\Melinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MP3 Rocket (Minimized).lnk ShortcutTarget: MP3 Rocket (Minimized).lnk -> C:\Program Files (x86)\MP3 Rocket\MP3Rocket.exe (No File) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1422324092&from=ild&uid=ST9500325AS_6VE8LX2YXXXX6VE8LX2Y HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp&ts=1422324092&from=ild&uid=ST9500325AS_6VE8LX2YXXXX6VE8LX2Y HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1422324092&from=ild&uid=ST9500325AS_6VE8LX2YXXXX6VE8LX2Y&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type=ds&ts=1422324092&from=ild&uid=ST9500325AS_6VE8LX2YXXXX6VE8LX2Y&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1422324092&from=ild&uid=ST9500325AS_6VE8LX2YXXXX6VE8LX2Y HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp&ts=1422324092&from=ild&uid=ST9500325AS_6VE8LX2YXXXX6VE8LX2Y HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422324092&from=ild&uid=ST9500325AS_6VE8LX2YXXXX6VE8LX2Y&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422324092&from=ild&uid=ST9500325AS_6VE8LX2YXXXX6VE8LX2Y&q={searchTerms} URLSearchHook: HKU\S-1-5-21-1928993011-843862175-2304439907-1001 - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File URLSearchHook: HKU\S-1-5-21-1928993011-843862175-2304439907-1001 - (No Name) - {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - No File URLSearchHook: HKU\S-1-5-21-1928993011-843862175-2304439907-1001 - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422324092&from=ild&uid=ST9500325AS_6VE8LX2YXXXX6VE8LX2Y&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422324092&from=ild&uid=ST9500325AS_6VE8LX2YXXXX6VE8LX2Y&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422324092&from=ild&uid=ST9500325AS_6VE8LX2YXXXX6VE8LX2Y&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type=ds&ts=1422324092&from=ild&uid=ST9500325AS_6VE8LX2YXXXX6VE8LX2Y&q={searchTerms} SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3282134&CUI=UN32088506828667109 SearchScopes: HKU\S-1-5-21-1928993011-843862175-2304439907-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1928993011-843862175-2304439907-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-1928993011-843862175-2304439907-1001 -> {A531D99C-5A22-449b-83DA-872725C6D0ED} URL = SearchScopes: HKU\S-1-5-21-1928993011-843862175-2304439907-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://int.search-results.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=AU&ver=19&gct=sb&qsrc=2869 BHO-x32: MP3 Rocket Downloader -> {c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc&ts=1422324092&from=ild&uid=ST9500325AS_6VE8LX2YXXXX6VE8LX2Y CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Melinda\AppData\Local\Temp\crx77.tmp [Not Found] 2015-03-12 07:08 - 2015-03-30 13:37 - 00003382 _____ () C:\Windows\System32\Tasks\BackgroundContainer Startup Task 2015-03-08 16:25 - 2015-03-08 16:25 - 00000000 ____D () C:\Users\Melinda\AppData\Roaming\OpenCandy Task: {7738B18E-3416-459D-9E5F-78D86B7C0ED2} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Melinda\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION Task: {E9FDD97A-B655-4D13-984D-C5DCBB157671} - System32\Tasks\{535D5A14-6A30-46DF-A485-7FC384806952} => pcalua.exe -a C:\Users\Melinda\Downloads\bwbcmwin32_fullcd_2.13\bwbcmwin32_fullcd_2.13\Drivers\Sierra\AirCard\DriverInstaller.exe -d C:\Users\Melinda\Downloads\bwbcmwin32_fullcd_2.13\bwbcmwin32_fullcd_2.13\Drivers\Sierra\AirCard AlternateDataStreams: C:\ProgramData\Temp:115CEE00 AlternateDataStreams: C:\ProgramData\Temp:2F370DA6 AlternateDataStreams: C:\ProgramData\Temp:373E1720 AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 AlternateDataStreams: C:\ProgramData\Temp:A724744F AlternateDataStreams: C:\ProgramData\Temp:AB689DEA Reboot: end Click File, Save As and type fixlist (.txt may be seen on the end depending on the system setup) as the File Name. Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
Right-click on icon and select Run as Administrator to start FRST. (XP users click run after receipt of Windows Security Warning - Open File). Press the button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop, called Fixlog.txt. To paste or attach back here Quads
|
|
|
Post by mynn30 on Mar 29, 2015 21:08:40 GMT -8
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Mar 29, 2015 21:44:29 GMT -8
Read carefully
Download Adwcleaner www.bleepingcomputer.com/download/adwcleaner/ on to your desktop The Blue Download Now @bleeping Computer button and run a scan ( Scan Button). It will create a log after. Or there is a Report button, ONE SCAN ONLY
Attach or paste the log back here Quads
|
|
|
Post by mynn30 on Mar 29, 2015 21:54:48 GMT -8
my antivirus won't let me download it, its saying its unsafe?
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Mar 29, 2015 22:06:46 GMT -8
Turn off the SONAR part of Norton for say 30mins and then try.
Quads
|
|
|
Post by mynn30 on Mar 29, 2015 22:18:19 GMT -8
Ok, its scanning, now waiting for me to uncheck items I want to keep? How do I know what to keep? Sorry I did say I wasn't very tech savvy!!
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Mar 29, 2015 22:22:04 GMT -8
Read the instructions again, they was what to do.
Quads
|
|
|
Post by mynn30 on Mar 29, 2015 22:24:41 GMT -8
AdwCleaner v4.200 - Logfile created 30/03/2015 at 17:12:25 # Updated 29/03/2015 by Xplode # Database : 2015-03-29.1 [Server] # Operating system : Windows 7 Home Premium Service Pack 1 (x64) # Username : Melinda - MELINDA-PC # Running from : C:\Users\Melinda\Desktop\AdwCleaner.exe # Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\alotserviceruntime.log File Found : C:\Users\Jessikaah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iapmgeefjjdeofmglpelkaipeolfkefe_0.localstorage File Found : C:\Users\Jessikaah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iapmgeefjjdeofmglpelkaipeolfkefe_0.localstorage-journal File Found : C:\Users\Jessikaah\Desktop\Free Animated Desktop Wallpaper.lnk File Found : C:\Users\Jessikaah\Desktop\Free Dolphin Screensaver.lnk File Found : C:\Users\Jessikaah\Desktop\Free Whales ScreenSaver.lnk File Found : C:\Users\Melinda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iapmgeefjjdeofmglpelkaipeolfkefe_0.localstorage File Found : C:\Users\Melinda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iapmgeefjjdeofmglpelkaipeolfkefe_0.localstorage-journal File Found : C:\Users\Melinda\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_cap1.conduit-apps.com_0.localstorage File Found : C:\Users\Melinda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk File Found : C:\Users\Melinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk File Found : C:\Users\Melinda\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js File Found : C:\Windows\SysWOW64\conduitEngine.tmp File Found : C:\Windows\SysWOW64\RegistryHelperLM.ocx Folder Found : C:\Program Files (x86)\FlvPlayer Folder Found : C:\Program Files (x86)\Free Offers from Freeze.com Folder Found : C:\Program Files (x86)\PopcornTV Folder Found : C:\Program Files (x86)\predm Folder Found : C:\Program Files (x86)\ShoppingChip Folder Found : C:\Program Files (x86)\ShoppingChip Folder Found : C:\Program Files (x86)\Video downloader Folder Found : C:\ProgramData\3249cf157b596b58 Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopcornTV Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader Folder Found : C:\ProgramData\Partner Folder Found : C:\ProgramData\Registry Helper Folder Found : C:\ProgramData\ShoppingChip Folder Found : C:\ProgramData\ShoppingChip Folder Found : C:\ProgramData\Tarma Installer Folder Found : C:\ProgramData\Trymedia Folder Found : C:\Users\Ellllliiieeee\AppData\Local\fst_au_4 Folder Found : C:\Users\Ellllliiieeee\AppData\Local\fst_au_4 Folder Found : C:\Users\Ellllliiieeee\AppData\LocalLow\alotappbar Folder Found : C:\Users\Ellllliiieeee\AppData\LocalLow\AVG Secure Search Folder Found : C:\Users\Ellllliiieeee\AppData\LocalLow\Conduit Folder Found : C:\Users\Ellllliiieeee\AppData\LocalLow\ConduitEngine Folder Found : C:\Users\Ellllliiieeee\AppData\LocalLow\PriceGong Folder Found : C:\Users\Ellllliiieeee\AppData\LocalLow\Yahoo! Companion Folder Found : C:\Users\Jessikaah\AppData\Local\fst_au_4 Folder Found : C:\Users\Jessikaah\AppData\Local\fst_au_4 Folder Found : C:\Users\Jessikaah\AppData\Local\Google\Chrome\User Data\Default\Extensions\iapmgeefjjdeofmglpelkaipeolfkefe Folder Found : C:\Users\Jessikaah\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Folder Found : C:\Users\Jessikaah\AppData\LocalLow\alotappbar Folder Found : C:\Users\Jessikaah\AppData\LocalLow\Conduit Folder Found : C:\Users\Jessikaah\AppData\LocalLow\ConduitEngine Folder Found : C:\Users\Jessikaah\AppData\LocalLow\PriceGong Folder Found : C:\Users\Jessikaah\AppData\LocalLow\Yahoo! Companion Folder Found : C:\Users\Jessikaah\AppData\Roaming\PC Speed Maximizer Folder Found : C:\Users\Melinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\iapmgeefjjdeofmglpelkaipeolfkefe Folder Found : C:\Users\Melinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Folder Found : C:\Users\Melinda\AppData\Local\PopcornTV Folder Found : C:\Users\Melinda\AppData\Local\WeatherAlerts Folder Found : C:\Users\Melinda\AppData\LocalLow\Conduit Folder Found : C:\Users\Melinda\AppData\LocalLow\PriceGong Folder Found : C:\Users\Melinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlvPlayer
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
Shortcut Infected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk Shortcut Infected : C:\Users\Melinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk Shortcut Infected : C:\Users\Melinda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk Shortcut Infected : C:\Users\Melinda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk Shortcut Infected : C:\Users\Melinda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
***** [ Registry ] *****
Key Found : HKCU\Software\1ClickDownload Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainer Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Found : HKCU\Software\AppDataLow\Software\Crossrider Key Found : HKCU\Software\AppDataLow\Software\PriceGong Key Found : HKCU\Software\Classes\iLivid.torrent Key Found : HKCU\Software\Cr_Installer Key Found : HKCU\Software\ilivid Key Found : HKCU\Software\InstalledBrowserExtensions Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.omiga-plus.com Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\omiga-plus.com Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.conduit.com Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\vshare.eu Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid Key Found : HKCU\Software\powerpack Key Found : HKCU\Software\Tutorials Key Found : HKCU\Software\TutoTag Key Found : HKCU\Software\YahooPartnerToolbar Key Found : [x64] HKCU\Software\1ClickDownload Key Found : [x64] HKCU\Software\Cr_Installer Key Found : [x64] HKCU\Software\ilivid Key Found : [x64] HKCU\Software\InstalledBrowserExtensions Key Found : [x64] HKCU\Software\powerpack Key Found : [x64] HKCU\Software\Tutorials Key Found : [x64] HKCU\Software\TutoTag Key Found : [x64] HKCU\Software\YahooPartnerToolbar Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F} Key Found : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946} Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022342291} Key Found : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330033343391} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.BHO Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.BHO.1 Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.FBApi Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.FBApi.1 Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.Sandbox Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0003491.Sandbox.1 Key Found : HKLM\SOFTWARE\Classes\iLivid.torrent Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055345591} Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066346691} Key Found : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077347791} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2786678 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3201318 Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3282134 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044344491} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044344491} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044344491} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\SOFTWARE\Conduit Key Found : HKLM\SOFTWARE\Driver-Soft Key Found : HKLM\SOFTWARE\FreeSoftToday Key Found : HKLM\SOFTWARE\Freeze.com Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Key Found : HKLM\SOFTWARE\InstalledBrowserExtensions Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1B4D240E-8BDE-4C8D-8B93-C74D2F8A8284} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKLM\SOFTWARE\omiga-plusSoftware Key Found : HKLM\SOFTWARE\SP Global Key Found : HKLM\SOFTWARE\Trymedia Systems Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055345591} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066346691} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077347791} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Key Found : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Found : [x64] HKLM\SOFTWARE\Tarma Installer Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17689
-\\ Mozilla Firefox v
-\\ Google Chrome v41.0.2272.101
[C:\Users\Jessikaah\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : hfimfliilbabfohebppnfomgjljicpdm [C:\Users\Jessikaah\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : iapmgeefjjdeofmglpelkaipeolfkefe [C:\Users\Jessikaah\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : mkfokfffehpeedafpekjeddnmnjhmcmk [C:\Users\Melinda\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1422324092&from=ild&uid=ST9500325AS_6VE8LX2YXXXX6VE8LX2Y&q={searchTerms} [C:\Users\Melinda\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Found [Extension] : iapmgeefjjdeofmglpelkaipeolfkefe [C:\Users\Melinda\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Found [Extension] : mkfokfffehpeedafpekjeddnmnjhmcmk [C:\Users\Melinda\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Found [Homepage] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1422324092&from=ild&uid=ST9500325AS_6VE8LX2YXXXX6VE8LX2Y [C:\Users\Melinda\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Found [Startup_URLs] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1422324092&from=ild&uid=ST9500325AS_6VE8LX2YXXXX6VE8LX2Y
*************************
AdwCleaner[R0].txt - [13839 bytes] - [30/03/2015 17:12:25]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [13899 bytes] ##########
|
|