Page 1 of 3 123 LastLast
Results 1 to 10 of 27
  1. #1
    Member stokie's Avatar
    Join Date
    Apr 2005
    Posts
    74
    Points
    3

    Default I think I have Malware

    Superantispyware reported nothing.
    Other logs below
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 16:44:37, on 30/10/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v10.0 (10.00.9200.16720)
    Boot mode: Safe mode

    Running processes:
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
    O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll
    O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll
    O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
    O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    O4 - HKCU\..\Run: [AmazonMP3DownloaderHelper] C:\Users\ALAN\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
    O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\ALAN\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
    O4 - HKCU\..\Run: [Spotify] "C:\Users\ALAN\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    O4 - Startup: BBC iPlayer Desktop.lnk = C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
    O4 - Startup: Mozilla Firefox.lnk = C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\OFFICE11\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Device Detection) - http://www.logitech.com/devicedetect...etection32.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
    O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: MySQL - Unknown owner - C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
    O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
    O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
    O23 - Service: pcCMService64 - Alcatel-Lucent - C:\Program Files\Common Files\Motive\pcCMService.exe
    O23 - Service: pcregservice Service (pcregservice) - Unknown owner - C:\Program Files (x86)\wrapper_inst\file_to_run.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
    O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
    O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 11806 bytes
    Malwarebytes Anti-Malware 1.75.0.1300
    Malwarebytes : Free Anti-Malware

    Database version: v2014.02.06.08

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 11.0.9600.16476
    ALAN :: ALAN-PC [administrator]

    06/02/2014 22:47:07
    mbam-log-2014-02-06 (22-47-07).txt

    Scan type: Full scan (C:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 388162
    Time elapsed: 1 hour(s), 14 minute(s), 23 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 14
    HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCR\Typelib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.OutBrowse) -> Quarantined and deleted successfully.
    HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> Quarantined and deleted successfully.
    HKCR\Typelib\{FBC322D5-407E-4854-8C0B-555B951FD8E3} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCR\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCU\Software\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCU\Software\mysearchdial.com (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
    HKCU\Software\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\SEARCHPROTECTINT (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

    Registry Values Detected: 4
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Data: -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{3004627E-F8E9-4E8B-909D-316753CBA923} (PUP.Optional.MySearchDial.A) -> Data: mysearchdial Toolbar -> Quarantined and deleted successfully.
    HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0T1F1P1F1C0U2W -> Quarantined and deleted successfully.
    HKCU\Software\SearchProtectINT|Install (PUP.Optional.SearchProtect.A) -> Data: 1 -> Quarantined and deleted successfully.

    Registry Data Items Detected: 1
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (Mysearchdial Search) Good: (Google) -> Quarantined and repaired successfully.

    Folders Detected: 3
    C:\Users\ALAN\AppData\Roaming\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\mysearchdial\icons_2.2.15.1631 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\mysearchdial\UpdateProc (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

    Files Detected: 6
    C:\Users\ALAN\AppData\Roaming\mysearchdial\UpdateProc\config.dat (PUP.Optional.MySearchDial.A) -> No action taken.
    C:\Users\ALAN\AppData\Local\Temp\nsuC3B0.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Windows\Temp\nslDCCB.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\mysearchdial\icons_2.2.15.1631\62.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\mysearchdial\icons_2.2.15.1631\80.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

    (end)
    Search results from Spybot - Search & Destroy

    07/02/2014 09:49:08
    Scan took 00:25:17.
    58 items found.

    Win32.2UrFace.bho: [SBI $62251A5D] Settings (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}

    Montera.Toolbar: [SBI $C595B0E4] Settings (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

    Montera.Toolbar: [SBI $C595B0E4] Settings (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

    Montera.Toolbar: [SBI $2212EF94] Settings (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\AppID\escort.DLL

    Montera.Toolbar: [SBI $2212EF94] Settings (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\AppID\escort.DLL

    Toolbar.MySearchDial: [SBI $1798064D] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mysearchdial.mysearchdialappCore

    Toolbar.MySearchDial: [SBI $1798064D] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1

    Toolbar.MySearchDial: [SBI $1798064D] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1

    Toolbar.MySearchDial: [SBI $1798064D] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mysearchdial.mysearchdialappCore

    Toolbar.MySearchDial: [SBI $23E2CC5D] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.mysearchdialESrvc

    Toolbar.MySearchDial: [SBI $23E2CC5D] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.mysearchdialESrvc.1

    Toolbar.MySearchDial: [SBI $23E2CC5D] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.mysearchdialESrvc.1

    Toolbar.MySearchDial: [SBI $23E2CC5D] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.mysearchdialESrvc

    Toolbar.MySearchDial: [SBI $3B16F120] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr

    Toolbar.MySearchDial: [SBI $3B16F120] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1

    Toolbar.MySearchDial: [SBI $3B16F120] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1

    Toolbar.MySearchDial: [SBI $3B16F120] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr

    Toolbar.MySearchDial: [SBI $AE10E9B6] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd

    Toolbar.MySearchDial: [SBI $AE10E9B6] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1

    Toolbar.MySearchDial: [SBI $AE10E9B6] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1

    Toolbar.MySearchDial: [SBI $AE10E9B6] Root class (Registry Key, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd

    Toolbar.MySearchDial: [SBI $EB67AD35] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}

    Toolbar.MySearchDial: [SBI $4D70C0C3] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}

    Toolbar.MySearchDial: [SBI $4D70C0C3] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}

    Toolbar.MySearchDial: [SBI $97614825] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}

    Toolbar.MySearchDial: [SBI $97614825] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}

    Toolbar.MySearchDial: [SBI $B10C9B82] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}

    Toolbar.MySearchDial: [SBI $B10C9B82] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}

    Toolbar.MySearchDial: [SBI $E99E7902] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}

    Toolbar.MySearchDial: [SBI $E99E7902] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}

    Toolbar.MySearchDial: [SBI $AD45ACC6] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}

    Toolbar.MySearchDial: [SBI $AD45ACC6] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}

    Toolbar.MySearchDial: [SBI $E777F3A2] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}

    Toolbar.MySearchDial: [SBI $E777F3A2] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}

    Toolbar.MySearchDial: [SBI $D302BDE2] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}

    Toolbar.MySearchDial: [SBI $D302BDE2] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}

    Toolbar.MySearchDial: [SBI $E0B4A6E2] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}

    Toolbar.MySearchDial: [SBI $E0B4A6E2] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}

    Toolbar.MySearchDial: [SBI $7C17746E] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}

    Toolbar.MySearchDial: [SBI $7C17746E] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}

    Toolbar.MySearchDial: [SBI $C4AC0319] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}

    Toolbar.MySearchDial: [SBI $C4AC0319] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}

    Toolbar.MySearchDial: [SBI $37B6C034] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}

    Toolbar.MySearchDial: [SBI $37B6C034] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}

    Toolbar.MySearchDial: [SBI $D77420A4] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}

    Toolbar.MySearchDial: [SBI $D77420A4] Interface (Registry Key, nothing done)
    HKEY_CLASSES_ROOT\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}

    MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-4204390733-60689720-3297724035-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

    MS Office 11.0 (Word): [SBI $15AC27CE] Recent file list (Registry Value, nothing done)
    HKEY_USERS\S-1-5-21-4204390733-60689720-3297724035-1000\Software\Microsoft\Office\11.0\Word\Data\Settings

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

    Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

    Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-4204390733-60689720-3297724035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

    Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-4204390733-60689720-3297724035-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

    Cache: [SBI $49804B54] Browser: Cache (1) (Browser: Cache, nothing done)


    Cookie: [SBI $49804B54] Browser: Cookie (1) (Browser: Cookie, nothing done)



    --- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---

    2013-05-16 blindman.exe (2.1.18.151)
    2013-05-16 explorer.exe (2.1.18.177)
    2013-05-16 SDBootCD.exe (2.1.18.109)
    2013-05-16 SDCleaner.exe (2.1.18.110)
    2013-05-16 SDDelFile.exe (2.1.18.94)
    2013-06-18 SDDisableProxy.exe
    2013-05-16 SDFiles.exe (2.1.18.135)
    2013-03-20 SDFileScanHelper.exe (2.1.16.1)
    2013-05-16 SDFSSvc.exe (2.1.18.208)
    2013-05-16 SDHookHelper.exe (2.1.18.2)
    2013-05-16 SDHookInst32.exe (2.1.18.2)
    2013-05-16 SDHookInst64.exe (2.1.18.2)
    2013-05-16 SDImmunize.exe (2.1.18.130)
    2013-05-16 SDLogReport.exe (2.1.18.107)
    2013-05-16 SDOnAccess.exe (2.1.18.4)
    2013-05-16 SDPESetup.exe (2.1.18.3)
    2013-05-16 SDPEStart.exe (2.1.18.86)
    2013-05-16 SDPhoneScan.exe (2.1.18.28)
    2013-05-16 SDPRE.exe (2.1.18.22)
    2013-05-16 SDPrepPos.exe (2.1.18.10)
    2013-05-16 SDQuarantine.exe (2.1.18.103)
    2013-05-16 SDRootAlyzer.exe (2.1.18.116)
    2013-05-16 SDSBIEdit.exe (2.1.18.39)
    2013-05-16 SDScan.exe (2.1.18.177)
    2013-05-16 SDScript.exe (2.1.18.53)
    2013-05-16 SDSettings.exe (2.1.18.136)
    2013-05-16 SDShell.exe (2.1.18.2)
    2013-05-16 SDShred.exe (2.1.18.107)
    2013-05-16 SDSysRepair.exe (2.1.18.101)
    2013-05-16 SDTools.exe (2.1.18.150)
    2013-07-25 SDTray.exe (2.1.21.129)
    2013-05-16 SDUpdate.exe (2.1.18.91)
    2013-05-16 SDUpdSvc.exe (2.1.18.76)
    2013-07-10 SDWelcome.exe (2.1.21.129)
    2013-05-15 SDWSCSvc.exe (2.1.18.2)
    2013-06-19 spybotsd2-translation-frx.exe
    2013-08-13 unins000.exe (51.1052.0.0)
    1999-12-02 xcacls.exe
    2012-08-23 borlndmm.dll (10.0.2288.42451)
    2012-09-05 DelZip190.dll (1.9.0.107)
    2012-09-10 libeay32.dll (1.0.0.4)
    2012-09-10 libssl32.dll (1.0.0.4)
    2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
    2013-05-16 SDAV.dll
    2013-05-16 SDECon32.dll (2.1.18.113)
    2013-05-16 SDECon64.dll (2.1.18.113)
    2013-04-05 SDEvents.dll (2.1.16.2)
    2013-05-16 SDFileScanLibrary.dll (2.1.18.12)
    2013-05-16 SDHook32.dll (2.1.18.2)
    2013-05-16 SDHook64.dll (2.1.18.2)
    2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
    2013-05-16 SDLicense.dll (2.1.18.0)
    2013-05-16 SDLists.dll (2.1.18.4)
    2013-05-16 SDResources.dll (2.1.18.7)
    2013-05-16 SDScanLibrary.dll (2.1.18.131)
    2013-05-16 SDTasks.dll (2.1.18.15)
    2013-05-16 SDWinLogon.dll (2.1.18.0)
    2012-08-23 sqlite3.dll
    2012-09-10 ssleay32.dll (1.0.0.4)
    2013-05-16 Tools.dll (2.1.18.36)
    2014-01-08 Includes\Adware-000.sbi (*)
    2014-01-08 Includes\Adware-001.sbi (*)
    2014-02-05 Includes\Adware-C.sbi (*)
    2014-01-13 Includes\Adware.sbi (*)
    2014-01-13 Includes\AdwareC.sbi (*)
    2010-08-13 Includes\Cookies.sbi (*)
    2014-01-08 Includes\Dialer-000.sbi (*)
    2014-01-08 Includes\Dialer-001.sbi (*)
    2014-01-08 Includes\Dialer-C.sbi (*)
    2014-01-13 Includes\Dialer.sbi (*)
    2014-01-13 Includes\DialerC.sbi (*)
    2012-11-14 Includes\HeavyDuty.sbi (*)
    2014-01-08 Includes\Hijackers-000.sbi (*)
    2014-01-08 Includes\Hijackers-001.sbi (*)
    2014-01-08 Includes\Hijackers-C.sbi (*)
    2014-01-13 Includes\Hijackers.sbi (*)
    2014-01-13 Includes\HijackersC.sbi (*)
    2014-01-08 Includes\iPhone-000.sbi (*)
    2014-01-08 Includes\iPhone.sbi (*)
    2014-01-08 Includes\Keyloggers-000.sbi (*)
    2014-01-08 Includes\Keyloggers-C.sbi (*)
    2014-01-13 Includes\Keyloggers.sbi (*)
    2014-01-13 Includes\KeyloggersC.sbi (*)
    2014-01-09 Includes\Malware-001.sbi (*)
    2014-01-09 Includes\Malware-002.sbi (*)
    2014-02-05 Includes\Malware-003.sbi (*)
    2014-01-28 Includes\Malware-004.sbi (*)
    2014-01-09 Includes\Malware-005.sbi (*)
    2014-01-09 Includes\Malware-006.sbi (*)
    2014-01-09 Includes\Malware-007.sbi (*)
    2014-01-14 Includes\Malware-C.sbi (*)
    2014-01-13 Includes\Malware.sbi (*)
    2013-12-23 Includes\MalwareC.sbi (*)
    2014-01-15 Includes\PUPS-000.sbi (*)
    2014-01-15 Includes\PUPS-001.sbi (*)
    2014-01-15 Includes\PUPS-002.sbi (*)
    2014-02-05 Includes\PUPS-C.sbi (*)
    2012-11-14 Includes\PUPS.sbi (*)
    2014-01-07 Includes\PUPSC.sbi (*)
    2014-01-08 Includes\Security-000.sbi (*)
    2014-01-08 Includes\Security-C.sbi (*)
    2014-01-21 Includes\Security.sbi (*)
    2014-01-21 Includes\SecurityC.sbi (*)
    2014-01-08 Includes\Spyware-000.sbi (*)
    2014-01-08 Includes\Spyware-001.sbi (*)
    2014-01-08 Includes\Spyware-C.sbi (*)
    2014-01-21 Includes\Spyware.sbi (*)
    2014-01-21 Includes\SpywareC.sbi (*)
    2011-06-07 Includes\Tracks.sbi (*)
    2012-11-19 Includes\Tracks.uti (*)
    2014-01-15 Includes\Trojans-000.sbi (*)
    2014-01-15 Includes\Trojans-001.sbi (*)
    2014-01-15 Includes\Trojans-002.sbi (*)
    2014-01-15 Includes\Trojans-003.sbi (*)
    2014-01-15 Includes\Trojans-004.sbi (*)
    2014-01-15 Includes\Trojans-005.sbi (*)
    2014-01-15 Includes\Trojans-006.sbi (*)
    2014-01-15 Includes\Trojans-007.sbi (*)
    2014-01-15 Includes\Trojans-008.sbi (*)
    2014-01-15 Includes\Trojans-009.sbi (*)
    2014-01-09 Includes\Trojans-020.sbi (*)
    2014-01-09 Includes\Trojans-021.sbi (*)
    2014-01-09 Includes\Trojans-022.sbi (*)
    2014-01-09 Includes\Trojans-023.sbi (*)
    2014-02-05 Includes\Trojans-C.sbi (*)
    2014-01-15 Includes\Trojans-OG-000.sbi (*)
    2014-01-15 Includes\Trojans-TD-000.sbi (*)
    2014-01-15 Includes\Trojans-VM-000.sbi (*)
    2014-01-15 Includes\Trojans-VM-001.sbi (*)
    2014-01-15 Includes\Trojans-VM-002.sbi (*)
    2014-01-15 Includes\Trojans-VM-003.sbi (*)
    2014-01-15 Includes\Trojans-VM-004.sbi (*)
    2014-01-15 Includes\Trojans-VM-005.sbi (*)
    2014-01-15 Includes\Trojans-VM-006.sbi (*)
    2014-01-15 Includes\Trojans-VM-007.sbi (*)
    2014-01-15 Includes\Trojans-VM-008.sbi (*)
    2014-01-15 Includes\Trojans-VM-009.sbi (*)
    2014-01-15 Includes\Trojans-VM-010.sbi (*)
    2014-01-15 Includes\Trojans-VM-011.sbi (*)
    2014-01-15 Includes\Trojans-VM-012.sbi (*)
    2014-01-15 Includes\Trojans-VM-013.sbi (*)
    2014-01-15 Includes\Trojans-VM-014.sbi (*)
    2014-01-15 Includes\Trojans-VM-015.sbi (*)
    2014-01-15 Includes\Trojans-VM-016.sbi (*)
    2014-01-15 Includes\Trojans-VM-017.sbi (*)
    2014-01-15 Includes\Trojans-VM-018.sbi (*)
    2014-01-15 Includes\Trojans-VM-019.sbi (*)
    2014-01-15 Includes\Trojans-VM-020.sbi (*)
    2014-01-15 Includes\Trojans-VM-021.sbi (*)
    2014-01-15 Includes\Trojans-VM-022.sbi (*)
    2014-01-15 Includes\Trojans-VM-023.sbi (*)
    2014-01-15 Includes\Trojans-VM-024.sbi (*)
    2014-01-13 Includes\Trojans-VM-025.sbi (*)
    2014-01-13 Includes\Trojans-VM-026.sbi (*)
    2014-01-15 Includes\Trojans-ZB-000.sbi (*)
    2014-01-15 Includes\Trojans-ZL-000.sbi (*)
    2014-01-09 Includes\Trojans.sbi (*)
    2014-01-16 Includes\TrojansC-01.sbi (*)
    2014-01-16 Includes\TrojansC-02.sbi (*)
    2014-01-16 Includes\TrojansC-03.sbi (*)
    2014-01-16 Includes\TrojansC-04.sbi (*)
    2014-01-16 Includes\TrojansC-05.sbi (*)
    2014-01-09 Includes\TrojansC.sbi (*)
    Last edited by stokie; 02-07-2014 at 06:02 AM. Reason: error on hijack this log please cancel thread. I am getting a message that HJT is denied access to the hosts file .

  2. #2
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello stokie,
    • Welcome to Help2Go.
    • My name is fireman4it and I will be helping you with your Malware problem.

      Please take note of some guidelines for this fix:
    • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
    • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
    • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
    • Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
    • I will be analyzing your log. I will get back to you with instructions.





    Spybot S&D or Ad-Aware are no longer recommended
    • mvps.org is no longer recommending Spybot S&D or Ad-Aware due to poor testing results. See here - (scroll down and read under Freeware Antispyware Products)
    • Further, most people don't understand Spybot's TeaTimer or how to use it and that feature can cause more problems than it's worth. TeaTimer monitors changes to certain critical keys in Windows registry but does not indicate if the change is normal or a modification made by a malware infection. The user must have an understanding of the registry and how TeaTimer works in order to make informed decisions to allow or deny the detected changes. Additionally, TeaTimer may conflict with other security tools which do a much better job of protecting your computer and even prevent disinfection of malware by those tools.
    • More effective alternatives are Malwarebytes Anti-Malware and SUPERAntiSpyware Free.



    1.
    Download AdwCleaner
    • Double click on AdwCleaner.exe to run the tool.
      ***Note: Windows Vista and Windows 7 users:
      Right click in the adwCleaner.exe and select
      "Run as administrator"
    • Click the Scan button.
    • A logfile will automatically open after the scan has finished.
    • Please post the content of that logfile in your next reply.
    • Or you can find the logfile at C:\AdwCleaner[R1].txt.



    2.
    • Download RogueKiller on the desktop
    • Close all the running processes
    • Under Vista/Seven, right click -> Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • When prompted, Click Scan
    • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again



    Things to include in your next reply::
    AdwCleaner log
    Roguekiller log
    How is your machine running now?
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  3. #3
    Member stokie's Avatar
    Join Date
    Apr 2005
    Posts
    74
    Points
    3

    Default

    Hello fireman4it
    Thanks very much for your input.
    Here are the logs you asked for:-
    # AdwCleaner v3.018 - Report created 07/02/2014 at 19:24:58
    # Updated 28/01/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : ALAN - ALAN-PC
    # Running from : C:\Users\ALAN\Documents\DAD\Diagnostics and Security\adwcleaner.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Found : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\1cec3s56.default\searchplugins\Mysearchdial.xml
    File Found : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\1cec3s56.default\user.js
    File Found : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\mqdozlsj.default-1379620744169\searchplugins\Mysearchdial.xml
    File Found : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\mqdozlsj.default-1379620744169\user.js
    File Found : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\zymka1im.default-1391716630696\searchplugins\Mysearchdial.xml
    File Found : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\zymka1im.default-1391716630696\searchplugins\safesearch.xml
    File Found : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\zymka1im.default-1391716630696\user.js
    File Found : C:\Windows\System32\roboot64.exe
    Folder Found : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\1cec3s56.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
    Folder Found : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\mqdozlsj.default-1379620744169\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
    Folder Found C:\Program Files (x86)\Common Files\Umbrella
    Folder Found C:\ProgramData\Iminent
    Folder Found C:\Users\ALAN\AppData\LocalLow\Mysearchdial
    Folder Found C:\Users\ALAN\AppData\LocalLow\Search Settings
    Folder Found C:\Users\ALAN\AppData\Roaming\DriverCure
    Folder Found C:\Users\ALAN\AppData\Roaming\Iminent
    Folder Found C:\Users\ALAN\AppData\Roaming\ParetoLogic
    Folder Found C:\Users\ALAN\AppData\Roaming\Systweak
    Folder Found C:\Windows\SysWOW64\Searchprotect

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\AppDataLow\Software\LyricsContainer
    Key Found : HKCU\Software\AppDataLow\Software\smartbar
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\dsiteproducts
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : HKCU\Software\ParetoLogic
    Key Found : HKCU\Software\Softonic
    Key Found : [x64] HKCU\Software\Conduit
    Key Found : [x64] HKCU\Software\dsiteproducts
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Key Found : [x64] HKCU\Software\ParetoLogic
    Key Found : [x64] HKCU\Software\Softonic
    Key Found : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Key Found : HKLM\SOFTWARE\Classes\Prod.cap
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\abfmigjiaapipflmopkaaooigcjjdojh
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
    Key Found : HKLM\Software\mysearchdial
    Key Found : HKLM\Software\ParetoLogic
    Key Found : HKLM\Software\systweak
    Key Found : HKLM\Software\Tarma Installer
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Value Found : HKCU\Software\Mozilla\Firefox\Extensions [Lyrics@LyricsContainer.co]

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16428

    Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://start.mysearchdial.com/?f=2&a=dsites0103&cd=2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=710969739&ir=
    Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=dsites0103&cd=2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=710969739&ir=

    -\\ Mozilla Firefox v27.0 (en-GB)

    [ File : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\1cec3s56.default\prefs.js ]

    Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
    Line Found : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=dsites0103&cd=2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC[...]
    Line Found : user_pref("browser.search.selectedEngine", "Mysearchdial");

    [ File : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\mqdozlsj.default-1379620744169\prefs.js ]

    Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
    Line Found : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=dsites0103&cd=2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC[...]
    Line Found : user_pref("browser.search.selectedEngine", "Mysearchdial");

    [ File : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\zymka1im.default-1391716630696\prefs.js ]

    Line Found : user_pref("extensions.mysearchdial.AL", 2);
    Line Found : user_pref("extensions.mysearchdial.aflt", "dsites0103");
    Line Found : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
    Line Found : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R");
    Line Found : user_pref("extensions.mysearchdial.cr", "710969739");
    Line Found : user_pref("extensions.mysearchdial.dfltLng", "");
    Line Found : user_pref("extensions.mysearchdial.dfltSrch", true);
    Line Found : user_pref("extensions.mysearchdial.dnsErr", true);
    Line Found : user_pref("extensions.mysearchdial.excTlbr", false);
    Line Found : user_pref("extensions.mysearchdial.hmpg", true);
    Line Found : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=dsites0103&cd=2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1Czut[...]
    Line Found : user_pref("extensions.mysearchdial.id", "5404A67EF4C08263");
    Line Found : user_pref("extensions.mysearchdial.instlDay", "16108");
    Line Found : user_pref("extensions.mysearchdial.instlRef", "");
    Line Found : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=dsites0103&cd=2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1Cz[...]
    Line Found : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
    Line Found : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
    Line Found : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
    Line Found : user_pref("extensions.mysearchdial.tlbrId", "base");
    Line Found : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=dsites0103&cd=2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1[...]
    Line Found : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
    Line Found : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
    Line Found : user_pref("extensions.mysearchdial_i.hmpg", true);
    Line Found : user_pref("extensions.mysearchdial_i.newTab", false);
    Line Found : user_pref("extensions.mysearchdial_i.smplGrp", "none");
    Line Found : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.015:23:7");

    *************************

    AdwCleaner[R0].txt - [21376 octets] - [07/02/2014 19:24:58]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [21437 octets] ##########
    RogueKiller V8.8.6 [Feb 7 2014] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : Adlice forum - Index
    Website : RogueKiller download
    Blog : Adlice Software | malware analysis

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : ALAN [Admin rights]
    Mode : Scan -- Date : 02/07/2014 20:10:03
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 13 ¤¤¤
    [RUN][SUSP PATH] HKCU\[...]\Run : AmazonMP3DownloaderHelper (C:\Users\ALAN\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [7]) -> FOUND
    [RUN][SUSP PATH] HKUS\S-1-5-21-4204390733-60689720-3297724035-1000\[...]\Run : AmazonMP3DownloaderHelper (C:\Users\ALAN\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [7]) -> FOUND
    [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
    [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> FOUND
    [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
    [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorUser (0) -> FOUND
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowVideos (0) -> FOUND
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Scheduled tasks : 2 ¤¤¤
    [V1][SUSP PATH] Digital Sites.job : C:\Users\ALAN\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND
    [V2][SUSP PATH] Digital Sites : C:\Users\ALAN\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND

    ¤¤¤ Startup Entries : 0 ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ Browser Addons : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

    ¤¤¤ External Hives: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts


    127.0.0.1 localhost


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HDS721050CLA362 ATA Device +++++
    --- User ---
    [MBR] 52722a1f4a944ff7f6a123e493a88850
    [BSP] 9a95c9f4684884d803cc51216cb9ac64 : Windows 7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[0]_S_02072014_201003.txt >>




    Malwarebytes Anti-Malware 1.75.0.1300
    Malwarebytes : Free Anti-Malware

    Database version: v2014.02.06.08

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 11.0.9600.16476
    ALAN :: ALAN-PC [administrator]

    07/02/2014 15:04:47
    mbam-log-2014-02-07 (15-04-47).txt

    Scan type: Full scan (C:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 388416
    Time elapsed: 55 minute(s), 25 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 18
    HKCU\Software\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCU\Software\mysearchdial.com (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCU\Software\RightSurf (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
    HKCU\Software\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKLM\SYSTEM\CurrentControlSet\Services\Update RightSurf (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    HKLM\Software\RightSurf (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88be1aa9-6740-461c-9e3e-f35eb8fa741c} (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    HKCR\CLSID\{88be1aa9-6740-461c-9e3e-f35eb8fa741c} (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    HKCR\TypeLib\{a4f32137-598e-41b6-b601-9965084c8f08} (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCR\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCR\mysearchdial.mysearchdialHlpr.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCR\mysearchdial.mysearchdialHlpr (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

    Registry Values Detected: 1
    HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0A2O0R1R1H2Z1S1G0H1F -> Quarantined and deleted successfully.

    Registry Data Items Detected: 2
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (Mysearchdial Search) Good: (Google) -> Quarantined and repaired successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (Mysearchdial Search) Good: (Google) -> Quarantined and repaired successfully.

    Folders Detected: 8
    C:\Users\ALAN\AppData\Roaming\DigitalSites\UpdateProc (PUP.Optional.Updater) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\RightSurf (PUP.Optional.RightSurf.A) -> Delete on reboot.
    C:\Users\ALAN\AppData\Roaming\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\mysearchdial\icons_2.2.15.1631 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\mysearchdial\UpdateProc (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

    Files Detected: 25
    C:\Users\ALAN\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe (PUP.Optional.Updater) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\DigitalSites\UpdateProc\config.dat (PUP.Optional.Updater) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\DigitalSites\UpdateProc\info.dat (PUP.Optional.Updater) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\DigitalSites\UpdateProc\prod.dat (PUP.Optional.Updater) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\RightSurf\RightSurf.ico (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\RightSurf\0 (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\RightSurf\7za.exe (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\RightSurf\RightSurf.FirstRun.exe (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\RightSurf\RightSurfBHO.dll (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\RightSurf\RightSurfUninstall.exe (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\RightSurf\updateRightSurf.exe (PUP.Optional.RightSurf.A) -> Delete on reboot.
    C:\Program Files (x86)\RightSurf\updateRightSurf.InstallState (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\mysearchdial\icons_2.2.15.1631\62.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\mysearchdial\icons_2.2.15.1631\80.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\mysearchdial\UpdateProc\config.dat (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\FavIcon.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialApp.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialEng.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialsrv.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\Sqlite3.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\uninst.dat (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\uninstall.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

    (end)
    Machine is running pretty well but I'm concerned about in particular Rightsearch/Mysearch dial which I can't seem to get rid of

  4. #4
    Member stokie's Avatar
    Join Date
    Apr 2005
    Posts
    74
    Points
    3

    Default

    Hello fireman4it
    Thanks very much for your input.
    Here are the logs you asked for:-
    # AdwCleaner v3.018 - Report created 07/02/2014 at 19:24:58
    # Updated 28/01/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : ALAN - ALAN-PC
    # Running from : C:\Users\ALAN\Documents\DAD\Diagnostics and Security\adwcleaner.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Found : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\1cec3s56.default\searchplugins\Mysearchdial.xml
    File Found : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\1cec3s56.default\user.js
    File Found : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\mqdozlsj.default-1379620744169\searchplugins\Mysearchdial.xml
    File Found : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\mqdozlsj.default-1379620744169\user.js
    File Found : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\zymka1im.default-1391716630696\searchplugins\Mysearchdial.xml
    File Found : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\zymka1im.default-1391716630696\searchplugins\safesearch.xml
    File Found : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\zymka1im.default-1391716630696\user.js
    File Found : C:\Windows\System32\roboot64.exe
    Folder Found : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\1cec3s56.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
    Folder Found : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\mqdozlsj.default-1379620744169\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
    Folder Found C:\Program Files (x86)\Common Files\Umbrella
    Folder Found C:\ProgramData\Iminent
    Folder Found C:\Users\ALAN\AppData\LocalLow\Mysearchdial
    Folder Found C:\Users\ALAN\AppData\LocalLow\Search Settings
    Folder Found C:\Users\ALAN\AppData\Roaming\DriverCure
    Folder Found C:\Users\ALAN\AppData\Roaming\Iminent
    Folder Found C:\Users\ALAN\AppData\Roaming\ParetoLogic
    Folder Found C:\Users\ALAN\AppData\Roaming\Systweak
    Folder Found C:\Windows\SysWOW64\Searchprotect

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\AppDataLow\Software\LyricsContainer
    Key Found : HKCU\Software\AppDataLow\Software\smartbar
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\dsiteproducts
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : HKCU\Software\ParetoLogic
    Key Found : HKCU\Software\Softonic
    Key Found : [x64] HKCU\Software\Conduit
    Key Found : [x64] HKCU\Software\dsiteproducts
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Key Found : [x64] HKCU\Software\ParetoLogic
    Key Found : [x64] HKCU\Software\Softonic
    Key Found : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Key Found : HKLM\SOFTWARE\Classes\Prod.cap
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\abfmigjiaapipflmopkaaooigcjjdojh
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
    Key Found : HKLM\Software\mysearchdial
    Key Found : HKLM\Software\ParetoLogic
    Key Found : HKLM\Software\systweak
    Key Found : HKLM\Software\Tarma Installer
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Value Found : HKCU\Software\Mozilla\Firefox\Extensions [Lyrics@LyricsContainer.co]

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16428

    Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://start.mysearchdial.com/?f=2&a=dsites0103&cd=2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=710969739&ir=
    Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=dsites0103&cd=2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=710969739&ir=

    -\\ Mozilla Firefox v27.0 (en-GB)

    [ File : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\1cec3s56.default\prefs.js ]

    Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
    Line Found : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=dsites0103&cd=2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC[...]
    Line Found : user_pref("browser.search.selectedEngine", "Mysearchdial");

    [ File : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\mqdozlsj.default-1379620744169\prefs.js ]

    Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
    Line Found : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=dsites0103&cd=2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC[...]
    Line Found : user_pref("browser.search.selectedEngine", "Mysearchdial");

    [ File : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\zymka1im.default-1391716630696\prefs.js ]

    Line Found : user_pref("extensions.mysearchdial.AL", 2);
    Line Found : user_pref("extensions.mysearchdial.aflt", "dsites0103");
    Line Found : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
    Line Found : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R");
    Line Found : user_pref("extensions.mysearchdial.cr", "710969739");
    Line Found : user_pref("extensions.mysearchdial.dfltLng", "");
    Line Found : user_pref("extensions.mysearchdial.dfltSrch", true);
    Line Found : user_pref("extensions.mysearchdial.dnsErr", true);
    Line Found : user_pref("extensions.mysearchdial.excTlbr", false);
    Line Found : user_pref("extensions.mysearchdial.hmpg", true);
    Line Found : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=dsites0103&cd=2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1Czut[...]
    Line Found : user_pref("extensions.mysearchdial.id", "5404A67EF4C08263");
    Line Found : user_pref("extensions.mysearchdial.instlDay", "16108");
    Line Found : user_pref("extensions.mysearchdial.instlRef", "");
    Line Found : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=dsites0103&cd=2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1Cz[...]
    Line Found : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
    Line Found : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
    Line Found : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
    Line Found : user_pref("extensions.mysearchdial.tlbrId", "base");
    Line Found : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=dsites0103&cd=2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1[...]
    Line Found : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
    Line Found : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
    Line Found : user_pref("extensions.mysearchdial_i.hmpg", true);
    Line Found : user_pref("extensions.mysearchdial_i.newTab", false);
    Line Found : user_pref("extensions.mysearchdial_i.smplGrp", "none");
    Line Found : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.015:23:7");

    *************************

    AdwCleaner[R0].txt - [21376 octets] - [07/02/2014 19:24:58]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [21437 octets] ##########
    RogueKiller V8.8.6 [Feb 7 2014] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : Adlice forum - Index
    Website : RogueKiller download
    Blog : Adlice Software | malware analysis

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : ALAN [Admin rights]
    Mode : Scan -- Date : 02/07/2014 20:10:03
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 13 ¤¤¤
    [RUN][SUSP PATH] HKCU\[...]\Run : AmazonMP3DownloaderHelper (C:\Users\ALAN\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [7]) -> FOUND
    [RUN][SUSP PATH] HKUS\S-1-5-21-4204390733-60689720-3297724035-1000\[...]\Run : AmazonMP3DownloaderHelper (C:\Users\ALAN\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [7]) -> FOUND
    [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
    [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> FOUND
    [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
    [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorUser (0) -> FOUND
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowVideos (0) -> FOUND
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Scheduled tasks : 2 ¤¤¤
    [V1][SUSP PATH] Digital Sites.job : C:\Users\ALAN\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND
    [V2][SUSP PATH] Digital Sites : C:\Users\ALAN\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND

    ¤¤¤ Startup Entries : 0 ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ Browser Addons : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

    ¤¤¤ External Hives: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts


    127.0.0.1 localhost


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HDS721050CLA362 ATA Device +++++
    --- User ---
    [MBR] 52722a1f4a944ff7f6a123e493a88850
    [BSP] 9a95c9f4684884d803cc51216cb9ac64 : Windows 7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[0]_S_02072014_201003.txt >>




    Malwarebytes Anti-Malware 1.75.0.1300
    Malwarebytes : Free Anti-Malware

    Database version: v2014.02.06.08

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 11.0.9600.16476
    ALAN :: ALAN-PC [administrator]

    07/02/2014 15:04:47
    mbam-log-2014-02-07 (15-04-47).txt

    Scan type: Full scan (C:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 388416
    Time elapsed: 55 minute(s), 25 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 18
    HKCU\Software\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCU\Software\mysearchdial.com (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCU\Software\RightSurf (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
    HKCU\Software\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\InstallCore\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKLM\SYSTEM\CurrentControlSet\Services\Update RightSurf (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    HKLM\Software\RightSurf (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88be1aa9-6740-461c-9e3e-f35eb8fa741c} (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    HKCR\CLSID\{88be1aa9-6740-461c-9e3e-f35eb8fa741c} (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    HKCR\TypeLib\{a4f32137-598e-41b6-b601-9965084c8f08} (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCR\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCR\mysearchdial.mysearchdialHlpr.1 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCR\mysearchdial.mysearchdialHlpr (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

    Registry Values Detected: 1
    HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0A2O0R1R1H2Z1S1G0H1F -> Quarantined and deleted successfully.

    Registry Data Items Detected: 2
    HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (Mysearchdial Search) Good: (Google) -> Quarantined and repaired successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (Mysearchdial Search) Good: (Google) -> Quarantined and repaired successfully.

    Folders Detected: 8
    C:\Users\ALAN\AppData\Roaming\DigitalSites\UpdateProc (PUP.Optional.Updater) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\RightSurf (PUP.Optional.RightSurf.A) -> Delete on reboot.
    C:\Users\ALAN\AppData\Roaming\mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\mysearchdial\icons_2.2.15.1631 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\mysearchdial\UpdateProc (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0 (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

    Files Detected: 25
    C:\Users\ALAN\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe (PUP.Optional.Updater) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\DigitalSites\UpdateProc\config.dat (PUP.Optional.Updater) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\DigitalSites\UpdateProc\info.dat (PUP.Optional.Updater) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\DigitalSites\UpdateProc\prod.dat (PUP.Optional.Updater) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\RightSurf\RightSurf.ico (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\RightSurf\0 (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\RightSurf\7za.exe (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\RightSurf\RightSurf.FirstRun.exe (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\RightSurf\RightSurfBHO.dll (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\RightSurf\RightSurfUninstall.exe (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\RightSurf\updateRightSurf.exe (PUP.Optional.RightSurf.A) -> Delete on reboot.
    C:\Program Files (x86)\RightSurf\updateRightSurf.InstallState (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\mysearchdial\icons_2.2.15.1631\62.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\mysearchdial\icons_2.2.15.1631\80.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\mysearchdial\UpdateProc\config.dat (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Users\ALAN\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\FavIcon.ico (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialApp.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialEng.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialsrv.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\Sqlite3.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\uninst.dat (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\uninstall.exe (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

    (end)
    Machine is running pretty well but I'm concerned about in particular Rightsearch/Mysearch dial which I can't seem to get rid of

  5. #5
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    1.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click Scan
    • Then click on Cleanto delete anything it finds
    • Confirm each time with Ok.
    • You will be prompted to restart your computer. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.



    2.
    • Re-Run RogueKiller
    • Close all the running processes
    • Under Vista/Seven, right click -> Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • When prompted, Click Supression
    • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  6. #6
    Member stokie's Avatar
    Join Date
    Apr 2005
    Posts
    74
    Points
    3

    Default

    Here are the reports
    # AdwCleaner v3.018 - Report created 08/02/2014 at 09:23:06
    # Updated 28/01/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : ALAN - ALAN-PC
    # Running from : C:\Users\ALAN\Documents\DAD\Diagnostics and Security\adwcleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\Iminent
    Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
    Folder Deleted : C:\Program Files (x86)\Common Files\Umbrella
    Folder Deleted : C:\Windows\SysWOW64\Searchprotect
    Folder Deleted : C:\Users\ALAN\AppData\LocalLow\Mysearchdial
    Folder Deleted : C:\Users\ALAN\AppData\LocalLow\Search Settings
    Folder Deleted : C:\Users\ALAN\AppData\Roaming\DriverCure
    Folder Deleted : C:\Users\ALAN\AppData\Roaming\Iminent
    Folder Deleted : C:\Users\ALAN\AppData\Roaming\ParetoLogic
    Folder Deleted : C:\Users\ALAN\AppData\Roaming\Systweak
    Folder Deleted : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\1cec3s56.default\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
    Folder Deleted : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\mqdozlsj.default-1379620744169\Extensions\{AD9A41D2-9A49-4FA6-A79E-71A0785364C8}
    File Deleted : C:\Windows\System32\roboot64.exe
    File Deleted : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\1cec3s56.default\searchplugins\Mysearchdial.xml
    File Deleted : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\mqdozlsj.default-1379620744169\searchplugins\Mysearchdial.xml
    File Deleted : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\zymka1im.default-1391716630696\searchplugins\Mysearchdial.xml
    File Deleted : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\zymka1im.default-1391716630696\searchplugins\safesearch.xml
    File Deleted : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\1cec3s56.default\user.js
    File Deleted : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\mqdozlsj.default-1379620744169\user.js
    File Deleted : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\zymka1im.default-1391716630696\user.js

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
    Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [Lyrics@LyricsContainer.co]
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\abfmigjiaapipflmopkaaooigcjjdojh
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
    Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
    Key Deleted : HKLM\SOFTWARE\Classes\S
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\dsiteproducts
    Key Deleted : HKCU\Software\ParetoLogic
    Key Deleted : HKCU\Software\Softonic
    Key Deleted : HKCU\Software\AppDataLow\Software\LyricsContainer
    Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
    Key Deleted : HKLM\Software\AVG Security Toolbar
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\Software\mysearchdial
    Key Deleted : HKLM\Software\ParetoLogic
    Key Deleted : HKLM\Software\systweak
    Key Deleted : HKLM\Software\Tarma Installer
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16428

    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
    Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

    -\\ Mozilla Firefox v27.0 (en-GB)

    [ File : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\1cec3s56.default\prefs.js ]

    Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
    Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
    Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");

    [ File : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\mqdozlsj.default-1379620744169\prefs.js ]

    Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");
    Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");

    [ File : C:\Users\ALAN\AppData\Roaming\Mozilla\Firefox\Profiles\zymka1im.default-1391716630696\prefs.js ]

    Line Deleted : user_pref("extensions.mysearchdial.AL", 2);
    Line Deleted : user_pref("extensions.mysearchdial.aflt", "dsites0103");
    Line Deleted : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
    Line Deleted : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R");
    Line Deleted : user_pref("extensions.mysearchdial.cr", "710969739");
    Line Deleted : user_pref("extensions.mysearchdial.dfltLng", "");
    Line Deleted : user_pref("extensions.mysearchdial.dfltSrch", true);
    Line Deleted : user_pref("extensions.mysearchdial.dnsErr", true);
    Line Deleted : user_pref("extensions.mysearchdial.excTlbr", false);
    Line Deleted : user_pref("extensions.mysearchdial.hmpg", true);
    Line Deleted : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=dsites0103&cd=2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1Czut[...]
    Line Deleted : user_pref("extensions.mysearchdial.id", "5404A67EF4C08263");
    Line Deleted : user_pref("extensions.mysearchdial.instlDay", "16108");
    Line Deleted : user_pref("extensions.mysearchdial.instlRef", "");
    Line Deleted : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=dsites0103&cd=2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1Cz[...]
    Line Deleted : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
    Line Deleted : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
    Line Deleted : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
    Line Deleted : user_pref("extensions.mysearchdial.tlbrId", "base");
    Line Deleted : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=dsites0103&cd=2XzuyEtN2Y1L1QzuyDyEtDyE0AyCyB0E0FyE0CtDzztByCtAtN0D0Tzu0SyByCzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1[...]
    Line Deleted : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
    Line Deleted : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
    Line Deleted : user_pref("extensions.mysearchdial_i.hmpg", true);
    Line Deleted : user_pref("extensions.mysearchdial_i.newTab", false);
    Line Deleted : user_pref("extensions.mysearchdial_i.smplGrp", "none");
    Line Deleted : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.015:23:7");

    *************************

    AdwCleaner[R0].txt - [21738 octets] - [07/02/2014 19:24:58]
    AdwCleaner[R1].txt - [24764 octets] - [08/02/2014 09:18:53]
    AdwCleaner[S0].txt - [24150 octets] - [08/02/2014 09:23:06]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [24211 octets] ##########
    RogueKiller V8.8.6 [Feb 7 2014] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : Adlice forum - Index
    Website : RogueKiller download
    Blog : Adlice Software | malware analysis

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : ALAN [Admin rights]
    Mode : Scan -- Date : 02/08/2014 09:28:20
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 1 ¤¤¤
    [SUSP PATH] AmazonMP3DownloaderHelper.exe -- C:\Users\ALAN\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [7] -> KILLED [TermProc]

    ¤¤¤ Registry Entries : 13 ¤¤¤
    [RUN][SUSP PATH] HKCU\[...]\Run : AmazonMP3DownloaderHelper (C:\Users\ALAN\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [7]) -> FOUND
    [RUN][SUSP PATH] HKUS\S-1-5-21-4204390733-60689720-3297724035-1000\[...]\Run : AmazonMP3DownloaderHelper (C:\Users\ALAN\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [7]) -> FOUND
    [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
    [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> FOUND
    [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
    [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorUser (0) -> FOUND
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> FOUND
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> FOUND
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowVideos (0) -> FOUND
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Scheduled tasks : 2 ¤¤¤
    [V1][SUSP PATH] Digital Sites.job : C:\Users\ALAN\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND
    [V2][SUSP PATH] Digital Sites : C:\Users\ALAN\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> FOUND

    ¤¤¤ Startup Entries : 0 ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ Browser Addons : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

    ¤¤¤ External Hives: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts


    127.0.0.1 localhost


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HDS721050CLA362 ATA Device +++++
    --- User ---
    [MBR] 52722a1f4a944ff7f6a123e493a88850
    [BSP] 9a95c9f4684884d803cc51216cb9ac64 : Windows 7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[0]_S_02082014_092820.txt >>

    There was no prompt to "suppress", only 'delete' or 'Fix', so I have not clicked anything yet.

  7. #7
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    There was no prompt to "suppress", only 'delete' or 'Fix', so I have not clicked anything yet.
    Please select Delete.
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  8. #8
    Member stokie's Avatar
    Join Date
    Apr 2005
    Posts
    74
    Points
    3

    Default

    Done that, here is the latest report

    RogueKiller V8.8.6 [Feb 7 2014] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : Adlice forum - Index
    Website : RogueKiller download
    Blog : Adlice Software | malware analysis

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : ALAN [Admin rights]
    Mode : Remove -- Date : 02/09/2014 09:27:49
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 1 ¤¤¤
    [SUSP PATH] AmazonMP3DownloaderHelper.exe -- C:\Users\ALAN\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [7] -> KILLED [TermProc]

    ¤¤¤ Registry Entries : 13 ¤¤¤
    [RUN][SUSP PATH] HKCU\[...]\Run : AmazonMP3DownloaderHelper (C:\Users\ALAN\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [7]) -> DELETED
    [RUN][SUSP PATH] HKUS\S-1-5-21-4204390733-60689720-3297724035-1000\[...]\Run : AmazonMP3DownloaderHelper (C:\Users\ALAN\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [7]) -> [0x2] The system cannot find the file specified.
    [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
    [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorUser (0) -> REPLACED (1)
    [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] The system cannot find the file specified.
    [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorUser (0) -> REPLACED (1)
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> REPLACED (1)
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> REPLACED (1)
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowVideos (0) -> REPLACED (1)
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REPLACED (1)
    [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> REPLACED (1)
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

    ¤¤¤ Scheduled tasks : 2 ¤¤¤
    [V1][SUSP PATH] Digital Sites.job : C:\Users\ALAN\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> DELETED
    [V2][SUSP PATH] Digital Sites : C:\Users\ALAN\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE - /Check [x] -> DELETED

    ¤¤¤ Startup Entries : 0 ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ Browser Addons : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

    ¤¤¤ External Hives: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts


    127.0.0.1 localhost


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HDS721050CLA362 ATA Device +++++
    --- User ---
    [MBR] 52722a1f4a944ff7f6a123e493a88850
    [BSP] 9a95c9f4684884d803cc51216cb9ac64 : Windows 7/8 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[0]_D_02092014_092749.txt >>
    RKreport[0]_S_02092014_092706.txt

  9. #9
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    How is the machine running now?
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  10. #10
    Member stokie's Avatar
    Join Date
    Apr 2005
    Posts
    74
    Points
    3

    Default

    Hi
    Everything seems fine now.
    Is it safe to run RK and AdW as general maintenance? I already regularly run Superantispyware, MWB and Housecall.
    Thanks a lot for all your help and best regards

Page 1 of 3 123 LastLast