theredog
-
Content Count
89 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Posts posted by theredog
-
-
I picked this up from who knows where. Every time I remove it, it will reinstall itself. Tried to find all of it's components and delete but it still reinstalls. Quick search says it's not harmful but I don't want it.
Use Firefox, Windows 7, AGV Free and Malwarebytes. Can't figure out how to close AGV2014 to start runnig your recommended programs either.
It's been a long time since I've had to go through this and never on the dreaded Windows 7 with it's admin permission CRAP!
I use to go to G4 Tech Forum but they are gone. Pete C was a big help a few years ago.
Will you guys help me out?
-
OK Pete, updates done. Now if I could figure out why the Windows update shield shows up in the top left of HTC Incredible cell phone.
-
I noticed about a week ago that windows update page seemed different.
Different color scheme and layout.
On the computer I am using, windows has two critical updates keeping the yellow shield in the taskbar.
Problem is, I don't have office on this OS/Computer.
Also, when I select XP, in the left column of updates, there are no critical updates.
What gives?
This is messing with my OCD!
Redog
-
Bump
Anybody home?
-
Got this build fired up for the first time today w/ 64 bit W7 Pro.
I partitioned and formatted an OCZ 120Gb SSD.
I was wondering why the HDD LED light on the case stays lit and I was wondering if defraging an SSD is uneccessary?
Is there a way to make mouse commands one click in W7?
-
Ahhh, screwed by Bill Gates again!
Thanks for the info.
-
Bummer.
What happens if I try and load the 64 bit on to a HDD , then register?
Will Microsoft inform me that the reg key is already being used and I need to decide which one to keep?
Already spent way too much money on this build.
-
I have a Windows disc I bought that has the 32 bit and 64 bit OS on it. I have the 32 bit loaded on a HDD and was wondering if I can load and register the 64 bit on another hard drive or does registering one, cancel the other?
-
I am building a back up to my current confuser using similar mobo.
I have the mobo and processor but the QVL is lacking in choices for memory and
the selections they show seem to have issues when the item numbers are googled.
Any suggestions?
ASUS P5E3 Deluxe WiFi
Intel Core 2 Quad CPU Q9300 2.5 Ghz
L2 Cache 6 MB. Socket LGA 775
might get crossfired
XFX ATI Radeon HD 5770 HD-577X-ZNFC
also I have seen SATA items that are SATA 3 or something.
Will those things work with this old mobo?
Redog
-
I think it's fixed.
Removed all ATi stuff. Used Driver Sweeper to clean all ATi registry entries.
Then I installed the drivers only from Mfg Disc and not the CCC and Hydravision.
Next I updated my Bios and finally installed the updated driver only.
Took all day to download Anti-Virus since I am at the end of my billing cycle I am throttled back to dial-up speeds.So far it seems to be OK.
-
Thats the last one I installed, and it gives me the failure pop up you see in the first post.
49.5 Mb
You want me to uninstall driver in device manager and then install this same package of drivers again?
-
Thats what this is.
It's where the latest came from.
Remember, I had first picked it up through the windows update but after the BSOD crap I went in to SAFE MODE and removed the driver.I then went to ATi and downloaded the driver package "AMD Catalyst Accelerated Parallel Processing Technology Edition".
It was 49 Mb and I also went and installed Net Framework and all its updates.
I was thinking about removing the driver again and picking driver only instead of the package but DANG IT, why?
I have another hard drive I just installed Windows 7 on and none of the ASUS Motherboard Utilities works.
What a sham.
Another thing is, on the ATi forums, someone had similar issues and they ran a program called GACview or something and it showed all these registry or some kind of entries that he removed and claims he's up and running.I have similar entries but not the same and don't know if I should try it.
-
Hello all.
I have a home built that has given me very little problems until now.
A few weeks ago, Windows Update popped up in the task bar notifying me of updates.I almost always choose custom and saw the ATi 3800 series in the results so I added that to the update list to install.
Ever since then the monitor will go black and reboot while the computer stays running or the computer will reboot.This happens when doing photo editing and certain downloads.It rebooted while doing a search for a file in the computer yet I can copy media.
So, some things cause the computer to reboot and some cause the monitor to go black and restart.
A week or so later I was getting pop ups from Avast saying my version was about to expire.A few days later I decided to look at it closer and decided to purchase a special they had going to cover three computers for x amount of dollars.All hell broke loose then.The computer reboots all on it's own.Removed Avast and downloaded AVG 2011 and at first it seemed OK but then I tried some photo editing and a download and the same thing happens.Computer will freeze up then reboot.
It went downhill from there.At one point I had the BSOD flashing by real fast at every reboot.Finally I went SAFE Mode and ended up uninstalling display driver from device manager.
Loaded the Radeon/Catalyst install disc, installed driver then tried to install the latest ATi update labeled: AMD Catalyst Accelerated Parallel Processing Technology Edition 49 Mb
While installing components, I get a pop up that says, Application Install: install package failure!
Posted at the ATi Forum but I get no replies.I am without antivirus because the computer will not function, it just reboots with it installed and operating and I have to be careful what I do or the thing will freeze and reboot.
What am I doing wrong?
Why is this so difficult?
Why does two of the new Anti Virus's cause this thing to shut down and reboot?
ASUS P5E3 Deluxe, E6850 Core 2 Duo, Corsair RAM, SATA Seagate HD 500Gb and this ATi Radeon HD 3850 GPU
Thanks in advance for any helpful replies
Redog
ScorpionSaver reinstalls after removal
in Malware Removal
Posted
Ran adwcleaner then malwarebytes quickscan. After adw was run agv popped up with threat. Repaired.
1st adw log
# AdwCleaner v3.014 - Report created 04/12/2013 at 04:49:36
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Redog
# Running from : D:\Libraries\Documents\Programs 2011\ScorpionSaver 12 2013\Malware Removal 12 2013 a\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : Level Quality Watcher
***** [ Files / Folders ] *****
File Found : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
File Found : C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\Extensions\[email protected]
File Found : C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\user.js
File Found : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Found : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi
Folder Found : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Folder Found : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Folder Found : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg
Folder Found C:\Program Files (x86)\BitTorrentBar
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\ConduitEngine
Folder Found C:\Program Files\Level Quality Watcher
Folder Found C:\ProgramData\eSafe
Folder Found C:\Users\Redog\AppData\Local\Conduit
Folder Found C:\Users\Redog\AppData\LocalLow\BitTorrentBar
Folder Found C:\Users\Redog\AppData\LocalLow\Conduit
Folder Found C:\Users\Redog\AppData\LocalLow\ConduitEngine
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\BitTorrentBar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\AVG SafeGuard toolbar
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\Software\BitTorrentBar
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{32804100-B238-45F4-B15E-C5A2F2F7400B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{233A9741-5665-421D-AA63-B562DD12F7A0}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5ADE7C88-4DF7-4F3B-8482-5BE3C7DE6924}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB9E5B6-66DB-44D6-9F79-2EF9A9ACF2B4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_anydvd-hd_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_anydvd-hd_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{32804100-B238-45F4-B15E-C5A2F2F7400B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentBar Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v25.0.1 (en-US)
[ File : C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\prefs.js ]
Line Found : user_pref("extensions.dynconff.cache.www.dosearches.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"_1520_1524_1521\"><content id=\"MB_P1\">\r\n <newjs>\r\n <![CDATA[\r\n\r\n (function () [...]
Line Found : user_pref("extensions.dynconff.cache.www.dosearches.com.expires", "1384182198922");
-\\ Google Chrome v
[ File : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : homepage
Found : search_url
Found : keyword
Found : urls_to_restore_on_startup
Found : homepage
Found : search_url
Found : urls_to_restore_on_startup
Found : homepage
Found : search_url
Found : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [10568 octets] - [04/12/2013 04:49:36]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [10629 octets] ##########
2nd adw log (after clean?)
# AdwCleaner v3.014 - Report created 04/12/2013 at 04:52:29
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Redog
# Running from : D:\Libraries\Documents\Programs 2011\ScorpionSaver 12 2013\Malware Removal 12 2013 a\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : Level Quality Watcher
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\BitTorrentBar
Folder Deleted : C:\Program Files\Level Quality Watcher
Folder Deleted : C:\Users\Redog\AppData\Local\Conduit
Folder Deleted : C:\Users\Redog\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Redog\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Redog\AppData\LocalLow\BitTorrentBar
Folder Deleted : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi
Folder Deleted : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg
Folder Deleted : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
[!] Folder Deleted : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
File Deleted : C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\Extensions\[email protected]
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
File Deleted : C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\user.js
File Deleted : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_anydvd-hd_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_anydvd-hd_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32804100-B238-45F4-B15E-C5A2F2F7400B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{32804100-B238-45F4-B15E-C5A2F2F7400B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{233A9741-5665-421D-AA63-B562DD12F7A0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5ADE7C88-4DF7-4F3B-8482-5BE3C7DE6924}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB9E5B6-66DB-44D6-9F79-2EF9A9ACF2B4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\BitTorrentBar
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\BitTorrentBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentBar Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]
-\\ Mozilla Firefox v25.0.1 (en-US)
[ File : C:\Users\Redog\AppData\Roaming\Mozilla\Firefox\Profiles\ovc4b2qd.default\prefs.js ]
Line Deleted : user_pref("extensions.dynconff.cache.www.dosearches.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"_1520_1524_1521\"><content id=\"MB_P1\">\r\n <newjs>\r\n <![CDATA[\r\n\r\n (function () [...]
Line Deleted : user_pref("extensions.dynconff.cache.www.dosearches.com.expires", "1384182198922");
-\\ Google Chrome v
[ File : C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : homepage
Deleted : search_url
Deleted : keyword
Deleted : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [10750 octets] - [04/12/2013 04:49:36]
AdwCleaner[s0].txt - [8761 octets] - [04/12/2013 04:52:29]
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [8821 octets] ##########
Malwarebytes log
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.12.03.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Redog :: [administrator]
12/4/2013 4:59:10 AM
MBAM-log-2013-12-04 (05-09-11).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 261532
Time elapsed: 6 minute(s), 12 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\Redog\LOCALS~1\Temp\msnyfoeu.com -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\Redog\LOCALS~1\Temp\msnyfoeu.com -> No action taken.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 1
C:\Users\Redog\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg (PUP.Optional.ScorpionSaver) -> No action taken.
Files Detected: 0
(No malicious items detected)
(end)