wolfenstein return to castle android downloadwindows live messenger free download for win7windows 7 professional 32 64 bit upgrade downloadsiteminder sso download
FF - : CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA:6.0.29
2012/09/09 19:22:43 000, 001, 269 - C - C: Users Owner Application Data Microsoft Internet Explorer Quick Launch Auslogics
2012/09/01 08:17:45 000, 002, 005 - C - C: Users Owner AppData Roaming Microsoft Windows Start Menu Programs Update
2012/06/09 01:43:10 014, 172, 672 - M Microsoft Corporation
2012/06/09 00:41:00 012, 873, 728 - M Microsoft Corporation
2009/07/13 21:40:51 000, 909, 312 - M Microsoft Corporation
2010/11/20 08:19:02 000, 606, 208 - M Microsoft Corporation
2009/07/13 21:41:56 000, 505, 856 - M Microsoft Corporation
2010/07/04 18:01:10 000, 000, 000 -D M - - C: Users Owner AppData Roaming DVDVideoSoftIEHelpers
2012/08/29 17:40:12 000, 000, 000 -D M - - C: Users Owner AppData Roaming YourFileDownloader
Hi roachklip, thank you for visiting Geeks to Go. My name is blmadara and I is going to be helping you with the problems. Please be patient with me at night as I am still in training and my responses will need to be reviewed by a specialist before I can post them.
I d love to go over some things that may help both of us.
Read every one of my posts entirely before performing my instructions. It would be helpful when you printed my instructions so you're able to read and appearance the steps since you perform them.
Follow the steps exactly within the order posted.
Please don t be worried to ask questions. If you don t understand something, tell me before continuing.
If you'll be able to t execute a certain step, otherwise you re unsure as to what to do, please stop and inform me.
It is critical that you stay with me at night until the end and we all make sure that we have now removed every one of the bad stuff.
Please don t attach any logs for your posts unless I request it. It is easier for me in the event you copy and paste the logs for your reply.
Finally, never fix anything using other programs yourself. This can hinder my power to see what is wrong using your computer and produce it harder to wash your computer.
Double select the icon running it. Make sure all the windows are closed and also to let it run uninterrupted.
Under the Custom Scans/Fixes box towards the bottom, paste within the following
netsvcs /md5start services. /md5stop ;true;true;true/fp C: Windows assembly tmp U. /s HKEYLOCALMACHINE SYSTEM CurrentControlSet services BITS/s %Temp% smtmp 1. %Temp% smtmp 2. %Temp% smtmp 3. %Temp% smtmp 4. echo list vol/raw/hide/c/wait diskpart/s/raw/hide/c/wait type/c/wait erase/hide/c/wait erase/hide/c CREATERESTOREPOINT
Please find the Scan All Users checkbox.
Let this program run unhindered, until it can be done
Post the log it creates in the next reply.
When asked should you want to download Avast s virus definitions please select, No.
When the scan ends click Save Log and save it in your desktop.
Post the log as part of your next reply.
Please make me aware what problems you happen to be having with the computer.
2. The log that is generated by
3. Let me know what problems you happen to be having with yout computer.
OTL by OldTimer - Version 3.2.69.0 Folder C: Users Owner Desktop
64bit- Home Premium Edition Service Pack 1 Version 6.1.7601 - Type NTWorkstation
Internet Explorer Version 9.0.8112.16421
7.97 Gb Total Physical Memory 4.72 Gb Available Physical Memory 59.26% Memory free
15.93 Gb Paging File 12.33 Gb Available in Paging File 77.37% Paging File free
Drive C: 916.82 Gb Total Space 556.45 Gb Free Space 60.69% Space Free Partition Type: NTFS
Drive M: 2794.51 Gb Total Space 2010.39 Gb Free Space 71.94% Space Free Partition Type: NTFS
Computer Name: OWNER-PC User Name: Owner Logged in as Administrator.
PRC - 2012/09/21 15:14:12 001, 807, 280 - M Adobe Systems, Inc. - -
PRC - 2012/09/12 05:40:19 000, 917, 984 - M Mozilla Corporation - - C: Program Files x86 Mozilla
PRC - 2012/09/07 17:04:46 000, 676, 936 - M Malwarebytes Corporation - - C: Program Files x86 Malwarebytes
PRC - 2012/09/07 17:04:46 000, 399, 432 - M Malwarebytes Corporation - - C: Program Files x86 Malwarebytes
PRC - 2012/09/07 17:04:44 000, 766, 536 - M Malwarebytes Corporation - - C: Program Files x86 Malwarebytes
PRC - 2012/08/29 10:13:29 000, 595, 144 - M Murray Hurps Software Pty Ltd - - C: Program Files x86 Ad
PRC - 2012/08/28 17:02:50 002, 214, 280 - M Auslogics - - C: Program Files x86 Auslogics Auslogics
DRV: 64bit: - 2010/09/23 00:36:48 000, 048, 488 - M Microsoft Corporation Kernel OnDemand Stopped - - - - fssfltr
DRV: 64bit: - 2009/10/24 01:49:46 001, 542, 656 - M Atheros Communications, Inc. Kernel OnDemand Running - - - - athr
DRV: 64bit: - 2009/07/13 21:45:55 000, 024, 656 - M Promise Technology Kernel OnDemand Stopped - - - - stexstor
DRV: 64bit: - 2009/07/13 20:09:50 000, 019, 968 - M Microsoft Corporation Kernel OnDemand Stopped - - - - usbrndisx
DRV: 64bit: - 2009/06/10 16:34:33 003, 286, 016 - M Broadcom Corporation Kernel OnDemand Stopped - - - - ebdrv
DRV: 64bit: - 2009/06/10 16:34:28 000, 468, 480 - M Broadcom Corporation Kernel OnDemand Stopped - - - - b06bdrv
DRV: 64bit: - 2009/06/10 16:34:23 000, 270, 848 - M Broadcom Corporation Kernel OnDemand Stopped - - - - b57nd60a
DRV: 64bit: - 2009/06/10 16:31:59 000, 031, 232 - M Hauppauge Computer Works, Inc. Kernel OnDemand Stopped - - - - hcw85cir
DRV: 64bit: - 2009/05/26 08:13:10 000, 138, 752 - M Intel Corporation Kernel OnDemand Running - - - - IntcHdmiAddService
DRV: 64bit: - 2009/05/18 14:17:08 000, 034, 152 - M GEAR Software Inc. Kernel OnDemand Running - - - - GEARAspiWDM
DRV: 64bit: - 2008/07/29 05:47:00 001, 075, 712 - M Atheros Communications, Inc. Kernel OnDemand Stopped - - - - athrusb
DRV: 64bit: - 2008/05/15 02:28:00 000, 026, 624 - M Atheros Communications, Inc. Kernel System Running - - - - JSWPSLWF
DRV: 64bit: - 2007/01/19 18:24:24 000, 025, 312 - M Windows Codename Longhorn DDK provider Kernel Boot Running - - - - SCMNdisP
DRV - 2009/07/13 21:19:10 000, 019, 008 - M Microsoft Corporation FileSystem OnDemand Stopped - - - - WIMMount
IE: 64bit: - HKLM. SearchScopes, DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A
IE - HKLM SOFTWARE Microsoft Internet Explorer Main, Local Page
IE - HKLM. SearchScopes, DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A
IE - HKCU. SearchScopes, DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A
FF - : SkipScreenSkipScreen:0.6.4
FF - : B042753D-F57E-4e8e-A01B-7379A6D4CEFB:1.25
FF - : SkipScreenSkipScreen:0.6.1.2
FF - : 635abd67-4fe9-1b23-4f01-e679fa7484c1:2.1.3.20100310105313
FF - : CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA:6.0.20
FF - : ACAA314B-EEBA-48e4-AD47-84E31C44796C:1.0.1
FF - : CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA:6.0.21
FF - : CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA:6.0.22
FF - : 195A3098-0BD5-4e90-AE22-BA1C540AFD1E:3.0.1
FF - : CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA:6.0.23
FF - : CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA:6.0.24
FF - : CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA:6.0.26
FF - : ABDE892B-13A8-4d1b-88E6-365A6E755758:14.0.3
FF - : CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA:6.0.29
FF: 64bit: - /DivX VOD Helper, version1.0.0: C: Program Files DivX DivX OVS DivX, LLC.
FF: 64bit: - /NpCtrl, version1.0: c: Program Files Microsoft Microsoft Corporation
FF: 64bit: - /OfficeAuthz, version14.0: Microsoft Corporation
FF - /iTunes, version: File not found
FF - /iTunes, version1.0: C: Program Files x86 iTunes Mozilla
FF - /DivX Browser Plugin, version1.0.0: C: Program Files x86 DivX DivX Plus Web DivX, LLC
FF - /DivX VOD Helper, version1.0.0: C: Program Files x86 DivX DivX OVS DivX, LLC.
FF - /DTPlugin, version10.7.2: Oracle Corporation
FF - /JavaPlugin, version10.7.2: C: Program Files Oracle Corporation
FF - /YahooMessengerStatePlugin;version1.0.0.6: C: Program Files Yahoo Inc.
FF - /NpCtrl, version1.0: c: Program Files x86 Microsoft Microsoft Corporation
FF - /OfficeAuthz, version14.0: Microsoft Corporation
FF - /SharePoint, version14.0: Microsoft Corporation
FF - /WLPG, version15.4.3502.0922: C: Program Files x86 Windows Live Photo Microsoft Corporation
FF - /WLPG, version15.4.3508.1109: C: Program Files x86 Windows Live Photo Microsoft Corporation
FF - /nprpchromebrowserrecordext;version15.0.4.53: RealNetworks, Inc.
FF - /nprphtml5videoshim;version15.0.4.53: RealNetworks, Inc.
FF - /Google Update;version3: C: Program Files Google Inc.
FF - /Google Update;version9: C: Program Files Google Inc.
FF - /vbp;version0.9.17: C: Program Files Veetle Inc
FF - /veetleCorePlugin, version0.9.17: C: Program Files Veetle Inc
FF - /veetlePlayerPlugin, version0.9.17: C: Program Files Veetle Inc
FF - HKLM Software MozillaPlugins Adobe Reader: C: Program Files x86 Adobe Reader Adobe Systems Inc.
O17 - HKLM System CCS Services Tcpip Parameters Interfaces 081B0E74-3E2F-4B25-80B4-0635BD5A76D3: DhcpNameServer 192.168.1.254
O17 - HKLM System CCS Services Tcpip Parameters Interfaces F75A2444-E552-41D4-9D00-80A326784665: DhcpNameServer 192.168.1.254
O18 - Protocol Handler cozi 5356518D-FE9C-4E08-9C1F-1E872ECD367F - c: Program Files x86 Cozi Cozi Group, Inc.
O21: 64bit: - SSODL: WebCheck - E6FB5E20-DE35-11CF-9C87-00AA005127ED - No CLSID value found.
O21 - SSODL: WebCheck - E6FB5E20-DE35-11CF-9C87-00AA005127ED - No CLSID value found.
O32 - AutoRun File - 2012/01/21 19:18:57 000, 000, 000 -D M - M: autocallrecorder - - NTFS
O38 - SubSystems Windows: ServerDllwinsrv:UserServerDllInitialization, 3
O38 - SubSystems Windows: ServerDllwinsrv:ConServerDllInitialization, 2
O38 - SubSystems Windows: ServerDllsxssrv, 4
2012/09/20 18:51:52 000, 181, 064 - C Sysinternals - -
2012/09/09 19:22:43 000, 000, 000 -D C - - C: ProgramData Microsoft Windows Start Menu Programs Auslogics
2012/09/01 08:17:45 000, 000, 000 -D C - - C: Program Files
2012/09/01 08:08:17 000, 246, 760 - C Oracle Corporation - -
2012/09/01 08:08:12 000, 174, 056 - C Oracle Corporation - -
2012/09/01 08:08:12 000, 174, 056 - C Oracle Corporation - -
2012/09/01 08:08:12 000, 095, 208 - C Oracle Corporation - -
2012/08/29 17:40:12 000, 000, 000 -D C - - C: Users Owner AppData Roaming YourFileDownloader
2012/08/29 17:40:12 000, 000, 000 -D C - - C: Program Files x86 YourFileDownloader
2012/08/29 10:13:29 000, 000, 000 -D C - - C: ProgramData Microsoft Windows Start Menu Programs Ad Muncher
2012/08/27 09:54:19 000, 000, 000 -D C - - C: Users Owner Desktop Ray The Science of Success
2012/08/27 09:51:20 000, 000, 000 -D C - - C: Users Owner Desktop AwakenedMindSystem
2012/08/23 16:05:08 000, 000, 000 R-D C - - C: ProgramData Microsoft Windows Start Menu Programs Dell Support Center
2012/08/23 16:05:08 000, 000, 000 -D C - - C: ProgramData PC-Doctor for Windows
2012/08/15 03:03:16 000, 096, 768 - C Microsoft Corporation - -
2012/08/15 03:03:16 000, 073, 216 - C Microsoft Corporation - -
2012/08/15 03:03:15 000, 237, 056 - C Microsoft Corporation - -
2012/08/15 03:03:15 000, 231, 936 - C Microsoft Corporation - -
2012/08/15 03:03:15 000, 176, 640 - C Microsoft Corporation - -
2012/08/15 03:03:14 002, 312, 704 - C Microsoft Corporation - -
2012/08/15 03:03:14 001, 494, 528 - C Microsoft Corporation - -
2012/08/15 03:03:14 001, 427, 968 - C Microsoft Corporation - -
2012/08/15 03:03:14 000, 248, 320 - C Microsoft Corporation - -
2012/08/15 03:03:14 000, 173, 056 - C Microsoft Corporation - -
2012/08/15 03:03:14 000, 142, 848 - C Microsoft Corporation - -
2012/08/15 03:03:13 000, 816, 640 - C Microsoft Corporation - -
2012/08/15 03:03:13 000, 717, 824 - C Microsoft Corporation - -
2012/08/14 23:40:00 000, 751, 104 - C Microsoft Corporation - -
2012/08/14 23:40:00 000, 492, 032 - C Microsoft Corporation - -
2012/08/14 23:40:00 000, 067, 072 - C Microsoft Corporation - -
2012/08/14 23:39:57 000, 503, 808 - C Microsoft Corporation - -
2012/08/14 23:39:57 000, 073, 216 - C Microsoft Corporation - -
2012/08/14 23:39:57 000, 059, 392 - C Microsoft Corporation - -
2012/08/14 23:39:56 000, 956, 928 - C Microsoft Corporation - -
2012/08/14 23:39:56 000, 041, 984 - C Microsoft Corporation - -
2009/07/13 21:39:46 000, 027, 136 - M Microsoft Corporation MD5C78655BC80301D76ED4FEF1C1EA40A7D - -
2010/11/20 08:17:48 000, 026, 624 - M Microsoft Corporation MD561AC3EFDFACFDD3F0F11DD4FD4044223 - -
2010/11/20 08:17:48 000, 026, 624 - M Microsoft Corporation MD561AC3EFDFACFDD3F0F11DD4FD4044223 - -
2010/11/20 09:25:24 000, 030, 720 - M Microsoft Corporation MD5BAFE84E637BF7388C96EF48D4D3FDD53 - -
2010/11/20 09:25:24 000, 030, 720 - M Microsoft Corporation MD5BAFE84E637BF7388C96EF48D4D3FDD53 - -
2010/11/20 09:25:30 000, 390, 656 - M Microsoft Corporation MD51151B1BAA6F350B1DB6598E0FEA7C457 - -
2010/11/20 09:25:30 000, 390, 656 - M Microsoft Corporation MD51151B1BAA6F350B1DB6598E0FEA7C457 - -
2012/09/07 17:04:42 000, 218, 696 - M MD54E0D8C9F83B7FD82393F7D8CCC27E7AE - - C: Program Files x86 Malwarebytes
2012/04/16 20:23:47 000, 000, 830 - C - C: Windows Tasks Adobe Flash Player
DisplayName,-1000
ImagePath -k netsvcs - - 2009/07/13 21:14:41 000, 020, 992 - M Microsoft Corporation
Description,-1001
Library - 2010/11/20 08:18:07 000, 019, 456 - M Microsoft Corporation
Microsoft DiskPart version 6.1.7601
Copyright 1999-2008 Microsoft Corporation.
OTL by OldTimer - Version 3.2.69.0 Folder C: Users Owner Desktop
64bit- Home Premium Edition Service Pack 1 Version 6.1.7601 - Type NTWorkstation
Internet Explorer Version 9.0.8112.16421
7.97 Gb Total Physical Memory 4.72 Gb Available Physical Memory 59.26% Memory free
15.93 Gb Paging File 12.33 Gb Available in Paging File 77.37% Paging File free
Drive C: 916.82 Gb Total Space 556.45 Gb Free Space 60.69% Space Free Partition Type: NTFS
Drive M: 2794.51 Gb Total Space 2010.39 Gb Free Space 71.94% Space Free Partition Type: NTFS
Computer Name: OWNER-PC User Name: Owner Logged in as Administrator.
Reg Error: Key error. File not found
cplfile - - Microsoft - - Reg Error: Key error. File not found
helpfile open - - Reg Error: Key error.
htmlfile edit - - Reg Error: Key error.
htmlfile print - -, PrintHTML %1
http open - - Reg Error: Key error.
https open - - Reg Error: Key error.
InternetShortcut open - - , OpenURL %l Microsoft Corporation
InternetShortcut print - - , PrintHTML %1 Microsoft Corporation
regfile merge - - Reg Error: Key error.
scrfile install - -, InstallScreenSaver %l
txtfile edit - - Reg Error: Key error.
Unknown openas - -, OpenAsRunDLL %1
Directory MediaMonkey.1Play - - %1 Ventis Media Inc.
Directory MediaMonkey.2PlayNext - - /NEXT %1 Ventis Media Inc.
Directory MediaMonkey.3Enqueue - - /ADD %1 Ventis Media Inc.
Directory - - C: Program Files /BOOKMARK %1 Nullsoft, Inc.
Directory - - C: Program Files /ADD %1 Nullsoft, Inc.
Directory - - C: Program Files %1 Nullsoft, Inc.
Folder explore - - Reg Error: Value error.
cplfile cplopen - - %1, % Microsoft Corporation
helpfile open - - Reg Error: Key error.
htmlfile edit - - Reg Error: Key error.
htmlfile print - -, PrintHTML %1
http open - - Reg Error: Key error.
https open - - Reg Error: Key error.
regfile merge - - Reg Error: Key error.
scrfile install - -, InstallScreenSaver %l
txtfile edit - - Reg Error: Key error.
Unknown openas - -, OpenAsRunDLL %1
Directory MediaMonkey.1Play - - %1 Ventis Media Inc.
Directory MediaMonkey.2PlayNext - - /NEXT %1 Ventis Media Inc.
Directory MediaMonkey.3Enqueue - - /ADD %1 Ventis Media Inc.
Directory - - C: Program Files /BOOKMARK %1 Nullsoft, Inc.
Directory - - C: Program Files /ADD %1 Nullsoft, Inc.
Directory - - C: Program Files %1 Nullsoft, Inc.
Folder explore - - Reg Error: Value error.
2969E914-39F3-4A5C-83E3-980F3B25679E lportrpc-epmap protocol6 dirin svcrpcss,-28539
397D1DDC-9DBF-445C-AF30-1342647A6200 lport26675 protocol6 dirin,-4006
C6302C20-DF78-4728-BC22-8CADD910A48E lport26675 protocol6 dirin,-4006
03E3A2B1-EA62-4641-9A85-FBCCEA0FCA10 protocol58 dirin,-28545
76EB38F8-E3C5-4728-8CFE-160CB01412AE protocol1 dirout,-28544
9036CC0C-AE6B-470E-8B6C-46DEB21169A5 protocol1 dirin,-28543
9177F957-3AAF-4210-BE03-34EA96F0F3C4 protocol58 dirout,-28546
4B6C7001-C7D6-3710-913E-5BC23FCE91E6 Microsoft Visual C 2008 Redistributable - x64 9.0.30729.4148
5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4 Microsoft Visual C 2008 Redistributable - x64 9.0.30729.6161
8338783A-0968-3B85-AFC7-BAAE0A63DC50 Microsoft Visual C 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
49CF605F02C7954F4E139D18828DE298CD59217C Windows Driver Package - Garmin grmnusb GARMIN Devices 06/03/2009 2.3.0.0
WinRAR archiver WinRAR 4.00 64-bit
1111706F-666A-4037-7777-211328764D10 JavaFX 2.1.1
1F1C2DFC-2D24-3E06-BCB8-725134ADF989 Microsoft Visual C 2008 Redistributable - x86 9.0.30729.4148
770657D0-A123-3C07-8E44-1C83EC895118 Microsoft Visual C 2005 ATL Update kb973923 - x86 8.0.50727.4053
86CE85E6-DBAC-3FFD-B977-E4B79F83C909 Microsoft Visual C 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
933B4015-4618-4716-A828-5289FC03165F VC80CRTRedist - 8.0.50727.6195
9BE518E6-ECC6-35A9-88E4-87755C07200F Microsoft Visual C 2008 Redistributable - x86 9.0.30729.6161
AC76BA86-7AD7-1033-7B44-A95000000001 Adobe Reader 9.5.2
E633D396-5188-4E9D-8F6B-BFB8BF3467E8 Skype 5.0
Ad Muncher Ad Muncher v4.93.33707
Adobe Photoshop 7.0 Adobe Photoshop 7.0
Exact Audio Copy Exact Audio Copy 1.0beta3
ffdshowis1 ffdshow v1.1.3516 2010-07-25
Free Studiois1 Free Studio version 4.7
GoToAssist GoToAssist 8.0.0.514
GrabItis1 GrabIt 1.7.2 Beta 4 build 997
Hauppauge TV Tuner Diagnostics Hauppauge TV Tuner Diagnostics 1.2.7076
Malwarebytes Anti-Malwareis1 Malwarebytes Anti-Malware version 1.65.0.1400
MediaMonkeyis1 MediaMonkey 4.0
Mozilla Firefox 16.0 x86 en-US Mozilla Firefox 16.0 x86 en-US
Uninstallis1 Uninstall 1.0.0.1
Windows 7 - Codec Pack Windows 7 Codec Pack 2.6.1
Xvid Video Codec 1.3.1 Xvid Video Codec
in manifest or policy file on the web. A component
active. Conflicting components are:. Component 1:
in manifest or policy file on the internet. A component
active. Conflicting components are:. Component 1:
in manifest or policy file on the internet. A component
active. Conflicting components are:. Component 1:
in manifest or policy file on-line. A component
active. Conflicting components are:. Component 1:
in manifest or policy file on the web. A component
active. Conflicting components are:. Component 1:
in manifest or policy file on the web. A component
active. Conflicting components are:. Component 1:
in manifest or policy file on the web. A component
active. Conflicting components are:. Component 1:
in manifest or policy file online. A component
active. Conflicting components are:. Component 1:
in manifest or policy file online. A component
active. Conflicting components are:. Component 1:
in manifest or policy file on the internet. A component
active. Conflicting components are:. Component 1:
was closed: Could not establish trust relationship with the SSL/TLS secure channel.
was closed: Could not establish trust relationship for your SSL/TLS secure channel.
was closed: Could not establish trust relationship for your SSL/TLS secure channel.
was closed: Could not establish trust relationship for your SSL/TLS secure channel.
was closed: Could not establish trust relationship with the SSL/TLS secure channel.
Description The driver detected a controller error on Device Harddisk1 DR1.
Description The driver detected a controller error on Device Harddisk1 DR1.
Description The driver detected a controller error on Device Harddisk1 DR1.
Description The driver detected a controller error on Device Harddisk1 DR1.
Description The driver detected a controller error on Device Harddisk4 DR4.
Description The driver detected a controller error on Device Harddisk1 DR1.
Description The driver detected a controller error on Device Harddisk1 DR1.
Description The driver detected a controller error on Device Harddisk1 DR1.
Description The following fatal alert was received: 48.
Description The following fatal alert was received: 48.
aswMBR version 0.9.9.1665 Copyright 2011 AVAST Software
07:57:15.547 OS Version: Windows x64 6.1.7601 Service Pack 1
07:57:15.547 Number of processors: 2 586 0x170A
07:57:15.548 ComputerName: OWNER-PC UserName: Owner
07:57:20.499 Initialize success
08:01:42.900 Disk 0 Vendor: ST310005 CC45 Size: 953869MB BusType: 3
08:01:42.913 Disk 0 MBR read successfully
08:01:42.919 Disk 0 Windows VISTA default MBR code
08:01:42.923 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
08:01:42.932 Disk 0 Partition 2 80 A 07 HPFS/NTFS NTFS 15000 MB offset 81920
08:01:42.947 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 938828 MB offset 30801920
08:01:42.970 Disk 0 scanning C: Windows system32 drivers
08:01:51.205 Service scanning
08:02:06.121 Modules scanning
08:02:06.131 Disk 0 trace - called modules:
08:02:06.160 1 nt IofCallDriver - Device Harddisk0 DR00xfffffa8007ce1760
08:02:06.167 3 fffff8800181743f - nt IofCallDriver - Device Ide IAAStorageDevice-20xfffffa8007759050
08:02:06.175 Scan finished successfully
08:04:18.906 Disk 0 MBR may be saved successfully to
08:04:18.913 The log file may be saved successfully to
i haven t seen that popup lately therefore i m guessing things are all ok.
The steps that I am gonna suggest involve modifying the registry. Modifying the registry may be dangerous and we all will make a backup with the registry first.
Modification from the registry could be extremely dangerous in case you do not accurately what that you are doing so stick to the steps which might be listed below exactly. If you cannot carry out some of these steps or when you have questions please ask before proceeding.
ERUNT Emergency Recovery Utility NT is really a free program that lets you keep a complete backup of your respective registry and restore it if needed.
use the default install settings but decline to the portion that requires add ERUNT to your start-up folder, in the event you like you are able to enable this method later
the default location is C: WINDOWS ERDNT which can be acceptable.
You are choosing peer-to-peer programs, specifically BitComet.
These are optional removals. However, anytime you happen to be running just about any peer-to-peer application, you happen to be more prone to infection by malware, this also is probably how we became infected within the first place. The choice to take them off is entirely your responsibility, but I would strongly recommend that you simply do.
If you don't want to eliminate them, please a minimum of refrain from using any peer-to-peer programs to the remainder of my fix.
In Control Panel, select Programs and Features.
Select the subsequent programs one by one and click Uninstall.
On reboot a log will probably be produced please attach that.
Note: If you might have Malwarebytes 1.6 or better installed please disable it for your duration of this fix as it can certainly interfere together with the successfully execution in the script below. If it still hangs then please uninstall MalwareBytes and run this fix again.
Under the Custom Scans/Fixes box in the bottom, paste from the following
OTL IE - HKLM. SearchScopes 9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69: URL searchTerms IE - HKCU SOFTWARE Microsoft Internet Explorer Main, Start Page Restore IE - HKCU. SearchScopes 9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69: URL searchTerms FF - : :1.2 2011/03/28 13:40:40 000, 000, 000 -D M Search Toolbar - - 2010/04/12 14:01:54 000, 002, 476 - M - - 2011/04/18 19:26:06 000, 001, 919 - M - - 2010/04/12 14:01:54 000, 002, 476 - M - - C: Program Files x86 mozilla O3:64bit: - HKLM. Toolbar: no name - Locked - No CLSID value found. O3 - HKLM. Toolbar: no name - Locked - No CLSID value found. 2012/08/29 17:40:12 000, 000, 000 -D C - C: Users Owner AppData Roaming YourFileDownloader 2012/08/29 17:40:12 000, 000, 000 -D C - C: Program Files x86 YourFileDownloader 1 files - - 2012/08/09 17:46:21 001, 075, 733 - M - - :Files ipconfig/flushdns/c:Commands purity resethosts emptytemp
Let this system run unhindered, reboot the PC when it's done
Open OTL again and then click the Quick Scan button. Post the log it creates in the following reply.
1. Attach the log from AdwCleaner.
OTL by OldTimer - Version 3.2.69.0 Folder C: Users Owner Desktop
64bit- Home Premium Edition Service Pack 1 Version 6.1.7601 - Type NTWorkstation
Internet Explorer Version 9.0.8112.16421
7.97 Gb Total Physical Memory 6.31 Gb Available Physical Memory 79.24% Memory free
15.93 Gb Paging File 13.72 Gb Available in Paging File 86.15% Paging File free
Drive C: 916.82 Gb Total Space 555.93 Gb Free Space 60.64% Space Free Partition Type: NTFS
Unable to calculate disk information.
Drive M: 2794.51 Gb Total Space 2010.39 Gb Free Space 71.94% Space Free Partition Type: NTFS
Computer Name: OWNER-PC User Name: Owner Logged in as Administrator.
PRC - 2012/09/07 17:04:46 000, 399, 432 - M Malwarebytes Corporation - - C: Program Files x86 Malwarebytes
PRC - 2012/08/29 10:13:29 000, 595, 144 - M Murray Hurps Software Pty Ltd - - C: Program Files x86 Ad
PRC - 2012/08/28 17:02:50 002, 214, 280 - M Auslogics - - C: Program Files x86 Auslogics Auslogics
PRC - 2012/03/30 14:41:46 000, 151, 656 - M Microsoft Corp. - - C: Program Files
PRC - 2012/02/01 13:36:38 022, 140, 304 - M magicJack - -
PRC - 2011/02/25 10:46:22 000, 249, 648 - M Microsoft Corporation - - C: Program Files
PRC - 2010/03/30 15:13:06 000, 389, 120 R- M Teleca - - C: Program Files x86 HTC HTC
PRC - 2010/03/17 16:22:52 001, 019, 904 R- M Teleca Sweden AB - - C: Program Files x86 HTC HTC Sync Mobile Phone
PRC - 2010/03/17 16:08:22 000, 253, 952 R- M TODO: Company name - C: Program Files x86 HTC HTC Sync Mobile Phone
PRC - 2010/03/17 16:08:04 000, 462, 848 R- M Teleca AB - - C: Program Files x86 HTC HTC Sync Mobile Phone
PRC - 2010/02/09 13:34:00 001, 807, 680 - M - C: Program Files x86 Dell DataSafe
PRC - 2009/12/11 15:50:34 000, 557, 056 R- M Teleca AB - - C: Program Files x86 Common Files Teleca
PRC - 2009/11/19 17:19:48 000, 598, 016 R- M Teleca Sweden AB - - C: Program Files x86 HTC HTC Sync Application Launcher Application
PRC - 2009/10/14 13:36:56 002, 793, 304 - M - C: Program Files Logitech Logitech WebCam
PRC - 2009/10/14 13:34:18 000, 560, 472 - M - C: Program Files x86 Common
PRC - 2009/10/07 01:47:22 000, 125, 464 - M Logitech Inc. - - C: Program Files x86 Common
PRC - 2009/06/09 12:11:14 000, 155, 648 - M Stardock Corporation - - C: Program
PRC - 2009/06/04 21:03:32 000, 186, 904 - M Intel Corporation - - C: Program Files x86 Intel Intel Matrix Storage
PRC - 2009/06/04 21:03:06 000, 354, 840 - M Intel Corporation - - C: Program Files x86 Intel Intel Matrix Storage
PRC - 2009/06/03 10:25:16 000, 106, 496 R- M Popwire AB - - C: Program Files x86 Common Files Teleca
PRC - 2009/04/14 13:14:26 000, 139, 264 - M Teleca Sweden AB - - C: Program Files x86 Common Files Teleca
PRC - 2009/01/26 15:31:10 001, 153, 368 - M Safer Networking Ltd. - - C: Program Files x86 Spybot - Search
PRC - 2008/11/09 16:48:14 000, 602, 392 - M Yahoo Inc. - - C: Program Files
PRC - 2006/12/19 10:30:26 000, 081, 920 - M Prolific Technology Inc. - -
MOD - 2011/07/28 19:09:42 000, 096, 112 - M - C: Program Files x86 DivX DivX
MOD - 2011/06/24 22:56:36 000, 087, 328 - M - C: Program Files x86 Common Files Apple Apple Application
SRV - 2010/11/20 13:21:26 000, 168, 960 - M Microsoft Corporation Auto Running - - - - LanmanServer
SRV - 2010/11/20 13:21:19 000, 328, 192 - M Microsoft Corporation Auto Running - - - - ShellHWDetection
SRV - 2010/11/20 13:21:05 000, 750, 592 - M Microsoft Corporation Auto Running - - - - Schedule
SRV - 2010/11/20 13:21:28 000, 242, 176 - M Microsoft Corporation OnDemand Stopped - - - - TapiSrv
SRV - 2009/07/14 02:16:16 000, 037, 376 - M Microsoft Corporation Auto Running - - - - Themes
SRV - 2012/05/01 05:44:12 000, 164, 352 - M Microsoft Corporation Auto Running - - - - ProfSvc
SRV - 2010/11/20 13:17:51 001, 025, 536 - M Microsoft Corporation OnDemand Stopped - - - - VSS
SRV - 2010/11/20 13:18:05 000, 473, 600 - M Microsoft Corporation Auto Running - - - - Audiosrv
SRV - 2010/11/20 13:18:05 000, 473, 600 - M Microsoft Corporation Auto Running - - - - AudioEndpointBuilder
SRV - 2010/11/20 13:21:06 000, 125, 952 - M Microsoft Corporation OnDemand Running - - - - SDRSVC
SRV - 2013/05/27 05:57:27 000, 680, 960 - M Microsoft Corporation Auto Running - - C: Program Files Windows - - WinDefend
SRV - 2010/11/20 13:21:35 001, 086, 976 - M Microsoft Corporation Auto Running - - - - eventlog
SRV - 2010/11/20 13:19:40 000, 566, 272 - M Microsoft Corporation Auto Running - - - - MpsSvc
SRV - 2010/11/20 13:21:35 000, 463, 360 - M Microsoft Corporation Auto Running - - - - StiSvc
SRV - 2010/11/20 13:17:22 000, 073, 216 - M Microsoft Corporation OnDemand Stopped - - - - msiserver
SRV - 2009/07/14 02:16:19 000, 168, 960 - M Microsoft Corporation Auto Running - - - - Winmgmt
SRV - 2012/06/02 23:19:17 001, 933, 848 - M Microsoft Corporation Auto Running - - - - wuauserv
SRV - 2010/11/20 13:18:34 000, 214, 016 - M Microsoft Corporation OnDemand Stopped - - - - dot3svc
SRV - 2009/07/14 02:16:19 000, 829, 440 - M Microsoft Corporation Auto Running - - - - Wlansvc
SRV - 2010/11/20 13:21:36 000, 084, 480 - M Microsoft Corporation Auto Running - - - - LanmanWorkstation
2013/10/31 11:53:12 000, 001, 002 - C - C: windows Tasks Adobe Flash Player
Le volume dans le lecteur C n a pas de nom.
2010/11/20 13:21:03 000, 376, 832 - M Microsoft Corporation MD57660F01D3B38ACA1747E397D21D790AF - -
2010/11/20 13:21:03 000, 376, 832 - M Microsoft Corporation MD57660F01D3B38ACA1747E397D21D790AF - -
2009/07/14 02:16:13 000, 376, 320 - M Microsoft Corporation MD5B82CD39E336973359D7C9BF911E8E84F - -
OTL ran in French right away, I hope that s no issue.
Warning This fix is merely relevant due to this system with out other, using on another computer could potentially cause problems
Be advised anytime the fix commences it'll shut down all running processes and you'll lose the desktop and icons, they are going to return on reboot
Under the Custom Scans/Fixes box in the bottom, paste from the following
Commands CREATERESTOREPOINT :OTL SRV - 2013/11/25 10:19:24 001, 735, 968 - M Conduit Disabled Stopped - - - CltMngSvc IE - HKCU SOFTWARE Microsoft Internet Explorer Main, Start Page 5B-43D190D0B8B4 IE - HKCU Software Microsoft Windows CurrentVersion Internet Settings: ProxyOverride FF - HKEYLOCALMACHINE software mozilla Firefox Extensions C7AE725D-FA5C-4027-BB4C-787EF9F8248A: C: Program Files RelevantKnowledge firefox O3 - HKLM. Toolbar: no name - Locked - No CLSID value found. O16 - DPF: CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA Java Plug-in 1.5.010 O16 - DPF: CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA Java Plug-in 1.6.014 O20 - AppInitDLLs: - Conduit 2012/07/23 19:31:08 000, 000, 000 -HSD M - C: Users Camille AppData Roaming. 2012/12/02 11:25:23 000, 000, 000 -D M - C: Users Camille AppData Roaming YourFileDownloader:Files c: program files yourfiledownloader c: program files relevantknowledge C: program files 1clickdownload C: users camille appdata local mediaget2 C: PROGRA1 SearchProtect:Reg HKEYLOCALMACHINE SYSTEM CurrentControlSet Services SharedAccess Parameters FirewallPolicy FirewallRules 10157ABC-CE36-4BBE-B994-3C1207E77474- 4540202F-0536-487D-A04D-9CDB37DDC379- C47DA127-682D-4452-A5E2-33223768F8BB- F553E0FB-5B8A-4CDA-AAAE-D239484AC806- HKEYLOCALMACHINE SOFTWARE Microsoft Windows CurrentVersion Uninstall 35E68F63-DFF2-4146-90E8-58C211CE74E7is1- DBE41A56-98C8-4E5C-BCBD-5862727091E1is1- SearchProtect-:Commands resethosts emptytemp Reboot
Let this software run unhindered, reboot the PC when it really is done
Open OTL again and then click the Quick Scan button. Post the log it generates in your following reply.
Close all open programs and browsers.
Double click on to operate the tool.
Your computer will likely be rebooted automatically. A text file will open following your restart.
Please post this article of that logfile together with your next answer.
silly question so how will i know when OTL is finished? would it open a log or am i able to check the progression somewhere?
OTL will reboot your computer for you and create a log, determined by how much junk files you might have the reboot will take longer than normal
Registry value HKEYLOCALMACHINE software mozilla Firefox Extensions C7AE725D-FA5C-4027-BB4C-787EF9F8248A deleted successfully.
Registry key HKEYLOCALMACHINE SOFTWARE Classes CLSID C7AE725D-FA5C-4027-BB4C-787EF9F8248A not found.
File C: Program Files RelevantKnowledge firefox not found.
Registry value HKEYLOCALMACHINE Software Microsoft Internet Explorer Toolbar Locked deleted successfully.
Registry key HKEYLOCALMACHINE SOFTWARE Microsoft Code Store Database Distribution Units CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA deleted successfully.
Registry key HKEYLOCALMACHINE SOFTWARE Classes CLSID CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA deleted successfully.
Registry key HKEYCURRENTUSER SOFTWARE Classes CLSID CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA deleted successfully.
Registry key HKEYLOCALMACHINE SOFTWARE Microsoft Active Setup Installed Components CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA not found.
Registry key HKEYLOCALMACHINE SOFTWARE Classes CLSID CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA not found.
Registry key HKEYLOCALMACHINE SOFTWARE Microsoft Code Store Database Distribution Units CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA deleted successfully.
Registry key HKEYLOCALMACHINE SOFTWARE Classes CLSID CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA deleted successfully.
Registry key HKEYCURRENTUSER SOFTWARE Classes CLSID CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA deleted successfully.
Registry key HKEYLOCALMACHINE SOFTWARE Microsoft Active Setup Installed Components CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA not found.
Registry key HKEYLOCALMACHINE SOFTWARE Classes CLSID CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA not found.
Registry value HKEYLOCALMACHINE SOFTWARE Microsoft Windows deleted successfully.
C: Users Camille AppData Roaming. folder moved successfully.
C: Users Camille AppData Roaming YourFileDownloader folder moved successfully.
c: program files YourFileDownloader folder moved successfully.
File Folder c: program files relevantknowledge not found.
C: program files 1ClickDownload folder moved successfully.
C: users camille appdata local MediaGet2 folder moved successfully.
C: PROGRA1 SearchProtect UI rep folder moved successfully.
C: PROGRA1 SearchProtect UI dialogs uninstall folder moved successfully.
C: PROGRA1 SearchProtect UI dialogs settings folder moved successfully.
C: PROGRA1 SearchProtect UI dialogs protection folder moved successfully.
C: PROGRA1 SearchProtect UI dialogs libs folder moved successfully.
C: PROGRA1 SearchProtect UI dialogs Images folder moved successfully.
C: PROGRA1 SearchProtect UI dialogs bubble folder moved successfully.
C: PROGRA1 SearchProtect UI dialogs folder moved successfully.
C: PROGRA1 SearchProtect UI bin folder moved successfully.
C: PROGRA1 SearchProtect UI folder moved successfully.
C: PROGRA1 SearchProtect SearchProtect rep folder moved successfully.
C: PROGRA1 SearchProtect SearchProtect Logs folder moved successfully.
C: PROGRA1 SearchProtect SearchProtect bin folder moved successfully.
C: PROGRA1 SearchProtect SearchProtect folder moved successfully.
C: PROGRA1 SearchProtect Main rep folder moved successfully.
C: PROGRA1 SearchProtect Main Logs folder moved successfully.
C: PROGRA1 SearchProtect Main bin folder moved successfully.
C: PROGRA1 SearchProtect Main folder moved successfully.
C: PROGRA1 SearchProtect folder moved successfully.
Registry value HKEYLOCALMACHINE SYSTEM CurrentControlSet Services SharedAccess Parameters FirewallPolicy FirewallRules 10157ABC-CE36-4BBE-B994-3C1207E77474 deleted successfully.
Registry key HKEYLOCALMACHINE SOFTWARE Classes CLSID 10157ABC-CE36-4BBE-B994-3C1207E77474 not found.
Registry value HKEYLOCALMACHINE SYSTEM CurrentControlSet Services SharedAccess Parameters FirewallPolicy FirewallRules 4540202F-0536-487D-A04D-9CDB37DDC379 deleted successfully.
Registry key HKEYLOCALMACHINE SOFTWARE Classes CLSID 4540202F-0536-487D-A04D-9CDB37DDC379 not found.
Registry value HKEYLOCALMACHINE SYSTEM CurrentControlSet Services SharedAccess Parameters FirewallPolicy FirewallRules C47DA127-682D-4452-A5E2-33223768F8BB deleted successfully.
Registry key HKEYLOCALMACHINE SOFTWARE Classes CLSID C47DA127-682D-4452-A5E2-33223768F8BB not found.
Registry value HKEYLOCALMACHINE SYSTEM CurrentControlSet Services SharedAccess Parameters FirewallPolicy FirewallRules F553E0FB-5B8A-4CDA-AAAE-D239484AC806 deleted successfully.
Registry key HKEYLOCALMACHINE SOFTWARE Classes CLSID F553E0FB-5B8A-4CDA-AAAE-D239484AC806 not found.
Registry value HKEYLOCALMACHINE SOFTWARE Microsoft Windows CurrentVersion Uninstall 35E68F63-DFF2-4146-90E8-58C211CE74E7is1 not found.
Registry key HKEYLOCALMACHINE SOFTWARE Classes CLSID 35E68F63-DFF2-4146-90E8-58C211CE74E7is1 not found.
Registry value HKEYLOCALMACHINE SOFTWARE Microsoft Windows CurrentVersion Uninstall DBE41A56-98C8-4E5C-BCBD-5862727091E1is1 not found.
Registry key HKEYLOCALMACHINE SOFTWARE Classes CLSID DBE41A56-98C8-4E5C-BCBD-5862727091E1is1 not found.
Registry value HKEYLOCALMACHINE SOFTWARE Microsoft Windows CurrentVersion Uninstall SearchProtect not found.
C: windows System32 drivers etc Hosts moved successfully.
Total Files Cleaned 217, 00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 02262014201323
C: windows System32 config systemprofile AppData Local Microsoft Windows Temporary Internet moved successfully.
And that s my log after my quick scan. Realized i didn t place it there. I ll run adwcleaner now.
OTL by OldTimer - Version 3.2.69.0 Folder C: Users Camille Desktop Downloads
Starter Edition Service Pack 1 Version 6.1.7601 - Type NTWorkstation
Internet Explorer Version 9.10.9200.16798
1014, 12 Mb Total Physical Memory 299, 49 Mb Available Physical Memory 29, 53% Memory free
1, 99 Gb Paging File 0, 78 Gb Available in Paging File 39, 30% Paging File free
Drive C: 100, 00 Gb Total Space 5, 94 Gb Free Space 5, 94% Space Free Partition Type: NTFS
Drive D: 117, 87 Gb Total Space 0, 00 Gb Free Space 0, 00% Space Free Partition Type: NTFS
Computer Name: MADAGASCAR User Name: Camille Logged in as Administrator.
PRC - 2014/02/26 10:40:32 000, 602, 112 - M OldTimer Tools - -
PRC - 2014/02/02 00:42:39 000, 866, 632 - M Google Inc. - - C: Program
PRC - 2013/08/02 01:52:57 000, 271, 360 - M Microsoft Corporation - -
PRC - 2012/11/23 03:48:41 000, 049, 152 - M Microsoft Corporation - -
PRC - 2012/09/23 20:43:34 000, 065, 192 - M Adobe Systems Incorporated - - C: Program Files Common
PRC - 2011/10/13 16:21:52 000, 249, 648 - M Microsoft Corporation - - C: Program
PRC - 2011/02/25 06:30:54 002, 616, 320 - M Microsoft Corporation - -
PRC - 2010/11/22 20:12:34 001, 086, 888 - M AsusTek Computer Inc. - - C: Program
PRC - 2010/09/03 20:02:08 001, 245, 104 - M ASUSTeK Computer Inc. - - C: Program
PRC - 2010/09/02 23:01:42 000, 095, 744 - M ASUSTeK Computer Inc. - - C: Program
PRC - 2010/06/09 23:26:34 000, 412, 600 - M ASUSTeK Computer Inc. - - C: Program
PRC - 2010/05/21 22:42:48 002, 839, 840 - M Broadcom Corporation. - - C: Program Files WIDCOMM Bluetooth
PRC - 2010/05/21 22:42:48 000, 828, 704 - M Broadcom Corporation. - - C: Program Files WIDCOMM Bluetooth
PRC - 2010/05/21 22:42:48 000, 652, 576 - M Broadcom Corporation. - - C: Program Files WIDCOMM Bluetooth
PRC - 2010/04/13 08:32:40 000, 548, 744 - M ELAN Microelectronic Corp. - - C: Program
PRC - 2010/04/07 06:16:52 001, 599, 880 - M ELAN Microelectronic Corp. - - C: Program
MOD - 2014/02/06 00:52:52 000, 073, 544 - M - C: Program Files Common Files Apple Apple Application
MOD - 2014/02/06 00:52:32 001, 044, 808 - M - C: Program Files Common Files Apple Apple Application
MOD - 2014/02/02 00:42:37 000, 399, 688 - M - C: Program
MOD - 2014/02/02 00:41:45 000, 715, 592 - M - C: Program
MOD - 2014/02/02 00:41:43 001, 634, 632 - M - C: Program
MOD - 2010/05/21 22:42:58 000, 132, 384 - M - C: Program Files WIDCOMM Bluetooth
SRV - 2014/02/21 13:18:41 000, 257, 928 - M Adobe Systems Incorporated OnDemand Stopped - - - - AdobeFlashPlayerUpdateSvc
SRV - 2013/11/05 17:50:03 001, 706, 136 - M Wsys Co., Ltd. Disabled Stopped - - - - WsysSvc
SRV - 2013/10/31 00:52:55 000, 119, 408 - M Mozilla Foundation Disabled Stopped - - C: Program Files Mozilla Maintenance - - MozillaMaintenance
SRV - 2013/09/06 18:29:38 000, 235, 216 - M McAfee, Inc. Disabled Stopped - - C: Program Files McAfee Security - - McComponentHostService
SRV - 2013/09/05 09:34:30 000, 171, 680 R- M Skype Technologies Disabled Stopped - - C: Program - - SkypeUpdate
SRV - 2013/05/27 05:57:27 000, 680, 960 - M Microsoft Corporation Auto Running - - C: Program Files Windows - - WinDefend
SRV - 2012/09/23 20:43:34 000, 065, 192 - M Adobe Systems Incorporated Auto Running - - C: Program Files Common - - AdobeARMservice
SRV - 2012/02/15 09:39:50 000, 647, 680 - M Macrovision Europe Ltd. OnDemand Stopped - - C: Program Files Common Files Macrovision Shared FLEXnet - - FLEXnet Licensing Service
SRV - 2011/10/21 14:23:42 000, 196, 176 - M Microsoft Corporation. Disabled Stopped - - C: Program - - BBSvc
SRV - 2011/10/13 16:21:52 000, 249, 648 - M Microsoft Corporation Auto Running - - C: Program - - BBUpdate
SRV - 2011/01/12 15:22:26 000, 091, 464 - M Disabled Stopped - - - - VideAceWindowsService
SRV - 2010/05/21 22:42:48 000, 652, 576 - M Broadcom Corporation. Auto Running - - C: Program Files WIDCOMM Bluetooth - - btwdins
DRV - 2010/11/20 11:24:41 000, 052, 224 - M Microsoft Corporation Kernel OnDemand Stopped - - - - TsUsbFlt
DRV - 2010/11/20 10:59:44 000, 035, 968 - M Microsoft Corporation Kernel OnDemand Stopped - - - - WinUsb
DRV - 2010/09/27 08:23:58 000, 068, 208 - M Atheros Communications, Inc. Kernel OnDemand Running - - - - L1C
DRV - 2009/07/22 06:14:58 000, 081, 704 - M CyberLink Kernel OnDemand Stopped - - - - wsvd
DRV - 2009/07/13 23:02:46 001, 096, 704 - M Atheros Communications, Inc. Kernel OnDemand Stopped - - - - athr
IE - HKLM. SearchScopes, DefaultScope
IE - HKCU SOFTWARE Microsoft Internet Explorer Main, DefaultSecondaryPageURL binary data
IE - HKCU SOFTWARE Microsoft Internet Explorer Main, Start Page
IE - HKCU. SearchScopes, bProtectorDefaultScope
IE - HKCU. SearchScopes, DefaultScope 014DB5FA-EAFB-4592-A95B-F44D3EE87FA9
FF - : %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - /iTunes, version: File not found
FF - /iTunes, version1.0: C: Program Files iTunes Mozilla
FF - /JavaPlugin: C: Program Sun Microsystems, Inc.
FF - /McAfeeMssPlugin: C: Program Files McAfee Security McAfee, Inc.
FF - /NpCtrl, version1.0: c: Program Files Microsoft Microsoft Corporation
FF - /OfficeAuthz, version14.0: Microsoft Corporation
FF - /SharePoint, version14.0: Microsoft Corporation
FF - /WLPG, version15.4.3502.0922: C: Program Files Windows Live Photo Microsoft Corporation
FF - /WLPG, version15.4.3538.0513: C: Program Files Windows Live Photo Microsoft Corporation
FF - /Google Update;version3: C: Program Google Inc.
FF - /Google Update;version9: C: Program Google Inc.
FF - /vlc, version2.0.5: C: Program VideoLAN
FF - /vlc, version2.1.2: C: Program VideoLAN
FF - /vlc, version2.1.3: C: Program VideoLAN
FF - HKLM Software MozillaPlugins Adobe Reader: C: Program Files Adobe Reader Adobe Systems Inc.
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 12.0 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 12.0 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 14.0.1 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 14.0.1 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 15.0.1 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 15.0.1 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 16.0.1 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 16.0.1 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 16.0.2 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 16.0.2 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 17.0.1 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 17.0.1 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 18.0 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 18.0 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 18.0.1 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 18.0.1 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 18.0.2 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 18.0.2 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 19.0 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 19.0 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 19.0.2 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 19.0.2 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 20.0 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 20.0 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 20.0.1 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 20.0.1 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 21.0 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 21.0 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 22.0 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 22.0 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 23.0.1 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 23.0.1 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 24.0 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 24.0 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 25.0 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 25.0 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 7.0.1 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 7.0.1 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 14.0.1 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 14.0.1 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 15.0.1 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 15.0.1 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 16.0.1 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 16.0.1 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 16.0.2 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 16.0.2 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 17.0.1 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 17.0.1 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 18.0 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 18.0 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 18.0.1 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 18.0.1 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 18.0.2 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 18.0.2 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 19.0 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 19.0 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 19.0.2 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 19.0.2 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 20.0 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 20.0 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 20.0.1 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 20.0.1 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 21.0 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 21.0 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 22.0 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 22.0 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 23.0.1 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 23.0.1 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 24.0 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 24.0 extensions Plugins: C: Program Files Mozilla Firefox plugins
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 25.0 extensions Components: C: Program Files Mozilla Firefox components
FF - HKEYCURRENTUSER software mozilla Mozilla Firefox 25.0 extensions Plugins: C: Program Files Mozilla Firefox plugins
2011/06/27 20:19:14 000, 000, 000 -D M No name found - - C: Users Camille AppData Roaming mozilla Extensions
2013/11/05 22:32:33 000, 000, 000 -D M No name found - - -1378940237648 extensions
2013/10/31 00:52:29 000, 000, 000 -D M No name found - - C: Program Files mozilla firefox browser extensions
2013/10/31 00:52:56 000, 000, 000 -D M Default - - C: Program Files mozilla firefox browser extensions 972ce4c6-7e08-4474-a285-3208198ce6fd
CHR - defaultsearchprovider: searchurl google:baseURLsearch?qsearchTerms google:RLZgoogle:originalQueryForSuggestiongoogle:assistedQueryStatsgoogle:searchFieldtrialParametergoogle:bookmarkBarPinnedgoogle:searchClientgoogle:sourceIdgoogle:instantExtendedEnabledParametergoogle:omniboxStartMarginParameterieinputEncoding
CHR - defaultsearchprovider: suggesturl google:baseSuggestURLsearch?google:searchFieldtrialParameterclientgoogle:suggestClient xssit qsearchTerms google:cursorPositiongoogle:zeroPrefixUrlgoogle:pageClassificationsugkeygoogle:suggestAPIKeyParameter,
CHR - Extension: Documents Google C: Users Camille AppData Local Google Chrome User Data Default Extensions aohghmighlieiainnegkcijnfilokake 0.50
CHR - Extension: Google u00A0Drive C: Users Camille AppData Local Google Chrome User Data Default Extensions apdfllckaahabafndbhieahigkjlhalf 6.30
CHR - Extension: YouTube C: Users Camille AppData Local Google Chrome User Data Default Extensions blpcfgokakmgnkcojhhkbfbldkacnbeo 4.2.60
CHR - Extension: Adblock Plus C: Users Camille AppData Local Google Chrome User Data Default Extensions cfhdojbkjhnklbpkdaibdccddilifddb 1.7.40
CHR - Extension: Recherche Google C: Users Camille AppData Local Google Chrome User Data Default Extensions coobgpohoikkiipiblmjeljniedjpjpf 0.0.0.200
CHR - Extension: Google u00A0Wallet C: Users Camille AppData Local Google Chrome User Data Default Extensions nmmhkkegccagdldgiimedpiccmgmieda 0.0.6.10
O2 - BHO: MSS Identifier - 0E8A89AD-95D7-40EB-8D9D-083EF7066A01 - C: Program Files McAfee Security McAfee, Inc.
O2 - BHO: Bing Bar Helper - d2ce3e00-f94a-4740-988e-03dc2f38c34f - C: Program Microsoft Corporation.
O3 - HKLM. Toolbar: Bing Bar - 8dcb7100-df86-4384-8842-8fa844297b3f - C: Program Microsoft Corporation.
O4 - HKLM. Run: ASUSPRP C: Program ASUSTek Computer Inc.
O4 - HKLM. Run: ASUSWebStorage C: Program Files ASUS ASUS ecareme
O4 - HKLM. Run: CapsHook ASUSTek Computer Inc.
O4 - HKLM. Run: dotNetInstallerBoot C: Users Camille AppData Local Temp SDLTrados 2007 File not found
O4 - HKLM. Run: ETDWare C: Program ELAN Microelectronic Corp.
O4 - HKLM. Run: HotkeyMon ASUSTek Computer Inc.
O4 - HKLM. Run: HotkeyService ASUSTek Computer Inc.
O4 - HKLM. Run: LiveUpdate ASUSTek Computer Inc.
O4 - HKLM. Run: SunJavaUpdateSched C: Program File not found
O4 - HKLM. Run: SuperHybridEngine ASUSTek Computer Inc.
O4 - HKCU. Run: uTorrent BitTorrent Inc.
O4 - Startup: C: Users Camille AppData Roaming Microsoft Windows Start Dropbox, Inc.
O9 - Extra Button: C: Program Files WIDCOMM Bluetooth, -4015 - CCA281CA-C863-46ef-9331-5C8D4460577F - C: Program Files WIDCOMM Bluetooth
O9 - Extra Tools menuitem: C: Program Files WIDCOMM Bluetooth, -12650 - CCA281CA-C863-46ef-9331-5C8D4460577F - C: Program Files WIDCOMM Bluetooth
O10 - NameSpaceCatalog5 CatalogEntries 000000000010 - C: Program Apple Inc.
O17 - HKLM System CCS Services Tcpip Parameters: DhcpNameServer 192.168.1.1
O17 - HKLM System CCS Services Tcpip Parameters Interfaces BCDC3874-09A7-47ED-B179-0E12158D15A1: DhcpNameServer 212.47.0.4 212.47.1.4
O17 - HKLM System CCS Services Tcpip Parameters Interfaces F3F3DF8C-01F7-4D7E-943D-F551A174C5A5: DhcpNameServer 192.168.1.1
O21 - SSODL: WebCheck - E6FB5E20-DE35-11CF-9C87-00AA005127ED - No CLSID value found.
O38 - SubSystems Windows: ServerDllwinsrv:UserServerDllInitialization, 3
O38 - SubSystems Windows: ServerDllwinsrv:ConServerDllInitialization, 2
O38 - SubSystems Windows: ServerDllsxssrv, 4
2014/02/24 14:19:03 000, 000, 000 -D C - - C: Users Camille AppData Local 1672C536-80E4-49FD-A251-CB2515D58F2F
2014/02/23 01:57:24 000, 000, 000 -D C - - C: ProgramData 188F1432-103A-4ffb-80F1-36B633C5C9E1
2014/02/21 17:19:32 000, 000, 000 -D C - - C: Users Camille AppData Local E93A97AC-AE9A-4162-8D9F-742B32C4A963
2014/02/18 15:47:56 000, 000, 000 -D C - - C: Users Camille AppData Local 340D2EAB-24DD-4384-A132-1652B559CC09
2014/02/14 01:58:43 002, 706, 432 - C Microsoft Corporation - -
2014/02/14 01:58:42 000, 163, 840 - C Microsoft Corporation - -
2014/02/14 01:58:39 002, 877, 952 - C Microsoft Corporation - -
2014/02/14 01:58:38 000, 039, 936 - C Microsoft Corporation - -
2014/02/14 01:58:37 000, 061, 440 - C Microsoft Corporation - -
2014/02/14 01:58:36 000, 391, 168 - C Microsoft Corporation - -
2014/02/14 01:58:34 000, 493, 056 - C Microsoft Corporation - -
2014/02/14 01:58:34 000, 109, 056 - C Microsoft Corporation - -
2014/02/14 01:58:34 000, 071, 680 - C Microsoft Corporation - -
2014/02/14 01:58:34 000, 042, 496 - C Microsoft Corporation - -
2014/02/14 01:58:34 000, 033, 280 - C Microsoft Corporation - -
2014/02/13 12:47:41 000, 000, 000 -D C - - C: Users Camille AppData Local C4BC1EC2-75B3-40A4-99D7-2770DFD1CC6D
2014/02/13 11:22:29 000, 002, 048 - C Microsoft Corporation - -
2014/02/13 11:22:00 001, 987, 584 - C Microsoft Corporation - -
2014/02/13 11:21:59 003, 419, 136 - C Microsoft Corporation - -
2014/02/13 11:21:27 000, 594, 944 - C Microsoft Corporation - -
2014/02/13 11:21:27 000, 572, 416 - C Microsoft Corporation - -
2014/02/13 11:21:27 000, 508, 928 - C Microsoft Corporation - -
2014/02/13 11:21:26 000, 510, 976 - C Microsoft Corporation - -
2014/02/13 11:21:26 000, 428, 032 - C Microsoft Corporation - -
2014/02/13 11:21:26 000, 423, 936 - C Microsoft Corporation - -
2014/02/13 11:21:25 000, 390, 144 - C Microsoft Corporation - -
2014/02/13 11:21:25 000, 087, 040 - C Microsoft Corporation - -
2014/02/13 11:21:25 000, 087, 040 - C Microsoft Corporation - -
2014/01/28 18:25:38 000, 000, 000 -D C - - C: Users Camille AppData Local 7677E6AF-4CC2-432D-A143-CE5A93BF64BE
2014/02/26 22:17:01 000, 001, 002 - M - C: windows tasks Adobe Flash Player
2014/02/26 20:25:21 000, 016, 160 -H- M - C: windows System32 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014/02/26 20:25:21 000, 016, 160 -H- M - C: windows System32 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014/02/21 13:18:38 000, 692, 616 - M Adobe Systems Incorporated - -
2014/02/21 13:18:38 000, 071, 048 - M Adobe Systems Incorporated - -
2014/02/20 16:46:40 000, 001, 013 - M - C: Users Camille AppData Roaming Microsoft Windows Start
2014/02/01 08:58:43 000, 042, 496 - M Microsoft Corporation - -
2014/02/01 08:57:39 000, 163, 840 - M Microsoft Corporation - -
2014/02/01 08:57:35 000, 493, 056 - M Microsoft Corporation - -
2014/02/01 08:57:20 002, 877, 952 - M Microsoft Corporation - -
2014/02/01 08:57:20 000, 039, 936 - M Microsoft Corporation - -
2014/02/01 08:57:16 000, 391, 168 - M Microsoft Corporation - -
2014/02/01 08:57:16 000, 109, 056 - M Microsoft Corporation - -
2014/02/01 08:57:16 000, 061, 440 - M Microsoft Corporation - -
2014/02/01 08:57:16 000, 033, 280 - M Microsoft Corporation - -
2014/02/01 08:34:53 002, 706, 432 - M Microsoft Corporation - -
2014/02/01 07:38:03 000, 071, 680 - M Microsoft Corporation - -
2014/02/20 16:46:40 000, 001, 013 - C - C: Users Camille AppData Roaming Microsoft Windows Start
2013/07/26 02:55:59 012, 872, 704 - M Microsoft Corporation
2010/11/20 13:19:02 000, 606, 208 - M Microsoft Corporation
2009/07/14 02:16:17 000, 342, 528 - M Microsoft Corporation
AdwCleaner v2.007 - Rapport crРР le 26/02/2014 Р® 22:39:06
Internet Explorer v9.10.9200.16798
OK Le registre ne contient aucune entrРe illРgitime.
OK Le fichier ne contient aucune entrРe illРgitime.
OK Le fichier ne contient aucune entrРe illРgitime.
How is laptop computer behaving now?
Double Click to fit the application.
Make sure a checkmark is defined next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update can be found, it'll download and install the most recent version.
The scan might take some time to finish, so please be patient.
When the scan is complete, click OK, then Show Results to comprehend the results.
When disinfection is done, a log will open in Notepad and you might be prompted to Restart.See Extra Note
The log is automatically saved by MBAM and may be viewed by clicking the Logs tab in MBAM.
Attach the whole report with your next reply.
If MBAM encounters personal files that is difficult to eliminate, you will probably be presented with 1 of 2 prompts, click OK either to and let MBAM proceed together with the disinfection process, if motivated to restart your computer, remember to so immediately.
I haven t got any pop-ups for just two days andi think my computer is often a bt faster to begin and shut down, but that s it and that i don t ever have a way to be sure. I ran Malwarebytes plus it found 20 entries to delete, here s my log:
Malwarebytes Anti-Malware 1.75.0.1300
Database version: v2014.02.28.06
Internet Explorer 10.0.9200.16798
Time elapsed: 24 minutes, 36 seconds
HKLM SYSTEM CurrentControlSet Services WsysSvc - Quarantined and deleted successfully.
HKLM SOFTWARE Microsoft Windows CurrentVersion Uninstall WsysControl - Quarantined and deleted successfully.
Quarantined and deleted successfully.
HKCU SOFTWARE Microsoft Internet Explorer SearchScopes 33BB0A4E-99AF-4226-BDF6-49120163DE86 8 - Quarantined and deleted successfully.
HKCU Software 1ClickDownload 1ClickDownload.A - Quarantined and deleted successfully.
HKLM SOFTWARE dosearchesSoftware - Quarantined and deleted successfully.
HKLM SOFTWARE Microsoft Internet Explorer SearchScopes 33BB0A4E-99AF-4226-BDF6-49120163DE86 8 - Quarantined and deleted successfully.
HKLM Software InstallIQ - Quarantined and deleted successfully.
HKCU SOFTWARE Microsoft Internet Explorer SearchScopesbProtectorDefaultScope - Data: - Quarantined and deleted successfully.
HKLM SYSTEM CurrentControlSet Services WsysSvcImagePath - Data: - Quarantined and deleted successfully.
C: ProgramData eSafe log - Quarantined and deleted successfully.
C: ProgramData eSafe - Quarantined and deleted successfully.
Quarantined and deleted successfully.
Quarantined and deleted successfully.
Quarantined and deleted successfully.
Quarantined and deleted successfully.
C: Program Files Mozilla - Quarantined and deleted successfully.
0 members, 0 guests, 0 anonymous users
Licensed to: Geeks to Go, Inc.
Yourfile Downloader is malicious software employed by Cyber criminals to realize financial advantages. It appears to be an effective program which could allow you download files from Internet by extra speed along with other features like pause, resume etc. Yourfile Downloader toolbar virus is a member of family of browser hijacks that spread through Spam emails, freeware applications or with all the help of Trojans through compromised websites. Such malwares can adjust your browsers default search provider, home page and also other settings without informing you. They are also useful to promote paid content either as pop-up ads or by placing ads inside all of the legit websites using plugin api. moreover, Yourfile Downloader virus can collect your own personal information, spy on your PC to see your online activities and send the logged reports to its developers. We do not recommend that you let Yourfile Downloader virus stay inside your system. It should be removed immediately.
It may change corrupt default settings of browsers like Firefox, Chrome or Internet explorer
Causes frequent web redirects to wrong websites, hijacks google search settings and causes unexpected webpages
Collects Personal user information that might include sensitive financial data like logins, usernames, accounts
Makes the browser run slow, utilizes a big a part of system resources
Want to reduce Browser Hijack Yourfile Downloader?:
To manually remove Yourfile Downloader, stick to the instructions.
First of most, Uninstall this course. Skip on the next step if the appliance is not placed in Control Panel.
Start Settings Control Panel. Now Locate and open Add or Remove Programs or PROGRAMS AND FEATURES. Find Yourfile Downloader. Now click Uninstall/Remove.
Now remove this software from Browser.
Click Tools if on Internet Explorer 9, click gear icon, Then Manage Add-ons. Look for Yourfile Downloader. Disable if found any.
To stop pop-ups from malware,
Click on TOOLS POP-UP BLOCKER, then click TURN ON POP-UP BLOCKER. and after that go to POP-UP BLOCKER SETTINGS. Type any site you wish to block popups from
Click Tools/Settings Wrench incon, Add-ons Extensions and disable any file accompany malware.
Still Spyware Yourfile Downloader lurking inside the system? Remove manually
Open Task Manager to prevent processes.
HKEYLOCALMACHINESOFTWAREMozillaFirefoxextensions,
Alternatively, that you are advised to make use of the removal tool below to remove this malware infection.