winzip software free download with keysilent hunter 3 download freesteam download slowwindows vista home premium 32 bit iso download chip
On this site, you'll find complete details and removal steps for YourFile Downloader Updater adware. We highly advise to scan the PC with provided tools to reduce the threat.
YourFile Downloader Updater pop-up is attributable to an adware that currently infecting in your entire system. You may notice that web page will endeavor to convince you that the update is essential for your YourFileDownloader
program, however, what you would get when following a link is simply malware. Whenever you observe pop-up ads with this YourFile Downloader Updater, it only implies that your system are at risk and updating the said program has nothing regarding the real condition of the computer.
YourFile Downloader Updater pop-up is merely part of an adware that you could acquire almost certainly when you download and install third-party software. That reason makes its arrival secret for several PC users. Most people even think that it's a virus when it's in reality it's not necessarily. However, YourFile Downloader Updater may include things like several functions that will put your body at risk. Therefore, it truly is highly preferable to prevent or get rid of it.
YourFile Downloader Updater can also display various advertisements that entices that you download endorse products. Aside from offering you many annoyances, additionally, it creates misleading alerts. Such functionality could potentially cause more viruses and also other adware infection on your own system. It simply implies that having YourFile Downloader Updater can reduce your body security; also, operate performs seems a lot more different as before. You can no more surf the net efficiently and safely.
To protect one's body against various trouble, as well as stop experience many viruses via the internet, you need to remove YourFile Downloader Updater immediately. The idea that no users can usually benefit from this site but only those individuals who put on the extender to spread malware, theres not any reason for that you stay on this page.
1. Begin the removal process by uninstalling the adware program from Windows. To do this, we have to open Control Panel. Please make sure that you are logon with all the Administrative privilege to reach this function.
Click on Start button which might be found on bottom left corner with the screen.
From their list, choose Control Panel to reach settings of Windows and earn the needed changes.
The easiest way to gain access to Control Panel on Windows 8 is from the Search function.
Simply press Windows Key Q on the keyboard to produce the Charms Bar. Alternatively, you may drag mouse pointer to lower-right component of desktop till the Charms Bar slide-out.
Click for the Magnifying Glass icon and show off for Control Panel. Click the item around the result to get into this feature.
2. Under Programs, click Uninstall an application. It will open a software program and features window where-in you are able to uninstall, change, or repair installed software.
3. Look for any suspicious name that's installed recently. To do this, you must arrange the things chronologically. Click on Installed On to show the latest program seems unfamiliar.
As observed, this pop-up can be linked to known malware. You might also look for and delete the next names that have been identified with YourFile Downloader Updater: Via Advertising Group Limited
4. Click on Uninstall button to clear out the program automatically.
5. If it prompts for confirmation, please click OK to proceed.
1. In troubleshooting a PC, one common step is always to boot os into Safe Mode with Networking. The same approach are going to be used in removing YourFile Downloader Updater. Please execute instructions based on the Windows OS version.
Please restart laptop and just before Windows start, press F8 on the keyboard repeatedly. You will probably be presented with Advanced Options Menu.
From the selections, choose Safe Mode with Networking. Please use keyboards arrow up/down to navigate between selections and press Enter to proceed.
Please restart laptop and as soon the way it begins to begin with, please press ShiftF8 keys.
Instead of seeing Advance Boot Options, Windows 8 will display Recovery Mode. Continue using the given steps soon you reach Safe Mode function.
Click on See advanced repair options.
Then, simply click Troubleshoot.
Next, please select Advanced options.
On the following window, please choose Windows Startup Settings.
Lastly, simply click Restart button. Windows 8 can restart and boot into Advanced Boot Option wherein it is possible to run it in Safe Mode with Networking.
2. Open your installed anti-virus programs increase it to your most recent version by automatically downloading necessary updates.
3. Thoroughly scan laptop computer and remove all identified threats. Do not restart or turn off the pc after the scan process. You still have to run another scan. Please follow the following procedure.
To remove YourFile Downloader Updater, download Malwarebytes Anti-Malware. This tool works well in getting gone Trojans, viruses and malware.
1. After downloading, please install this system using the default settings.
2. At the end on the installation, please ensure that it will download necessary updates.
3. Once update has completed. The tool will launch.
4. Thoroughly scan laptop computer and remove all threats detected at this anti-malware program.
1. Open Google Chrome browser
2. Type this within the address bar chrome://settings/
3. Navigate at the end with the page and select Show advanced settings
4. At the bottom with the page, click Reset settings to eliminate all changes produced by YourFile Downloader Updater
1. Open Internet Explorer software
2. Navigate to top menu and click on Tools Internet Options
3. On Internet Options window, select Advanced tab
4. In order to reverse modifications attributable to YourFile Downloader Updater, visit Reset button to get back Internet Explorers settings thus to their default condition.
1. Open Mozilla Firefox program
2. Navigate to top menu and Open Help Menu. Then, select on Troubleshooting Information
3. Click on Refresh Firefox button to erase the consequence of YourFile Downloader Updater
Internet Explorer versions 8 and 9 has this feature called SmartScreen Filter. It helps detect phishing websites and shield you from downloading malicious files online. To turn on SmartScreen Filter, adopt these measures:
1. Please open Internet Explorer.
3. Select SmartScreen Filter in the drop-down list and simply click Turn on SmartScreen Filter.
4. Please restart Internet Explorer.
With Google Chromes Phishing and Malware Detection feature, you will get lesser risks browsing the online world. It will display a reminder when the site you are attempting to visit is suspicious. To enable Phishing and Malware Protection, please these steps:
2. Click within the Customize and control Google Chrome 3-Bars Icon situated on top right corner in the browser.
4. Once around the settings page, visit Show advanced at the bottom in the page to determine the rest with the Chrome setup.
5. Locate Privacy section and mark Enable phishing and malware protection.
6. Please restart Google Chrome. New settings maintain browser safe while surfing the internet.
Phishing and Malware Protection is usually a built-in feature on Firefox version 3 or later. It warns you whenever a page you try to visit contains phishing content or even an attack site meant to drop threats within the computer. To assist you to keep safe while browsing the Internet using Firefox, please follow the guide:
1. Open Mozilla Firefox browser.
3. Select Security and hang a check mark about the following items:
Remove YourFile Downloader Updater Protect Your Computer Now!
EZ Software Updater Virus Removal Guide Despite the proven fact that EZ Software Updater isn't belong or classify as one from the viruses, we highly suggest not to ever keep it as
Remove Dynamic Updater Virus Removal Dynamic Updater can be an adware program which could affect on how your body performs. It normally display unusual pop-up ads plus it even perform the duties of Virus Removal is really a potentially unwanted program, that may drag the device into more troubles. In fact, it possesses several traits and functionalities that happen to be closely
Remove 2 Virus Removal 2 is really a potentially unwanted program detected by AVG Antivirus and also other security software. System may drag into further and deeper issues if the adware
1ClickMovie-Downloader Virus Removal Guide 1ClickMovie-Downloader extension can be a potentially unwanted program which could be installed for the computer without users approval. It arrives about the computer unexpectedly which enables it to
Your current email address will not be published. Required fields are marked
Copyright 2015 by Im-Infected. All rights reserved.
We use cookies to make certain we provde the best experience on our website. If you continue to use this web site we will believe that you are very pleased with it. Ok
More Results Hub may be known as adware due for the fact it performs objectionable strategies to discreetly execute its real intention when invading its target computer, then when placing boundless of pop-up ads.
XTEX adware can extremely bring raise the risk into your laptop. This may feel like a safe program nonetheless it actually carry out some suspicious deeds. As a matter of fact, it uses several deceptive means to be established for the PC.
Too much display of coupons, savings, discounts, plus much more other offers from BestDeal are all a result of adware that presently running on the computer. It has to be able to set in for the PC, without requiring for PC users permission.
When the thing is that pop-up claiming that your particular computer reaches risk as a result of viruses, be warned that a machine just isn't really infected or has any connected to viruses. In fact, it can be merely as a consequence of adware employed by crooks only to collect money from the victims.
is technically built to convince PC users that this reason why they may be seeing security pop-up alert is the fact that their computer is deeply contaminated with viruses. Yet the truth is, this tactic is being used so that you can promote their fake Technical Support Service.
is malicious software that cannot just hinder computer users online activities, but this tends to also caused a severe increased laptop or computer risk. This may redirect one to harmful internet pages where adware as well as viruses can be obtained.
is usually a seemingly like harmless program that typically shows pop-up pertaining to software update. On the contrary, such pop-up frequently lead PC users to accumulate unwanted programs like adware, viruses, along with other malicious software.
Object Browser is often a type of adware which allows enormous display of pop-up ads and keep appearing with your computer. This often creates a series of issues including browsing difficulty and working with more other system irregularities.
Sure PC Backup has the cabability to place itself into personal computer without even informing PC users. Though it does not have exactly the same characteristic of the herpes virus, its presence may perform the duties of an introduction to harmful programs onto one's body.
AlleyBrowse can be presented as useful and reasonably needed form of program, yet, you must take into account that is actually sort of adware that sole intention would be to gain money by promoting various online advertisements.
Copyright 2015 by Im-Infected. All rights reserved.
We use cookies in order that we provde the best experience on our website. If you continue to use this page we will believe that you are very happy with it. Ok
Warning 17 antivirus scanners has detected malware in a variety of versions of.
There are 5 versions of from the wild, the most recent version being 1, 0, 0, 4. operates as a standard windows process with all the logged in users account privileges. The process utilizes the Windows Task Scheduler to automatically launch the file to be a process any time a user logs into Windows. The average file size is around 299.7 KB. The file can be a digitally signed and issued to Via Advertising Group Limited by VeriSign. Some variations with the file result to be installed using the program YourFileDownloader from Via Advertising Group Limited. During the processs lifecycle, the conventional CPU resource utilization is around 0.0048% including both foreground and background operations, the normal private memory consumption is all about 9.16 MB using the maximum memory reaching around 13.03 MB. Addionally, typically read and write I/O disk operations is all about 913 Bytes a minute for reads and 0 Bytes a minute for writes.
The YourFile Downloader auto updater is a software program which runs inside the background of Windows and automatically starts up if your PC boots. It checks for software udpates and automatically downloads and installs them if found.
YourFileDownloader is built to make your download experience easier and quicker than previously. Now you don't possess to spend your energy and energy for locating desired programs and find forwarded a
Note, the programs listed here are for all versions of YourFile Downloader.
YourFileDownloader provides to be able to download various computer software locally. It provides a list and show off interface to find and download appliations. The program does however
Note, the behaviors below are for all those versions of, go with a unique version for details.
Based on 40 industry antivirus scanners, 17 of these detected this malware.
a variant of Win32/YourFileDownloader.B
a variant of Win32/YourFileDownloader.B
a variant of Win32/YourFileDownloader.B
245168.B
United States installs about 28.74% of YourFile Downloader.
We are still inside final stages of development all of which will hopefully have our 100% free client app available soon. The app will continue to work in conjunction with your existing anti-virus program to quickly enable you to block potentially unwanted software from taking control of your respective PC.
In the meantime, if you wish to run our best rated software, Should I Remove It?, which is made to quickly purge your PC from unwanted programs, please download it it here, its 100% FREE!
Featured on The Kim Komando Show, USA Today, Toms Guide, CNET, Softonic and many other.
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.
Warning 17 antivirus scanners has detected malware in numerous versions of.
There are 5 versions of from the wild, the most recent version being 1, 0, 0, 4. runs as a standard windows process with all the logged in users account privileges. The process utilizes the Windows Task Scheduler to automatically launch the file to be a process each time a user logs into Windows. The average file size is concerning 299.7 KB. The file is often a digitally signed and issued to Via Advertising Group Limited by VeriSign. Some variations from the file are considered to be installed with all the program YourFileDownloader from Via Advertising Group Limited. During the processs lifecycle, the conventional CPU resource utilization is concerning 0.0048% including both foreground and background operations, the common private memory consumption is concerning 9.16 MB with all the maximum memory reaching around 13.03 MB. Addionally, typically read and write I/O disk operations is concerning 913 Bytes for each minute for reads and 0 Bytes for each minute for writes.
The YourFile Downloader auto updater is an application which runs within the background of Windows and automatically starts up whenever your PC boots. It checks for software udpates and automatically downloads and installs them if found.
YourFileDownloader is created to make your download experience easier and quicker than ever before. Now you don't possess to spend your energy and energy to find desired programs and acquire forwarded a
Note, the programs here i will discuss for all versions of YourFile Downloader.
YourFileDownloader provides a chance to download various computer software locally. It provides a list and look interface to seek out and download appliations. The program does however
Note, the behaviors below are for many versions of, decide on a unique version for details.
Based on 40 industry antivirus scanners, 17 ones detected these malware.
a variant of Win32/YourFileDownloader.B
a variant of Win32/YourFileDownloader.B
a variant of Win32/YourFileDownloader.B
245168.B
United States installs about 28.74% of YourFile Downloader.
We are still inside the final stages of development and can hopefully have our 100% free client app available soon. The app work in conjunction with your existing anti-virus program to quickly enable you to block potentially unwanted software from taking control within your PC.
In the meantime, if you need to run our best rated software, Should I Remove It?, which is meant to quickly purge your PC from unwanted programs, please download it it here, its 100% FREE!
Featured on The Kim Komando Show, USA Today, Toms Guide, CNET, Softonic and much more.
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.
Anvi Smart Defender V2.2 - Free Anti-malware
Recently, many users send email to Anvisoft Technical Support and report this program YourFile Downloader. They complained any time they install the free program YourFile Downloader, their computer start being crazy plus they get two different toolbar on the computer. When we receive request from user, we go for the website /and download this software. Please discover more to learn how you can uninstall this software and repair the problem a result of YourFile Downloader.
YourFile Downloader is claimed to further improve the download experience easier and quicker previously. With YourFile Downloader, you usually do not have to waste your time and energy to find desired programs and find forwarded around the internet as it is possible to download everthing. But you mustn't ignore the indisputable fact that YourFile Downloader can be an ad-supported application. When you install the free program, you're supposed to setup YourFile Downloader supported toolbars, for example Babylon toolbar.
However you are able to unselect the default replacement for complete mobile phone, most of users are tricked to setup the unwanted toolbar. They will have their house page and default search results redirected to /?affID116774 tt51127 babsrcHPss mntrId38d4fa95000000000000000c29787e9b and browser gets hijacked.
Although YourFile Downloader and Babylon toolbar are non-malicious related, but it really acts as malicious program by hijacker the browsers by changing the homepage and redirecting the google listing and many users encounter this problem and find it hard to clear out and thus suspect its virus that harms laptop computer. What s more, four antivirus program include ESET-NOD32 detect as being a threat.
Installed YourFile Downloader and Babylon toolbar, the browser respond very slow, and the computer or programs get error message constantly. If you might have installed YourFile Downloader and Babylon toolbar, you happen to be highly motivated to uninstall and repair them immediately with following instruction.
Step1, Uninstall this software YourFile Downloader and related toolbar from a computer
Please go to your Start Menu. Select Control Panel
Anvi Smart Defender V2.2 - Free Anti-malware
Recently, lots of users send email to Anvisoft Technical Support and report this software YourFile Downloader. They complained that if they install the free program YourFile Downloader, their computer start to get crazy and so they get two different toolbar on his or her computer. When we receive request from your user, we go for the website /and download this software. Please continue reading to learn tips on how to uninstall this program and repair the problem due to YourFile Downloader.
YourFile Downloader is claimed to improve the download experience easier and quicker than in the past. With YourFile Downloader, you will not have to invest your time and energy for locating desired programs and acquire forwarded throughout the internet as it is possible to download everthing. But you shouldn't ignore the proven fact that YourFile Downloader is definitely an ad-supported application. When you install the free program, you might be supposed to put in YourFile Downloader supported toolbars, like Babylon toolbar.
However you are able to unselect the default solution to complete set up ., but many of users are tricked to put in the unwanted toolbar. They will have their house page and default online search engine redirected to /?affID116774 tt51127 babsrcHPss mntrId38d4fa95000000000000000c29787e9b and browser gets hijacked.
Although YourFile Downloader and Babylon toolbar are non-malicious related, nevertheless it acts as malicious program by hijacker the browsers by changing the homepage and redirecting the google and many users encounter this matter and find it hard to take out and thus suspect its virus that harms your computer. What s more, four antivirus program include ESET-NOD32 detect as being a threat.
Installed YourFile Downloader and Babylon toolbar, the browser respond very slow, and the computer or programs get error message constantly. If you might have installed YourFile Downloader and Babylon toolbar, that you are highly inspired to uninstall and repair them at the earliest opportunity with following instruction.
Step1, Uninstall this software YourFile Downloader and related toolbar from the computer
Please go on the Start Menu. Select Control Panel
65, 339, 745 programs installed
What percent of users and experts removed it?
What do people ponder over it?
United States Rank 10, 999
Average installed length: 613.64 days
YourFile Downloader is the fact kind of app, designed to ease every day when it comes to finding and downloading a certain piece of software.
It displays a minimalistic interface which won't contain any traces of distracting elements like ads and doesn't leave room for confusion.
Using YourFile Downloader is not hard. All you must do is type the name from the application you intend to download, hit Enter and from their list of results go through the one you may need. Choose the destination folder and wait for a download to complete. That s it.
As far as functionality, its pretty straightforward there are no settings to concern yourself with. There are though two shortcomings which you definitely find.
First off, the success from the search function relies for the name on the application that you are looking for. If you intend to download a unique PDF reader as an example, you should type its exact name to get it. If you use some keywords, you may come across applications that will not have anything related to what you'll need.
In case YourFile Downloader doesn t find any improvements, it will give you the possibility to get started on an alternative search. This will open an Internet browser window that could display is a result of across the world wide web. In a way, YourFile Downloader becomes YourFile Finder.
Secondly, YourFile Downloader uses alternative party download servers. It s from these that you simply get your applications as well as the downloader doesn't have a control over them. So if a server is down, many times yourself looking forward to a download which will never start.
Moreover, the download rate depends within the Internet connection delivered by your provider inside them for hours multiple active downloads, can greatly slow up the transfer rate. Fortunately, YourFile Downloader allows one to pause specific downloads so you may free up bandwidth.
Approach and idea wise, YourFile Downloader is within the right track nonetheless it needs improvements within the stability from the service it gives you.
Last updated on August 19th, 2013
2001-2015 Softpedia. All rights reserved. Softpedia along with the Softpedia logo are registered trademarks of SoftNews NET SRL. Privacy Policy
You actually have javascript disabled. Several functions might not work. Please re-enable javascript to get into full functionality.
Started by BurningBreak, Feb 18 2014 10:25 AM
I know there s already a comparable topic that is created around the forum many years ago nonetheless it has been closed, therefore i couldn t post for this thread together to make my Hope it s okay.
So similair problem for the other dude really, got that pop-up window every once in awhile, asking me to update YourFile Downloader, that I m ' ve uninstalled
The only thing i assumed about doing to be real run a report with adwcleaner and ccleaner but obviously didn t work. So as being the meme would say, i ve doing nothing i m all the way of idea.
Hope all of you can help Sorry internet marketing suck a newb. Thanks ahead of time.
Double click for the icon to operate it. Make sure other windows are closed and let it run uninterrupted.
Click the Run Scan button. Do not change any settings unless otherwise told for this. The scan wont require much time.
When the scan completes, it'll open two notepad windows. and. These are saved inside same location as OTL.
Due to absence of feedback, this topic has become closed.
If you'll need this topic reopened, please speak to a staff member. This applies only for the original topic starter. Everyone else please take up a New Topic.
Thank you for ones help and then for re opening this issue. Here are my logs.
OTL by OldTimer - Version 3.2.69.0 Folder C: Users Camille Desktop Downloads
Starter Edition Service Pack 1 Version 6.1.7601 - Type NTWorkstation
Internet Explorer Version 9.10.9200.16798
1014, 12 Mb Total Physical Memory 39, 68 Mb Available Physical Memory 3, 91% Memory free
1, 99 Gb Paging File 0, 81 Gb Available in Paging File 40, 68% Paging File free
Drive C: 100, 00 Gb Total Space 6, 04 Gb Free Space 6, 04% Space Free Partition Type: NTFS
Drive D: 117, 87 Gb Total Space 0, 00 Gb Free Space 0, 00% Space Free Partition Type: NTFS
Computer Name: MADAGASCAR User Name: Camille Logged in as Administrator.
ChromeHTML - - Reg Error: Key error. File not found
cplfile cplopen - - %1, % Microsoft Corporation
helpfile open - - Reg Error: Key error.
http open - - Reg Error: Key error.
https open - - Reg Error: Key error.
regfile merge - - Reg Error: Key error.
scrfile install - -, InstallScreenSaver %l
txtfile edit - - Reg Error: Key error.
Unknown openas - -, OpenAsRunDLL %1
Folder explore - - Reg Error: Value error.
05653DE1-6567-40C6-B930-39D399B64369 3.3
1F1C2DFC-2D24-3E06-BCB8-725134ADF989 Microsoft Visual C 2008 Redistributable - x86 9.0.30729.4148
3108C217-BE83-42E4-AE9E-A56A2A92E549 Atheros Communications Inc. AR81Family Gigabit/Fast Ethernet Driver
3248F0A8-6813-11D6-A77B-00B0D0150100 J2SE Runtime Environment 5.0 Update 10
4903D172-DCCB-392F-93A3-34CA9D47FE3D Framework 4.5.1
4E76FF7E-AEBA-4C87-B788-CD47E5425B9D Skype 6.11
6AFCA4E1-9B78-3640-8F72-A7BF33448200 Microsoft Visual C 2008 Redistributable - x86 9.0.30729
716E0306-8318-4364-8B8F-0CC4E9376BAC MSXML 4.0 SP2 Parser and SDK
770657D0-A123-3C07-8E44-1C83EC895118 Microsoft Visual C 2005 ATL Update kb973923 - x86 8.0.50727.4053
92FB6C44-E685-45AD-9B20-CADF4CABA132 - 1033 Framework 4.5.1
9A25302D-30C0-39D9-BD6F-21E6EC160475 Microsoft Visual C 2008 Redistributable - x86 9.0.30729.17
9BE518E6-ECC6-35A9-88E4-87755C07200F Microsoft Visual C 2008 Redistributable - x86 9.0.30729.6161
FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4 Microsoft Visual C 2008 Redistributable - x86 9.0.21022
Amelies Cafe1.01 Amelies Cafe
ApSIC Xbench ApSIC Xbench 2.9
Burger Island 21.0.1 Burger Island 2
Burger Rush1.0 Burger Rush
Chicken Invaders 4 Easter Edition1.0 Chicken Invaders 4 Easter Edition
Eee Dockingis1 Eee Docking 3.8.1
Elantech ETDWare PS/2-x86 7.0.5.11WHQL
Farm Frenzy Pizza Party1.0 Farm Frenzy Pizza Party
Free Mp3 Wma Converteris1 Free Mp3 Wma Converter V 2.2
Mahjong Epic 21.1 Mahjong Epic 2
Mozilla Firefox 25.0 x86 fr Mozilla Firefox 25.0 x86 fr
VLC media player VLC media player 2.1.3
WinRAR archiver WinRAR 4.01 32-bit
WsysControl Wsys Control 10.2.1.2652
Description Nom de lapplication dРfaillante, version: 2.1.2.0, horodatage
0x52a50c49 Nom du module dРfaillant:, version: 2.1.2.0, horodatage:
Description Le programme version 1.0.0.3 a cessР dinteragir
avec Windows et a РtР fermР. Pour dРterminer si des informations supplРmentaires
sont disponibles, consultez lhistorique du problРҐme dans le Centre de maintenance.
Description Le programme version 1.0.0.3 a cessР dinteragir
avec Windows et a РtР fermР. Pour dРterminer si des informations supplРmentaires
sont disponibles, consultez lhistorique du problРҐme dans le Centre de maintenance.
Description Nom de lapplication dРfaillante, version: 32.0.1700.107,
horodatage: 0x52ed6c62 Nom du module dРfaillant:, version: 32.0.1700.107,
Description Nom de lapplication dРfaillante, version: 32.0.1700.107,
horodatage: 0x52ed6c62 Nom du module dРfaillant:, version: 32.0.1700.107,
Description Nom de lapplication dРfaillante, version: 32.0.1700.107,
horodatage: 0x52ed6c62 Nom du module dРfaillant:, version: 32.0.1700.107,
Description Le programme version 1.0.0.3 a cessР dinteragir
avec Windows et a РtР fermР. Pour dРterminer si des informations supplРmentaires
sont disponibles, consultez lhistorique du problРҐme dans le Centre de maintenance.
Description Le service Windows Defender est en attente de dРmarrage.
du clichР instantanР na pas pu sagrandir en raison dune limite utilisateur.
a Рchoue avec lerreur 0x80070643: Internet Explorer 11 pour Windows 7.
a Рchoue avec lerreur 0x80070643: Internet Explorer 11 pour Windows 7.
Description LarrР™t systРҐme prРcРdant Р® 16:17:59 le?26/?02/?2014 nРtait pas
OTL by OldTimer - Version 3.2.69.0 Folder C: Users Camille Desktop Downloads
Starter Edition Service Pack 1 Version 6.1.7601 - Type NTWorkstation
Internet Explorer Version 9.10.9200.16798
1014, 12 Mb Total Physical Memory 39, 68 Mb Available Physical Memory 3, 91% Memory free
1, 99 Gb Paging File 0, 81 Gb Available in Paging File 40, 68% Paging File free
Drive C: 100, 00 Gb Total Space 6, 04 Gb Free Space 6, 04% Space Free Partition Type: NTFS
Drive D: 117, 87 Gb Total Space 0, 00 Gb Free Space 0, 00% Space Free Partition Type: NTFS
Computer Name: MADAGASCAR User Name: Camille Logged in as Administrator.
PRC - 2014/02/26 10:40:32 000, 602, 112 - M OldTimer Tools - -
PRC - 2014/02/02 00:42:39 000, 866, 632 - M Google Inc. - - C: Program
PRC - 2013/08/02 01:52:57 000, 271, 360 - M Microsoft Corporation - -
PRC - 2012/11/23 03:48:41 000, 049, 152 - M Microsoft Corporation - -
PRC - 2012/09/23 20:43:34 000, 065, 192 - M Adobe Systems Incorporated - - C: Program Files Common
PRC - 2011/10/13 16:21:52 000, 249, 648 - M Microsoft Corporation - - C: Program
PRC - 2011/02/25 06:30:54 002, 616, 320 - M Microsoft Corporation - -
PRC - 2010/11/22 20:12:34 001, 086, 888 - M AsusTek Computer Inc. - - C: Program
PRC - 2010/09/03 20:02:08 001, 245, 104 - M ASUSTeK Computer Inc. - - C: Program
PRC - 2010/09/02 23:01:42 000, 095, 744 - M ASUSTeK Computer Inc. - - C: Program
PRC - 2010/06/09 23:26:34 000, 412, 600 - M ASUSTeK Computer Inc. - - C: Program
PRC - 2010/05/21 22:42:48 002, 839, 840 - M Broadcom Corporation. - - C: Program Files WIDCOMM Bluetooth
PRC - 2010/05/21 22:42:48 000, 828, 704 - M Broadcom Corporation. - - C: Program Files WIDCOMM Bluetooth
PRC - 2010/05/21 22:42:48 000, 652, 576 - M Broadcom Corporation. - - C: Program Files WIDCOMM Bluetooth
PRC - 2010/04/13 08:32:40 000, 548, 744 - M ELAN Microelectronic Corp. - - C: Program
C: Program Files Common Files Macrovision Shared FLEXnet - - FLEXnet Licensing Service
SRV - 2011/10/21 14:23:42 000, 196, 176 - M Microsoft Corporation. Disabled Stopped - - C: Program - - BBSvc
SRV - 2011/10/13 16:21:52 000, 249, 648 - M Microsoft Corporation Auto Running - - C: Program - - BBUpdate
SRV - 2011/01/12 15:22:26 000, 091, 464 - M Disabled Stopped - - - - VideAceWindowsService
SRV - 2010/05/21 22:42:48 000, 652, 576 - M Broadcom Corporation. Auto Running - - C: Program Files WIDCOMM Bluetooth - - btwdins
DRV - 2010/11/20 11:24:41 000, 052, 224 - M Microsoft Corporation Kernel OnDemand Stopped - - - - TsUsbFlt
DRV - 2010/11/20 10:59:44 000, 035, 968 - M Microsoft Corporation Kernel OnDemand Stopped - - - - WinUsb
DRV - 2010/09/27 08:23:58 000, 068, 208 - M Atheros Communications, Inc. Kernel OnDemand Running - - - - L1C
DRV - 2009/07/22 06:14:58 000, 081, 704 - M CyberLink Kernel OnDemand Stopped - - - - wsvd
DRV - 2009/07/13 23:02:46 001, 096, 704 - M Atheros Communications, Inc. Kernel OnDemand Stopped - - - - athr
O4: 64bit: - HKLM. Run: IAAnotif C: Program Files x86 Intel Intel Matrix Storage Intel Corporation
O4: 64bit: - HKLM. Run: Windows Mobile Device Center Microsoft Corporation
O4 - HKLM. Run: Ad Muncher C: Program Files x86 Ad Murray Hurps Software Pty Ltd
O4 - HKLM. Run: APSDaemon C: Program Files x86 Common Files Apple Apple Application Apple Inc.
O4 - HKLM. Run: BingDesktop C: Program Files Microsoft Corp.
O4 - HKLM. Run: Dell DataSafe Online C: Program Files x86 Dell DataSafe
O4 - HKLM. Run: LogitechQuickCamRibbon C: Program Files Logitech Logitech WebCam
O4 - HKLM. Run: Mobile Connectivity Suite C: Program Files x86 HTC HTC Sync Application Launcher Application Teleca Sweden AB
O4 - HKCU. Run: EPSON Stylus Photo R340 Series/FU /EF HKCU File not found
O4 - HKCU. Run: C: Program Files
O4 - HKCU. Run: Logitech Vid C: Program Files x86 Logitech Vid Logitech Inc.
O9 - Extra Button:, -222 - 2EAF5BB1-070F-11D3-9307-00C04FAE2D4F - Microsoft Corporation
O9 - Extra Tools menuitem:, -223 - 2EAF5BB2-070F-11D3-9307-00C04FAE2D4F - Microsoft Corporation
O10: 64bit: - NameSpaceCatalog5 CatalogEntries64 000000000009 - C: Program Apple Inc.
O10 - NameSpaceCatalog5 CatalogEntries 000000000009 - C: Program Files Apple Inc.
O17 - HKLM System CCS Services Tcpip Parameters: DhcpNameServer 192.168.1.254
O17 - HKLM System CCS Services Tcpip Parameters Interfaces 081B0E74-3E2F-4B25-80B4-0635BD5A76D3: DhcpNameServer 192.168.1.254
O17 - HKLM System CCS Services Tcpip Parameters Interfaces F75A2444-E552-41D4-9D00-80A326784665: DhcpNameServer 192.168.1.254
O18 - Protocol Handler cozi 5356518D-FE9C-4E08-9C1F-1E872ECD367F - c: Program Files x86 Cozi Cozi Group, Inc.
O21: 64bit: - SSODL: WebCheck - E6FB5E20-DE35-11CF-9C87-00AA005127ED - No CLSID value found.
O21 - SSODL: WebCheck - E6FB5E20-DE35-11CF-9C87-00AA005127ED - No CLSID value found.
O32 - AutoRun File - 2012/01/21 19:18:57 000, 000, 000 -D M - M: autocallrecorder - - NTFS
O38 - SubSystems Windows: ServerDllwinsrv:UserServerDllInitialization, 3
2012/09/24 17:59:51 000, 181, 064 - M Sysinternals - -
2012/09/21 15:14:12 000, 696, 240 - M Adobe Systems Incorporated - -
2012/09/21 15:14:12 000, 073, 136 - M Adobe Systems Incorporated - -
2012/09/21 07:43:47 000, 001, 115 - M - C: Users Public Desktop Malwarebytes
2012/09/09 19:22:43 000, 001, 269 - M - C: Users Owner Application Data Microsoft Internet Explorer Quick Launch Auslogics
2012/09/07 17:04:46 000, 025, 928 - M Malwarebytes Corporation - -
2012/09/01 08:08:01 000, 095, 208 - M Oracle Corporation - -
2012/09/01 08:08:00 000, 821, 736 - M Oracle Corporation - -
2012/09/01 08:08:00 000, 746, 984 - M Oracle Corporation - -
2012/09/01 08:08:00 000, 246, 760 - M Oracle Corporation - -
2012/09/01 08:08:00 000, 174, 056 - M Oracle Corporation - -
2012/09/01 08:08:00 000, 174, 056 - M Oracle Corporation - -
2012/08/06 22:04:40 000, 002, 515 - M - C: Users Owner Application Data Microsoft Internet Explorer Quick Launch Apple
2012/09/09 19:22:43 000, 001, 269 - C - C: Users Owner Application Data Microsoft Internet Explorer Quick Launch Auslogics
2012/09/01 08:17:45 000, 002, 005 - C - C: Users Owner AppData Roaming Microsoft Windows Start Menu Programs Update
2012/08/29 18:11:13 000, 001, 115 - C - C: Users Public Desktop Malwarebytes
Microsoft DiskPart version 6.1.7601
Copyright 1999-2008 Microsoft Corporation.
OTL by OldTimer - Version 3.2.69.0 Folder C: Users Owner Desktop
64bit- Home Premium Edition Service Pack 1 Version 6.1.7601 - Type NTWorkstation
Internet Explorer Version 9.0.8112.16421
7.97 Gb Total Physical Memory 4.72 Gb Available Physical Memory 59.26% Memory free
15.93 Gb Paging File 12.33 Gb Available in Paging File 77.37% Paging File free
Drive C: 916.82 Gb Total Space 556.45 Gb Free Space 60.69% Space Free Partition Type: NTFS
Drive M: 2794.51 Gb Total Space 2010.39 Gb Free Space 71.94% Space Free Partition Type: NTFS
Computer Name: OWNER-PC User Name: Owner Logged in as Administrator.
Reg Error: Key error. File not found
cplfile - - Microsoft - - Reg Error: Key error. File not found
helpfile open - - Reg Error: Key error.
htmlfile edit - - Reg Error: Key error.
htmlfile print - -, PrintHTML %1
http open - - Reg Error: Key error.
https open - - Reg Error: Key error.
InternetShortcut open - - , OpenURL %l Microsoft Corporation
InternetShortcut print - - , PrintHTML %1 Microsoft Corporation
regfile merge - - Reg Error: Key error.
scrfile install - -, InstallScreenSaver %l
txtfile edit - - Reg Error: Key error.
Unknown openas - -, OpenAsRunDLL %1
Directory MediaMonkey.1Play - - %1 Ventis Media Inc.
Directory MediaMonkey.2PlayNext - - /NEXT %1 Ventis Media Inc.
Directory MediaMonkey.3Enqueue - - /ADD %1 Ventis Media Inc.
Directory - - C: Program Files /BOOKMARK %1 Nullsoft, Inc.
Directory - - C: Program Files /ADD %1 Nullsoft, Inc.
Directory - - C: Program Files %1 Nullsoft, Inc.
Folder explore - - Reg Error: Value error.
cplfile cplopen - - %1, % Microsoft Corporation
helpfile open - - Reg Error: Key error.
htmlfile edit - - Reg Error: Key error.
htmlfile print - -, PrintHTML %1
http open - - Reg Error: Key error.
https open - - Reg Error: Key error.
regfile merge - - Reg Error: Key error.
scrfile install - -, InstallScreenSaver %l
txtfile edit - - Reg Error: Key error.
Unknown openas - -, OpenAsRunDLL %1
Directory MediaMonkey.1Play - - %1 Ventis Media Inc.
Directory MediaMonkey.2PlayNext - - /NEXT %1 Ventis Media Inc.
Directory MediaMonkey.3Enqueue - - /ADD %1 Ventis Media Inc.
Directory - - C: Program Files /BOOKMARK %1 Nullsoft, Inc.
Directory - - C: Program Files /ADD %1 Nullsoft, Inc.
Directory - - C: Program Files %1 Nullsoft, Inc.
Folder explore - - Reg Error: Value error.
2969E914-39F3-4A5C-83E3-980F3B25679E lportrpc-epmap protocol6 dirin svcrpcss,-28539
397D1DDC-9DBF-445C-AF30-1342647A6200 lport26675 protocol6 dirin,-4006
C6302C20-DF78-4728-BC22-8CADD910A48E lport26675 protocol6 dirin,-4006
03E3A2B1-EA62-4641-9A85-FBCCEA0FCA10 protocol58 dirin,-28545
76EB38F8-E3C5-4728-8CFE-160CB01412AE protocol1 dirout,-28544
9036CC0C-AE6B-470E-8B6C-46DEB21169A5 protocol1 dirin,-28543
9177F957-3AAF-4210-BE03-34EA96F0F3C4 protocol58 dirout,-28546
4B6C7001-C7D6-3710-913E-5BC23FCE91E6 Microsoft Visual C 2008 Redistributable - x64 9.0.30729.4148
5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4 Microsoft Visual C 2008 Redistributable - x64 9.0.30729.6161
8338783A-0968-3B85-AFC7-BAAE0A63DC50 Microsoft Visual C 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
49CF605F02C7954F4E139D18828DE298CD59217C Windows Driver Package - Garmin grmnusb GARMIN Devices 06/03/2009 2.3.0.0
WinRAR archiver WinRAR 4.00 64-bit
1111706F-666A-4037-7777-211328764D10 JavaFX 2.1.1
1F1C2DFC-2D24-3E06-BCB8-725134ADF989 Microsoft Visual C 2008 Redistributable - x86 9.0.30729.4148
770657D0-A123-3C07-8E44-1C83EC895118 Microsoft Visual C 2005 ATL Update kb973923 - x86 8.0.50727.4053
86CE85E6-DBAC-3FFD-B977-E4B79F83C909 Microsoft Visual C 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
933B4015-4618-4716-A828-5289FC03165F VC80CRTRedist - 8.0.50727.6195
9BE518E6-ECC6-35A9-88E4-87755C07200F Microsoft Visual C 2008 Redistributable - x86 9.0.30729.6161
AC76BA86-7AD7-1033-7B44-A95000000001 Adobe Reader 9.5.2
E633D396-5188-4E9D-8F6B-BFB8BF3467E8 Skype 5.0
Ad Muncher Ad Muncher v4.93.33707
Adobe Photoshop 7.0 Adobe Photoshop 7.0
Exact Audio Copy Exact Audio Copy 1.0beta3
ffdshowis1 ffdshow v1.1.3516 2010-07-25
Free Studiois1 Free Studio version 4.7
GoToAssist GoToAssist 8.0.0.514
GrabItis1 GrabIt 1.7.2 Beta 4 build 997
Hauppauge TV Tuner Diagnostics Hauppauge TV Tuner Diagnostics 1.2.7076
Malwarebytes Anti-Malwareis1 Malwarebytes Anti-Malware version 1.65.0.1400
MediaMonkeyis1 MediaMonkey 4.0
Mozilla Firefox 16.0 x86 en-US Mozilla Firefox 16.0 x86 en-US
Uninstallis1 Uninstall 1.0.0.1
Windows 7 - Codec Pack Windows 7 Codec Pack 2.6.1
Xvid Video Codec 1.3.1 Xvid Video Codec
in manifest or policy file on the web. A component
active. Conflicting components are:. Component 1:
in manifest or policy file on the internet. A component
active. Conflicting components are:. Component 1:
in manifest or policy file on the internet. A component
active. Conflicting components are:. Component 1:
in manifest or policy file online. A component
active. Conflicting components are:. Component 1:
in manifest or policy file online. A component
active. Conflicting components are:. Component 1:
in manifest or policy file on the web. A component
active. Conflicting components are:. Component 1:
in manifest or policy file on-line. A component
active. Conflicting components are:. Component 1:
in manifest or policy file online. A component
active. Conflicting components are:. Component 1:
in manifest or policy file on the internet. A component
active. Conflicting components are:. Component 1:
in manifest or policy file online. A component
active. Conflicting components are:. Component 1:
was closed: Could not establish trust relationship to the SSL/TLS secure channel.
was closed: Could not establish trust relationship to the SSL/TLS secure channel.
was closed: Could not establish trust relationship for your SSL/TLS secure channel.
was closed: Could not establish trust relationship to the SSL/TLS secure channel.
was closed: Could not establish trust relationship with the SSL/TLS secure channel.
Description The driver detected a controller error on Device Harddisk1 DR1.
Description The driver detected a controller error on Device Harddisk1 DR1.
Description The driver detected a controller error on Device Harddisk1 DR1.
Description The driver detected a controller error on Device Harddisk1 DR1.
Description The driver detected a controller error on Device Harddisk4 DR4.
Description The driver detected a controller error on Device Harddisk1 DR1.
Description The driver detected a controller error on Device Harddisk1 DR1.
Description The driver detected a controller error on Device Harddisk1 DR1.
Description The following fatal alert was received: 48.
Description The following fatal alert was received: 48.
aswMBR version 0.9.9.1665 Copyright 2011 AVAST Software
07:57:15.547 OS Version: Windows x64 6.1.7601 Service Pack 1
07:57:15.547 Number of processors: 2 586 0x170A
07:57:15.548 ComputerName: OWNER-PC UserName: Owner
07:57:20.499 Initialize success
08:01:42.900 Disk 0 Vendor: ST310005 CC45 Size: 953869MB BusType: 3
08:01:42.913 Disk 0 MBR read successfully
08:01:42.919 Disk 0 Windows VISTA default MBR code
08:01:42.923 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
08:01:42.932 Disk 0 Partition 2 80 A 07 HPFS/NTFS NTFS 15000 MB offset 81920
08:01:42.947 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 938828 MB offset 30801920
08:01:42.970 Disk 0 scanning C: Windows system32 drivers
08:01:51.205 Service scanning
08:02:06.121 Modules scanning
08:02:06.131 Disk 0 trace - called modules:
08:02:06.160 1 nt IofCallDriver - Device Harddisk0 DR00xfffffa8007ce1760
08:02:06.167 3 fffff8800181743f - nt IofCallDriver - Device Ide IAAStorageDevice-20xfffffa8007759050
08:02:06.175 Scan finished successfully
08:04:18.906 Disk 0 MBR is saved successfully to
08:04:18.913 The log file continues to be saved successfully to
i haven t seen that popup lately therefore i m guessing things are ok.
The steps that I am gonna suggest involve modifying the registry. Modifying the registry is usually dangerous so we're going to make a backup on the registry first.
Modification with the registry might be extremely dangerous should you not know exactly what that you are doing so keep to the steps that happen to be listed below exactly. If you cannot do a little of these steps or if you might have any questions please ask before proceeding.
ERUNT Emergency Recovery Utility NT is often a free program that allows one to keep a complete backup of one's registry and restore it if needed.
use the default install settings but say no to your portion that asks you to definitely add ERUNT towards the start-up folder, if you like you'll be able to enable this program later
the default location is C: WINDOWS ERDNT that is acceptable.
You are employing peer-to-peer programs, specifically BitComet.
These are optional removals. However, anytime you're running any style of peer-to-peer application, you happen to be more prone to infection by malware, and this also is probably how we became infected within the first place. The choice to eliminate them is entirely your responsibility, but I would strongly recommend which you do.
If you will not want to take out them, please at the least refrain from using any peer-to-peer programs for your remainder of my fix.
In Control Panel, select Programs and Features.
Select the subsequent programs one at a time and then click Uninstall.
On reboot a log is going to be produced please attach that.
Note: If you've got Malwarebytes 1.6 or maybe more installed please disable it for your duration of this fix mainly because it may interfere using the successfully execution from the script below. If it still hangs then please uninstall MalwareBytes and run this fix again.
Under the Custom Scans/Fixes box in the bottom, paste in the next
OTL IE - HKLM. SearchScopes 9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69: URL searchTerms IE - HKCU SOFTWARE Microsoft Internet Explorer Main, Start Page Restore IE - HKCU. SearchScopes 9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69: URL searchTerms FF - : :1.2 2011/03/28 13:40:40 000, 000, 000 -D M Search Toolbar - - 2010/04/12 14:01:54 000, 002, 476 - M - - 2011/04/18 19:26:06 000, 001, 919 - M - - 2010/04/12 14:01:54 000, 002, 476 - M - - C: Program Files x86 mozilla O3:64bit: - HKLM. Toolbar: no name - Locked - No CLSID value found. O3 - HKLM. Toolbar: no name - Locked - No CLSID value found. 2012/08/29 17:40:12 000, 000, 000 -D C - C: Users Owner AppData Roaming YourFileDownloader 2012/08/29 17:40:12 000, 000, 000 -D C - C: Program Files x86 YourFileDownloader 1 files - - 2012/08/09 17:46:21 001, 075, 733 - M - - :Files ipconfig/flushdns/c:Commands purity resethosts emptytemp
Let this program run unhindered, reboot the PC when it's done
Open OTL again and click on the Quick Scan button. Post the log it generates in your next reply.
1. Attach the log from AdwCleaner.
OTL by OldTimer - Version 3.2.69.0 Folder C: Users Owner Desktop
64bit- Home Premium Edition Service Pack 1 Version 6.1.7601 - Type NTWorkstation
Internet Explorer Version 9.0.8112.16421
7.97 Gb Total Physical Memory 6.31 Gb Available Physical Memory 79.24% Memory free
15.93 Gb Paging File 13.72 Gb Available in Paging File 86.15% Paging File free
Drive C: 916.82 Gb Total Space 555.93 Gb Free Space 60.64% Space Free Partition Type: NTFS
Unable to calculate disk information.
Drive M: 2794.51 Gb Total Space 2010.39 Gb Free Space 71.94% Space Free Partition Type: NTFS
Computer Name: OWNER-PC User Name: Owner Logged in as Administrator.
PRC - 2012/09/07 17:04:46 000, 399, 432 - M Malwarebytes Corporation - - C: Program Files x86 Malwarebytes
PRC - 2012/08/29 10:13:29 000, 595, 144 - M Murray Hurps Software Pty Ltd - - C: Program Files x86 Ad
PRC - 2012/08/28 17:02:50 002, 214, 280 - M Auslogics - - C: Program Files x86 Auslogics Auslogics
PRC - 2012/03/30 14:41:46 000, 151, 656 - M Microsoft Corp. - - C: Program Files
PRC - 2012/02/01 13:36:38 022, 140, 304 - M magicJack - -
PRC - 2011/02/25 10:46:22 000, 249, 648 - M Microsoft Corporation - - C: Program Files
PRC - 2010/03/30 15:13:06 000, 389, 120 R- M Teleca - - C: Program Files x86 HTC HTC
PRC - 2010/03/17 16:22:52 001, 019, 904 R- M Teleca Sweden AB - - C: Program Files x86 HTC HTC Sync Mobile Phone
PRC - 2010/03/17 16:08:22 000, 253, 952 R- M TODO: Company name - C: Program Files x86 HTC HTC Sync Mobile Phone
PRC - 2010/03/17 16:08:04 000, 462, 848 R- M Teleca AB - - C: Program Files x86 HTC HTC Sync Mobile Phone
PRC - 2010/02/09 13:34:00 001, 807, 680 - M - C: Program Files x86 Dell DataSafe
PRC - 2009/12/11 15:50:34 000, 557, 056 R- M Teleca AB - - C: Program Files x86 Common Files Teleca
PRC - 2009/11/19 17:19:48 000, 598, 016 R- M Teleca Sweden AB - - C: Program Files x86 HTC HTC Sync Application Launcher Application
PRC - 2009/10/14 13:36:56 002, 793, 304 - M - C: Program Files Logitech Logitech WebCam
PRC - 2009/10/14 13:34:18 000, 560, 472 - M - C: Program Files x86 Common
PRC - 2009/10/07 01:47:22 000, 125, 464 - M Logitech Inc. - - C: Program Files x86 Common
PRC - 2009/06/09 12:11:14 000, 155, 648 - M Stardock Corporation - - C: Program
PRC - 2009/06/04 21:03:32 000, 186, 904 - M Intel Corporation - - C: Program Files x86 Intel Intel Matrix Storage
PRC - 2009/06/04 21:03:06 000, 354, 840 - M Intel Corporation - - C: Program Files x86 Intel Intel Matrix Storage
PRC - 2009/06/03 10:25:16 000, 106, 496 R- M Popwire AB - - C: Program Files x86 Common Files Teleca
PRC - 2009/04/14 13:14:26 000, 139, 264 - M Teleca Sweden AB - - C: Program Files x86 Common Files Teleca
PRC - 2009/01/26 15:31:10 001, 153, 368 - M Safer Networking Ltd. - - C: Program Files x86 Spybot - Search
PRC - 2008/11/09 16:48:14 000, 602, 392 - M Yahoo Inc. - - C: Program Files
PRC - 2006/12/19 10:30:26 000, 081, 920 - M Prolific Technology Inc. - -
MOD - 2011/07/28 19:09:42 000, 096, 112 - M - C: Program Files x86 DivX DivX
MOD - 2011/06/24 22:56:36 000, 087, 328 - M - C: Program Files x86 Common Files Apple Apple Application
MOD - 2011/06/24 22:56:14 001, 241, 888 - M - C: Program Files x86 Common Files Apple Apple Application
MOD - 2010/03/31 10:08:50 000, 240, 552 R- M - C: Program Files x86 HTC HTC Sync Mobile Phone
MOD - 2010/03/31 10:08:50 000, 240, 552 R- M - C: Program Files x86 HTC HTC
MOD - 2010/03/17 16:20:30 000, 139, 264 R- M - C: Program Files x86 HTC HTC Sync Mobile Phone
MOD - 2010/02/09 13:34:00 001, 807, 680 - M - C: Program Files x86 Dell DataSafe
MOD - 2010/02/09 13:34:00 000, 275, 776 - M - C: Program Files x86 Dell DataSafe
MOD - 2010/02/09 13:34:00 000, 152, 896 - M - C: Program Files x86 Dell DataSafe
MOD - 2010/02/09 13:34:00 000, 095, 552 - M - C: Program Files x86 Dell DataSafe
MOD - 2010/02/09 13:34:00 000, 017, 728 - M - C: Program Files x86 Dell DataSafe
MOD - 2009/10/14 13:36:56 002, 793, 304 - M - C: Program Files Logitech Logitech WebCam
MOD - 2009/10/14 13:34:18 000, 560, 472 - M - C: Program Files x86 Common
MOD - 2009/09/11 14:05:00 000, 058, 608 - M - C: Program Files x86 Dell DataSafe
MOD - 2009/03/03 18:18:08 000, 138, 064 - M - C: Program Files x86 Logitech Vid
MOD - 2007/01/11 18:33:20 000, 106, 496 R- M - C: Program Files x86 Common Files Teleca
SRV: 64bit: - 2010/09/22 18:10:10 000, 057, 184 - M Microsoft Corporation Disabled Stopped - - C: Program Files Windows - - wlcrasvc
SRV: 64bit: - 2009/07/13 21:41:27 001, 011, 712 - M Microsoft Corporation Auto Running - - C: Program Files Windows - - WinDefend
SRV: 64bit: - 2009/06/09 12:11:14 000, 155, 648 - M Stardock Corporation Auto Running - - C: Program - - DockLoginService
SRV: 64bit: - 2009/03/31 18:01:34 000, 092, 160 - M Andrea Electronics Corporation Auto Running - - C: Program - - AERTFilters
SRV - 2012/09/21 15:14:12 000, 250, 288 - M Adobe Systems Incorporated OnDemand Stopped - - - - AdobeFlashPlayerUpdateSvc
SRV - 2012/09/12 05:40:21 000, 114, 656 - M Mozilla Foundation OnDemand Stopped - - C: Program Files x86 Mozilla Maintenance - - MozillaMaintenance
SRV - 2012/09/07 17:04:46 000, 676, 936 - M Malwarebytes Corporation Auto Stopped - - C: Program Files x86 Malwarebytes - MBAMService
SRV - 2012/09/07 17:04:46 000, 399, 432 - M Malwarebytes Corporation Auto Running - - C: Program Files x86 Malwarebytes - MBAMScheduler
SRV - 2012/03/30 14:41:46 000, 151, 656 - M Microsoft Corp. Auto Running - - C: Program Files - - BingDesktopUpdate
SRV - 2011/02/28 18:44:14 000, 183, 560 - M Microsoft Corporation. OnDemand Stopped - - C: Program Files - - BBSvc
SRV - 2011/02/25 10:46:22 000, 249, 648 - M Microsoft Corporation Auto Running - - C: Program Files - - SeaPort
SRV - 2010/12/28 04:00:34 001, 296, 728 - M OnDemand Stopped - - C: Program Files - - BITCOMETHELPERSERVICE
SRV - 2010/03/22 20:05:40 000, 960, 992 - M Atheros Communications, Inc. OnDemand Stopped - - C: Program Files - - jswpsapi
SRV - 2010/03/18 13:16:28 000, 130, 384 - M Microsoft Corporation Auto Stopped - - - - clroptimizationv4.0.3031932
SRV - 2010/01/15 23:39:21 000, 016, 680 - M Citrix Online, a division of Citrix Systems, Inc. OnDemand Stopped - - C: Program Files - - GoToAssist
SRV - 2009/06/10 17:23:09 000, 066, 384 - M Microsoft Corporation Disabled Stopped - - - - clroptimizationv2.0.5072732
SRV - 2009/06/05 20:07:28 000, 250, 616 - M WildTangent, Inc. OnDemand Stopped - - C: Program Files x86 WildTangent Dell Games Dell Game - - GameConsoleService
SRV - 2009/06/04 21:03:06 000, 354, 840 - M Intel Corporation Auto Running - - C: Program Files x86 Intel Intel Matrix Storage - - IAANTMON
SRV - 2008/11/09 16:48:14 000, 602, 392 - M Yahoo Inc. Auto Running - - C: Program Files - - YahooAUService
SRV - 2007/05/31 17:11:54 000, 443, 784 - M Microsoft Corporation Auto Running - - - - WcesComm
SRV - 2007/05/31 17:11:46 000, 225, 672 - M Microsoft Corporation Auto Running - - - - RapiMgr
SRV - 2007/01/11 04:02:00 000, 126, 464 - M SEIKO EPSON CORPORATION Auto Running - - C: ProgramData EPSON EPW 3 - - EPSONPMRPCV401
SRV - 2006/12/19 10:30:26 000, 081, 920 - M Prolific Technology Inc. Auto Running - - - - PLFlash DeviceIoControl Service
DRV: 64bit: - 2012/09/07 17:04:46 000, 025, 928 - M Malwarebytes Corporation FileSystem OnDemand Running - - - - MBAMProtector
DRV: 64bit: - 2012/03/01 02:46:16 000, 023, 408 - M Microsoft Corporation Recognizer Boot Unknown - - - - FsRec
DRV: 64bit: - 2011/03/11 02:41:12 000, 107, 904 - M Advanced Micro Devices Kernel OnDemand Stopped - - - - amdsata
DRV: 64bit: - 2010/11/20 09:33:35 000, 078, 720 - M Hewlett-Packard Company Kernel OnDemand Stopped - - - - HpSAMD
DRV: 64bit: - 2010/11/20 07:07:05 000, 059, 392 - M Microsoft Corporation Kernel OnDemand Stopped - - - - TsUsbFlt
DRV: 64bit: - 2010/10/11 01:11:00 001, 924, 096 - M Atheros Communications, Inc. Kernel OnDemand Stopped - - - - athur
DRV: 64bit: - 2010/09/23 00:36:48 000, 048, 488 - M Microsoft Corporation Kernel OnDemand Stopped - - - - fssfltr
DRV: 64bit: - 2009/10/24 01:49:46 001, 542, 656 - M Atheros Communications, Inc. Kernel OnDemand Running - - - - athr
DRV: 64bit: - 2009/07/13 21:45:55 000, 024, 656 - M Promise Technology Kernel OnDemand Stopped - - - - stexstor
DRV: 64bit: - 2009/07/13 20:09:50 000, 019, 968 - M Microsoft Corporation Kernel OnDemand Stopped - - - - usbrndisx
DRV: 64bit: - 2009/06/10 16:34:33 003, 286, 016 - M Broadcom Corporation Kernel OnDemand Stopped - - - - ebdrv
DRV: 64bit: - 2009/06/10 16:34:28 000, 468, 480 - M Broadcom Corporation Kernel OnDemand Stopped - - - - b06bdrv
DRV: 64bit: - 2009/06/10 16:34:23 000, 270, 848 - M Broadcom Corporation Kernel OnDemand Stopped - - - - b57nd60a
DRV: 64bit: - 2009/06/10 16:31:59 000, 031, 232 - M Hauppauge Computer Works, Inc. Kernel OnDemand Stopped - - - - hcw85cir
DRV: 64bit: - 2009/05/26 08:13:10 000, 138, 752 - M Intel Corporation Kernel OnDemand Running - - - - IntcHdmiAddService
DRV: 64bit: - 2009/05/18 14:17:08 000, 034, 152 - M GEAR Software Inc. Kernel OnDemand Running - - - - GEARAspiWDM
DRV: 64bit: - 2008/07/29 05:47:00 001, 075, 712 - M Atheros Communications, Inc. Kernel OnDemand Stopped - - - - athrusb
DRV: 64bit: - 2008/05/15 02:28:00 000, 026, 624 - M Atheros Communications, Inc. Kernel System Running - - - - JSWPSLWF
DRV: 64bit: - 2007/01/19 18:24:24 000, 025, 312 - M Windows Codename Longhorn DDK provider Kernel Boot Running - - - - SCMNdisP
DRV - 2009/07/13 21:19:10 000, 019, 008 - M Microsoft Corporation FileSystem OnDemand Stopped - - - - WIMMount
IE: 64bit: - HKLM. SearchScopes, DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A
IE - HKLM SOFTWARE Microsoft Internet Explorer Main, Local Page
IE - HKLM. SearchScopes, DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A
IE - HKCU SOFTWARE Microsoft Internet Explorer Main, Start Page Restore
IE - HKCU. SearchScopes, DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A
FF - : SkipScreenSkipScreen:0.6.4
FF - : B042753D-F57E-4e8e-A01B-7379A6D4CEFB:1.25
FF - : SkipScreenSkipScreen:0.6.1.2
FF - : 635abd67-4fe9-1b23-4f01-e679fa7484c1:2.1.3.20100310105313
FF - : CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA:6.0.20
FF - : ACAA314B-EEBA-48e4-AD47-84E31C44796C:1.0.1
FF - : CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA:6.0.21
FF - : CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA:6.0.22
FF - : 195A3098-0BD5-4e90-AE22-BA1C540AFD1E:3.0.1
FF - : CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA:6.0.23
FF - : CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA:6.0.24
FF - : CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA:6.0.26
FF - : ABDE892B-13A8-4d1b-88E6-365A6E755758:14.0.3
FF - : CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA:6.0.29
FF: 64bit: - /DivX VOD Helper, version1.0.0: C: Program Files DivX DivX OVS DivX, LLC.
FF: 64bit: - /NpCtrl, version1.0: c: Program Files Microsoft Microsoft Corporation
FF: 64bit: - /OfficeAuthz, version14.0: Microsoft Corporation
FF - /iTunes, version: File not found
FF - /iTunes, version1.0: C: Program Files x86 iTunes Mozilla
FF - /DivX Browser Plugin, version1.0.0: C: Program Files x86 DivX DivX Plus Web DivX, LLC
FF - /DivX VOD Helper, version1.0.0: C: Program Files x86 DivX DivX OVS DivX, LLC.
FF - /DTPlugin, version10.7.2: Oracle Corporation
FF - /JavaPlugin, version10.7.2: C: Program Files Oracle Corporation
FF - /YahooMessengerStatePlugin;version1.0.0.6: C: Program Files Yahoo Inc.
FF - /NpCtrl, version1.0: c: Program Files x86 Microsoft Microsoft Corporation
FF - /OfficeAuthz, version14.0: Microsoft Corporation
FF - /SharePoint, version14.0: Microsoft Corporation
FF - /WLPG, version15.4.3502.0922: C: Program Files x86 Windows Live Photo Microsoft Corporation
FF - /WLPG, version15.4.3508.1109: C: Program Files x86 Windows Live Photo Microsoft Corporation
FF - /nprpchromebrowserrecordext;version15.0.4.53: RealNetworks, Inc.
FF - /nprphtml5videoshim;version15.0.4.53: RealNetworks, Inc.
FF - /Google Update;version3: C: Program Files Google Inc.
FF - /Google Update;version9: C: Program Files Google Inc.
FF - /vbp;version0.9.17: C: Program Files Veetle Inc
FF - /veetleCorePlugin, version0.9.17: C: Program Files Veetle Inc
FF - /veetlePlayerPlugin, version0.9.17: C: Program Files Veetle Inc
FF - HKLM Software MozillaPlugins Adobe Reader: C: Program Files x86 Adobe Reader Adobe Systems Inc.
FF - /FBPlugin, version1.0.3: File not found
FF - /Google Update;version3: Google Inc.
FF - /Google Update;version9: Google Inc.
FF - HKEYLOCALMACHINE software mozilla Firefox Extensions 23fcfd51-4958-4f00-80a3-ae97e717ed8b: C: Program Files x86 DivX DivX Plus Web Player firefox DivXHTML5 2012/02/20 12:26:34 000, 000, 000 -D M
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 16.0 extensions Components: C: Program Files x86 Mozilla Firefox components 2012/09/14 17:50:11 000, 000, 000 -D M
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 16.0 extensions Plugins: C: Program Files x86 Mozilla Firefox plugins 2012/09/03 19:24:52 000, 000, 000 -D M
FF - : C: Program Files ESET ESET Smart Security Mozilla Thunderbird 2012/05/19 17:01:04 000, 000, 000 -D M
2010/03/23 22:45:43 000, 000, 000 -D M No name found - - C: Users Owner AppData Roaming Mozilla Extensions
2012/09/14 17:50:15 000, 000, 000 -D M No name found - - extensions
2011/09/08 07:28:48 000, 000, 000 -D M Garmin Communicator - - extensions 195A3098-0BD5-4e90-AE22-BA1C540AFD1E
2010/07/04 18:01:10 000, 000, 000 -D M DVDVideoSoft Menu - - extensions ACAA314B-EEBA-48e4-AD47-84E31C44796C
2012/01/08 14:18:08 000, 000, 000 -D M BitComet Video Downloader - - extensions B042753D-F57E-4e8e-A01B-7379A6D4CEFB
2011/03/22 15:00:05 000, 000, 000 -D M No name found - - extensions B042753D-F57E-4e8e-A01B-7379A6D4CEFB-trash
2011/09/27 08:27:05 000, 000, 000 -D M Disconnect - -
2010/05/04 23:17:30 000, 000, 000 -D M FfvB - vBulletin Management for Firefox - -
2012/09/13 07:54:32 000, 005, 406 - M No name found - -
2012/02/22 21:24:25 000, 072, 222 - M No name found - -
2012/09/14 17:50:15 000, 573, 138 - M No name found - -
2012/09/14 17:50:11 000, 000, 000 -D M No name found - - C: Program Files x86 Mozilla Firefox extensions
2010/11/26 23:21:42 000, 000, 000 -D M Skype extension - - C: Program Files x86 Mozilla Firefox extensions AB2CE124-6272-4b12-94A9-7303C7397BD1
2012/09/14 17:50:11 000, 000, 000 -D M No name found - - C: Program Files x86 Mozilla Firefox distribution extensions
2012/09/12 05:40:40 000, 260, 576 - M Mozilla Foundation - - C: Program Files x86 mozilla
2011/09/09 00:49:04 001, 037, 112 - M BitComet - - C: Program Files x86 mozilla
2011/12/09 13:23:32 000, 012, 800 - M Nullsoft, Inc. - - C: Program Files x86 mozilla
2012/09/12 05:40:02 000, 002, 465 - M - C: Program Files x86 mozilla
2011/03/24 15:36:28 000, 002, 252 - M - C: Program Files x86 mozilla
2012/09/12 05:40:02 000, 002, 058 - M - C: Program Files x86 mozilla
CHR - defaultsearchprovider: searchurl google:baseURLsearch?qsearchTerms google:RLZgoogle:acceptedSuggestiongoogle:originalQueryForSuggestiongoogle:searchFieldtrialParametersourceidchrome ieinputEncoding
CHR - defaultsearchprovider: suggesturl google:baseSuggestURLsearch?google:searchFieldtrialParameterclientchrome hllanguage qsearchTerms,
CHR - plugin: QuickTime Plug-in 7.7.1 Enabled C: Program Files x86 Mozilla
CHR - plugin: QuickTime Plug-in 7.7.1 Enabled C: Program Files x86 Mozilla
CHR - plugin: QuickTime Plug-in 7.7.1 Enabled C: Program Files x86 Mozilla
CHR - plugin: QuickTime Plug-in 7.7.1 Enabled C: Program Files x86 Mozilla
CHR - plugin: QuickTime Plug-in 7.7.1 Enabled C: Program Files x86 Mozilla
CHR - plugin: QuickTime Plug-in 7.7.1 Enabled C: Program Files x86 Mozilla
CHR - plugin: QuickTime Plug-in 7.7.1 Enabled C: Program Files x86 Mozilla
CHR - plugin: Java Platform SE 7 U5 Enabled C: Program Files x86 Oracle JavaFX 2.1
CHR - plugin: Java Deployment Toolkit 7.0.50.255 Enabled
CHR - Extension: YouTube C: Users Owner AppData Local Google Chrome User Data Default Extensions blpcfgokakmgnkcojhhkbfbldkacnbeo 4.2.50
CHR - Extension: Google Search C: Users Owner AppData Local Google Chrome User Data Default Extensions coobgpohoikkiipiblmjeljniedjpjpf 0.0.0.190
CHR - Extension: Fast save C: Users Owner AppData Local Google Chrome User Data Default Extensions ejocjilmecckaddkddknbfgjampibkhh 1.10
CHR - Extension: DivX Plus Web Player HTML5 u003Cvideo u003E C: Users Owner AppData Local Google Chrome User Data Default Extensions nneajnkjbffgblleaoojgaacokifdkhm 2.1.2.1450
CHR - Extension: Instagram for Chrome C: Users Owner AppData Local Google Chrome User Data Default Extensions opnbmdkdflhjiclaoiiifmheknpccalb 2.6.40
O2 - BHO: DivX Plus Web Player HTML5 video - 326E768D-4182-46FD-9C16-1449A49795F4 - C: Program Files x86 DivX DivX Plus Web DivX, LLC
O2 - BHO: Bing Bar Helper - d2ce3e00-f94a-4740-988e-03dc2f38c34f - C: Program Files Microsoft Corporation.
O3 - HKLM. Toolbar: Bing Bar - 8dcb7100-df86-4384-8842-8fa844297b3f - C: Program Files Microsoft Corporation.
O4: 64bit: - HKLM. Run: IAAnotif C: Program Files x86 Intel Intel Matrix Storage Intel Corporation
O4: 64bit: - HKLM. Run: Windows Mobile Device Center Microsoft Corporation
O4 - HKLM. Run: Ad Muncher C: Program Files x86 Ad Murray Hurps Software Pty Ltd
O4 - HKLM. Run: APSDaemon C: Program Files x86 Common Files Apple Apple Application Apple Inc.
O4 - HKLM. Run: BingDesktop C: Program Files Microsoft Corp.
O4 - HKLM. Run: Dell DataSafe Online C: Program Files x86 Dell DataSafe
O4 - HKLM. Run: LogitechQuickCamRibbon C: Program Files Logitech Logitech WebCam
O4 - HKLM. Run: Mobile Connectivity Suite C: Program Files x86 HTC HTC Sync Application Launcher Application Teleca Sweden AB
O4 - HKCU. Run: EPSON Stylus Photo R340 Series/FU /EF HKCU File not found
O4 - HKCU. Run: C: Program Files
O4 - HKCU. Run: Logitech Vid C: Program Files x86 Logitech Vid Logitech Inc.
O9 - Extra Button:, -222 - 2EAF5BB1-070F-11D3-9307-00C04FAE2D4F - Microsoft Corporation
O9 - Extra Tools menuitem:, -223 - 2EAF5BB2-070F-11D3-9307-00C04FAE2D4F - Microsoft Corporation
O10: 64bit: - NameSpaceCatalog5 CatalogEntries64 000000000009 - C: Program Apple Inc.
O10 - NameSpaceCatalog5 CatalogEntries 000000000009 - C: Program Files Apple Inc.
O17 - HKLM System CCS Services Tcpip Parameters: DhcpNameServer 192.168.1.254
O17 - HKLM System CCS Services Tcpip Parameters Interfaces 081B0E74-3E2F-4B25-80B4-0635BD5A76D3: DhcpNameServer 192.168.1.254
O17 - HKLM System CCS Services Tcpip Parameters Interfaces F75A2444-E552-41D4-9D00-80A326784665: DhcpNameServer 192.168.1.254
O18 - Protocol Handler cozi 5356518D-FE9C-4E08-9C1F-1E872ECD367F - c: Program Files x86 Cozi Cozi Group, Inc.
O21: 64bit: - SSODL: WebCheck - E6FB5E20-DE35-11CF-9C87-00AA005127ED - No CLSID value found.
O21 - SSODL: WebCheck - E6FB5E20-DE35-11CF-9C87-00AA005127ED - No CLSID value found.
O32 - AutoRun File - 2012/01/21 19:18:57 000, 000, 000 -D M - M: autocallrecorder - - NTFS
O38 - SubSystems Windows: ServerDllwinsrv:UserServerDllInitialization, 3
O38 - SubSystems Windows: ServerDllwinsrv:ConServerDllInitialization, 2
O38 - SubSystems Windows: ServerDllsxssrv, 4
2012/10/01 18:26:08 000, 000, 000 -D C - - C: ProgramData Microsoft Windows Start Menu Programs ERUNT
2012/09/20 18:51:52 000, 181, 064 - C Sysinternals - -
2012/09/09 19:22:43 000, 000, 000 -D C - - C: ProgramData Microsoft Windows Start Menu Programs Auslogics
2012/10/01 19:19:47 000, 022, 464 -H- M - C: Windows SysNative 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012/10/01 19:19:47 000, 022, 464 -H- M - C: Windows SysNative 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012/10/01 19:14:00 000, 000, 830 - M - C: Windows tasks Adobe Flash Player
2012/09/24 17:59:51 000, 181, 064 - M Sysinternals - -
2012/09/21 07:43:47 000, 001, 115 - M - C: Users Public Desktop Malwarebytes
2012/09/09 19:22:43 000, 001, 269 - M - C: Users Owner Application Data Microsoft Internet Explorer Quick Launch Auslogics
2012/09/07 17:04:46 000, 025, 928 - M Malwarebytes Corporation - -
2012/09/09 19:22:43 000, 001, 269 - C - C: Users Owner Application Data Microsoft Internet Explorer Quick Launch Auslogics
2012/06/09 01:43:10 014, 172, 672 - M Microsoft Corporation
2012/06/09 00:41:00 012, 873, 728 - M Microsoft Corporation
2009/07/13 21:40:51 000, 909, 312 - M Microsoft Corporation
2010/11/20 08:19:02 000, 606, 208 - M Microsoft Corporation
2009/07/13 21:41:56 000, 505, 856 - M Microsoft Corporation
2010/07/04 18:01:10 000, 000, 000 -D M - - C: Users Owner AppData Roaming DVDVideoSoftIEHelpers
Note: If you could have Malwarebytes 1.6 or more installed please disable it with the duration of this fix since it may interfere with all the successfully execution in the script below. If it still hangs then please uninstall MalwareBytes and run this fix again.
Under the Custom Scans/Fixes box towards the bottom, paste in the next
OTL O16:64bit: - DPF: CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA Reg Error: Key error. O16 - DPF: E2883E8F-472F-4FB0-9522-AC9BF37916A7 Reg Error: Key error.:Commands emptytemp
Let this course run unhindered, reboot the PC when it truly is done
Open OTL again and click on the Quick Scan button. Post the log it generates in your next reply.
Run Malwarebytes Anti-Malware.
The scan might take some time to end, so please be patient.
When the scan is complete, click OK, then Show Results to see the results.
When disinfection is fully gone, a log will open in Notepad and you can be prompted to Restart. See Extra Note
The log is automatically saved by MBAM which enable it to be viewed by clicking the Logs tab in MBAM.
Copy Paste the full report within your next reply.
Note: If MBAM encounters data that is difficult to clear out, you will likely be presented with 1 of 2 prompts, click OK either to and let MBAM proceed with all the disinfection process, if motivated to restart the pc, remember to so immediately.
Note : You will must use Internet Explorer running in admin mode for this scan. To do this right visit Internet Explorer and pick Run as administrator.
Tick the lamp next to YES, I accept the Terms of Use
When asked, let the ActiveX control to setup
Click Scan This scan will take several hours, so please be patient
Once the scan is done, you could close the window
Please told me if any problems remain.
3. The ESET online scanner report, C: Program Files x86/ESET/ESET Online
4. Let me know how your pc is running.
OTL by OldTimer - Version 3.2.69.0 Folder C: Users Owner Desktop
64bit- Home Premium Edition Service Pack 1 Version 6.1.7601 - Type NTWorkstation
Internet Explorer Version 9.0.8112.16421
7.97 Gb Total Physical Memory 6.40 Gb Available Physical Memory 80.37% Memory free
15.93 Gb Paging File 13.80 Gb Available in Paging File 86.62% Paging File free
Drive C: 916.82 Gb Total Space 555.22 Gb Free Space 60.56% Space Free Partition Type: NTFS
Drive M: 2794.51 Gb Total Space 2010.39 Gb Free Space 71.94% Space Free Partition Type: NTFS
Computer Name: OWNER-PC User Name: Owner Logged in as Administrator.
PRC - 2012/09/07 17:04:46 000, 399, 432 - M Malwarebytes Corporation - - C: Program Files x86 Malwarebytes
PRC - 2012/08/29 10:13:29 000, 595, 144 - M Murray Hurps Software Pty Ltd - - C: Program Files x86 Ad
PRC - 2012/08/28 17:02:50 002, 214, 280 - M Auslogics - - C: Program Files x86 Auslogics Auslogics
PRC - 2012/03/30 14:41:46 000, 151, 656 - M Microsoft Corp. - - C: Program Files
PRC - 2012/02/01 13:36:38 022, 140, 304 - M magicJack - -
PRC - 2011/02/25 10:46:22 000, 249, 648 - M Microsoft Corporation - - C: Program Files
PRC - 2010/03/30 15:13:06 000, 389, 120 R- M Teleca - - C: Program Files x86 HTC HTC
PRC - 2010/03/17 16:22:52 001, 019, 904 R- M Teleca Sweden AB - - C: Program Files x86 HTC HTC Sync Mobile Phone
PRC - 2010/03/17 16:08:22 000, 253, 952 R- M TODO: Company name - C: Program Files x86 HTC HTC Sync Mobile Phone
PRC - 2010/03/17 16:08:04 000, 462, 848 R- M Teleca AB - - C: Program Files x86 HTC HTC Sync Mobile Phone
PRC - 2010/02/09 13:34:00 001, 807, 680 - M - C: Program Files x86 Dell DataSafe
PRC - 2009/12/11 15:50:34 000, 557, 056 R- M Teleca AB - - C: Program Files x86 Common Files Teleca
PRC - 2009/11/19 17:19:48 000, 598, 016 R- M Teleca Sweden AB - - C: Program Files x86 HTC HTC Sync Application Launcher Application
PRC - 2009/10/14 13:36:56 002, 793, 304 - M - C: Program Files Logitech Logitech WebCam
PRC - 2009/10/14 13:34:18 000, 560, 472 - M - C: Program Files x86 Common
PRC - 2009/10/07 01:47:22 000, 125, 464 - M Logitech Inc. - - C: Program Files x86 Common
PRC - 2009/06/09 12:11:14 000, 155, 648 - M Stardock Corporation - - C: Program
PRC - 2009/06/04 21:03:32 000, 186, 904 - M Intel Corporation - - C: Program Files x86 Intel Intel Matrix Storage
PRC - 2009/06/04 21:03:06 000, 354, 840 - M Intel Corporation - - C: Program Files x86 Intel Intel Matrix Storage
PRC - 2009/06/03 10:25:16 000, 106, 496 R- M Popwire AB - - C: Program Files x86 Common Files Teleca
PRC - 2009/04/14 13:14:26 000, 139, 264 - M Teleca Sweden AB - - C: Program Files x86 Common Files Teleca
PRC - 2009/01/26 15:31:10 001, 153, 368 - M Safer Networking Ltd. - - C: Program Files x86 Spybot - Search
PRC - 2008/11/09 16:48:14 000, 602, 392 - M Yahoo Inc. - - C: Program Files
PRC - 2006/12/19 10:30:26 000, 081, 920 - M Prolific Technology Inc. - -
MOD - 2011/07/28 19:09:42 000, 096, 112 - M - C: Program Files x86 DivX DivX
MOD - 2011/06/24 22:56:36 000, 087, 328 - M - C: Program Files x86 Common Files Apple Apple Application
MOD - 2011/06/24 22:56:14 001, 241, 888 - M - C: Program Files x86 Common Files Apple Apple Application
MOD - 2010/03/31 10:08:50 000, 240, 552 R- M - C: Program Files x86 HTC HTC Sync Mobile Phone
MOD - 2010/03/31 10:08:50 000, 240, 552 R- M - C: Program Files x86 HTC HTC
MOD - 2010/03/17 16:20:30 000, 139, 264 R- M - C: Program Files x86 HTC HTC Sync Mobile Phone
MOD - 2010/02/09 13:34:00 001, 807, 680 - M - C: Program Files x86 Dell DataSafe
MOD - 2010/02/09 13:34:00 000, 275, 776 - M - C: Program Files x86 Dell DataSafe
MOD - 2010/02/09 13:34:00 000, 152, 896 - M - C: Program Files x86 Dell DataSafe
MOD - 2010/02/09 13:34:00 000, 095, 552 - M - C: Program Files x86 Dell DataSafe
MOD - 2010/02/09 13:34:00 000, 017, 728 - M - C: Program Files x86 Dell DataSafe
MOD - 2009/10/14 13:36:56 002, 793, 304 - M - C: Program Files Logitech Logitech WebCam
MOD - 2009/10/14 13:34:18 000, 560, 472 - M - C: Program Files x86 Common
MOD - 2009/09/11 14:05:00 000, 058, 608 - M - C: Program Files x86 Dell DataSafe
MOD - 2009/03/03 18:18:08 000, 138, 064 - M - C: Program Files x86 Logitech Vid
MOD - 2007/01/11 18:33:20 000, 106, 496 R- M - C: Program Files x86 Common Files Teleca
SRV: 64bit: - 2010/09/22 18:10:10 000, 057, 184 - M Microsoft Corporation Disabled Stopped - - C: Program Files Windows - - wlcrasvc
SRV: 64bit: - 2009/07/13 21:41:27 001, 011, 712 - M Microsoft Corporation Auto Running - - C: Program Files Windows - - WinDefend
SRV: 64bit: - 2009/06/09 12:11:14 000, 155, 648 - M Stardock Corporation Auto Running - - C: Program - - DockLoginService
SRV: 64bit: - 2009/03/31 18:01:34 000, 092, 160 - M Andrea Electronics Corporation Auto Running - - C: Program - - AERTFilters
SRV - 2012/09/21 15:14:12 000, 250, 288 - M Adobe Systems Incorporated OnDemand Stopped - - - - AdobeFlashPlayerUpdateSvc
SRV - 2012/09/12 05:40:21 000, 114, 656 - M Mozilla Foundation OnDemand Stopped - - C: Program Files x86 Mozilla Maintenance - - MozillaMaintenance
SRV - 2012/09/07 17:04:46 000, 676, 936 - M Malwarebytes Corporation Auto Stopped - - C: Program Files x86 Malwarebytes - MBAMService
SRV - 2012/09/07 17:04:46 000, 399, 432 - M Malwarebytes Corporation Auto Running - - C: Program Files x86 Malwarebytes - MBAMScheduler
SRV - 2012/03/30 14:41:46 000, 151, 656 - M Microsoft Corp. Auto Running - - C: Program Files - - BingDesktopUpdate
SRV - 2011/02/28 18:44:14 000, 183, 560 - M Microsoft Corporation. OnDemand Stopped - - C: Program Files - - BBSvc
SRV - 2011/02/25 10:46:22 000, 249, 648 - M Microsoft Corporation Auto Running - - C: Program Files - - SeaPort
SRV - 2010/12/28 04:00:34 001, 296, 728 - M OnDemand Stopped - - C: Program Files - - BITCOMETHELPERSERVICE
SRV - 2010/03/22 20:05:40 000, 960, 992 - M Atheros Communications, Inc. OnDemand Stopped - - C: Program Files - - jswpsapi
SRV - 2010/03/18 13:16:28 000, 130, 384 - M Microsoft Corporation Auto Stopped - - - - clroptimizationv4.0.3031932
SRV - 2010/01/15 23:39:21 000, 016, 680 - M Citrix Online, a division of Citrix Systems, Inc. OnDemand Stopped - - C: Program Files - - GoToAssist
SRV - 2009/06/10 17:23:09 000, 066, 384 - M Microsoft Corporation Disabled Stopped - - - - clroptimizationv2.0.5072732
SRV - 2009/06/05 20:07:28 000, 250, 616 - M WildTangent, Inc. OnDemand Stopped - - C: Program Files x86 WildTangent Dell Games Dell Game - - GameConsoleService
SRV - 2009/06/04 21:03:06 000, 354, 840 - M Intel Corporation Auto Running - - C: Program Files x86 Intel Intel Matrix Storage - - IAANTMON
SRV - 2008/11/09 16:48:14 000, 602, 392 - M Yahoo Inc. Auto Running - - C: Program Files - - YahooAUService
SRV - 2007/05/31 17:11:54 000, 443, 784 - M Microsoft Corporation Auto Running - - - - WcesComm
SRV - 2007/05/31 17:11:46 000, 225, 672 - M Microsoft Corporation Auto Running - - - - RapiMgr
SRV - 2007/01/11 04:02:00 000, 126, 464 - M SEIKO EPSON CORPORATION Auto Running - - C: ProgramData EPSON EPW 3 - - EPSONPMRPCV401
SRV - 2006/12/19 10:30:26 000, 081, 920 - M Prolific Technology Inc. Auto Running - - - - PLFlash DeviceIoControl Service
DRV: 64bit: - 2012/09/07 17:04:46 000, 025, 928 - M Malwarebytes Corporation FileSystem OnDemand Running - - - - MBAMProtector
DRV: 64bit: - 2012/08/17 17:26:48 000, 025, 584 - M PC-Doctor, Inc. Kernel OnDemand Stopped - - c: Program Files Dell Support - - PCDSRVC1E208CE0-FB7451FF-060202000
DRV: 64bit: - 2012/03/01 02:46:16 000, 023, 408 - M Microsoft Corporation Recognizer Boot Unknown - - - - FsRec
DRV: 64bit: - 2011/03/11 02:41:12 000, 107, 904 - M Advanced Micro Devices Kernel OnDemand Stopped - - - - amdsata
DRV: 64bit: - 2010/11/20 09:33:35 000, 078, 720 - M Hewlett-Packard Company Kernel OnDemand Stopped - - - - HpSAMD
DRV: 64bit: - 2010/11/20 07:07:05 000, 059, 392 - M Microsoft Corporation Kernel OnDemand Stopped - - - - TsUsbFlt
DRV: 64bit: - 2010/10/11 01:11:00 001, 924, 096 - M Atheros Communications, Inc. Kernel OnDemand Stopped - - - - athur
DRV: 64bit: - 2010/09/23 00:36:48 000, 048, 488 - M Microsoft Corporation Kernel OnDemand Stopped - - - - fssfltr
DRV: 64bit: - 2009/10/24 01:49:46 001, 542, 656 - M Atheros Communications, Inc. Kernel OnDemand Running - - - - athr
DRV: 64bit: - 2009/07/13 21:45:55 000, 024, 656 - M Promise Technology Kernel OnDemand Stopped - - - - stexstor
DRV: 64bit: - 2009/07/13 20:09:50 000, 019, 968 - M Microsoft Corporation Kernel OnDemand Stopped - - - - usbrndisx
DRV: 64bit: - 2009/06/10 16:34:33 003, 286, 016 - M Broadcom Corporation Kernel OnDemand Stopped - - - - ebdrv
DRV: 64bit: - 2009/06/10 16:34:28 000, 468, 480 - M Broadcom Corporation Kernel OnDemand Stopped - - - - b06bdrv
DRV: 64bit: - 2009/06/10 16:34:23 000, 270, 848 - M Broadcom Corporation Kernel OnDemand Stopped - - - - b57nd60a
DRV: 64bit: - 2009/06/10 16:31:59 000, 031, 232 - M Hauppauge Computer Works, Inc. Kernel OnDemand Stopped - - - - hcw85cir
DRV: 64bit: - 2009/05/26 08:13:10 000, 138, 752 - M Intel Corporation Kernel OnDemand Running - - - - IntcHdmiAddService
DRV: 64bit: - 2009/05/18 14:17:08 000, 034, 152 - M GEAR Software Inc. Kernel OnDemand Running - - - - GEARAspiWDM
DRV: 64bit: - 2008/07/29 05:47:00 001, 075, 712 - M Atheros Communications, Inc. Kernel OnDemand Stopped - - - - athrusb
DRV: 64bit: - 2008/05/15 02:28:00 000, 026, 624 - M Atheros Communications, Inc. Kernel System Running - - - - JSWPSLWF
DRV: 64bit: - 2007/01/19 18:24:24 000, 025, 312 - M Windows Codename Longhorn DDK provider Kernel Boot Running - - - - SCMNdisP
DRV - 2009/07/13 21:19:10 000, 019, 008 - M Microsoft Corporation FileSystem OnDemand Stopped - - - - WIMMount
IE: 64bit: - HKLM. SearchScopes, DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A
IE - HKLM SOFTWARE Microsoft Internet Explorer Main, Local Page
IE - HKLM. SearchScopes, DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A
IE - HKCU SOFTWARE Microsoft Internet Explorer Main, Start Page Restore
IE - HKCU. SearchScopes, DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A
FF - : SkipScreenSkipScreen:0.6.4
FF: 64bit: - /DivX VOD Helper, version1.0.0: C: Program Files DivX DivX OVS DivX, LLC.
FF: 64bit: - /NpCtrl, version1.0: c: Program Files Microsoft Microsoft Corporation
FF: 64bit: - /OfficeAuthz, version14.0: Microsoft Corporation
FF - /iTunes, version: File not found
FF - /iTunes, version1.0: C: Program Files x86 iTunes Mozilla
FF - /DivX Browser Plugin, version1.0.0: C: Program Files x86 DivX DivX Plus Web DivX, LLC
FF - /DivX VOD Helper, version1.0.0: C: Program Files x86 DivX DivX OVS DivX, LLC.
FF - /DTPlugin, version10.7.2: Oracle Corporation
FF - /JavaPlugin, version10.7.2: C: Program Files Oracle Corporation
FF - /YahooMessengerStatePlugin;version1.0.0.6: C: Program Files Yahoo Inc.
FF - /NpCtrl, version1.0: c: Program Files x86 Microsoft Microsoft Corporation
FF - /OfficeAuthz, version14.0: Microsoft Corporation
FF - /SharePoint, version14.0: Microsoft Corporation
FF - /WLPG, version15.4.3502.0922: C: Program Files x86 Windows Live Photo Microsoft Corporation
FF - /WLPG, version15.4.3508.1109: C: Program Files x86 Windows Live Photo Microsoft Corporation
FF - /nprpchromebrowserrecordext;version15.0.4.53: RealNetworks, Inc.
FF - /nprphtml5videoshim;version15.0.4.53: RealNetworks, Inc.
FF - /Google Update;version3: C: Program Files Google Inc.
FF - /Google Update;version9: C: Program Files Google Inc.
FF - /vbp;version0.9.17: C: Program Files Veetle Inc
FF - /veetleCorePlugin, version0.9.17: C: Program Files Veetle Inc
FF - /veetlePlayerPlugin, version0.9.17: C: Program Files Veetle Inc
FF - HKLM Software MozillaPlugins Adobe Reader: C: Program Files x86 Adobe Reader Adobe Systems Inc.
FF - /FBPlugin, version1.0.3: File not found
FF - /Google Update;version3: Google Inc.
FF - /Google Update;version9: Google Inc.
FF - HKEYLOCALMACHINE software mozilla Firefox Extensions 23fcfd51-4958-4f00-80a3-ae97e717ed8b: C: Program Files x86 DivX DivX Plus Web Player firefox DivXHTML5 2012/02/20 12:26:34 000, 000, 000 -D M
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 16.0 extensions Components: C: Program Files x86 Mozilla Firefox components 2012/09/14 17:50:11 000, 000, 000 -D M
FF - HKEYLOCALMACHINE software mozilla Mozilla Firefox 16.0 extensions Plugins: C: Program Files x86 Mozilla Firefox plugins 2012/09/03 19:24:52 000, 000, 000 -D M
FF - : C: Program Files ESET ESET Smart Security Mozilla Thunderbird 2012/05/19 17:01:04 000, 000, 000 -D M
2010/03/23 22:45:43 000, 000, 000 -D M No name found - - C: Users Owner AppData Roaming Mozilla Extensions
2012/09/14 17:50:15 000, 000, 000 -D M No name found - - extensions
2011/09/08 07:28:48 000, 000, 000 -D M Garmin Communicator - - extensions 195A3098-0BD5-4e90-AE22-BA1C540AFD1E
2010/07/04 18:01:10 000, 000, 000 -D M DVDVideoSoft Menu - - extensions ACAA314B-EEBA-48e4-AD47-84E31C44796C
2012/01/08 14:18:08 000, 000, 000 -D M BitComet Video Downloader - - extensions B042753D-F57E-4e8e-A01B-7379A6D4CEFB
2011/03/22 15:00:05 000, 000, 000 -D M No name found - - extensions B042753D-F57E-4e8e-A01B-7379A6D4CEFB-trash
2011/09/27 08:27:05 000, 000, 000 -D M Disconnect - -
2010/05/04 23:17:30 000, 000, 000 -D M FfvB - vBulletin Management for Firefox - -
2012/09/13 07:54:32 000, 005, 406 - M No name found - -
2012/02/22 21:24:25 000, 072, 222 - M No name found - -
2012/09/14 17:50:15 000, 573, 138 - M No name found - -
2012/09/14 17:50:11 000, 000, 000 -D M No name found - - C: Program Files x86 Mozilla Firefox extensions
2010/11/26 23:21:42 000, 000, 000 -D M Skype extension - - C: Program Files x86 Mozilla Firefox extensions AB2CE124-6272-4b12-94A9-7303C7397BD1
2012/09/14 17:50:11 000, 000, 000 -D M No name found - - C: Program Files x86 Mozilla Firefox distribution extensions
2012/09/12 05:40:40 000, 260, 576 - M Mozilla Foundation - - C: Program Files x86 mozilla
2011/09/09 00:49:04 001, 037, 112 - M BitComet - - C: Program Files x86 mozilla
2011/12/09 13:23:32 000, 012, 800 - M Nullsoft, Inc. - - C: Program Files x86 mozilla
2012/09/12 05:40:02 000, 002, 465 - M - C: Program Files x86 mozilla
2011/03/24 15:36:28 000, 002, 252 - M - C: Program Files x86 mozilla
2012/09/12 05:40:02 000, 002, 058 - M - C: Program Files x86 mozilla
CHR - defaultsearchprovider: searchurl google:baseURLsearch?qsearchTerms google:RLZgoogle:acceptedSuggestiongoogle:originalQueryForSuggestiongoogle:searchFieldtrialParametersourceidchrome ieinputEncoding
CHR - defaultsearchprovider: suggesturl google:baseSuggestURLsearch?google:searchFieldtrialParameterclientchrome hllanguage qsearchTerms,
CHR - plugin: QuickTime Plug-in 7.7.1 Enabled C: Program Files x86 Mozilla
CHR - plugin: QuickTime Plug-in 7.7.1 Enabled C: Program Files x86 Mozilla
CHR - plugin: QuickTime Plug-in 7.7.1 Enabled C: Program Files x86 Mozilla
CHR - plugin: QuickTime Plug-in 7.7.1 Enabled C: Program Files x86 Mozilla
CHR - plugin: QuickTime Plug-in 7.7.1 Enabled C: Program Files x86 Mozilla
CHR - plugin: QuickTime Plug-in 7.7.1 Enabled C: Program Files x86 Mozilla
CHR - plugin: QuickTime Plug-in 7.7.1 Enabled C: Program Files x86 Mozilla
CHR - plugin: Java Platform SE 7 U5 Enabled C: Program Files x86 Oracle JavaFX 2.1
CHR - plugin: Java Deployment Toolkit 7.0.50.255 Enabled
CHR - Extension: YouTube C: Users Owner AppData Local Google Chrome User Data Default Extensions blpcfgokakmgnkcojhhkbfbldkacnbeo 4.2.50
CHR - Extension: Google Search C: Users Owner AppData Local Google Chrome User Data Default Extensions coobgpohoikkiipiblmjeljniedjpjpf 0.0.0.190
CHR - Extension: Fast save C: Users Owner AppData Local Google Chrome User Data Default Extensions ejocjilmecckaddkddknbfgjampibkhh 1.10
CHR - Extension: DivX Plus Web Player HTML5 u003Cvideo u003E C: Users Owner AppData Local Google Chrome User Data Default Extensions nneajnkjbffgblleaoojgaacokifdkhm 2.1.2.1450
CHR - Extension: Instagram for Chrome C: Users Owner AppData Local Google Chrome User Data Default Extensions opnbmdkdflhjiclaoiiifmheknpccalb 2.6.40
O2 - BHO: DivX Plus Web Player HTML5 video - 326E768D-4182-46FD-9C16-1449A49795F4 - C: Program Files x86 DivX DivX Plus Web DivX, LLC
O2 - BHO: Bing Bar Helper - d2ce3e00-f94a-4740-988e-03dc2f38c34f - C: Program Files Microsoft Corporation.
O3 - HKLM. Toolbar: Bing Bar - 8dcb7100-df86-4384-8842-8fa844297b3f - C: Program Files Microsoft Corporation.
O4: 64bit: - HKLM. Run: IAAnotif C: Program Files x86 Intel Intel Matrix Storage Intel Corporation
O4: 64bit: - HKLM. Run: Windows Mobile Device Center Microsoft Corporation
O4 - HKLM. Run: Ad Muncher C: Program Files x86 Ad Murray Hurps Software Pty Ltd
O4 - HKLM. Run: APSDaemon C: Program Files x86 Common Files Apple Apple Application Apple Inc.
O4 - HKLM. Run: BingDesktop C: Program Files Microsoft Corp.
O4 - HKLM. Run: Dell DataSafe Online C: Program Files x86 Dell DataSafe
O4 - HKLM. Run: LogitechQuickCamRibbon C: Program Files Logitech Logitech WebCam
O4 - HKLM. Run: Mobile Connectivity Suite C: Program Files x86 HTC HTC Sync Application Launcher Application Teleca Sweden AB
O4 - HKCU. Run: EPSON Stylus Photo R340 Series/FU /EF HKCU File not found
O4 - HKCU. Run: C: Program Files
O4 - HKCU. Run: Logitech Vid C: Program Files x86 Logitech Vid Logitech Inc.
O9 - Extra Button:, -222 - 2EAF5BB1-070F-11D3-9307-00C04FAE2D4F - Microsoft Corporation
O9 - Extra Tools menuitem:, -223 - 2EAF5BB2-070F-11D3-9307-00C04FAE2D4F - Microsoft Corporation
O10: 64bit: - NameSpaceCatalog5 CatalogEntries64 000000000009 - C: Program Apple Inc.
O10 - NameSpaceCatalog5 CatalogEntries 000000000009 - C: Program Files Apple Inc.
O17 - HKLM System CCS Services Tcpip Parameters: DhcpNameServer 192.168.1.254
O17 - HKLM System CCS Services Tcpip Parameters Interfaces 081B0E74-3E2F-4B25-80B4-0635BD5A76D3: DhcpNameServer 192.168.1.254
O17 - HKLM System CCS Services Tcpip Parameters Interfaces F75A2444-E552-41D4-9D00-80A326784665: DhcpNameServer 192.168.1.254
O18 - Protocol Handler cozi 5356518D-FE9C-4E08-9C1F-1E872ECD367F - c: Program Files x86 Cozi Cozi Group, Inc.
O21: 64bit: - SSODL: WebCheck - E6FB5E20-DE35-11CF-9C87-00AA005127ED - No CLSID value found.
O21 - SSODL: WebCheck - E6FB5E20-DE35-11CF-9C87-00AA005127ED - No CLSID value found.
O32 - AutoRun File - 2012/01/21 19:18:57 000, 000, 000 -D M - M: autocallrecorder - - NTFS
O38 - SubSystems Windows: ServerDllwinsrv:UserServerDllInitialization, 3
O38 - SubSystems Windows: ServerDllwinsrv:ConServerDllInitialization, 2
O38 - SubSystems Windows: ServerDllsxssrv, 4
2012/10/01 18:26:08 000, 000, 000 -D C - - C: ProgramData Microsoft Windows Start Menu Programs ERUNT
2012/09/20 18:51:52 000, 181, 064 - C Sysinternals - -
2012/09/09 19:22:43 000, 000, 000 -D C - - C: ProgramData Microsoft Windows Start Menu Programs Auslogics
2012/10/02 21:14:00 000, 000, 830 - M - C: Windows tasks Adobe Flash Player
2012/10/01 19:40:00 000, 022, 464 -H- M - C: Windows SysNative 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012/10/01 19:40:00 000, 022, 464 -H- M - C: Windows SysNative 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012/09/24 17:59:51 000, 181, 064 - M Sysinternals - -
2012/09/21 07:43:47 000, 001, 115 - M - C: Users Public Desktop Malwarebytes
2012/09/09 19:22:43 000, 001, 269 - M - C: Users Owner Application Data Microsoft Internet Explorer Quick Launch Auslogics
2012/09/07 17:04:46 000, 025, 928 - M Malwarebytes Corporation - -
2012/09/09 19:22:43 000, 001, 269 - C - C: Users Owner Application Data Microsoft Internet Explorer Quick Launch Auslogics
2012/06/09 01:43:10 014, 172, 672 - M Microsoft Corporation
2012/06/09 00:41:00 012, 873, 728 - M Microsoft Corporation
2009/07/13 21:40:51 000, 909, 312 - M Microsoft Corporation
2010/11/20 08:19:02 000, 606, 208 - M Microsoft Corporation
2009/07/13 21:41:56 000, 505, 856 - M Microsoft Corporation
2010/07/04 18:01:10 000, 000, 000 -D M - - C: Users Owner AppData Roaming DVDVideoSoftIEHelpers
Malwarebytes scan says No malicious items detected.
Malwarebytes Anti-Malware PRO 1.65.0.1400
Database version: v2012.10.02.03
Internet Explorer 9.0.8112.16421
Time elapsed: 2 minutes, 43 seconds
The same thing with all the ESET scan, no threats were found.
9.00.8112.16421 WIN7IE9RTM.110308-0330
localtime2012-10-03 12:11:55 - 0500, Eastern Daylight Time
osver6.1.7601 NT Service Pack 1
Now simply click Restore Defaults. If the UAC prompt is displayed click Yes.
Next, select Turn Windows Firewall on or off and within the option Home or work private network location settings - and select Turn off Windows Firewall not advised - OK.
Carry your same procedure because the above for Turn Windows Firewall on or off and within the option Public network location settings select Turn off Windows Firewall not suggested.
Note: No need for it to get active following reset for the reason that installed ESET Smart Security has got the Smart Firewall feature.
Then depress the Enter/Return key, then type in the subsequent exactly:
A Analysis report is going to be displayed and Windows will become the Defragmentation run automatically.
This might take some time, when completed the Command Prompt C: will be.
Now enter in CHKDSK C:/R striking the Enter/Return key.
Type in EXIT and colliding with the Enter/Return key.
Now RebootRestart your personal computer.
Note: Upon RebootRestart the CHKDSKcheck-disk will become and carry your repairs required.
Do not touch either the laptop keyboard or Mouse, otherwise the Check-Disk is going to be cancelled so you computer continues to boot-up as normal.
Right click, select Run as Administrator, and continue with the onscreen instructions inside with the black box.
A Notepad document should open automatically called ; please post the belongings in that document.
Results of screen317 s Security Check version 0.99.51
Malwarebytes Anti-Malware version 1.65.0.1400
Adobe Flash Player 11.4.402.278
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Congratulations, your logs appear clean again Now we have some cleanup to try and do.
In Control Panel, select Programs and Features.
Google Chrome 21.0.1180.83
Follow these instructions to disable JAVA with your web browser.
Follow the instructions here to delete all restore points.
Copy the lines in the quote box below will not copy the phrase quote by highlighting all of those and pressing CTRL C or, after highlighting, right-click and select Copy
Paste them in to the Custom Scans/Fixes box in the bottoom, by right-clicking inside your box and selecting Paste.
Let this program run unhindered, reboot the PC when it can be done.
Right simply click OTL and select Run as administrator, running it.
On the OTL main screen, press the Cleanup button
Say Yes for the prompt after which allow this system to reboot your laptop.
Note: If any logs/tools remain on the desktop right click and delete them.
It s essential that you keep computer updated using the latest Adobe updates.
Allow any updates to become downloaded and installed.
I recommend updating and scanning with MalwareBytes Anti-Malware weekly to rid your whole body of spyware.
Your anti-virus software, ESET Smart Security, is setup to download and install updates while they become available. I also advise that you simply run the whole scan weekly, to help expand protect yourself.
Finally, it can be a good option to clear out your complete temp files every now then. This will help keep the computer from slowing down and it also can also assist in enabling rid of files which could contain malicious code that can re-infect your personal machine.
It is important and keep your os updated. To enable Automatic Updates to ensure that updates are downloaded and installed automatically, simply click here.
It s essential that you keep computer updated while using latest version of JAVA.
This will look current version of Java and provides you an update if your are available.
Finally, to understand more about the way to protect yourself while about the internet read How did I get infected within the first place?
I could keep this thread open for a holiday, so if you could have any further problems post another reply here.
Since this matter appears to get this Topic may be closed. Glad we can easily help.
If youre the niche starter, and wish this topic reopened, please talk to a staff member using the address in the thread.
Everyone else please start a New Topic.
Topic reopened as we usually do not provide support via PMprivate message. blmadara will reply last this topic shortly.
Hi roachklip, topic is re-opened. Please perform the cleanup steps that I have posted.
i m sorry but i assumed i had to create more logs and such things as that. i'd you re-open the thread for nothing.
well, probably not for
0 members, 1 guests, 0 anonymous users
Licensed to: Geeks to Go, Inc.
You already have javascript disabled. Several functions would possibly not work. Please re-enable javascript to gain access to full functionality.
Search engine redirect? Fake alerts? Our malware removal experts are very skilled, and uniquely allowed to help, utilizing free tools like OTL, MBAM, ComboFix, HijackThis, GMER, DDS, TDSS Killer as well as others.
Started by admin, 30 Jul 2007
Started by admin, 03 May 2005
Started by admin, 10 Nov 2004
Started by admin, 10 Aug 2004
Started by Destiny000, 22 Oct 2015
Started by jake1master, Yesterday, 05:20 PM
Started by hichicha, 05 Dec 2015
Started by Crazy North, 03 Dec 2015
Started by Fred60, 07 Dec 2015
Started by Cldanzer, 31 Aug 2015
Started by jbljohn, 05 Dec 2015
Started by Betrayed, Yesterday, 01:23 PM
Started by elielieli, 18 Nov 2015
Started by Chipies, Yesterday, 08:59 AM
Started by henrymills, Yesterday, 08:13 AM
Started by rockycha, 22 Nov 2015
Started by 67mopar, 21 Nov 2015
Started by NatiePotatie, 26 Nov 2015
Started by DonaukinderliebeMarija, 05 Dec 2015
Started by margaritocu, 06 Dec 2015
Started by sassywalrus, 06 Dec 2015
2 members, 11 guests, 1 anonymous users
Betrayed, LiquidTension
This option hides the post, but leaves it inside topic.
This option completely removes the post from your topic.
Licensed to: Geeks to Go, Inc.