An ad please help me remove it
Solved/Closed
K_A
Posts
12
Registration date
Saturday May 31, 2014
Status
Member
Last seen
June 8, 2014
-
May 31, 2014 at 03:24 PM
K_A Posts 12 Registration date Saturday May 31, 2014 Status Member Last seen June 8, 2014 - Jun 8, 2014 at 06:26 AM
K_A Posts 12 Registration date Saturday May 31, 2014 Status Member Last seen June 8, 2014 - Jun 8, 2014 at 06:26 AM
Related:
- An ad please help me remove it
- Ubuntu remove password - Guide
- Remove recent files windows 11 - Guide
- How to remove number from blacklist - Guide
- Code to remove number from blacklist - Guide
- How to remove steam guard - Guide
15 responses
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,168
May 31, 2014 at 06:00 PM
May 31, 2014 at 06:00 PM
hi
You poor soul!
It's evident that when you download a keygen with an illegal copy of a software, which is illegal, that hackers will take the opportunity to send you a virus to go along the way. That is 90% of the cases.
If you delete the keygen and your illegal Minecraft and others like it, it is an absolute must. But the virus may remain on your computer. Once all the illegal stuff removed I will guide you to remove the virus.
Good luck
Ambucias
Moderator and Virus/Security Contributor
You poor soul!
It's evident that when you download a keygen with an illegal copy of a software, which is illegal, that hackers will take the opportunity to send you a virus to go along the way. That is 90% of the cases.
If you delete the keygen and your illegal Minecraft and others like it, it is an absolute must. But the virus may remain on your computer. Once all the illegal stuff removed I will guide you to remove the virus.
Good luck
Ambucias
Moderator and Virus/Security Contributor
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,168
Jun 2, 2014 at 06:29 AM
Jun 2, 2014 at 06:29 AM
Download the following Adwcleaner created by Xplode
https://ccm.net/downloads/security-and-maintenance/6911-adwcleaner/
Launch it (for Windows 7 and 8, click right to run as administrator)
Click on clean
Post the log C:\Adwcleaner[Sx].txt on this thread.
https://ccm.net/downloads/security-and-maintenance/6911-adwcleaner/
Launch it (for Windows 7 and 8, click right to run as administrator)
Click on clean
Post the log C:\Adwcleaner[Sx].txt on this thread.
K_A
Posts
12
Registration date
Saturday May 31, 2014
Status
Member
Last seen
June 8, 2014
Jun 1, 2014 at 12:06 PM
Jun 1, 2014 at 12:06 PM
My f****ing friend send me this website, Anyway I will try and thanks (;
K_A
Posts
12
Registration date
Saturday May 31, 2014
Status
Member
Last seen
June 8, 2014
Jun 2, 2014 at 06:17 AM
Jun 2, 2014 at 06:17 AM
Okay I delete all illegal stuff but its still,Now what do I do?
Didn't find the answer you are looking for?
Ask a question
K_A
Posts
12
Registration date
Saturday May 31, 2014
Status
Member
Last seen
June 8, 2014
Jun 3, 2014 at 08:53 AM
Jun 3, 2014 at 08:53 AM
C:\Adwcleaner[Sx].txt,So?
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,168
Jun 3, 2014 at 04:31 PM
Jun 3, 2014 at 04:31 PM
Open C:\Adwcleaner[Sx].txt, copy it and paste it here.
K_A
Posts
12
Registration date
Saturday May 31, 2014
Status
Member
Last seen
June 8, 2014
Jun 4, 2014 at 11:27 AM
Jun 4, 2014 at 11:27 AM
Hey I din't find Adwcleaner[Sx].txt but here what I find # AdwCleaner v3.211 - Report created 02/06/2014 at 18:13:13
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : User - USER-PC
# Running from : C:\Users\User\Downloads\AdwCleaner-3.211.exe
# Option : Scan
***** [ Services ] *****
Service Found : winzipersvc
***** [ Files / Folders ] *****
File Found : C:\END
File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.qvo6.com_0.localstorage
File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.qvo6.com_0.localstorage-journal
File Found : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Oxy.lnk
File Found : C:\Users\User\daemonprocess.txt
File Found : C:\Users\User\Desktop\Oxy.lnk
File Found : C:\Users\User\Desktop\Oxy-Downloader.lnk
File Found : C:\Users\User\Desktop\PileFile.lnk
File Found : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
File Found : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser
File Found : C:\Windows\System32\Tasks\paretologic registration3
File Found : C:\Windows\System32\Tasks\paretologic update version3
File Found : C:\Windows\Tasks\AmiUpdXp.job
File Found : C:\Windows\Tasks\paretologic registration3.job
File Found : C:\Windows\Tasks\paretologic update version3.job
Folder Found : C:\Program Files (x86)\Common Files\337
Folder Found : C:\Program Files (x86)\Common Files\ParetoLogic
Folder Found : C:\Program Files (x86)\Common Files\speedypc software
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\DefaultTab
Folder Found : C:\Program Files (x86)\Desk 365
Folder Found : C:\Program Files (x86)\Discount Buddy
Folder Found : C:\Program Files (x86)\Discount Buddy
Folder Found : C:\Program Files (x86)\Mobogenie
Folder Found : C:\Program Files (x86)\Omiga Plus
Folder Found : C:\Program Files (x86)\ParetoLogic
Folder Found : C:\Program Files (x86)\SimilarSites
Folder Found : C:\Program Files (x86)\ss helper
Folder Found : C:\Program Files (x86)\TornTV.com
Folder Found : C:\Program Files (x86)\WinZipper
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\BitGuard
Folder Found : C:\ProgramData\Browser Manager
Folder Found : C:\ProgramData\BrowserProtect
Folder Found : C:\ProgramData\eSafe
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Found : C:\ProgramData\ParetoLogic
Folder Found : C:\ProgramData\QuickSet
Folder Found : C:\ProgramData\speedypc software
Folder Found : C:\Users\User\AppData\Local\Bundled software uninstaller
Folder Found : C:\Users\User\AppData\Local\Conduit
Folder Found : C:\Users\User\AppData\Local\Discount Buddy
Folder Found : C:\Users\User\AppData\Local\Discount Buddy
Folder Found : C:\Users\User\AppData\Local\genienext
Folder Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp
Folder Found : C:\Users\User\AppData\Local\Mobogenie
Folder Found : C:\Users\User\AppData\Local\NativeMessaging
Folder Found : C:\Users\User\AppData\Local\Oxy
Folder Found : C:\Users\User\AppData\Local\SwvUpdater
Folder Found : C:\Users\User\AppData\Local\webplayer
Folder Found : C:\Users\User\AppData\LocalLow\Conduit
Folder Found : C:\Users\User\AppData\LocalLow\DataMngr
Folder Found : C:\Users\User\AppData\LocalLow\Minibar
Folder Found : C:\Users\User\AppData\LocalLow\mixidj
Folder Found : C:\Users\User\AppData\LocalLow\Softonic
Folder Found : C:\Users\User\AppData\LocalLow\tuvaro
Folder Found : C:\Users\User\AppData\Roaming\337
Folder Found : C:\Users\User\AppData\Roaming\337 Wallpaper
Folder Found : C:\Users\User\AppData\Roaming\Babylon
Folder Found : C:\Users\User\AppData\Roaming\Desk 365
Folder Found : C:\Users\User\AppData\Roaming\DriverCure
Folder Found : C:\Users\User\AppData\Roaming\eIntaller
Folder Found : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Folder Found : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oxy
Folder Found : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
Folder Found : C:\Users\User\AppData\Roaming\newnext.me
Folder Found : C:\Users\User\AppData\Roaming\Omiga Plus
Folder Found : C:\Users\User\AppData\Roaming\OpenCandy
Folder Found : C:\Users\User\AppData\Roaming\Oxy
Folder Found : C:\Users\User\AppData\Roaming\ParetoLogic
Folder Found : C:\Users\User\AppData\Roaming\SimilarSites
Folder Found : C:\Users\User\AppData\Roaming\WinZipper
Folder Found : C:\Users\User\Documents\Mobogenie
Folder Found : C:\Windows\SysWOW64\hotspot shield
***** [ Shortcuts ] *****
Shortcut Found : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://aartemis.com/?type=sc&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677 )
***** [ Registry ] *****
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=ST3500413AS_5VMT2677XXXX5VMT2677&ts=1375733214
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\movies~1\datamngr\mgrldr.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\movies~1\datamngr\x64\mgrldr.dll
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\5953d7dae56ebd15
Key Found : HKCU\Software\anchorfree
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Classes\iLivid.torrent
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Escolade
Key Found : HKCU\Software\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5BF593B3-9AC9-44E5-8AC4-92BD3F4DFBD8}_is1
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9AAF2503-6CD5-414A-B5BA-37639B76C91F}
Key Found : HKCU\Software\ParetoLogic
Key Found : HKCU\Software\Popajar
Key Found : HKCU\Software\SmileysWeLove
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\speedypc software
Key Found : HKCU\Software\Tbccint_HKLM
Key Found : HKCU\Software\torch
Key Found : HKCU\Software\V9
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\anchorfree
Key Found : [x64] HKCU\Software\BabSolution
Key Found : [x64] HKCU\Software\BI
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\DataMngr_Toolbar
Key Found : [x64] HKCU\Software\Escolade
Key Found : [x64] HKCU\Software\ilivid
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKCU\Software\ParetoLogic
Key Found : [x64] HKCU\Software\Popajar
Key Found : [x64] HKCU\Software\SmileysWeLove
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\speedypc software
Key Found : [x64] HKCU\Software\Tbccint_HKLM
Key Found : [x64] HKCU\Software\torch
Key Found : [x64] HKCU\Software\V9
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\5953d7dae56ebd15
Key Found : HKLM\Software\aartemisSoftware
Key Found : HKLM\SOFTWARE\Classes\AmiBs.Installer
Key Found : HKLM\SOFTWARE\Classes\AmiBs.Installer.1
Key Found : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Found : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A6FEED89-3BCD-4D19-9DC2-3E613A80A2A4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1C1356DA-1E98-4810-A9F6-18D89BD1C0C0}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\Desksvc
Key Found : HKLM\Software\Discount Buddy
Key Found : HKLM\Software\eSafeSecControl
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Key Found : HKLM\Software\hdcode
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\oxy.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_eea72b4f
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Found : HKLM\Software\omigaplusSvc
Key Found : HKLM\Software\ParetoLogic
Key Found : HKLM\Software\qvo6Software
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\speedypc software
Key Found : HKLM\Software\SProtector
Key Found : HKLM\Software\torch
Key Found : HKLM\Software\V9
Key Found : HKLM\Software\Vittalia
Key Found : HKLM\Software\winzipersvc
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [APISupport]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3D86A75B-CB6B-4764-885D-CA6336F04BA2}]
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16635
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://aartemis.com/?type=hp&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.aartemis.com/web/?type=ds&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://aartemis.com/?type=hp&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://aartemis.com/?type=hp&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.aartemis.com/web/?type=ds&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.aartemis.com/web/?type=ds&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://aartemis.com/?type=hp&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://aartemis.com/?type=hp&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.aartemis.com/web/?type=ds&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677&q={searchTerms}
-\\ Google Chrome v35.0.1916.114
[ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found [Extension] : cflheckfmhopnialghigdlggahiomebp
Found [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo
Found [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
*************************
AdwCleaner[R0].txt - [22324 octets] - [02/06/2014 18:13:13]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [22385 octets] ##########
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : User - USER-PC
# Running from : C:\Users\User\Downloads\AdwCleaner-3.211.exe
# Option : Scan
***** [ Services ] *****
Service Found : winzipersvc
***** [ Files / Folders ] *****
File Found : C:\END
File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.qvo6.com_0.localstorage
File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.qvo6.com_0.localstorage-journal
File Found : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Oxy.lnk
File Found : C:\Users\User\daemonprocess.txt
File Found : C:\Users\User\Desktop\Oxy.lnk
File Found : C:\Users\User\Desktop\Oxy-Downloader.lnk
File Found : C:\Users\User\Desktop\PileFile.lnk
File Found : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser
File Found : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser
File Found : C:\Windows\System32\Tasks\paretologic registration3
File Found : C:\Windows\System32\Tasks\paretologic update version3
File Found : C:\Windows\Tasks\AmiUpdXp.job
File Found : C:\Windows\Tasks\paretologic registration3.job
File Found : C:\Windows\Tasks\paretologic update version3.job
Folder Found : C:\Program Files (x86)\Common Files\337
Folder Found : C:\Program Files (x86)\Common Files\ParetoLogic
Folder Found : C:\Program Files (x86)\Common Files\speedypc software
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\DefaultTab
Folder Found : C:\Program Files (x86)\Desk 365
Folder Found : C:\Program Files (x86)\Discount Buddy
Folder Found : C:\Program Files (x86)\Discount Buddy
Folder Found : C:\Program Files (x86)\Mobogenie
Folder Found : C:\Program Files (x86)\Omiga Plus
Folder Found : C:\Program Files (x86)\ParetoLogic
Folder Found : C:\Program Files (x86)\SimilarSites
Folder Found : C:\Program Files (x86)\ss helper
Folder Found : C:\Program Files (x86)\TornTV.com
Folder Found : C:\Program Files (x86)\WinZipper
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\BitGuard
Folder Found : C:\ProgramData\Browser Manager
Folder Found : C:\ProgramData\BrowserProtect
Folder Found : C:\ProgramData\eSafe
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Found : C:\ProgramData\ParetoLogic
Folder Found : C:\ProgramData\QuickSet
Folder Found : C:\ProgramData\speedypc software
Folder Found : C:\Users\User\AppData\Local\Bundled software uninstaller
Folder Found : C:\Users\User\AppData\Local\Conduit
Folder Found : C:\Users\User\AppData\Local\Discount Buddy
Folder Found : C:\Users\User\AppData\Local\Discount Buddy
Folder Found : C:\Users\User\AppData\Local\genienext
Folder Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp
Folder Found : C:\Users\User\AppData\Local\Mobogenie
Folder Found : C:\Users\User\AppData\Local\NativeMessaging
Folder Found : C:\Users\User\AppData\Local\Oxy
Folder Found : C:\Users\User\AppData\Local\SwvUpdater
Folder Found : C:\Users\User\AppData\Local\webplayer
Folder Found : C:\Users\User\AppData\LocalLow\Conduit
Folder Found : C:\Users\User\AppData\LocalLow\DataMngr
Folder Found : C:\Users\User\AppData\LocalLow\Minibar
Folder Found : C:\Users\User\AppData\LocalLow\mixidj
Folder Found : C:\Users\User\AppData\LocalLow\Softonic
Folder Found : C:\Users\User\AppData\LocalLow\tuvaro
Folder Found : C:\Users\User\AppData\Roaming\337
Folder Found : C:\Users\User\AppData\Roaming\337 Wallpaper
Folder Found : C:\Users\User\AppData\Roaming\Babylon
Folder Found : C:\Users\User\AppData\Roaming\Desk 365
Folder Found : C:\Users\User\AppData\Roaming\DriverCure
Folder Found : C:\Users\User\AppData\Roaming\eIntaller
Folder Found : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Folder Found : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oxy
Folder Found : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
Folder Found : C:\Users\User\AppData\Roaming\newnext.me
Folder Found : C:\Users\User\AppData\Roaming\Omiga Plus
Folder Found : C:\Users\User\AppData\Roaming\OpenCandy
Folder Found : C:\Users\User\AppData\Roaming\Oxy
Folder Found : C:\Users\User\AppData\Roaming\ParetoLogic
Folder Found : C:\Users\User\AppData\Roaming\SimilarSites
Folder Found : C:\Users\User\AppData\Roaming\WinZipper
Folder Found : C:\Users\User\Documents\Mobogenie
Folder Found : C:\Windows\SysWOW64\hotspot shield
***** [ Shortcuts ] *****
Shortcut Found : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://aartemis.com/?type=sc&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677 )
***** [ Registry ] *****
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=ST3500413AS_5VMT2677XXXX5VMT2677&ts=1375733214
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\movies~1\datamngr\mgrldr.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\movies~1\datamngr\x64\mgrldr.dll
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\5953d7dae56ebd15
Key Found : HKCU\Software\anchorfree
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Classes\iLivid.torrent
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Escolade
Key Found : HKCU\Software\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5BF593B3-9AC9-44E5-8AC4-92BD3F4DFBD8}_is1
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9AAF2503-6CD5-414A-B5BA-37639B76C91F}
Key Found : HKCU\Software\ParetoLogic
Key Found : HKCU\Software\Popajar
Key Found : HKCU\Software\SmileysWeLove
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\speedypc software
Key Found : HKCU\Software\Tbccint_HKLM
Key Found : HKCU\Software\torch
Key Found : HKCU\Software\V9
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\anchorfree
Key Found : [x64] HKCU\Software\BabSolution
Key Found : [x64] HKCU\Software\BI
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\DataMngr_Toolbar
Key Found : [x64] HKCU\Software\Escolade
Key Found : [x64] HKCU\Software\ilivid
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKCU\Software\ParetoLogic
Key Found : [x64] HKCU\Software\Popajar
Key Found : [x64] HKCU\Software\SmileysWeLove
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\speedypc software
Key Found : [x64] HKCU\Software\Tbccint_HKLM
Key Found : [x64] HKCU\Software\torch
Key Found : [x64] HKCU\Software\V9
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\5953d7dae56ebd15
Key Found : HKLM\Software\aartemisSoftware
Key Found : HKLM\SOFTWARE\Classes\AmiBs.Installer
Key Found : HKLM\SOFTWARE\Classes\AmiBs.Installer.1
Key Found : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Found : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A6FEED89-3BCD-4D19-9DC2-3E613A80A2A4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1C1356DA-1E98-4810-A9F6-18D89BD1C0C0}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\Desksvc
Key Found : HKLM\Software\Discount Buddy
Key Found : HKLM\Software\eSafeSecControl
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Key Found : HKLM\Software\hdcode
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\oxy.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_eea72b4f
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Found : HKLM\Software\omigaplusSvc
Key Found : HKLM\Software\ParetoLogic
Key Found : HKLM\Software\qvo6Software
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\speedypc software
Key Found : HKLM\Software\SProtector
Key Found : HKLM\Software\torch
Key Found : HKLM\Software\V9
Key Found : HKLM\Software\Vittalia
Key Found : HKLM\Software\winzipersvc
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [APISupport]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3D86A75B-CB6B-4764-885D-CA6336F04BA2}]
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16635
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://aartemis.com/?type=hp&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.aartemis.com/web/?type=ds&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://aartemis.com/?type=hp&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://aartemis.com/?type=hp&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.aartemis.com/web/?type=ds&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.aartemis.com/web/?type=ds&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://aartemis.com/?type=hp&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://aartemis.com/?type=hp&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.aartemis.com/web/?type=ds&ts=1385812374&from=mlv&uid=ST3500413AS_5VMT2677XXXX5VMT2677&q={searchTerms}
-\\ Google Chrome v35.0.1916.114
[ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found [Extension] : cflheckfmhopnialghigdlggahiomebp
Found [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo
Found [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
*************************
AdwCleaner[R0].txt - [22324 octets] - [02/06/2014 18:13:13]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [22385 octets] ##########
K_A
Posts
12
Registration date
Saturday May 31, 2014
Status
Member
Last seen
June 8, 2014
Jun 4, 2014 at 02:01 PM
Jun 4, 2014 at 02:01 PM
So?
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,168
Jun 4, 2014 at 04:33 PM
Jun 4, 2014 at 04:33 PM
You should now be able to browse without the ad. No?
K_A
Posts
12
Registration date
Saturday May 31, 2014
Status
Member
Last seen
June 8, 2014
Jun 5, 2014 at 05:08 AM
Jun 5, 2014 at 05:08 AM
No I dont mean when I browse,I mean when I write a message on steam/skype for my friend and press enter it gives me this first to my friend (message) then Hey, I just found this awesome website and I got minecraft premium from there: http://minecraftgift.tk/ ............UnWanted message please help!
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,168
Jun 5, 2014 at 06:57 AM
Jun 5, 2014 at 06:57 AM
To help you and prescribe the remedy, I must make a diagnostic and to do so, I require a log.
1. Open this link and download ZHPDiag2 :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
(Don't be alarmed is the site is in French, it sometimes happens, the tool will take your system language and allow the download if you get a warning message.)
2. Save the file on your Desktop.
3. Double click on ZHPDiag.exe and follow the installation instructions.
(For Vista and Win 7 users, click right to ensure you execute with admin right)
The tool creates three icons ZHPDiag, MRB, and ZHPFix (If necessary,we will use ZHPFix after log analysis).
4. Double click on the short cut ZHPDiag on your Destktop.
5. If you need to change the language, click on the little house, (bottom right) and change to English
6. Click on the "Full options"
Wait for the tool to finished (maybe a long time)
7. Close ZHPDiag.
8. To transmit the report, click on this link :
https://authentification.site
9. Search the directory where you installed ZHPDiag (usually C:\desktop\zhpdiag.txt).
10. Select the file ZHPDiag.txt.
11. Click on "upload ยป
12. Copy the URL and post it here.
1. Open this link and download ZHPDiag2 :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
(Don't be alarmed is the site is in French, it sometimes happens, the tool will take your system language and allow the download if you get a warning message.)
2. Save the file on your Desktop.
3. Double click on ZHPDiag.exe and follow the installation instructions.
(For Vista and Win 7 users, click right to ensure you execute with admin right)
The tool creates three icons ZHPDiag, MRB, and ZHPFix (If necessary,we will use ZHPFix after log analysis).
4. Double click on the short cut ZHPDiag on your Destktop.
5. If you need to change the language, click on the little house, (bottom right) and change to English
6. Click on the "Full options"
Wait for the tool to finished (maybe a long time)
7. Close ZHPDiag.
8. To transmit the report, click on this link :
https://authentification.site
9. Search the directory where you installed ZHPDiag (usually C:\desktop\zhpdiag.txt).
10. Select the file ZHPDiag.txt.
11. Click on "upload ยป
12. Copy the URL and post it here.
K_A
Posts
12
Registration date
Saturday May 31, 2014
Status
Member
Last seen
June 8, 2014
Jun 5, 2014 at 12:36 PM
Jun 5, 2014 at 12:36 PM
<a href="http://speedy.sh/aSJHb/ZHPDiag.txt">Download at SpeedyShare</a>....Or this I think [code]http://speedy.sh/aSJHb/ZHPDiag.txt/code
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,168
Jun 5, 2014 at 05:51 PM
Jun 5, 2014 at 05:51 PM
Hello KA
Thanks for the log.
Yep! Your machine is badly infected.
You have:
1. A Hijacker.Proxy
2. A trojan (Bitcoin Miner)
3. Adware (IMbooster)
As well as as pup's (possible unwanted software)
a) Paretologic
b) Drive Cure
c) Start Search
d) My PC Backup
e) Crossrider
Pup's can give you a hard time to keep your machine safe.
Do you wish for me to make a plan for you to get rid of all the above?
Regards
Thanks for the log.
Yep! Your machine is badly infected.
You have:
1. A Hijacker.Proxy
2. A trojan (Bitcoin Miner)
3. Adware (IMbooster)
As well as as pup's (possible unwanted software)
a) Paretologic
b) Drive Cure
c) Start Search
d) My PC Backup
e) Crossrider
Pup's can give you a hard time to keep your machine safe.
Do you wish for me to make a plan for you to get rid of all the above?
Regards
K_A
Posts
12
Registration date
Saturday May 31, 2014
Status
Member
Last seen
June 8, 2014
Jun 6, 2014 at 05:40 AM
Jun 6, 2014 at 05:40 AM
Yes,Make a plan please
K_A
Posts
12
Registration date
Saturday May 31, 2014
Status
Member
Last seen
June 8, 2014
Jun 6, 2014 at 04:24 PM
Jun 6, 2014 at 04:24 PM
And ya I need Paretologic so I dont wanna remove
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,168
Jun 6, 2014 at 06:16 PM
Jun 6, 2014 at 06:16 PM
Sorry for the late reply, I have all sorts of emergencies. Dont despair, I have someone else writing a menu of solutions for you.
See you soon
See you soon
K_A
Posts
12
Registration date
Saturday May 31, 2014
Status
Member
Last seen
June 8, 2014
Jun 7, 2014 at 08:54 AM
Jun 7, 2014 at 08:54 AM
Okay
And no problem
And no problem
Holy moley! That is one poorly computer. Search protect and conduit are regulars I see for my customers and are pains to get rid of. Good luck!
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,168
Jun 7, 2014 at 04:55 PM
Jun 7, 2014 at 04:55 PM
Hi K_A
Lets start with this.
Download Malwarebyte here:
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/
Install it and then update it.
Run a full scan as the short scan is the default scan.
Let the tool run.
A report will be produced, please copy it and paste here.
Regards
Lets start with this.
Download Malwarebyte here:
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/
Install it and then update it.
Run a full scan as the short scan is the default scan.
Let the tool run.
A report will be produced, please copy it and paste here.
Regards
K_A
Posts
12
Registration date
Saturday May 31, 2014
Status
Member
Last seen
June 8, 2014
Jun 8, 2014 at 06:26 AM
Jun 8, 2014 at 06:26 AM
Hey ambucias I thank you so much I dont know how to thank you man, My problem is solved by you your the best ambucias, Thanks for the help I hope we meet again ;D,God bless you.
