Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
FBI Virus
Message
<blockquote data-quote="Semloh" data-source="post: 97023" data-attributes="member: 4807"><p>Done</p><p># AdwCleaner v2.105 - Logfile created 01/15/2013 at 20:33:25</p><p># Updated 08/01/2013 by Xplode</p><p># Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)</p><p># User : Dad - DAD-PC</p><p># Boot Mode : Normal</p><p># Running from : C:\Users\Dad\Desktop\AdwCleaner.exe</p><p># Option [Delete]</p><p></p><p></p><p>***** [Services] *****</p><p></p><p></p><p>***** [Files / Folders] *****</p><p></p><p>File Deleted : C:\Users\Dad\AppData\Local\funmoods-speeddial.crx</p><p>Folder Deleted : C:\Program Files\Ask.com</p><p>Folder Deleted : C:\Program Files\Viewpoint</p><p>Folder Deleted : C:\ProgramData\Ask</p><p>Folder Deleted : C:\ProgramData\Tarma Installer</p><p>Folder Deleted : C:\ProgramData\Viewpoint</p><p>Folder Deleted : C:\ProgramData\WeCareReminder</p><p>Folder Deleted : C:\Users\Dad\AppData\Local\APN</p><p>Folder Deleted : C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj</p><p>Folder Deleted : C:\Users\Dad\AppData\LocalLow\AskToolbar</p><p>Folder Deleted : C:\Users\Dad\AppData\LocalLow\Funmoods</p><p>Folder Deleted : C:\Users\Dad\AppData\LocalLow\Viewpoint</p><p>Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}</p><p></p><p>***** [Registry] *****</p><p></p><p>Key Deleted : HKCU\Software\APN</p><p>Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar</p><p>Key Deleted : HKCU\Software\Ask.com</p><p>Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj</p><p>Key Deleted : HKCU\Software\Headlight</p><p>Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Viewpoint Manager</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03F998B2-0E00-11D3-A498-00104B6EB52E}</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}</p><p>Key Deleted : HKCU\Software\Softonic</p><p>Key Deleted : HKCU\Software\wecarereminder</p><p>Key Deleted : HKLM\Software\APN</p><p>Key Deleted : HKLM\Software\AskToolbar</p><p>Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL</p><p>Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL</p><p>Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL</p><p>Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL</p><p>Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL</p><p>Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl</p><p>Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1</p><p>Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary</p><p>Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd</p><p>Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1</p><p>Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF</p><p>Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}</p><p>Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj</p><p>Key Deleted : HKLM\Software\MetaStream</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E</p><p>Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer</p><p>Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP</p><p>Key Deleted : HKLM\Software\Viewpoint</p><p>Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]</p><p>Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]</p><p>Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]</p><p></p><p>***** [Internet Browsers] *****</p><p></p><p>-\\ Internet Explorer v9.0.8112.16457</p><p></p><p>Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzutDtDtC0EzytDzy0CtDyDyEtCtB0AtAzytN0D0Tzu0CtBtByCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1239308023 --> hxxp://www.google.com</p><p></p><p>-\\ Google Chrome v24.0.1312.52</p><p></p><p>File : C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Preferences</p><p></p><p>Deleted [l.35] : icon_url = "hxxp://www.ask.com/favicon.ico",</p><p>Deleted [l.38] : keyword = "ask.com",</p><p>Deleted [l.41] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=56[...]</p><p>Deleted [l.42] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]</p><p></p><p>*************************</p><p></p><p>AdwCleaner[S1].txt - [11421 octets] - [15/01/2013 20:33:25]</p><p></p><p>########## EOF - C:\AdwCleaner[S1].txt - [11482 octets] ##########</p><p></p><p></p><p></p><p>RogueKiller V8.4.3 [Jan 10 2013] by Tigzy</p><p>mail : tigzyRK<at>gmail<dot>com</p><p>Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/</p><p>Website : http://tigzy.geekstogo.com/roguekiller.php</p><p>Blog : http://tigzyrk.blogspot.com/</p><p></p><p>Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version</p><p>Started in : Normal mode</p><p>User : Dad [Admin rights]</p><p>Mode : Scan -- Date : 01/15/2013 20:46:10</p><p></p><p>¤¤¤ Bad processes : 0 ¤¤¤</p><p></p><p>¤¤¤ Registry Entries : 8 ¤¤¤</p><p>[SHELL][SUSP PATH] HKCU\[...]\Winlogon : shell (C:\Users\Dad\AppData\Roaming\ldr.mcb,explorer.exe) -> FOUND</p><p>[SHELL][SUSP PATH] HKUS\S-1-5-21-4234410714-4276595648-1207258791-1000[...]\Winlogon : shell (C:\Users\Dad\AppData\Roaming\ldr.mcb,explorer.exe) -> FOUND</p><p>[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND</p><p>[HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND</p><p>[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND</p><p>[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND</p><p>[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND</p><p>[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND</p><p></p><p>¤¤¤ Particular Files / Folders: ¤¤¤</p><p></p><p>¤¤¤ Driver : [LOADED] ¤¤¤</p><p></p><p>¤¤¤ HOSTS File: ¤¤¤</p><p>--> C:\Windows\system32\drivers\etc\hosts</p><p></p><p>ÿþ1</p><p></p><p>¤¤¤ MBR Check: ¤¤¤</p><p></p><p>+++++ PhysicalDrive0: WDC WD3200AAJS-08B4A0 ATA Device +++++</p><p>--- User ---</p><p>[MBR] cc693e94bbda146d9f3ba65d52d53d2f</p><p>[BSP] 5cafccd8003e1a1148e9878e7482b0de : Windows Vista MBR Code</p><p>Partition table:</p><p>0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 286752 Mo</p><p>1 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 587272140 | Size: 18488 Mo</p><p>User = LL1 ... OK!</p><p>User = LL2 ... OK!</p><p></p><p>Finished : << RKreport[1]_S_01152013_02d2046.txt >></p><p>RKreport[1]_S_01152013_02d2046.txt</p><p></p><p></p><p></p><p>RogueKiller V8.4.3 [Jan 10 2013] by Tigzy</p><p>mail : tigzyRK<at>gmail<dot>com</p><p>Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/</p><p>Website : http://tigzy.geekstogo.com/roguekiller.php</p><p>Blog : http://tigzyrk.blogspot.com/</p><p></p><p>Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version</p><p>Started in : Normal mode</p><p>User : Dad [Admin rights]</p><p>Mode : Remove -- Date : 01/15/2013 20:46:58</p><p></p><p>¤¤¤ Bad processes : 0 ¤¤¤</p><p></p><p>¤¤¤ Registry Entries : 7 ¤¤¤</p><p>[SHELL][SUSP PATH] HKCU\[...]\Winlogon : shell (C:\Users\Dad\AppData\Roaming\ldr.mcb,explorer.exe) -> DELETED</p><p>[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED</p><p>[HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REPLACED (1)</p><p>[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)</p><p>[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)</p><p>[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)</p><p>[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)</p><p></p><p>¤¤¤ Particular Files / Folders: ¤¤¤</p><p></p><p>¤¤¤ Driver : [LOADED] ¤¤¤</p><p></p><p>¤¤¤ HOSTS File: ¤¤¤</p><p>--> C:\Windows\system32\drivers\etc\hosts</p><p></p><p>ÿþ1</p><p></p><p>¤¤¤ MBR Check: ¤¤¤</p><p></p><p>+++++ PhysicalDrive0: WDC WD3200AAJS-08B4A0 ATA Device +++++</p><p>--- User ---</p><p>[MBR] cc693e94bbda146d9f3ba65d52d53d2f</p><p>[BSP] 5cafccd8003e1a1148e9878e7482b0de : Windows Vista MBR Code</p><p>Partition table:</p><p>0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 286752 Mo</p><p>1 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 587272140 | Size: 18488 Mo</p><p>User = LL1 ... OK!</p><p>User = LL2 ... OK!</p><p></p><p>Finished : << RKreport[2]_D_01152013_02d2046.txt >></p><p>RKreport[1]_S_01152013_02d2046.txt ; RKreport[2]_D_01152013_02d2046.txt</p></blockquote><p></p>
[QUOTE="Semloh, post: 97023, member: 4807"] Done # AdwCleaner v2.105 - Logfile created 01/15/2013 at 20:33:25 # Updated 08/01/2013 by Xplode # Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits) # User : Dad - DAD-PC # Boot Mode : Normal # Running from : C:\Users\Dad\Desktop\AdwCleaner.exe # Option [Delete] ***** [Services] ***** ***** [Files / Folders] ***** File Deleted : C:\Users\Dad\AppData\Local\funmoods-speeddial.crx Folder Deleted : C:\Program Files\Ask.com Folder Deleted : C:\Program Files\Viewpoint Folder Deleted : C:\ProgramData\Ask Folder Deleted : C:\ProgramData\Tarma Installer Folder Deleted : C:\ProgramData\Viewpoint Folder Deleted : C:\ProgramData\WeCareReminder Folder Deleted : C:\Users\Dad\AppData\Local\APN Folder Deleted : C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj Folder Deleted : C:\Users\Dad\AppData\LocalLow\AskToolbar Folder Deleted : C:\Users\Dad\AppData\LocalLow\Funmoods Folder Deleted : C:\Users\Dad\AppData\LocalLow\Viewpoint Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} ***** [Registry] ***** Key Deleted : HKCU\Software\APN Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar Key Deleted : HKCU\Software\Ask.com Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Key Deleted : HKCU\Software\Headlight Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Viewpoint Manager Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\wecarereminder Key Deleted : HKLM\Software\APN Key Deleted : HKLM\Software\AskToolbar Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1 Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1 Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Key Deleted : HKLM\Software\MetaStream Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD} Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP Key Deleted : HKLM\Software\Viewpoint Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater] ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16457 Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.funmoods.com/?f=1&a=axl&chnl=axl&cd=2XzuyEtN2Y1L1QzutDtDtC0EzytDzy0CtDyDyEtCtB0AtAzytN0D0Tzu0CtBtByCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1239308023 --> hxxp://www.google.com -\\ Google Chrome v24.0.1312.52 File : C:\Users\Dad\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted [l.35] : icon_url = "hxxp://www.ask.com/favicon.ico", Deleted [l.38] : keyword = "ask.com", Deleted [l.41] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=56[...] Deleted [l.42] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...] ************************* AdwCleaner[S1].txt - [11421 octets] - [15/01/2013 20:33:25] ########## EOF - C:\AdwCleaner[S1].txt - [11482 octets] ########## RogueKiller V8.4.3 [Jan 10 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User : Dad [Admin rights] Mode : Scan -- Date : 01/15/2013 20:46:10 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 8 ¤¤¤ [SHELL][SUSP PATH] HKCU\[...]\Winlogon : shell (C:\Users\Dad\AppData\Roaming\ldr.mcb,explorer.exe) -> FOUND [SHELL][SUSP PATH] HKUS\S-1-5-21-4234410714-4276595648-1207258791-1000[...]\Winlogon : shell (C:\Users\Dad\AppData\Roaming\ldr.mcb,explorer.exe) -> FOUND [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND [HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND [HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ÿþ1 ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD3200AAJS-08B4A0 ATA Device +++++ --- User --- [MBR] cc693e94bbda146d9f3ba65d52d53d2f [BSP] 5cafccd8003e1a1148e9878e7482b0de : Windows Vista MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 286752 Mo 1 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 587272140 | Size: 18488 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_01152013_02d2046.txt >> RKreport[1]_S_01152013_02d2046.txt RogueKiller V8.4.3 [Jan 10 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User : Dad [Admin rights] Mode : Remove -- Date : 01/15/2013 20:46:58 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 7 ¤¤¤ [SHELL][SUSP PATH] HKCU\[...]\Winlogon : shell (C:\Users\Dad\AppData\Roaming\ldr.mcb,explorer.exe) -> DELETED [HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED [HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REPLACED (1) [HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0) [HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0) [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ÿþ1 ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD3200AAJS-08B4A0 ATA Device +++++ --- User --- [MBR] cc693e94bbda146d9f3ba65d52d53d2f [BSP] 5cafccd8003e1a1148e9878e7482b0de : Windows Vista MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 286752 Mo 1 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 587272140 | Size: 18488 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2]_D_01152013_02d2046.txt >> RKreport[1]_S_01152013_02d2046.txt ; RKreport[2]_D_01152013_02d2046.txt [/QUOTE]
Insert quotes…
Verification
Post reply
Top
