Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
IStartSurf taking over all browsers
Message
<blockquote data-quote="LiamA" data-source="post: 260087" data-attributes="member: 27752"><p>Once again thanks, </p><p></p><p>Order is as follows AdwCleaner, then MalwareBytes, then Farbar. The FRST and Addition file are attached.</p><p></p><p># AdwCleaner v3.309 - Report created 11/09/2014 at 18:12:21</p><p># Updated 02/09/2014 by Xplode</p><p># Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)</p><p># Username : User - USER-PC</p><p># Running from : C:\Users\User\Downloads\AdwCleaner.exe</p><p># Option : Clean</p><p></p><p>***** [ Services ] *****</p><p></p><p></p><p>***** [ Files / Folders ] *****</p><p></p><p>Folder Deleted : C:\ProgramData\SAlesCHeccKer</p><p>Folder Deleted : C:\Program Files (x86)\Browse Safe</p><p>Folder Deleted : C:\Program Files (x86)\Browsers Apps</p><p>Folder Deleted : C:\Users\User\AppData\Local\Browse Safe</p><p>Folder Deleted : C:\Users\User\AppData\Local\Chromatic Browser</p><p>Folder Deleted : C:\Users\User\AppData\Local\Idle~_~Crawler</p><p>Folder Deleted : C:\Users\User\AppData\Local\torch</p><p>Folder Deleted : C:\Users\User\AppData\Roaming\InetStat</p><p>Folder Deleted : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browse Safe</p><p>Folder Deleted : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat</p><p>File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml</p><p></p><p>***** [ Scheduled Tasks ] *****</p><p></p><p>Task Deleted : Driver Support-RTMRules</p><p>Task Deleted : Driver Support-RTMScan</p><p>Task Deleted : Driver Support-RTMUpdater</p><p>Task Deleted : Idle~_~Crawler Runner</p><p>Task Deleted : LaunchSignup</p><p>Task Deleted : Optimizer Pro Schedule</p><p></p><p>***** [ Shortcuts ] *****</p><p></p><p></p><p>***** [ Registry ] *****</p><p></p><p>Key Deleted : HKCU\Software\Classes\Applications\inetstat.exe</p><p>Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com</p><p>Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\<a href="http://www.superfish.com" target="_blank">www.superfish.com</a></p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc</p><p>Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0</p><p>Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute</p><p>Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel</p><p>Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar</p><p>Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject</p><p>Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate</p><p>Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DesktopWeatherAlertsApp_RASAPI32</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DesktopWeatherAlertsApp_RASMANCS</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup</p><p>Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [eDealsPop]</p><p>Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Registry Helper]</p><p>Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10</p><p>Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4</p><p>Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect</p><p>Key Deleted : HKLM\SOFTWARE\Classes\SaleussChecker.SaleussChecker</p><p>Key Deleted : HKLM\SOFTWARE\Classes\SaleussChecker.SaleussChecker.2.2</p><p>Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2B47855E-B429-4DF6-8293-E1DBF2381A07}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8E56A02B-46FE-4490-B169-F16E5231533B}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{79E887FC-00CE-2AE6-0B61-B3F7A601982F}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175587}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176687}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}</p><p>Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E56A02B-46FE-4490-B169-F16E5231533B}</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79E887FC-00CE-2AE6-0B61-B3F7A601982F}</p><p>Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E56A02B-46FE-4490-B169-F16E5231533B}</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{79E887FC-00CE-2AE6-0B61-B3F7A601982F}</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{79E887FC-00CE-2AE6-0B61-B3F7A601982F}</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175587}</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176687}</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79E887FC-00CE-2AE6-0B61-B3F7A601982F}</p><p>Key Deleted : HKCU\Software\anchorfree</p><p>Key Deleted : HKCU\Software\FreeSoftToday</p><p>Key Deleted : HKCU\Software\GlobalUpdate</p><p>Key Deleted : HKCU\Software\InetStat</p><p>Key Deleted : HKCU\Software\InstalledBrowserExtensions</p><p>Key Deleted : HKCU\Software\Nosibay</p><p>Key Deleted : HKCU\Software\Optimizer Pro</p><p>Key Deleted : HKCU\Software\PepperZip</p><p>Key Deleted : HKCU\Software\Proxy</p><p>Key Deleted : HKCU\Software\RegisteredApplicationsEx</p><p>Key Deleted : HKCU\Software\SmartBar</p><p>Key Deleted : HKCU\Software\Store</p><p>Key Deleted : HKCU\Software\SupHpUISoft</p><p>Key Deleted : HKCU\Software\ToggleMark</p><p>Key Deleted : HKCU\Software\Tutorials</p><p>Key Deleted : HKCU\Software\TutoTag</p><p>Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}</p><p>Key Deleted : HKCU\Software\AppDataLow\Software\Browsers Apps</p><p>Key Deleted : HKCU\Software\AppDataLow\Software\Re_Markit</p><p>Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}</p><p>Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}</p><p>Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}</p><p>Key Deleted : HKLM\SOFTWARE\AdvertisingSupport</p><p>Key Deleted : HKLM\SOFTWARE\Bench</p><p>Key Deleted : HKLM\SOFTWARE\Browsers Apps</p><p>Key Deleted : HKLM\SOFTWARE\GlobalUpdate</p><p>Key Deleted : HKLM\SOFTWARE\hotspotshield</p><p>Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions</p><p>Key Deleted : HKLM\SOFTWARE\istartsurfSoftware</p><p>Key Deleted : HKLM\SOFTWARE\Registry Helper</p><p>Key Deleted : HKLM\SOFTWARE\SupDp</p><p>Key Deleted : HKLM\SOFTWARE\SupTab</p><p>Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect</p><p>Key Deleted : HKLM\SOFTWARE\supWPM</p><p>Key Deleted : HKLM\SOFTWARE\ToggleMark</p><p>Key Deleted : HKLM\SOFTWARE\Tutorials</p><p>Key Deleted : HKLM\SOFTWARE\Upt</p><p>Key Deleted : HKLM\SOFTWARE\Wajam</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browsers Apps</p><p>Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CC17A332-9555-AD95-3985-0BDD9BF0EC71}</p><p>Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Upt</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ToggleMark</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467</p><p>Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4</p><p></p><p>***** [ Browsers ] *****</p><p></p><p>-\\ Internet Explorer v11.0.9600.17239</p><p></p><p></p><p>-\\ Mozilla Firefox v31.0 (x86 en-US)</p><p></p><p>[ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ddy1u3tr.default-1409772981256\prefs.js ]</p><p></p><p></p><p>-\\ Google Chrome v37.0.2062.103</p><p></p><p>[ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]</p><p></p><p>Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}</p><p>Deleted [Search Provider] : hxxp://<a href="http://www.istartsurf.com/web/?type=ds&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S&q={searchTerms}" target="_blank">www.istartsurf.com/web/?type=ds&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S&q={searchTerms}</a></p><p>Deleted [Search Provider] : hxxp://<a href="http://www.istartsurf.com/web/?type=ds&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S&q={searchTerms}" target="_blank">www.istartsurf.com/web/?type=ds&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S&q={searchTerms}</a></p><p>Deleted [Startup_urls] : hxxp://<a href="http://www.istartsurf.com/?type=hp&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S" target="_blank">www.istartsurf.com/?type=hp&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S</a></p><p>Deleted [Homepage] : hxxp://<a href="http://www.istartsurf.com/?type=hp&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S" target="_blank">www.istartsurf.com/?type=hp&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S</a></p><p>Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl</p><p>Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh</p><p>Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb</p><p></p><p>*************************</p><p></p><p>AdwCleaner[R0].txt - [15003 octets] - [11/09/2014 18:09:48]</p><p>AdwCleaner[S0].txt - [14304 octets] - [11/09/2014 18:12:21]</p><p></p><p>########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14365 octets] ##########</p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p>Malwarebytes Anti-Malware</p><p><a href="http://www.malwarebytes.org" target="_blank">www.malwarebytes.org</a></p><p></p><p>Scan Date: 11/09/2014</p><p>Scan Time: 18:22:11</p><p>Logfile: Malwarebytes file.txt</p><p>Administrator: Yes</p><p></p><p>Version: 2.00.2.1012</p><p>Malware Database: v2014.09.11.06</p><p>Rootkit Database: v2014.09.10.02</p><p>License: Trial</p><p>Malware Protection: Enabled</p><p>Malicious Website Protection: Enabled</p><p>Self-protection: Disabled</p><p></p><p>OS: Windows 7 Service Pack 1</p><p>CPU: x64</p><p>File System: NTFS</p><p>User: User</p><p></p><p>Scan Type: Threat Scan</p><p>Result: Completed</p><p>Objects Scanned: 333276</p><p>Time Elapsed: 19 min, 7 sec</p><p></p><p>Memory: Enabled</p><p>Startup: Enabled</p><p>Filesystem: Enabled</p><p>Archives: Enabled</p><p>Rootkits: Enabled</p><p>Heuristics: Enabled</p><p>PUP: Enabled</p><p>PUM: Enabled</p><p></p><p>Processes: 0</p><p>(No malicious items detected)</p><p></p><p>Modules: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Keys: 6</p><p>PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, Quarantined, [9c6455976e0d2016b776d594a55fac54],</p><p>PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, Quarantined, [f90711db1e5d30068d9fd89157adc33d],</p><p>PUP.Optional.BrowseSafe.A, HKLM\SOFTWARE\WOW6432NODE\Browse Safe, Quarantined, [6b955696f18af3436a805ea562a1cc34],</p><p>PUP.Optional.FreeSoftToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\fst_gb_97_is1, Quarantined, [e41c0ce07b009a9c43ec1eea1ee50cf4],</p><p>PUP.Optional.BrowsersApp.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Browsers Apps, Quarantined, [d22e97554536fd3980ae07fcfb087c84],</p><p>PUP.Optional.FastStart.A, HKU\S-1-5-21-807559294-1489611633-1804961059-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, Quarantined, [a55bad3fe893af875e29a853e71b6e92],</p><p></p><p>Registry Values: 2</p><p>PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_gb_97, "C:\Program Files (x86)\fst_gb_97\fst_gb_97.exe", Quarantined, [936d5399d8a3c571c96d8d8e0ef5c33d]</p><p>PUP.Optional.FastStart.A, HKU\S-1-5-21-807559294-1489611633-1804961059-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, <a href="mailto:faststartff@gmail.com">faststartff@gmail.com</a>, Quarantined, [a55bad3fe893af875e29a853e71b6e92]</p><p></p><p>Registry Data: 0</p><p>(No malicious items detected)</p><p></p><p>Folders: 1</p><p>PUP.Optional.MultiPlug.A, C:\Program Files (x86)\cosstminn, Quarantined, [43bd03e9661576c0bdf2d5133ac8c53b],</p><p></p><p>Files: 8</p><p>PUP.Optional.MultiPlug, C:\Program Files (x86)\cosstminn\VaQBR.dll, Quarantined, [68985597cbb075c18749cde76a9755ab],</p><p>PUP.Optional.Amonetize, C:\Users\Public\906C433CEBE8467FBAC8B9C0BA903E85\setup.exe, Quarantined, [0df39656b6c53afc24f5189ee71a41bf],</p><p>PUP.Optional.Amonetize, C:\Users\User\Downloads\3DS Emulator 1 0 3 Downloader__3687_i1110888427_il1760065.exe, Quarantined, [42bea3491c5f74c2a76a8429fa07629e],</p><p>PUP.Optional.Amonetize, C:\Users\User\Downloads\3DS Emulator 1 0 3 Downloader__3687_i1110890921_il1760291.exe, Quarantined, [38c848a499e271c566ab733aba479769],</p><p>PUP.Optional.iBryte, C:\Users\User\Downloads\java_setup (1).exe, Quarantined, [659b49a3a8d3092df0704c62c53c6898],</p><p>PUP.Optional.IBryte, C:\Users\User\Downloads\java_setup.exe, Quarantined, [49b77e6e84f790a6e3fc5a53ba478c74],</p><p>PUP.Optional.Amonetize, C:\Users\User\AppData\Local\7214\a22717.exe, Quarantined, [f40c9359c4b7f343a8d27c2a49b8b947],</p><p>PUP.Optional.SearchProtect, C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, Quarantined, [10f018d4fe7dc472161acf9a0ef6ed13],</p><p></p><p>Physical Sectors: 0</p><p>(No malicious items detected)</p><p></p><p></p><p>(end)</p></blockquote><p></p>
[QUOTE="LiamA, post: 260087, member: 27752"] Once again thanks, Order is as follows AdwCleaner, then MalwareBytes, then Farbar. The FRST and Addition file are attached. # AdwCleaner v3.309 - Report created 11/09/2014 at 18:12:21 # Updated 02/09/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : User - USER-PC # Running from : C:\Users\User\Downloads\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\SAlesCHeccKer Folder Deleted : C:\Program Files (x86)\Browse Safe Folder Deleted : C:\Program Files (x86)\Browsers Apps Folder Deleted : C:\Users\User\AppData\Local\Browse Safe Folder Deleted : C:\Users\User\AppData\Local\Chromatic Browser Folder Deleted : C:\Users\User\AppData\Local\Idle~_~Crawler Folder Deleted : C:\Users\User\AppData\Local\torch Folder Deleted : C:\Users\User\AppData\Roaming\InetStat Folder Deleted : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browse Safe Folder Deleted : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml ***** [ Scheduled Tasks ] ***** Task Deleted : Driver Support-RTMRules Task Deleted : Driver Support-RTMScan Task Deleted : Driver Support-RTMUpdater Task Deleted : Idle~_~Crawler Runner Task Deleted : LaunchSignup Task Deleted : Optimizer Pro Schedule ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\Classes\Applications\inetstat.exe Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\[url="http://www.superfish.com"]www.superfish.com[/url] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0 Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DesktopWeatherAlertsApp_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\DesktopWeatherAlertsApp_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [eDealsPop] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Registry Helper] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10 Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4 Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect Key Deleted : HKLM\SOFTWARE\Classes\SaleussChecker.SaleussChecker Key Deleted : HKLM\SOFTWARE\Classes\SaleussChecker.SaleussChecker.2.2 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2B47855E-B429-4DF6-8293-E1DBF2381A07} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8E56A02B-46FE-4490-B169-F16E5231533B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{79E887FC-00CE-2AE6-0B61-B3F7A601982F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175587} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176687} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E56A02B-46FE-4490-B169-F16E5231533B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79E887FC-00CE-2AE6-0B61-B3F7A601982F} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E56A02B-46FE-4490-B169-F16E5231533B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{79E887FC-00CE-2AE6-0B61-B3F7A601982F} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{79E887FC-00CE-2AE6-0B61-B3F7A601982F} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175587} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176687} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79E887FC-00CE-2AE6-0B61-B3F7A601982F} Key Deleted : HKCU\Software\anchorfree Key Deleted : HKCU\Software\FreeSoftToday Key Deleted : HKCU\Software\GlobalUpdate Key Deleted : HKCU\Software\InetStat Key Deleted : HKCU\Software\InstalledBrowserExtensions Key Deleted : HKCU\Software\Nosibay Key Deleted : HKCU\Software\Optimizer Pro Key Deleted : HKCU\Software\PepperZip Key Deleted : HKCU\Software\Proxy Key Deleted : HKCU\Software\RegisteredApplicationsEx Key Deleted : HKCU\Software\SmartBar Key Deleted : HKCU\Software\Store Key Deleted : HKCU\Software\SupHpUISoft Key Deleted : HKCU\Software\ToggleMark Key Deleted : HKCU\Software\Tutorials Key Deleted : HKCU\Software\TutoTag Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKCU\Software\AppDataLow\Software\Browsers Apps Key Deleted : HKCU\Software\AppDataLow\Software\Re_Markit Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} Key Deleted : HKLM\SOFTWARE\AdvertisingSupport Key Deleted : HKLM\SOFTWARE\Bench Key Deleted : HKLM\SOFTWARE\Browsers Apps Key Deleted : HKLM\SOFTWARE\GlobalUpdate Key Deleted : HKLM\SOFTWARE\hotspotshield Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions Key Deleted : HKLM\SOFTWARE\istartsurfSoftware Key Deleted : HKLM\SOFTWARE\Registry Helper Key Deleted : HKLM\SOFTWARE\SupDp Key Deleted : HKLM\SOFTWARE\SupTab Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect Key Deleted : HKLM\SOFTWARE\supWPM Key Deleted : HKLM\SOFTWARE\ToggleMark Key Deleted : HKLM\SOFTWARE\Tutorials Key Deleted : HKLM\SOFTWARE\Upt Key Deleted : HKLM\SOFTWARE\Wajam Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browsers Apps Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CC17A332-9555-AD95-3985-0BDD9BF0EC71} Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions Key Deleted : [x64] HKLM\SOFTWARE\Upt Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ToggleMark Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4 Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964 Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4 ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17239 -\\ Mozilla Firefox v31.0 (x86 en-US) [ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ddy1u3tr.default-1409772981256\prefs.js ] -\\ Google Chrome v37.0.2062.103 [ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms} Deleted [Search Provider] : hxxp://[url="http://www.istartsurf.com/web/?type=ds&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S&q={searchTerms}"]www.istartsurf.com/web/?type=ds&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S&q={searchTerms}[/url] Deleted [Search Provider] : hxxp://[url="http://www.istartsurf.com/web/?type=ds&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S&q={searchTerms}"]www.istartsurf.com/web/?type=ds&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S&q={searchTerms}[/url] Deleted [Startup_urls] : hxxp://[url="http://www.istartsurf.com/?type=hp&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S"]www.istartsurf.com/?type=hp&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S[/url] Deleted [Homepage] : hxxp://[url="http://www.istartsurf.com/?type=hp&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S"]www.istartsurf.com/?type=hp&ts=1408030556&from=tt4u&uid=TOSHIBAXMK1237GSX_18HHFHY3SXX18HHFHY3S[/url] Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb ************************* AdwCleaner[R0].txt - [15003 octets] - [11/09/2014 18:09:48] AdwCleaner[S0].txt - [14304 octets] - [11/09/2014 18:12:21] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14365 octets] ########## Malwarebytes Anti-Malware [url="http://www.malwarebytes.org"]www.malwarebytes.org[/url] Scan Date: 11/09/2014 Scan Time: 18:22:11 Logfile: Malwarebytes file.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.09.11.06 Rootkit Database: v2014.09.10.02 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: User Scan Type: Threat Scan Result: Completed Objects Scanned: 333276 Time Elapsed: 19 min, 7 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 6 PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, Quarantined, [9c6455976e0d2016b776d594a55fac54], PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, Quarantined, [f90711db1e5d30068d9fd89157adc33d], PUP.Optional.BrowseSafe.A, HKLM\SOFTWARE\WOW6432NODE\Browse Safe, Quarantined, [6b955696f18af3436a805ea562a1cc34], PUP.Optional.FreeSoftToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\fst_gb_97_is1, Quarantined, [e41c0ce07b009a9c43ec1eea1ee50cf4], PUP.Optional.BrowsersApp.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Browsers Apps, Quarantined, [d22e97554536fd3980ae07fcfb087c84], PUP.Optional.FastStart.A, HKU\S-1-5-21-807559294-1489611633-1804961059-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, Quarantined, [a55bad3fe893af875e29a853e71b6e92], Registry Values: 2 PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_gb_97, "C:\Program Files (x86)\fst_gb_97\fst_gb_97.exe", Quarantined, [936d5399d8a3c571c96d8d8e0ef5c33d] PUP.Optional.FastStart.A, HKU\S-1-5-21-807559294-1489611633-1804961059-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, [email]faststartff@gmail.com[/email], Quarantined, [a55bad3fe893af875e29a853e71b6e92] Registry Data: 0 (No malicious items detected) Folders: 1 PUP.Optional.MultiPlug.A, C:\Program Files (x86)\cosstminn, Quarantined, [43bd03e9661576c0bdf2d5133ac8c53b], Files: 8 PUP.Optional.MultiPlug, C:\Program Files (x86)\cosstminn\VaQBR.dll, Quarantined, [68985597cbb075c18749cde76a9755ab], PUP.Optional.Amonetize, C:\Users\Public\906C433CEBE8467FBAC8B9C0BA903E85\setup.exe, Quarantined, [0df39656b6c53afc24f5189ee71a41bf], PUP.Optional.Amonetize, C:\Users\User\Downloads\3DS Emulator 1 0 3 Downloader__3687_i1110888427_il1760065.exe, Quarantined, [42bea3491c5f74c2a76a8429fa07629e], PUP.Optional.Amonetize, C:\Users\User\Downloads\3DS Emulator 1 0 3 Downloader__3687_i1110890921_il1760291.exe, Quarantined, [38c848a499e271c566ab733aba479769], PUP.Optional.iBryte, C:\Users\User\Downloads\java_setup (1).exe, Quarantined, [659b49a3a8d3092df0704c62c53c6898], PUP.Optional.IBryte, C:\Users\User\Downloads\java_setup.exe, Quarantined, [49b77e6e84f790a6e3fc5a53ba478c74], PUP.Optional.Amonetize, C:\Users\User\AppData\Local\7214\a22717.exe, Quarantined, [f40c9359c4b7f343a8d27c2a49b8b947], PUP.Optional.SearchProtect, C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, Quarantined, [10f018d4fe7dc472161acf9a0ef6ed13], Physical Sectors: 0 (No malicious items detected) (end) [/QUOTE]
Insert quotes…
Verification
Post reply
Top