Hi
i have a similar problem with this topic
http://forums.whatth...howtopic=125485
where there is a pop-up which leading to a japanese porn site...
Posted 08 February 2014 - 08:44 PM
Hi
i have a similar problem with this topic
http://forums.whatth...howtopic=125485
where there is a pop-up which leading to a japanese porn site...
Register to Remove
Posted 08 February 2014 - 09:09 PM
Posted 10 February 2014 - 05:31 PM
Hi porew,
My name is Tomk. I would be glad to take a look at your log and help you with solving any malware problems. Logs can take a while to research, so please be patient and I'd be grateful if you would note the following:
utorrent
You have utorrent, a P2P/file sharing program installed on your computer. P2P applications like it are the largest source of malware we see. You'll be doing yourself a favor by removing it.
References for the risk of these programs can be found in these links:
http://www.microsoft...protection.mspx
http://www.techweb.com/wire/160500554
[url=http://www.internetworldstats.com/articles/art053.htm]http://www.internetworldstats.com/articles/art053.htm
I would recommend that you uninstall utorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.
If you wish to keep it, please do not use it until your computer is cleaned.
Double click on OTL
:Processes :OTL IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://malaysia.msn....opt=0&ocid=iehp IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{055436DA-05BA-40C1-A53A-B022792A0473}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR IE - HKCU\..\SearchScopes\{0661DAD9-3379-435D-8268-D6955DDD623C}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{082F00B5-1000-44C8-84CB-18BB34BBD8D2}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{0A1E502D-3ED2-4D24-9870-B9A0E621E724}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{0A6A7F9E-3FAC-45B2-94FB-E7E1A18CCC49}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{0A85E31A-2DE6-46A3-9AA1-4636E202B164}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{0CA6C45C-39CF-49E7-88AE-2E318AC6536F}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{0D0A2CD7-3DC5-4557-863D-A1DBEFB40030}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{0E14EA38-2E3D-4EA6-8B00-EE59B6F85D3A}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{0EF50C8B-E11E-4D35-8B42-52D61131B1C2}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{0F48C673-3D58-4F03-9572-A47B869A4F48}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{0FB29380-9FB6-43E0-88EE-77F45569C307}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{10EEE150-DD46-4A02-BFE5-50D9FF82040B}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{119DCB9C-CD4C-4EBF-81CF-B6951435C2C6}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{13C6ED5C-0A37-4877-844F-C85BB3D7F2E6}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{1426545B-9B6E-4FB6-8C5B-918D90A360A6}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{17254946-98CE-4500-B2FA-265D9E2BAE9E}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{199CE0CC-56EC-48FB-9470-17CB817D6EE9}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{199CE2F7-A735-4945-8C07-E624F127B1FD}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{19E3E43E-1BE9-4BD6-B42D-AD581352F5A4}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{1A4542E9-F14A-4F6D-9F82-CE6324F2BF4C}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{1EB81E2F-8627-4E4D-941C-202E170C98EC}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{1F06340A-9B81-4959-A505-A6E887B97D9A}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{20A2D8B1-CC85-4A05-A2A3-0015128A1178}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{24F161CE-33E9-4F02-9E0F-E15028274175}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{26E908AF-391D-44BA-895F-969CBB483CF4}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{271F8F28-EC60-493B-9498-40FD74CED7EE}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{27A1C93E-6F06-4A9B-878A-26DC9AF33206}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{2883A444-EF2C-4BC4-85A7-43D3271F2DB5}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{28D000A3-0312-40CE-A61B-8B41A3406D43}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{297E1EE7-7929-49CE-BE61-C7ABD3F985F0}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{299C9355-E438-45A3-B456-BD1AA397BD2B}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{2A080ECA-E744-4F34-8515-7E68E5DD2EC3}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{2B181C04-5825-404F-A785-16C2B4144B64}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{2B355AA4-8846-4BFC-9C19-4FA16860DCF2}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{2BAAFB28-F225-40BD-BBCB-621C0FBF4216}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{2BBB21B6-4AFE-4D6B-9520-D6CC168908BA}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{2C0787D8-FD51-4432-A218-EA7843787736}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{2CD0EB02-4083-4B09-B7E8-0E26B5E43A3D}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{2D4FF86E-461C-4460-B23A-FBDA0840D57C}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{2DCC93E6-1DD2-40CB-9FAD-53C5229D6825}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{310845BA-7881-4635-88DC-9BE9A2401CF0}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{3150FD74-EB4A-4B14-8459-9C8F89BC6FCB}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{3222F42E-3031-477F-A1FF-96E061E732BE}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{33958D5B-2F9D-41DB-93A7-375B36A60066}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{33AD292A-E1F6-41CE-85E0-C9B99098A66C}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{33C23E1B-2655-46CF-B1B9-EDFFD6F63B4A}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{3536C68A-46AD-4FAF-8B38-6840E0D8319A}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{36ABEE46-7158-4F28-BF22-72630E551FF6}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{36D3C9B1-EFDF-42C7-BEB8-0EFBD6915B21}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{38504F5E-9D00-4141-892C-EF0A1FD60D1F}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{38E1E66A-3310-4196-916F-EB8825C56A8E}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{39007A1D-7242-4446-BDB1-B7334212C236}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{3964FFF0-9A9A-4A3D-BDA4-9098CB745DB4}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{39F5BD11-D12A-4A99-8EF5-0016CA4E8660}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{3A557624-A41B-436C-83BD-7A3C68B9DD57}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{3B8DA2E3-7C5D-4CFC-BD61-438B3637EAC8}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{3D4BE040-F095-40FF-B830-D4CA71917AEA}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{3D7CC8D4-D591-4379-8665-A64B912A50E9}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{3E23E29F-2A2E-4B97-8F37-CB03B3D4C564}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{3F517F1F-A8F6-4D5E-B7BC-9F4A7E026875}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{3FBD84EC-62ED-40C4-BAFD-F5B4268201D3}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{3FC41641-A1DF-40E1-9019-048669259B58}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{400B686B-C420-4F9F-8D90-5C8EA3587403}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{40CB4C3D-567A-40E5-8A19-0C185D70B226}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{40E97276-EA86-4A80-BE0D-4A102E7940A6}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{41296825-A219-4B41-B545-13315CD98C8C}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{41A19AF6-1549-4C17-B390-DF6EA16EEEAC}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{4376307A-499E-41B1-9D84-06175371FD6D}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{438F6603-40C1-4AC3-AC4B-414A26583C8E}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{43FF7164-86F2-4FC2-A845-CBBC19E05E3F}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{451503B3-25ED-41CB-8D64-8D2B8B8EAD70}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{45E51F25-BBF8-4D99-9C4A-E9F86ACCA356}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{488265C7-6FFE-40F3-BC37-46AB99B1C69A}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{48BBA6DB-7C47-4BBE-B9FF-8AC6F54E2D8C}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{4A29DFC5-858A-4BDD-9FAD-00675E634BC9}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{4C3DAD4F-8ECF-4A50-8A89-206F6CD9B092}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{4E55DED3-D5BF-4961-A154-E803A9446130}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{4EBD9649-2CEA-4C3C-A590-E78C5AC1E81B}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{4EE209DB-D702-4342-8726-E1B1A70AC883}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{4FC1FA19-434B-4838-A05C-65F40C52C7B4}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{50B1DF32-4044-46A9-A257-B73FC1177D83}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{50BC2CBB-2F6F-4D4F-B42B-F7D2E8C7632C}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{515759FB-4B28-4954-A5B8-4281EF25E36A}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{51587A2A-6211-4DAC-A6A0-DD6774578897}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{51BB91BF-7FF9-4B72-AAC5-24053886E355}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{538A3AE4-391B-4E01-BDEC-B2F17993107F}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{54B96705-B2D5-48BA-A51E-AD48914950BE}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{567147CD-738D-46F4-8C51-6B5E6492DD82}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{56AFB48E-CDB3-4F2E-BFA0-D9C69AEB38AD}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{5795C147-6EAF-4B4A-81AF-DB70D0D5976C}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{57FA4139-3852-4A3B-83EF-C1977D01FE8E}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{5AABBE92-C5E4-4E64-A7C2-7C24A5962891}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{5BA7570B-FD88-4EA0-AAC8-46F6D25441AE}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{5BF6DBCE-3400-4DDE-945D-C8AA08DE0FD5}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{5DC6A2C3-ADF6-4C56-A302-B2F71F9E5D8E}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{5E6F5095-CD31-4730-A91E-A0F5A85E329F}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{5F9C31BC-45EC-405D-8675-9A81EA4FCF69}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{5FCFCFBC-4EEB-4682-9916-8F714C6A2F52}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{60538AC5-48A9-4C46-99CF-3B52A728E94D}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{605C85D5-869F-4761-A211-2E157A30EEF5}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{617C0D38-33A7-4A4E-A400-36B5E9AF0791}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{618DC1C4-2AF5-4629-B4C7-B5D55C473CA4}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{6196E2B7-925C-4567-A414-98DA14E3212A}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{62440F63-8845-4285-8E87-8C49A5C0D428}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{627E5324-1E40-422D-BB0B-E4C259D8642F}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{63686394-7151-4BEA-9AF1-0FFFE48BAC05}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{650338F4-E479-4ABC-9525-A002B0E8C155}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{67611255-0BE1-4ED0-A787-294CACE96745}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{680B27DB-C92A-47C4-B567-2D21D5622DD0}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{69F82FD8-7B46-424C-9492-6263838ABB3C}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{6A01F2C2-5F00-4EB4-9488-637FD813030F}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{6AC90675-E394-4C98-9B45-FB52C08E29E6}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{6BDBC343-DE6A-43B7-BB8F-61CD29455E88}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{6D3037A5-E203-4D0D-AE71-C742D1B202D8}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{6F9CF137-01F9-4CE0-8205-AA8C74D4FADD}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{70DC9430-5EEC-4F97-9FDB-62287739AB81}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{73391210-AB98-46A8-83E1-8DFB126F9B2A}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{73491C78-EF0F-4351-9F95-67571B73C9B7}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{73A6AC4F-160D-47F5-8711-6C62048F1EB2}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{73A715B2-C1C3-45FC-9166-19BC0541C827}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{73B69B46-7400-408F-A87A-3F5F29F0686E}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{74E94711-5999-4DE6-9DEA-83F7EDB9B8FE}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{76243BCE-9713-4E8F-BE1A-341C7E69F896}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{764BB876-45A8-4889-A51E-ACB52DD70B30}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{77A4A71E-5997-437B-813E-96F9B9164A40}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{78B70348-8721-418E-BFFC-C336DAEF5D2A}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{7923BC9A-CE2D-446B-88C6-CCE4A749856C}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{79286752-3ACC-4965-91A4-3E4AFEE411DA}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{79F990E8-407A-40A5-B02B-3AAD1BDCD656}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{7ABCD128-A1B1-40B0-BDC4-EB030EDE59E6}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{7AF19D25-3AF6-4009-9FC0-063470BE4257}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{7D072B9F-E4A8-4058-91F3-FD47754B5140}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{7F24B5BB-CBE0-46FC-AC39-F69DFDEB4F2C}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{7FF03F1E-A28F-4460-8DFE-EF5FA46E6D37}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{84A83ECC-AFEA-4357-8621-4570382FF28F}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{84D92816-70C9-42ED-A72B-3F9D3E329D3E}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{8534DF83-2579-49F9-B43A-921F64439389}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{85854B17-6DDB-416C-984D-A2F4AA81E4C8}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{85BD2F43-7D41-4126-8137-BD8C7208F9BA}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{869A0D40-87E6-4E73-864D-2B490BDF5C1E}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{87D60AB0-D7A4-4497-8EBD-7600044CDFE0}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{88D59494-1D1B-4989-AE89-578EBCB07AC9}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{8979788E-03A6-4F52-A72C-5CEFB10359F1}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{89EB679B-3AD2-4DC6-B57E-DE1DD0663016}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{8B438605-623D-4FC5-9C8E-D40DB9232992}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{8B9AE4B0-9A9C-4C2A-9126-176635473A4B}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{8D0BB5B1-660B-4F2E-8E7B-46A40C96569C}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{8D4F3865-914A-43F1-8704-159F18570CC6}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{8F30CAD3-CAD6-4C34-AD4E-A8CBF0958274}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{903C9DE9-C581-4BFB-BC7C-230F5006CE9E}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{90E6CDAA-4403-41F5-B3EA-28BEE307910F}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{9134D9B5-90FB-4B9F-B76F-75FB458FAE82}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{938B7EA1-250D-4F5C-ABE7-FC6F8D5AA28D}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{93E0234C-72AB-41B9-AF40-97B54F49DB83}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{93F8F818-3530-4465-ADE2-4E26B598CD2E}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{948FC138-D15A-4781-BAB5-1F7155A50C37}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{95AC3189-6F6E-4B49-BC17-62ECE7B67D48}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{97127ACD-082A-49B0-8CE8-3A3F7E3AD059}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{97246DFE-6D61-4924-B104-FCEB1B7CA1E9}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{973F62E2-FE95-42A5-9F9F-1BD3E6E05B9F}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{9843A498-A1D7-4342-A787-1F42AB7A3233}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{9A6A8284-0586-4BBD-A5EA-B9E3D3874250}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{9B50AD3F-B8E8-46B3-9A40-6950AF270572}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{9B96340B-B611-4B6E-B7D1-384D78D95168}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{9BF959C3-5D00-46C4-B409-E1260A955F7A}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{9D00197F-33A4-4632-96F6-142A35825B96}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{9D38E30E-B30D-43B0-A239-8E6FFAE674DB}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{9DBF795F-1A91-4A48-A647-A6C1AD51F00C}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{9DF9D890-46C8-4AF8-93DC-57D98917355D}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{9F076907-9060-473F-853F-A5CBAE452930}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{A0022194-C233-4F7B-966D-4CEE66DAAB1E}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{A0EA8D67-9459-4BC5-88C8-B2A2FFF6B723}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{A165ACCE-044A-42E2-B4D6-FFD44291A26F}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{A2B0A0FD-412F-48C0-81F4-772E94478A58}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{A3002983-C361-479A-99C0-417440818DAC}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{A3FB8E3A-0F05-4ADE-A91D-8AF26DDEC0AA}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{A4CBDBFA-1EC8-489B-AD10-F74A1604731F}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{A567B4DC-2488-4D2B-8859-1A23AC95F6D9}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{A5A16DAC-317D-4D7A-8D13-9CE5D28B05BF}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{A6B9C26A-A5A8-42E1-942D-98FDA6D00F11}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{A791D6A3-CACF-428A-A224-7C38F12EB788}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{A7E93B1E-34DC-4540-BC40-2CF096AD645B}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{A80BDA84-54C3-462F-BF8E-515E4AA93BA2}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{A80E38CF-D351-4CDD-AC79-5F8E8840AE1A}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{A8CD29F4-7086-45B3-B74E-DBEE1CEE4D54}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{A9A794CD-77D2-4683-B947-C3FA5852D831}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{A9CC271A-763B-45CA-A2E4-8F4D84C43726}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{AA4F6F28-188E-4CCD-B6D9-FC69CBCEB414}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{AB8AB697-2878-4421-81E6-8DBE10E776A5}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{ACDE207A-7114-4836-A274-F5269B8040F7}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{AD37C185-0C21-4B10-889C-C791B0E32744}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{ADE13379-3624-473B-9301-3837F798FF7F}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{B4487C88-B63E-419D-9F00-E872259AAB20}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{B45476ED-EB2D-4F5C-854A-07B1B7D8C257}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{B5309723-CC62-4027-948C-AB10FBB4E0EF}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{B55EB642-AFBD-43E9-9F70-E08DCF296073}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{B6520987-E40B-48B8-A7BD-5C56720DD003}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{B662BC93-2EE6-4E67-917A-27727A944530}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{B6E791B8-DBED-4BE6-88F2-71D5B8FF77A8}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{B71FCA53-C8F9-4888-BCFD-28D7809E8FF3}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{B80C4090-1D3E-4411-9714-F6E44D14108B}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2}: "URL" = http://www.baidu.com...ar=2&tn=baidudg IE - HKCU\..\SearchScopes\{B9160106-58DA-4CDD-8AED-2ED35669DCB3}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{B991FDE7-16F2-420E-937B-D029C4D31BA1}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{BA3F86F2-BB20-4ADD-B684-37FE75C01AD0}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{BB022D91-80A0-44D8-9809-3A664EA36DCF}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{BB77F9E2-7808-4DB3-A30C-55B3EE9B0EC8}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{BC3E83D8-39FB-48BF-B26F-07A1BD32DCD6}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{BCD39AC3-82FF-40D0-A8F2-5532697BAAA0}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{BD827490-A657-4397-B357-8DCAD2E16D11}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{C1D17B17-D1CC-44F7-812A-E7851AE157CA}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{C26360BC-BA68-44EA-952E-DD537CF54975}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{C3797575-1A95-47A6-B83C-FF8822FF41BA}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{C49DDD5E-E609-4E30-89DE-9B3701074985}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{C51E8D4C-D1D8-460B-A9C8-BF919C9C1CC2}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{C602B217-9D41-4701-9316-CB0A1C5D2319}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{C67C13A7-CA0C-49C7-B205-1C8D00A997F6}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{C99CF812-394E-4A73-B904-82C44E91DE74}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{CA28DD1D-A27D-4299-AD35-2D67E8C52296}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{CB2C0548-48E2-4650-BC31-1D07E2122DB7}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{CCD6A0A3-97A4-4E30-B760-13DA77F620D4}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{CF03614B-2D07-4384-855B-E753E14C0430}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{CF98E32C-0119-4D4D-8B16-F5009701BF53}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{D1DBCFBA-6D31-4CF2-A137-2E7BE020A880}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{D2ACDBD3-3A9A-487B-B913-D57DA4188F2F}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{D32655FA-24E1-4538-90A1-07DEA482DE8A}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{D3E9A2BC-C307-4BA1-9133-2C1E70FD94C2}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{D3EA280B-8731-4187-B5E5-EF759730B32F}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{D47A32D6-83F5-46AD-9390-E0DB63D39706}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{D9EBCBB8-D637-405C-8DE2-3133255D6008}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{DA8F192B-3940-476F-B45A-22DF3273B3FF}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{DB863D09-D503-49AF-87A9-F6127DEDBB7E}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{DC026EFD-B5C8-4443-9BB0-B0DB1F909875}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{DC1B4ABC-89BF-4E0B-8A1A-D0F2660B1CCF}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{DC59EEF0-1A08-45F1-B8D0-532129CE97FC}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{DCCDE333-3E20-4587-8E9A-213EEEB126C5}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{DD82E70C-A3FB-4EDE-B7E1-AF2F5846CA28}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{DDDC5647-5EA4-4A40-A05E-F79A316B666B}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{DEAC5E26-AD29-409D-8C1F-EDF9154C7D19}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{DF5E73E5-D364-45DD-8956-8107BBEFE20B}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{DFE94E63-BB54-49E6-9675-03A5EF2FE8E6}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{E024FD72-BD12-4974-B6B0-A9BA93D48831}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{E330521E-9E76-416F-A8DB-30B530E9A523}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{E350BA06-0E14-41BE-99F6-DE160CBBDFD3}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{E4CD6B20-2363-46C5-9E7D-CF93A2463DB9}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{E511BC53-38A0-492B-A919-5E2FD8424943}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{E579FFAE-2CB7-4C3F-B687-3202E591D1A0}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{E6BA734A-1E2D-4E23-A020-A1E306CED671}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{E788E7D9-6B2F-4F84-9914-8A1A07018FF6}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{E8D52468-F254-4067-A6AB-2A9B2D58B12E}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{E941021D-BDDB-467E-B8E1-04DDA72B2520}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{E95B8EAE-A83C-413E-989E-38D598C3B909}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{E96461BB-25D8-456E-83B1-C8E3F172869C}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{EA5A9605-5BB7-463F-A026-D0AA2B955EF1}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{EB55243D-1024-497C-9657-360E1FC925F5}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{EBDFCCE0-3950-4FD3-BBF0-34201DADA265}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{F0A453AF-7903-4CF7-B8CB-359DFF28FB85}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{F14A97D8-906E-4410-A4BF-4EB08BA94CAF}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{F19CCD89-12B6-4F11-8DC4-738FE55886B6}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{F22EF83B-4FC0-409F-9B00-0D5857F48AEE}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{F5815406-D4C2-49E8-8416-80D09E7D41B6}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{F8528161-4F37-4349-8263-26AEF1DFCEDA}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{F86A0B97-0B72-464E-A5B4-7036589B08CC}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{F9C0C042-90B0-4C3B-A8D4-E82D9C589CE4}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{FA6E8332-3A73-4463-B36A-E1C42C2D1955}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{FAF3AB99-9C63-4207-9C86-FE3EA536D744}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{FB2B8657-5A54-4335-A132-DE8991AA5020}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{FB604CFA-B0D3-47F6-B1A3-227F375EE5DC}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{FC08FB4D-13DF-4BA8-9B24-80923D58CE6B}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{FCDC7BDA-A400-4BCA-9816-F72E467FF789}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{FCF841BA-A2AE-41F0-B0A0-D4E20C9CF3C6}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{FD46F805-BFC6-4934-B754-79A0ED04994E}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{FD7AFDB4-750D-4BC1-926D-928AD41428F6}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{FE67827F-DA82-4C8C-BD76-B266BCDE7165}: "URL" = http://www.burstfile...ampaign=search IE - HKCU\..\SearchScopes\{FEE5E580-3EE6-4B88-8148-BA3D0BF9BFBE}: "URL" = http://www.burstfile...ampaign=search O2 - BHO: (Slick Savings) - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\Porew\AppData\Roaming\Slick Savings\Coupons.dll (Spigot, Inc.) O2 - BHO: (7575219A-8C16-687D-FA22-ABE7DD9786E8 Class) - {7575219A-8C16-687D-FA22-ABE7DD9786E8} - c:\program files\baidu\{7575219a-8c16-687d-fa22-abe7dd9786e8}\addressbar.dll File not found O2 - BHO: (BitAcceleratorBHO Class) - {CAC42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\BitAccelerator\BitAccelerator.dll (TODO: <Company name>) O4 - HKLM..\Run: [] File not found O4 - HKCU..\Run: [37wan??] C:\Users\Porew\AppData\Roaming\37wan\wz\wz.exe () O4 - HKCU..\Run: [Slick Savings] C:\Users\Porew\AppData\Roaming\Slick Savings\CouponsHelper.exe (Spigot, Inc.) O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{24ce1b12-ede7-11e1-ba1a-90e6bae39cb3}\Shell - "" = AutoRun O33 - MountPoints2\{24ce1b12-ede7-11e1-ba1a-90e6bae39cb3}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{ef1066f7-ef7f-11e1-b52d-90e6bae39cb3}\Shell - "" = AutoRun O33 - MountPoints2\{ef1066f7-ef7f-11e1-b52d-90e6bae39cb3}\Shell\AutoRun\command - "" = J:\Startme.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\H\Shell - "" = AutoRun O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O33 - MountPoints2\I\Shell - "" = AutoRun O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a :Commands [purity] [emptytemp] [start explorer] [Reboot]
Posted 10 February 2014 - 06:52 PM
Posted 10 February 2014 - 08:42 PM
Download ComboFix from here: http://download.blee...Bs/ComboFix.exe
* IMPORTANT !!! Save ComboFix.exe to your Desktop
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Posted 11 February 2014 - 05:19 AM
ComboFix 14-02-05.02 - Porew 1/2014 Tue 19:08:30.1.2 - x86
Posted 11 February 2014 - 09:46 AM
COMBOFIX-Script
FCopy:: c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe | C:\windows\explorer.exe c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe | c:\windows\system32\dllcache\explorer.exe
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Posted 11 February 2014 - 10:24 AM
Posted 11 February 2014 - 12:38 PM
Good.
Now let's sweep out the dross.
Step 1
Please download Junkware Removal Tool to your desktop.
Step 2
Please download AdwCleaner by Xplode onto your desktop.
Step 3
Please download Malwarebytes' Anti-Malware to your desktop.
In your next reply, post the following log files:
Posted 12 February 2014 - 05:33 AM
Register to Remove
Posted 12 February 2014 - 09:25 AM
Good.
Let's get an online scan. This will take hours to run.
ESET Online Scanner:
Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
Also, please let me know how things seem to be running now.
Posted 12 February 2014 - 02:06 PM
Posted 12 February 2014 - 02:59 PM
COMBOFIX-Script
File:: C:\Program Files\Gokuaku\trainer_english.exe C:\Windows\System32\msitry32.dll C:\Windows\tasks\schedule!3036567561.job
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Posted 13 February 2014 - 06:47 AM
sadly the pop-up is still there
Posted 13 February 2014 - 09:14 AM
Let's try this:
Please post: All RKreport.txt text files located on your desktop.
0 members, 0 guests, 0 anonymous users