edit: added USB scan
Hi,
Re-run
OTL.exe.
- Copy and paste the following text written inside of the quote box into the Custom Scans/Fixes box.
:OTL
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851643
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://br.ask.com/?l=dis&o=14672
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes\{AB97B91E-82AD-4764-B948-C25B2E9FF3F7}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=crm&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYBR&apn_uid=63f10340-6e8f-4b73-8d12-215cd417d790&apn_sauid=989B8A1B-6F92-40FA-8BA4-272731E269F7
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851643
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "http://br.ask.com/?l=dis&o=14672"
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU2&o=14670&locale=pt_BR&apn_uid=63f10340-6e8f-4b73-8d12-215cd417d790&apn_ptnrs=T8&apn_sauid=989B8A1B-6F92-40FA-8BA4-272731E269F7&apn_dtid=YYYYYYYYBR&&q="
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp498@crossrider.com: C:\Users\Guilherme\AppData\Local\RewardsArcade\498\Firefox
[2012/08/06 15:17:14 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Guilherme\AppData\Roaming\mozilla\Firefox\Profiles\dpgrsp17.default\extensions\toolbar@ask.com
[2012/08/06 15:17:14 | 000,002,324 | ---- | M] () -- C:\Users\Guilherme\AppData\Roaming\Mozilla\Firefox\Profiles\dpgrsp17.default\searchplugins\askcom.xml
CHR - homepage: http://www.ask.com/?l=dis&o=14672cr
CHR - Extension: Ask Toolbar = C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaapoomnboffjcgcebabolakmhbblbk\7.15.4.24116_0\
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O33 - MountPoints2\{81f6c131-3031-11e1-8b2f-f46d0472e004}\Shell - "" = AutoRun
O33 - MountPoints2\{81f6c131-3031-11e1-8b2f-f46d0472e004}\Shell\AutoRun\command - "" = E:\Autorun.exe
@Alternate Data Stream - 208 bytes -> C:\Windows\SysWow64\drivers:GbpKmAp.lst
:files
ipconfig /flushdns /c
netsh int ip reset c:\resetlog.txt /c
ipconfig /release /c
ipconfig /renew /c
:commands
[CREATERESTOREPOINT]
[emptytemp]
- Then click the Run Fix button at the top.
- Let the program run unhindered; it will reboot the system when it is done and open notepad with logreport. Attach here that logreport.
*******************
- Download AdwCleaner (by Xplode) on your desktop.
- Launch it, click on [Search] and wait for the scan.
- When the scan ends, notepad with the report will appears.
- Click on the [Delete] Wait for the programme completes his work.
The program will close all active programs. Click OK to confirm that.
On the next two windows that open ( Informations and Restart required ) click OK
- The computer will restart and open a notepad ( C:\AdwCleaner[S1].txt ) with the report.
- Save the notepad report on the Desktop
- Please attach here C:\AdwCleaner[S1].txt
Note: The report will also be stored on C:\AdwCleaner[S1].txt [/list]
******************
>> Re-run OTL, click on QuickScan and attach here fresh OTL.txt log
> Check USB storage devices / removable drives
Download
MCShield from one of the following links:
MyCity - Official download link Softpedija - Mirror download link - Double click MCShield-Setup to install the application.
- Wait a few seconds to MCShield finish initial scan.
Recommendation to under General and Scanner tab you click on Defaults button to choose recommended options.- Connect your USB storage devices to the computer one at a time. Scanning will be done automatically.
When all scanning is done, you need to attach a logreport that has made MCShield.
Start -> All Programs -> MCShield -> Logs
Attach here ->
AllScans.txtExplanation: USB storage devices are all the USB devices that get their own partition letter at connecting to the PC,
e.g. flash drives (thumb/pen drives, USB sticks), external HDDs, MP3/MP4 players, digital cameras,
memory cards (SD cards, Sony Memory Stick, MultiMedia Cards etc.), some mobile phones, some GPS navigation devices etc.
