Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Andromeda, Windows 8


  • Please log in to reply
15 replies to this topic

#1 mwdenko

mwdenko

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 PM

Posted 31 July 2014 - 11:41 AM

I accidentally installed this "andromeda" when downloading FileZilla.  Very upsetting.  It keeps reinstalling itself and I see strange programs running in the task manager.

 

This "program" took over all of my browsers.  I have managed to clean it out of my browsers. But, I am concerned it may have installed something else that may cause an issue with the safety of my PC.

 

Thanks in advance for any help.

 

Currently I have McAfee LiveSafe running a scan.  But, it never seems to find the real nasties.

 

Thanks again.



BC AdBot (Login to Remove)

 


#2 mwdenko

mwdenko
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 PM

Posted 31 July 2014 - 12:00 PM

I started running applications described in another post "is my computer still infected"  I will post the results shortly.



#3 mwdenko

mwdenko
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 PM

Posted 31 July 2014 - 12:31 PM

Security Check...

 Results of screen317's Security Check version 0.99.86  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
McAfee Anti-Virus and Anti-Spyware   
Windows Defender                     
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 65  
 Adobe Flash Player     14.0.0.145  
 Adobe Reader XI  
 Mozilla Firefox (31.0)
 Google Chrome 35.0.1916.153  
 Google Chrome 36.0.1985.125  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbam.exe  
 McAfee VirusScan mcods.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 



#4 mwdenko

mwdenko
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 PM

Posted 31 July 2014 - 12:32 PM

Farbar

 


Farbar Service Scanner Version: 21-07-2014
Ran by Matthew (administrator) on 31-07-2014 at 12:50:38
Running from "C:\Users\Matthew\Downloads"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Attempt to access Google.com returned error: Google.com is unreachable
Attempt to access Yahoo.com returned error: Yahoo.com is unreachable


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
 



#5 mwdenko

mwdenko
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 PM

Posted 31 July 2014 - 12:33 PM

Minitoolbox

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Matthew (administrator) on 31-07-2014 at 12:53:26
Running from "C:\Users\Matthew\Downloads"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

DisplayLink Network Adapter NCM = Ethernet 2 (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
Intel® Wireless-N 7260 = Wi-Fi (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : LT_MWS_INSPIRON
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Mixed
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : neo.rr.com

Ethernet adapter Ethernet 2:

   Connection-specific DNS Suffix  . : neo.rr.com
   Description . . . . . . . . . . . : Dell GigabitEthernet
   Physical Address. . . . . . . . . : 00-24-9B-0B-35-67
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::10f9:804e:4adb:52ea%9(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.111(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, July 31, 2014 11:56:33 AM
   Lease Expires . . . . . . . . . . : Friday, August 1, 2014 11:56:33 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 469771419
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-1C-FC-66-E0-DB-55-B4-56-A8
   DNS Servers . . . . . . . . . . . : 209.18.47.61
                                       209.18.47.62
                                       192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 0C-8B-FD-36-BE-75
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 0C-8B-FD-36-BE-78
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : neo.rr.com
   Description . . . . . . . . . . . : Intel® Wireless-N 7260
   Physical Address. . . . . . . . . : 0C-8B-FD-36-BE-74
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : E0-DB-55-B4-56-A8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:8:289e:b343:758(Preferred)
   Link-local IPv6 Address . . . . . : fe80::8:289e:b343:758%7(Preferred)
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 167772160
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-1C-FC-66-E0-DB-55-B4-56-A8
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.neo.rr.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : neo.rr.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    google.com
Addresses:  2607:f8b0:4009:803::1009
      74.125.225.135
      74.125.225.132
      74.125.225.136
      74.125.225.133
      74.125.225.129
      74.125.225.131
      74.125.225.134
      74.125.225.142
      74.125.225.130
      74.125.225.137
      74.125.225.128


Pinging google.com [173.194.46.71] with 32 bytes of data:
Request timed out.
Reply from 173.194.46.71: bytes=32 time=56ms TTL=48

Ping statistics for 173.194.46.71:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 56ms, Maximum = 56ms, Average = 56ms
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    yahoo.com
Addresses:  98.138.253.109
      206.190.36.45
      98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=71ms TTL=47
Reply from 98.138.253.109: bytes=32 time=71ms TTL=47

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 71ms, Maximum = 71ms, Average = 71ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  9...00 24 9b 0b 35 67 ......Dell GigabitEthernet
  8...0c 8b fd 36 be 75 ......Microsoft Wi-Fi Direct Virtual Adapter
  5...0c 8b fd 36 be 78 ......Bluetooth Device (Personal Area Network)
  4...0c 8b fd 36 be 74 ......Intel® Wireless-N 7260
  3...e0 db 55 b4 56 a8 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
  7...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 10...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.111     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.111    266
    192.168.1.111  255.255.255.255         On-link     192.168.1.111    266
    192.168.1.255  255.255.255.255         On-link     192.168.1.111    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.111    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.111    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  7    306 ::/0                     On-link
  1    306 ::1/128                  On-link
  7    306 2001::/32                On-link
  7    306 2001:0:5ef5:79fb:8:289e:b343:758/128
                                    On-link
  9    266 fe80::/64                On-link
  7    306 fe80::/64                On-link
  7    306 fe80::8:289e:b343:758/128
                                    On-link
  9    266 fe80::10f9:804e:4adb:52ea/128
                                    On-link
  1    306 ff00::/8                 On-link
  9    266 ff00::/8                 On-link
  7    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [84480] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/31/2014 00:46:36 PM) (Source: Application Hang) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1e7c

Start Time: 01cfacde44cdca4b

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 38aa8834-18d2-11e4-bef5-0c8bfd36be78

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (07/31/2014 00:46:34 PM) (Source: Application Hang) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1e24

Start Time: 01cfacde44cb67e2

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: 38aaaf44-18d2-11e4-bef5-0c8bfd36be78

Faulting package full name: Amazon.com.Amazon_3.1.2.7_neutral__343d40qqvtj1t

Faulting package-relative application ID: App

Error: (07/31/2014 00:46:34 PM) (Source: Application Hang) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.16384 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1d20

Start Time: 01cfacde44cdca4b

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: 38aa6124-18d2-11e4-bef5-0c8bfd36be78

Faulting package full name: Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nnt

Faulting package-relative application ID: App

Error: (07/31/2014 00:20:45 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (07/26/2014 09:36:39 PM) (Source: Application Error) (User: )
Description: Faulting application name: RuntimeBroker.exe, version: 6.3.9600.16384, time stamp: 0x5215dfb1
Faulting module name: twinui.dll, version: 6.3.9600.17195, time stamp: 0x53894e8f
Exception code: 0xc0000005
Fault offset: 0x00000000003ff1c0
Faulting process id: 0x18fc
Faulting application start time: 0xRuntimeBroker.exe0
Faulting application path: RuntimeBroker.exe1
Faulting module path: RuntimeBroker.exe2
Report Id: RuntimeBroker.exe3
Faulting package full name: RuntimeBroker.exe4
Faulting package-relative application ID: RuntimeBroker.exe5

Error: (07/25/2014 10:58:29 PM) (Source: Application Error) (User: )
Description: Faulting application name: WLANExt.exe, version: 6.3.9600.16384, time stamp: 0x5215e075
Faulting module name: ntdll.dll, version: 6.3.9600.17114, time stamp: 0x53649e73
Exception code: 0xc0000374
Fault offset: 0x00000000000f87a8
Faulting process id: 0x5bc
Faulting application start time: 0xWLANExt.exe0
Faulting application path: WLANExt.exe1
Faulting module path: WLANExt.exe2
Report Id: WLANExt.exe3
Faulting package full name: WLANExt.exe4
Faulting package-relative application ID: WLANExt.exe5

Error: (07/24/2014 06:41:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: LT_MWS_INSPIRON)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147023174 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/22/2014 07:24:16 PM) (Source: Application Error) (User: )
Description: Faulting application name: McUpdate.exe, version: 12.8.958.0, time stamp: 0x535e8d52
Faulting module name: McUpdate.exe, version: 12.8.958.0, time stamp: 0x535e8d52
Exception code: 0x40000015
Fault offset: 0x000000000007bd29
Faulting process id: 0xc68
Faulting application start time: 0xMcUpdate.exe0
Faulting application path: McUpdate.exe1
Faulting module path: McUpdate.exe2
Report Id: McUpdate.exe3
Faulting package full name: McUpdate.exe4
Faulting package-relative application ID: McUpdate.exe5

Error: (07/20/2014 11:19:36 AM) (Source: Application Error) (User: )
Description: Faulting application name: McUpdate.exe, version: 12.8.958.0, time stamp: 0x535e8d52
Faulting module name: McUpdate.exe, version: 12.8.958.0, time stamp: 0x535e8d52
Exception code: 0x40000015
Fault offset: 0x000000000007bd29
Faulting process id: 0x22b8
Faulting application start time: 0xMcUpdate.exe0
Faulting application path: McUpdate.exe1
Faulting module path: McUpdate.exe2
Report Id: McUpdate.exe3
Faulting package full name: McUpdate.exe4
Faulting package-relative application ID: McUpdate.exe5

Error: (07/19/2014 07:58:46 AM) (Source: Application Error) (User: )
Description: Faulting application name: WLANExt.exe, version: 6.3.9600.16384, time stamp: 0x5215e075
Faulting module name: ntdll.dll, version: 6.3.9600.17114, time stamp: 0x53649e73
Exception code: 0xc0000374
Fault offset: 0x00000000000f87a8
Faulting process id: 0x5c4
Faulting application start time: 0xWLANExt.exe0
Faulting application path: WLANExt.exe1
Faulting module path: WLANExt.exe2
Report Id: WLANExt.exe3
Faulting package full name: WLANExt.exe4
Faulting package-relative application ID: WLANExt.exe5


System errors:
=============
Error: (07/31/2014 11:56:44 AM) (Source: Service Control Manager) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1

Error: (07/31/2014 06:18:21 AM) (Source: Microsoft-Windows-NDIS) (User: )
Description: Miniport Dell GigabitEthernet, {8B409ECC-34B4-4D55-9B92-14D23D013745}, had event 73

Error: (07/29/2014 06:50:49 PM) (Source: Microsoft-Windows-NDIS) (User: )
Description: Miniport Dell GigabitEthernet, {8B409ECC-34B4-4D55-9B92-14D23D013745}, had event 73

Error: (07/29/2014 04:29:52 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer JOLLYROGER
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{75FD9B47-72D0-4EA2-AE0D-A43EA2C8A605}.
The master browser is stopping or an election is being forced.

Error: (07/28/2014 06:14:58 AM) (Source: DCOM) (User: LT_MWS_INSPIRON)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (07/28/2014 06:14:58 AM) (Source: DCOM) (User: LT_MWS_INSPIRON)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (07/27/2014 07:34:57 AM) (Source: NetBT) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.115.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.

Error: (07/26/2014 04:10:38 AM) (Source: Service Control Manager) (User: )
Description: The Interactive Services Detection service terminated with the following error:
%%1

Error: (07/26/2014 04:09:26 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\IWMSSvc.dll

Error: (07/26/2014 04:09:26 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\IWMSSvc.dll


Microsoft Office Sessions:
=========================
Error: (07/31/2014 00:46:36 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.204981e7c01cfacde44cdca4b4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe38aa8834-18d2-11e4-bef5-0c8bfd36be78microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (07/31/2014 00:46:34 PM) (Source: Application Hang)(User: )
Description: backgroundTaskHost.exe6.3.9600.163841e2401cfacde44cb67e24294967295C:\WINDOWS\system32\backgroundTaskHost.exe38aaaf44-18d2-11e4-bef5-0c8bfd36be78Amazon.com.Amazon_3.1.2.7_neutral__343d40qqvtj1tApp

Error: (07/31/2014 00:46:34 PM) (Source: Application Hang)(User: )
Description: backgroundTaskHost.exe6.3.9600.163841d2001cfacde44cdca4b4294967295C:\WINDOWS\system32\backgroundTaskHost.exe38aa6124-18d2-11e4-bef5-0c8bfd36be78Facebook.Facebook_1.3.0.9_x64__8xx8rvfyw5nntApp

Error: (07/31/2014 00:20:45 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT AUTHORITY)
Description: -2147024883

Error: (07/26/2014 09:36:39 PM) (Source: Application Error)(User: )
Description: RuntimeBroker.exe6.3.9600.163845215dfb1twinui.dll6.3.9600.1719553894e8fc000000500000000003ff1c018fc01cfa8a95b862091C:\Windows\System32\RuntimeBroker.exeC:\WINDOWS\system32\twinui.dll73d1c4da-152e-11e4-bef4-0c8bfd36be78

Error: (07/25/2014 10:58:29 PM) (Source: Application Error)(User: )
Description: WLANExt.exe6.3.9600.163845215e075ntdll.dll6.3.9600.1711453649e73c000037400000000000f87a85bc01cfa58af3fdeb48C:\WINDOWS\system32\WLANExt.exeC:\WINDOWS\SYSTEM32\ntdll.dllb7f02270-1470-11e4-bef3-0c8bfd36be78

Error: (07/24/2014 06:41:36 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: LT_MWS_INSPIRON)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147023174

Error: (07/22/2014 07:24:16 PM) (Source: Application Error)(User: )
Description: McUpdate.exe12.8.958.0535e8d52McUpdate.exe12.8.958.0535e8d5240000015000000000007bd29c6801cfa60408554942C:\Program Files\mcafee.com\agent\McUpdate.exeC:\Program Files\mcafee.com\agent\McUpdate.exe4b990611-11f7-11e4-bef3-0c8bfd36be78

Error: (07/20/2014 11:19:36 AM) (Source: Application Error)(User: )
Description: McUpdate.exe12.8.958.0535e8d52McUpdate.exe12.8.958.0535e8d5240000015000000000007bd2922b801cfa42dfc1b83fbC:\Program Files\mcafee.com\agent\McUpdate.exeC:\Program Files\mcafee.com\agent\McUpdate.exe4208a84a-1021-11e4-bef0-0c8bfd36be78

Error: (07/19/2014 07:58:46 AM) (Source: Application Error)(User: )
Description: WLANExt.exe6.3.9600.163845215e075ntdll.dll6.3.9600.1711453649e73c000037400000000000f87a85c401cf9bbfcd28c682C:\WINDOWS\system32\WLANExt.exeC:\WINDOWS\SYSTEM32\ntdll.dll091ffe94-0f3c-11e4-bef0-0c8bfd36be78


CodeIntegrity Errors:
===================================
  Date: 2014-01-18 20:49:38.316
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-01-18 20:49:38.285
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.



=========================== Installed Programs ============================
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon 1Button App for Windows Taskbar (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.2 - Amazon)
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.0.0.564 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
B209a-m (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.11266.0 - Cisco Consumer Products LLC)
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D1C35197-B856-45E2-BA67-5ABB6B0CA9C2}) (Version:  - Microsoft)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.7.1.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.1.2 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.6.4.13 - Synaptics Incorporated)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DisplayLink Core Software (HKLM\...\{EDCF5C19-B08F-4661-95AB-88ABF88318F0}) (Version: 7.5.52874.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{6E443FA1-0FF5-4F82-B937-CE47A9F2BAF0}) (Version: 7.5.52889.0 - DisplayLink Corp.)
DSC/AA Factory Installer (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden
eJuice Me Up (HKLM-x32\...\{7C162270-CA72-441F-8349-B0773B97586C}) (Version: 14.0.0.2 - Breaktru Software)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet Pro 8620 Basic Device Software (HKLM\...\{EE25D6F6-59AF-48A7-87E1-15A81D1C5E22}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Officejet Pro 8620 Help (HKLM-x32\...\{9A4D71AB-9C68-4702-A4A2-A4DB7B0FE270}) (Version: 32.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart Plus B209a-m All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{E5BC8CEA-6C57-491E-83C0-4D0FA958C7F3}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36943 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel® PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{302600C1-6BDF-4FD1-1306-148929CC1385}) (Version: 3.1.1306.0354 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.6.0.1033 - Intel Corporation) Hidden
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® Update Manager (x32 Version: 1.6.0.56 - Intel Corporation) Hidden
Intel® WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Anti-Theft (HKLM\...\McAfee Anti-Theft) (Version: 2.1.170.2 - McAfee, Inc.)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.958 - McAfee, Inc.)
Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pandora (HKLM-x32\...\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1) (Version: 2.0.8 - PANDORA MEDIA, INC.)
Pandora (x32 Version: 2.0.8 - PANDORA MEDIA, INC.) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PrintServer Utilities (HKLM-x32\...\PrintServer Utilities) (Version:  - )
Product Improvement Study for HP Officejet Pro 8620 (HKLM\...\{0E8EC6E3-3AD8-4AB0-8EB3-AA835A20EDD7}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
PS_AIO_06_B209a-m_SW_Min (x32 Version: 140.0.863.000 - Hewlett-Packard) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.12 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6971 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.21220 - Realtek Semiconductor Corp.)
ROBLOX Player for Matthew (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0040 - ST Microelectronics)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{58D92858-3C94-4C2F-A8E4-AEFF9304C3CF}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F9F71CF8-8310-4EFC-869F-47BC0FEE269D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6F540E80-4BB2-413F-9648-52031AA237B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881074) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9A479F9C-C1EC-4833-A115-A8B7A60480BD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{3A12DFA2-3FF5-450E-BDB1-A742551A5D1A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{EA8072E8-E3CF-46DF-A5DE-9F5975344327}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUSR_{1BABB09A-AB4C-427F-B23C-76A278737988}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{ED3A8E98-FDD4-493F-A0EC-141821573EC2}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3C6F4768-FB23-4ECF-8328-5C47E0664B65}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{C8955821-EDAC-4E65-BEF3-C9C0A049517A}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C8955821-EDAC-4E65-BEF3-C9C0A049517A}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F96FE9BB-CD90-472B-852E-156342618C54}) (Version:  - Microsoft)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

========================= Devices: ================================

Name: HP Officejet Pro 8620
Description: HP Officejet Pro 8620
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 8090.57 MB
Available physical RAM: 4565.81 MB
Total Pagefile: 16282.57 MB
Available Pagefile: 12890.74 MB
Total Virtual: 4095.88 MB
Available Virtual: 3977.5 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:917.7 GB) (Free:788.58 GB) NTFS
2 Drive x: () (Fixed) (Total:0.34 GB) (Free:0.04 GB) NTFS
3 Drive y: (PBR Image) (Fixed) (Total:12.34 GB) (Free:0.71 GB) NTFS

========================= Users: ========================================

User accounts for \\LT_MWS_INSPIRON

Administrator            Guest                    Matthew                  

========================= Restore Points ==================================

09-07-2014 20:59:47 Windows Update
17-07-2014 14:10:36 Installed Java 7 Update 65
22-07-2014 21:36:36 Windows Update
30-07-2014 11:19:03 Scheduled Checkpoint

**** End of log ****
 



#6 mwdenko

mwdenko
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 PM

Posted 31 July 2014 - 01:00 PM

Malwarebytes did not require reboot.

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/31/2014
Scan Time: 12:58:02 PM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.31.06
Rootkit Database: v2014.07.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Matthew

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 326574
Time Elapsed: 59 min, 7 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.InstallCore.A, HKU\S-1-5-21-143704804-1401055181-3618707279-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [5fb3188e3d3e60d69a43ba3e26dc52ae],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-143704804-1401055181-3618707279-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [81910c9a6a115cdadb268788ad570af6],

Registry Values: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-143704804-1401055181-3618707279-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, zr2Y1E2Z1G1J1T1M, Quarantined, [81910c9a6a115cdadb268788ad570af6]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



#7 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:09 AM

Posted 31 July 2014 - 01:37 PM

Hi mwdenko and :welcome:

 

Please download AdwCleaner by Xplode HERE onto your desktop.

    Close all open programs and internet browsers.
    Double click on AdwCleaner.exe to run the tool.
    Click on Scan.
    After the scan is complete click on "Clean"
    Confirm each time with Ok.
    Your computer will be rebooted automatically. A text file will open after the restart.
    Please post the content of that logfile with your next answer.
    You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool HERE to your desktop.

    Shut down your protection software now to avoid potential conflicts.
    Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    Post the contents of JRT.txt into your next message.

 

Download HitmanPro x64 HERE from onto your desktop.

Double-click on the file named HitmanPro.exe.It will be updated.When the program starts you will be presented with the start screen.Click on the Next button.Accept to store a copy of the program to your computer and click Next and it will start to scan.
When it has finished it will display a list of all the malware that the program found.Below next to button buy now is option Save log.Save it to your desktop and paste it here.

 

Thank you!


Edited by Alex&Vanko, 31 July 2014 - 01:38 PM.


#8 mwdenko

mwdenko
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 PM

Posted 31 July 2014 - 01:50 PM

# AdwCleaner v3.302 - Report created 31/07/2014 at 14:45:56
# Updated 30/07/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Matthew - LT_MWS_INSPIRON
# Running from : C:\Users\Matthew\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\user.js

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\prefs.js ]


-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1488 octets] - [31/07/2014 14:43:49]
AdwCleaner[S0].txt - [1419 octets] - [31/07/2014 14:45:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1479 octets] ##########
 



#9 mwdenko

mwdenko
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 PM

Posted 31 July 2014 - 01:58 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Matthew on Thu 07/31/2014 at 14:52:24.73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Matthew\AppData\Roaming\mozilla\firefox\profiles\rle58l6f.default-1399654899149\minidumps [35 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 07/31/2014 at 14:57:50.98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#10 mwdenko

mwdenko
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 PM

Posted 31 July 2014 - 02:09 PM

HitmanPro 3.7.9.221
www.hitmanpro.com

   Computer name . . . . : LT_MWS_INSPIRON
   Windows . . . . . . . : 6.3.0.9600.X64/4
   User name . . . . . . : LT_MWS_INSPIRON\Matthew
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2014-07-31 14:59:44
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 6m 25s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 131

   Objects scanned . . . : 2,266,951
   Files scanned . . . . : 136,349
   Remnants scanned  . . : 862,470 files / 1,268,132 keys

Suspicious files ____________________________________________________________

   C:\Users\Matthew\Downloads\FSS.exe
      Size . . . . . . . : 415,232 bytes
      Age  . . . . . . . : 0.1 days (2014-07-31 12:48:53)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 149759CADFDF8C19A4104C7DB08BA490D33CFBD29785640385239087B79E1FD2
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\Matthew\Downloads\MiniToolBox.exe
      Size . . . . . . . : 401,920 bytes
      Age  . . . . . . . : 0.1 days (2014-07-31 12:52:18)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 55ADA329F40AC0E0F13EC464E56D09C12078ADEF021A934F059BCD3E962EC46E
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.


Cookies _____________________________________________________________________

   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:a1.interclick.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.auditude.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.mlnadvertising.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:adinterax.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:adlegend.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.mediade.sk
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.p161.net
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pointroll.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.undertone.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserve.postrelease.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver.planetofthevapes.co.uk
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:chitika.net
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:hisnakiamotors.122.2o7.net
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:interclick.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:kontera.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:microsoftsto.112.2o7.net
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:mm.chitika.net
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:pointroll.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:realmedia.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:specificclick.net
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:tacoda.at.atwola.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com
   C:\Users\Matthew\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com
   C:\Users\Matthew\AppData\Local\Microsoft\Windows\INetCookies\0EIVA2TB.txt
   C:\Users\Matthew\AppData\Local\Microsoft\Windows\INetCookies\0LQKOW36.txt
   C:\Users\Matthew\AppData\Local\Microsoft\Windows\INetCookies\AZVIF0KM.txt
   C:\Users\Matthew\AppData\Local\Microsoft\Windows\INetCookies\FU5FD48T.txt
   C:\Users\Matthew\AppData\Local\Microsoft\Windows\INetCookies\IGSU7QN6.txt
   C:\Users\Matthew\AppData\Local\Microsoft\Windows\INetCookies\NBC4WUG5.txt
   C:\Users\Matthew\AppData\Local\Microsoft\Windows\INetCookies\NLZ6APTU.txt
   C:\Users\Matthew\AppData\Local\Microsoft\Windows\INetCookies\OU3IDEW0.txt
   C:\Users\Matthew\AppData\Local\Microsoft\Windows\INetCookies\VOU3MMWB.txt
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:247realmedia.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:2o7.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:a1.interclick.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:ad.360yield.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:ad.afy11.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:ad.doubleclick.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:ad.mlnadvertising.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:adinterax.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:adlegend.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:ads.bridgetrack.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:ads.creative-serving.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:ads.intergi.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:ads.mediade.sk
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:ads.p161.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:ads.pointroll.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:ads.pubmatic.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:ads.stickyadstv.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:ads.undertone.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:ads.wsrs.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:ads.yahoo.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:adserv.bulletinmarketing.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:adserve.postrelease.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:adtech.de
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:adtechus.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:advertising.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:ar.atwola.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:at.atwola.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:atdmt.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:atwola.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:bs.serving-sys.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:burstnet.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:casalemedia.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:chicagosuntimes.122.2o7.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:chitika.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:collective-media.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:dmtracker.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:doubleclick.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:emjcd.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:fanatics.112.2o7.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:fastclick.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:foxnews.112.2o7.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:in.getclicky.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:interclick.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:kontera.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:media6degrees.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:mediaplex.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:microsoftsto.112.2o7.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:mm.chitika.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:network.realmedia.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:pd0.imp.revsci.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:pointroll.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:pubads.g.doubleclick.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:questionmarket.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:realmedia.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:revsci.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:ru4.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:serving-sys.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:smartadserver.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:specificclick.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:stat.dealtime.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:statcounter.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:stats.paypal.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:statse.webtrendslive.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:survey.g.doubleclick.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:tacoda.at.atwola.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:track.adform.net
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:tribalfusion.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:ww251.smartadserver.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:www.googleadservices.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:xiti.com
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:yadro.ru
   C:\Users\Matthew\AppData\Roaming\Mozilla\Firefox\Profiles\rle58l6f.default-1399654899149\cookies.sqlite:zedo.com
 

#11 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:09 AM

Posted 31 July 2014 - 02:11 PM

Can you make a screenshot of Task manager,upload somewhere and paste link to see thеse strange processes.

How to make screenshot

 

Thank you!



#12 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:09 AM

Posted 31 July 2014 - 02:12 PM

So delete cookies.Nothing.



#13 mwdenko

mwdenko
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 PM

Posted 31 July 2014 - 02:22 PM

I may have gotten rid of the program when I edited the registry.  Who knows.

Here are the screen prints. 

 

Thanks for taking the time to help me out!

 

m4uPvKQ.jpg

HGzbqMc.png

MaPW3c7.png

RL27zTt.png

oldzUAU.png



#14 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:09 AM

Posted 31 July 2014 - 02:28 PM

How did you edit the registry?

Write the strange processes that are upsetting you.

Start adwCleaner and click uninstall and it will dissapear.

JRT just delete.

Hitman uninstall standard way as a program.

 

Thank you!



#15 mwdenko

mwdenko
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:09 PM

Posted 31 July 2014 - 03:19 PM

I ran the uninstall for andromeda, then after it reinstalled... I uninstalled it and then manually went through the registry and deleted anything with the name Andromeda. 

 

I was mainly concerned that it installed something else.

 

Thank you!  It's always better to get a second set of eyes on something like this. 

 

I truely appreciate all of your time and efforts!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users