Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't disable proxy server on 8.1


  • Please log in to reply
19 replies to this topic

#1 Gordon C

Gordon C

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NC
  • Local time:07:38 PM

Posted 08 August 2014 - 12:29 PM

Have a laptop with Windows 8.1. Prior infections have configured http & https network connections to use a proxy server @127.0.0.1:50742. Going into advanced settings and changing the options doesn't work BECAUSE THE 'SAVE' BUTTON REMAINS GRAYED OUT. I have come to this from several different directions and in every instance I can see and change the settings, the option to save my changes has been effectively removed.

 

The system has already been cleaned so there is no proxy server monitoring the connection and internet access fails, thus nifty doodads like Hitman Pro won't work.

 

Ideas anyone?


Edited by hamluis, 08 August 2014 - 02:49 PM.
Moved from win 8 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:38 PM

Posted 08 August 2014 - 08:55 PM

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes Anti-Malware to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.



If you already have MBAM 2.0 installed:

  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


How to get logs:
(Export log to save as txt)


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.



(Copy to clipboard for pasting into forum replies or tickets)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"



p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Gordon C

Gordon C
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NC
  • Local time:07:38 PM

Posted 10 August 2014 - 10:45 AM

 Results of screen317's Security Check version 0.99.86  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 MVPS Hosts File  
 Spybot - Search & Destroy
 Java 7 Update 45  
 Java version out of Date!
 Adobe Flash Player     14.0.0.145  
 Adobe Reader XI  
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe
 Spybot Teatimer.exe is disabled!
 Windows Defender MpCmdRun.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````


Farbar Service Scanner Version: 21-07-2014
Ran by Danielle (administrator) on 10-08-2014 at 11:18:49
Running from "F:\"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Danielle (administrator) on 10-08-2014 at 11:20:38
Running from "F:\"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================


127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com

There are 15472 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Broadcom 802.11n Network Adapter = Wi-Fi (Connected)
Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.30) = Ethernet (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : idea-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : PK5001Z

Wireless LAN adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 0E-84-DC-90-B4-32
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.30)
   Physical Address. . . . . . . . . : 20-89-84-F6-C4-8E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : PK5001Z
   Description . . . . . . . . . . . : Broadcom 802.11n Network Adapter
   Physical Address. . . . . . . . . : 0C-84-DC-90-B4-32
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f5fb:9ca6:e03f:2b0a%2(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.122(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, August 10, 2014 11:06:25 AM
   Lease Expires . . . . . . . . . . : Tuesday, August 12, 2014 11:06:22 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 252478684
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-9F-A2-05-0C-84-DC-90-B4-32
   DNS Servers . . . . . . . . . . . : 192.168.0.1
                                       63.162.197.69
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  PK5001Z.PK5001Z
Address:  192.168.0.1

Name:    google.com
Addresses:  2607:f8b0:4004:801::1006
      74.125.228.33
      74.125.228.34
      74.125.228.35
      74.125.228.36
      74.125.228.37
      74.125.228.38
      74.125.228.39
      74.125.228.40
      74.125.228.41
      74.125.228.46
      74.125.228.32


Pinging google.com [74.125.228.34] with 32 bytes of data:
Reply from 74.125.228.34: bytes=32 time=34ms TTL=57
Reply from 74.125.228.34: bytes=32 time=220ms TTL=57

Ping statistics for 74.125.228.34:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 34ms, Maximum = 220ms, Average = 127ms
Server:  PK5001Z.PK5001Z
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=92ms TTL=48
Reply from 98.139.183.24: bytes=32 time=84ms TTL=48

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 84ms, Maximum = 92ms, Average = 88ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  5...0e 84 dc 90 b4 32 ......Microsoft Wi-Fi Direct Virtual Adapter
  3...20 89 84 f6 c4 8e ......Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.30)
  2...0c 84 dc 90 b4 32 ......Broadcom 802.11n Network Adapter
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.122     40
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.122    296
    192.168.0.122  255.255.255.255         On-link     192.168.0.122    296
    192.168.0.255  255.255.255.255         On-link     192.168.0.122    296
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.122    296
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.122    296
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  2    296 fe80::/64                On-link
  2    296 fe80::f5fb:9ca6:e03f:2b0a/128
                                    On-link
  1    306 ff00::/8                 On-link
  2    296 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [84480] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/08/2014 00:49:24 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (08/08/2014 00:36:21 PM) (Source: Winlogon) (User: )
Description: The Windows logon process has unexpectedly terminated.

Error: (08/08/2014 00:28:02 PM) (Source: Microsoft-Windows-LocationProvider) (User: IDEA-PC)
Description: There was an error communicating to the Orion inference server

Error: (08/08/2014 00:28:01 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT AUTHORITY)
Description: There was an error communicating to the Orion inference server

Error: (08/08/2014 00:27:57 PM) (Source: Microsoft-Windows-LocationProvider) (User: IDEA-PC)
Description: There was an error communicating to the Orion inference server

Error: (08/08/2014 00:27:56 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT AUTHORITY)
Description: There was an error communicating to the Orion inference server

Error: (08/08/2014 00:27:54 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (08/08/2014 00:27:32 PM) (Source: Microsoft-Windows-LocationProvider) (User: IDEA-PC)
Description: There was an error communicating to the Orion inference server

Error: (08/08/2014 00:27:31 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT AUTHORITY)
Description: There was an error communicating to the Orion inference server

Error: (08/08/2014 00:25:47 PM) (Source: Microsoft-Windows-LocationProvider) (User: IDEA-PC)
Description: There was an error communicating to the Orion inference server


System errors:
=============
Error: (08/08/2014 01:42:41 PM) (Source: Service Control Manager) (User: )
Description: The Util Rock Turner service failed to start due to the following error:
%%2

Error: (08/08/2014 01:42:41 PM) (Source: Service Control Manager) (User: )
Description: The Update Rock Turner service failed to start due to the following error:
%%2

Error: (08/08/2014 01:42:40 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Optimizer Pro Crash Monitor service to connect.

Error: (08/08/2014 01:03:05 PM) (Source: Service Control Manager) (User: )
Description: The Util Rock Turner service failed to start due to the following error:
%%2

Error: (08/08/2014 01:03:05 PM) (Source: Service Control Manager) (User: )
Description: The Update Rock Turner service failed to start due to the following error:
%%2

Error: (08/08/2014 01:03:05 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Optimizer Pro Crash Monitor service to connect.

Error: (08/08/2014 01:01:26 PM) (Source: DCOM) (User: IDEA-PC)
Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}

Error: (08/08/2014 01:01:26 PM) (Source: DCOM) (User: IDEA-PC)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (08/08/2014 00:58:31 PM) (Source: DCOM) (User: IDEA-PC)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (08/08/2014 00:52:47 PM) (Source: DCOM) (User: IDEA-PC)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}


Microsoft Office Sessions:
=========================
Error: (08/08/2014 00:49:24 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT AUTHORITY)
Description: -2147024883

Error: (08/08/2014 00:36:21 PM) (Source: Winlogon)(User: )
Description:

Error: (08/08/2014 00:28:02 PM) (Source: Microsoft-Windows-LocationProvider)(User: IDEA-PC)
Description: -2143485936

Error: (08/08/2014 00:28:01 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT AUTHORITY)
Description: -2143485936

Error: (08/08/2014 00:27:57 PM) (Source: Microsoft-Windows-LocationProvider)(User: IDEA-PC)
Description: -2143485936

Error: (08/08/2014 00:27:56 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT AUTHORITY)
Description: -2143485936

Error: (08/08/2014 00:27:54 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT AUTHORITY)
Description: -2147024883

Error: (08/08/2014 00:27:32 PM) (Source: Microsoft-Windows-LocationProvider)(User: IDEA-PC)
Description: -2143485936

Error: (08/08/2014 00:27:31 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT AUTHORITY)
Description: -2143485936

Error: (08/08/2014 00:25:47 PM) (Source: Microsoft-Windows-LocationProvider)(User: IDEA-PC)
Description: -2143485936


CodeIntegrity Errors:
===================================
  Date: 2014-08-07 12:42:31.800
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-08-07 12:42:31.565
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-08-07 12:42:31.315
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-08-07 12:42:30.925
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-08 11:08:25.610
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-08 11:08:25.369
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-02-20 21:42:03.670
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-02-20 21:42:03.638
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.



=========================== Installed Programs ============================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.04) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version:  - Alactro LLC)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ?Canon Inc.?)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
Canon MG3200 series On-screen Manual (HKLM-x32\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon MG3200 series User Registration (HKLM-x32\...\Canon MG3200 series User Registration) (Version:  - Canon Inc.?)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Classic Shell (HKLM\...\{98BB5224-BC5D-4028-9D20-536C1C263AA9}) (Version: 4.0.2 - IvoSoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.49.0 - Conexant)
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.11 - Lenovo)
Energy Management (x32 Version: 8.0.2.11 - Lenovo) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.0.0.1083 - Intel Corporation) Hidden
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LeapFrog LeapPad Explorer Plugin (x32 Version: 5.2.1.18456 - LeapFrog) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10230 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.14.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4331.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4331.52 - CyberLink Corp.) Hidden
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.75 - Lenovo)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4631.1004 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nitro Pro 8 (HKLM\...\{34BE77EE-B563-49D7-A8A0-FFD76D29BBD3}) (Version: 8.0.10.7 - Nitro)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.16 - Qualcomm Atheros Communications Inc.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Smilebox (HKCU\...\Smilebox) (Version: 1.0.0.26688 - Smilebox, Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
ToneSync for Windows (HKCU\...\c2c9648a374f64d1) (Version: 1.2.3.309 - Zedge Europe AS)
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) (HKLM-x32\...\LeapPadExplorerPlugin) (Version:  - LeapFrog)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Driver Package - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 3961.77 MB
Available physical RAM: 2529.18 MB
Total Pagefile: 4665.77 MB
Available Pagefile: 3168.07 MB
Total Virtual: 4095.88 MB
Available Virtual: 3983.74 MB

========================= Partitions: =====================================

1 Drive c: (Windows8_OS) (Fixed) (Total:425.13 GB) (Free:388.09 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.16 GB) NTFS
3 Drive e: (ROBOTS_43) (CDROM) (Total:7.93 GB) (Free:0 GB) UDF
4 Drive f: (WDO_MEDIA32) (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT32

========================= Users: ========================================

User accounts for \\IDEA-PC

Administrator            Danielle                 Guest                    

========================= Restore Points ==================================

10-07-2014 02:35:27 RegClean Pro Wed, Jul 09, 14  22:35
07-08-2014 18:18:55 Malwarebytes Anti-Rootkit Restore Point

**** End of log ****

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/7/2014
Scan Time: 3:22:32 PM
Logfile: mbamscan.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.07.08
Rootkit Database: v2014.08.04.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Danielle

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 329358
Time Elapsed: 9 min, 32 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 5
PUP.Optional.Radsteroids.A, C:\ProgramData\gMYZXcaOJok\saTHPKJmw.exe, 1948, Delete-on-Reboot, [04c0853e611a82b403d5d596fd04c23e]
PUP.Optional.Wajam, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe, 2080, Delete-on-Reboot, [9133764dd9a2fc3a7049278021e0a858]
PUP.Optional.Wajam, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 4460, Delete-on-Reboot, [982c289bf48785b17544a7003ec3f10f]
PUP.Optional.SearchSnacks.A, C:\Program Files (x86)\SearchSnacks\Service\sssvc.exe, 1224, Delete-on-Reboot, [279d22a1d1aa5fd7763e81666b970ff1]
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamHttpServer.exe, 2304, Delete-on-Reboot, [e1e38043047751e5ab982f8221e1966a]

Modules: 2
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\FiddlerCore.dll, Delete-on-Reboot, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\Newtonsoft.Json.dll, Delete-on-Reboot, [e1e38043047751e5ab982f8221e1966a],

Registry Keys: 40
PUP.Optional.Radsteroids.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\saTHPKJmw, Quarantined, [04c0853e611a82b403d5d596fd04c23e],
PUP.Optional.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Wajam Internet Enhancer Service, Quarantined, [9133764dd9a2fc3a7049278021e0a858],
PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, Quarantined, [e4e0c1029fdcf93d51ab25448a78659b],
PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, Quarantined, [e4e0c1029fdcf93d51ab25448a78659b],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\CLASSES\CLSID\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Quarantined, [7153299a90eb44f2d6eb6cf99c660df3],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\CLASSES\CLSID\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}\INPROCSERVER32, Quarantined, [7153299a90eb44f2d6eb6cf99c660df3],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{F32C616B-19B1-4978-919B-ACB52B51CAA5}, Quarantined, [7153299a90eb44f2d6eb6cf99c660df3],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{CCE39B30-B61A-4569-9411-43747C6C481F}, Quarantined, [7153299a90eb44f2d6eb6cf99c660df3],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{CCE39B30-B61A-4569-9411-43747C6C481F}, Quarantined, [7153299a90eb44f2d6eb6cf99c660df3],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{F32C616B-19B1-4978-919B-ACB52B51CAA5}, Quarantined, [7153299a90eb44f2d6eb6cf99c660df3],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Quarantined, [7153299a90eb44f2d6eb6cf99c660df3],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Quarantined, [7153299a90eb44f2d6eb6cf99c660df3],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Quarantined, [7153299a90eb44f2d6eb6cf99c660df3],
PUP.Optional.SearchSnacks.A, HKU\S-1-5-21-501355956-4286567946-3003223455-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Quarantined, [7153299a90eb44f2d6eb6cf99c660df3],
PUP.Optional.SearchSnacks.A, HKU\S-1-5-21-501355956-4286567946-3003223455-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Quarantined, [7153299a90eb44f2d6eb6cf99c660df3],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Quarantined, [7153299a90eb44f2d6eb6cf99c660df3],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Quarantined, [7153299a90eb44f2d6eb6cf99c660df3],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, Quarantined, [09bb50730c6f1a1c5a7164055ca629d7],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, Quarantined, [09bb50730c6f1a1c5a7164055ca629d7],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-501355956-4286567946-3003223455-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Quarantined, [dee6863d0c6f84b20dd04a1ac141b050],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-501355956-4286567946-3003223455-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Quarantined, [6d57e9daf4876bcb5f7f1f451ce6718f],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Quarantined, [6d57e9daf4876bcb5f7f1f451ce6718f],
PUP.Optional.GigaClicks.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\The Hyper Browser Updater, Quarantined, [2a9af9caa0dbc274a5c59df14eb37f81],
PUP.Optional.Eorezo.A, HKLM\SOFTWARE\WOW6432NODE\FREE_SOFTTODAY, Quarantined, [646008bb89f21224972ec617ac56956b],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\WOW6432NODE\SearchSnacks, Quarantined, [f4d08e35463587af8c2710d7b2509070],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\Wajam, Quarantined, [873d18abc8b3979f5399042ea262ae52],
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT, Quarantined, [05bf00c379029b9b6c5e835b4fb3b947],
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, Quarantined, [e2e28f34562579bd26ab11cb0ef43ec2],
PUP.Optional.ConduitSearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CltMngSvc, Quarantined, [81432f9436452d09293a8293b054ba46],
PUP.Optional.SearchSnacks, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ssnfd, Quarantined, [54708d3683f8989ec83cf0e8c9391de3],
PUP.Optional.SearchSnacks.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SSSVC, Quarantined, [279d22a1d1aa5fd7763e81666b970ff1],
PUP.Optional.FreeSoftToday.A, HKU\S-1-5-21-501355956-4286567946-3003223455-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\freesofttoday, Quarantined, [e8dc4281a0db3ef893fbbc7e798b56aa],
PUP.Optional.BlockAndSurf.A, HKU\S-1-5-21-501355956-4286567946-3003223455-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\BlockAndSurf, Quarantined, [ffc50bb8a6d592a45332f3e48d759b65],
PUP.Optional.MultiIE.A, HKU\S-1-5-21-501355956-4286567946-3003223455-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, Quarantined, [a2228d36c3b88da9ffe5cd68f311e21e],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-501355956-4286567946-3003223455-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [14b032917cffd85e63dc07fb6b983bc5],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-501355956-4286567946-3003223455-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [6b598142cdae91a5e07a15032bd9ec14],
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-501355956-4286567946-3003223455-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, Quarantined, [bb09952e730875c16c64fbe1a26026da],
PUP.Optional.Wajam.A, HKU\S-1-5-21-501355956-4286567946-3003223455-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM, Quarantined, [1fa50fb4cbb02f078e20bc5f94702ed2],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Wajam, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Radsteroids.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Radsteroids, Quarantined, [6361f8cba3d88caa11f6a90da75bb947],

Registry Values: 7
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\Mysearchdial\1.8.29.0\, Quarantined, [269eab182d4efb3bf5efd95ece36fc04]
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_us_81, Quarantined, [ae16e7dc7902fc3a896e8668bd456898],
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_us_118, Quarantined, [c6fe655ecdaed1656196618d48bafa06],
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT|InstallDir, C:\PROGRA~2\SearchProtect, Quarantined, [05bf00c379029b9b6c5e835b4fb3b947]
PUP.Optional.SearchSnacks.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SSSVC|ImagePath, "C:\Program Files (x86)\SearchSnacks\Service\sssvc.exe", Quarantined, [279d22a1d1aa5fd7763e81666b970ff1]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-501355956-4286567946-3003223455-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, zr2X2X1G1S1F2V1S2Q0V, Quarantined, [6b598142cdae91a5e07a15032bd9ec14]
PUP.Optional.Wajam.A, HKU\S-1-5-21-501355956-4286567946-3003223455-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM|affiliate_id, 5446, Quarantined, [1fa50fb4cbb02f078e20bc5f94702ed2]

Registry Data: 3
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://start.mysearchdial.com/?f=1&a=cmi_14_24_ie&cd=2XzuyEtN2Y1L1QzutBtDzzzyzzyE0FyC0CyEzz0EzytBtC0CtN0D0Tzu0SzzzyyBtN1L2XzutBtFtBtCtFyEtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0BzzyEzyzy0A0EtG0EyE0AtBtGyEzzyBtDtG0CyCyEtDtGtAyCtAyByBzy0CyDyEzztCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyCtCzztByE0CtGtA0C0FyDtG0C0EtBzztG0CzyyB0AtGtDzztByB0FtCtCtB0B0ByDtC2Q&cr=258067559&ir=, Good: (www.google.com), Bad: (http://start.mysearchdial.com/?f=1&a=cmi_14_24_ie&cd=2XzuyEtN2Y1L1QzutBtDzzzyzzyE0FyC0CyEzz0EzytBtC0CtN0D0Tzu0SzzzyyBtN1L2XzutBtFtBtCtFyEtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0BzzyEzyzy0A0EtG0EyE0AtBtGyEzzyBtDtG0CyCyEtDtGtAyCtAyByBzy0CyDyEzztCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyCtCzztByE0CtGtA0C0FyDtG0C0EtBzztG0CzyyB0AtGtDzztByB0FtCtCtB0B0ByDtC2Q&cr=258067559&ir=),Replaced,[7252b80b0a7193a303963b8a22e211ef]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://start.mysearchdial.com/?f=1&a=cmi_14_24_ie&cd=2XzuyEtN2Y1L1QzutBtDzzzyzzyE0FyC0CyEzz0EzytBtC0CtN0D0Tzu0SzzzyyBtN1L2XzutBtFtBtCtFyEtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0BzzyEzyzy0A0EtG0EyE0AtBtGyEzzyBtDtG0CyCyEtDtGtAyCtAyByBzy0CyDyEzztCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyCtCzztByE0CtGtA0C0FyDtG0C0EtBzztG0CzyyB0AtGtDzztByB0FtCtCtB0B0ByDtC2Q&cr=258067559&ir=, Good: (www.google.com), Bad: (http://start.mysearchdial.com/?f=1&a=cmi_14_24_ie&cd=2XzuyEtN2Y1L1QzutBtDzzzyzzyE0FyC0CyEzz0EzytBtC0CtN0D0Tzu0SzzzyyBtN1L2XzutBtFtBtCtFyEtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0BzzyEzyzy0A0EtG0EyE0AtBtGyEzzyBtDtG0CyCyEtDtGtAyCtAyByBzy0CyDyEzztCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyCtCzztByE0CtGtA0C0FyDtG0C0EtBzztG0CzyyB0AtGtDzztByB0FtCtCtB0B0ByDtC2Q&cr=258067559&ir=),Replaced,[a91b19aadd9e3303d0c9695c59ab9868]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-501355956-4286567946-3003223455-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://start.mysearchdial.com/?f=1&a=cmi_14_24_ie&cd=2XzuyEtN2Y1L1QzutBtDzzzyzzyE0FyC0CyEzz0EzytBtC0CtN0D0Tzu0SzzzyyBtN1L2XzutBtFtBtCtFyEtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0BzzyEzyzy0A0EtG0EyE0AtBtGyEzzyBtDtG0CyCyEtDtGtAyCtAyByBzy0CyDyEzztCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyCtCzztByE0CtGtA0C0FyDtG0C0EtBzztG0CzyyB0AtGtDzztByB0FtCtCtB0B0ByDtC2Q&cr=258067559&ir=, Good: (www.google.com), Bad: (http://start.mysearchdial.com/?f=1&a=cmi_14_24_ie&cd=2XzuyEtN2Y1L1QzutBtDzzzyzzyE0FyC0CyEzz0EzytBtC0CtN0D0Tzu0SzzzyyBtN1L2XzutBtFtBtCtFyEtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyD0BzzyEzyzy0A0EtG0EyE0AtBtGyEzzyBtDtG0CyCyEtDtGtAyCtAyByBzy0CyDyEzztCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyCtCzztByE0CtGtA0C0FyDtG0C0EtBzztG0CzyyB0AtGtDzztByB0FtCtCtB0B0ByDtC2Q&cr=258067559&ir=),Replaced,[2b990cb7d4a7aa8c46528f367d87f40c]

Folders: 22
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam, Delete-on-Reboot, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer, Delete-on-Reboot, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Uninstall Wajam, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Radsteroids.A, C:\Users\Danielle\AppData\Local\Radsteroids, Quarantined, [f3d142810873aa8ca56194221ae801ff],
PUP.Optional.Radsteroids.A, C:\ProgramData\Radsteroids, Quarantined, [6361f8cba3d88caa11f6a90da75bb947],
PUP.Optional.HyperBrowser.A, C:\Users\Danielle\AppData\Local\Hyper Browser, Quarantined, [eed6774c403b67cfd864caf6a45e40c0],
PUP.Optional.HyperBrowser.A, C:\Users\Danielle\AppData\Local\Hyper Browser\Modules, Quarantined, [eed6774c403b67cfd864caf6a45e40c0],
PUP.Optional.SearchProtect.A, C:\Users\Danielle\AppData\Local\SearchProtect, Quarantined, [ecd8dce792e9a88ec879a52206fc27d9],
PUP.Optional.SearchProtect.A, C:\Users\Danielle\AppData\Local\SearchProtect\SearchProtect, Quarantined, [ecd8dce792e9a88ec879a52206fc27d9],
PUP.Optional.SearchProtect.A, C:\Users\Danielle\AppData\Local\SearchProtect\SearchProtect\rep, Quarantined, [ecd8dce792e9a88ec879a52206fc27d9],
PUP.Optional.SearchProtect.A, C:\Users\Danielle\AppData\Local\SearchProtect\SearchProtect\STG, Quarantined, [ecd8dce792e9a88ec879a52206fc27d9],
PUP.Optional.SearchProtect.A, C:\Users\Danielle\AppData\Local\SearchProtect\UI, Quarantined, [ecd8dce792e9a88ec879a52206fc27d9],
PUP.Optional.SearchProtect.A, C:\Users\Danielle\AppData\Local\SearchProtect\UI\rep, Quarantined, [ecd8dce792e9a88ec879a52206fc27d9],
PUP.Optional.SystemSpeedup, C:\Users\Danielle\AppData\Roaming\Systweak\ssd, Quarantined, [1ba9aa19f487e6501a3d2f9b8c763ac6],
PUP.Optional.SearchSnacks.A, C:\Program Files\SearchSnacks, Quarantined, [05bf1ca7344779bd85c4517b11f131cf],
PUP.Optional.SearchSnacks.A, C:\Program Files\SearchSnacks\IE, Quarantined, [05bf1ca7344779bd85c4517b11f131cf],
PUP.Optional.SearchSnacks.A, C:\Program Files (x86)\SearchSnacks, Delete-on-Reboot, [8f358f343d3e62d41b2ef0dc9a686c94],
PUP.Optional.SearchSnacks.A, C:\Program Files (x86)\SearchSnacks\Service, Delete-on-Reboot, [8f358f343d3e62d41b2ef0dc9a686c94],

Files: 103
PUP.Optional.Radsteroids.A, C:\ProgramData\gMYZXcaOJok\saTHPKJmw.exe, Delete-on-Reboot, [04c0853e611a82b403d5d596fd04c23e],
PUP.Optional.Wajam, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe, Delete-on-Reboot, [9133764dd9a2fc3a7049278021e0a858],
PUP.Optional.Wajam, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, Delete-on-Reboot, [982c289bf48785b17544a7003ec3f10f],
PUP.Optional.SearchSnacks.A, C:\Program Files\SearchSnacks\IE\SearchSnacksClientIE.dll, Quarantined, [7153299a90eb44f2d6eb6cf99c660df3],
PUP.Optional.Downloader, C:\Users\Danielle\AppData\Local\Temp\nsj6786.tmp, Quarantined, [fdc7ab188deeff37301adcdea65eed13],
PUP.Optional.Downloader, C:\Users\Danielle\AppData\Local\Temp\ICReinstall_nsj6786.tmp, Quarantined, [2c98992a8bf042f4cf7baf0bd52f2fd1],
PUP.Optional.Downloader, C:\Users\Danielle\AppData\Local\Temp\nsd720E.tmp, Quarantined, [d6ee6e55e09bef47301a704a8084f709],
PUP.Optional.GigaClicks.A, C:\Users\Danielle\AppData\Local\Temp\~nsu.tmp\Au_.exe, Quarantined, [10b4ead91b60e1551e4c147a0ef3f30d],
PUP.Optional.Gameo.A, C:\Users\Danielle\AppData\Local\Temp\is45637729\1943261_stp.EXE, Quarantined, [ac18c10259229f977a1a215f02ffb848],
PUP.Optional.GigaClicks.A, C:\Users\Danielle\AppData\Local\Hyper Browser\uninstall.exe, Quarantined, [2a9af9caa0dbc274a5c59df14eb37f81],
PUP.Optional.MySearchDial.A, C:\Windows\System32\Tasks\MySearchDial, Quarantined, [f7cd8d364c2f91a57ac97768c9392ed2],
PUP.Optional.MySearchDial.A, C:\Windows\Tasks\MySearchDial.job, Quarantined, [388c00c39dde92a415e93fa1956dea16],
PUP.Optional.SearchSnacks.A, C:\Program Files (x86)\SearchSnacks\Service\sssvc.exe, Delete-on-Reboot, [279d22a1d1aa5fd7763e81666b970ff1],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\uninstall.exe, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\amazon.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\argos.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\ask.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\bestbuy.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\ebay.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\etsy.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\facebook.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\favicon.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\google.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\homedepot.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\ikea.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\imdb.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\lowes.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\mercado.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\mysearchweb.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\myshopping.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\searchresult.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\sears.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\setting.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\settings.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\shopping.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\target.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\tesco.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\tripadvisor.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\twitter.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\wajam.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\walmart.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\wiki.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\yahoo.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\zalando.ico, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\FiddlerCore.dll, Delete-on-Reboot, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\2845734c09907de22309ed6090c7c5b9, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\4f729155c775b8021103bd4fb25fcfef, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\5e3eed8d71e51fe2acf6b93a5c860ab2, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\76f67dc4a69a00833deb7f78774c4934, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\92cf116d1292e47de72d3c9dadeb3112, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\a12534f1688fe7d400f8d5ec8c062411, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\a8f937a6c99d89a95d81430b7f6e0133, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\aff952784d84706bf3382a8fd618f6ff, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\c0339f89b5e4ed4a3ca4312e4c0b8573, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\c133ca999e5cc514381769af45be84ed, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\de513485250b291f9598aec871818bcf, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\e18bdd28b7d58d28f03549862759b13b, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\e86a787764d13b4c9e185ed97e020e8d, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\ee8cc4e67462a97f27f95a550f130831, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\HtmlAgilityPack.dll, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\makecert.exe, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\Newtonsoft.Json.dll, Delete-on-Reboot, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamHttpServer.exe, Delete-on-Reboot, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\wie, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WJManifest, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WJProxyTools.exe, Quarantined, [e1e38043047751e5ab982f8221e1966a],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Settings.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\SignIn with Facebook.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\SignIn with Twitter.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Wajam Website.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Ask.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Google.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\IMDb.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Shopping.com.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\TripAdvisor.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Wikipedia.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Yahoo!.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Amazon.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Argos.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Ebay.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Etsy.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\HomeDepot.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Ikea.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Lowe's.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Mercadolivre.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\MyShopping.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Sears.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Target.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Tesco.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Walmart.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Zalando.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Uninstall Wajam\uninstall.lnk, Quarantined, [18aca71c6219b086cb213c7679898080],
PUP.Optional.Radsteroids.A, C:\ProgramData\Radsteroids\app.dat, Quarantined, [6361f8cba3d88caa11f6a90da75bb947],
PUP.Optional.Radsteroids.A, C:\ProgramData\Radsteroids\data.dat, Quarantined, [6361f8cba3d88caa11f6a90da75bb947],
PUP.Optional.Radsteroids.A, C:\ProgramData\Radsteroids\Radsteroids.ico, Quarantined, [6361f8cba3d88caa11f6a90da75bb947],
PUP.Optional.Radsteroids.A, C:\ProgramData\Radsteroids\Uninstall.exe, Quarantined, [6361f8cba3d88caa11f6a90da75bb947],
PUP.Optional.HyperBrowser.A, C:\Users\Danielle\AppData\Local\Hyper Browser\Modules\7z.dll, Quarantined, [eed6774c403b67cfd864caf6a45e40c0],
PUP.Optional.HyperBrowser.A, C:\Users\Danielle\AppData\Local\Hyper Browser\Modules\InSes.dll, Quarantined, [eed6774c403b67cfd864caf6a45e40c0],
PUP.Optional.HyperBrowser.A, C:\Users\Danielle\AppData\Local\Hyper Browser\Modules\WbSes.dll, Quarantined, [eed6774c403b67cfd864caf6a45e40c0],
PUP.Optional.SearchProtect.A, C:\Users\Danielle\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, Quarantined, [ecd8dce792e9a88ec879a52206fc27d9],
PUP.Optional.SearchProtect.A, C:\Users\Danielle\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, Quarantined, [ecd8dce792e9a88ec879a52206fc27d9],
PUP.Optional.SearchProtect.A, C:\Users\Danielle\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, Quarantined, [ecd8dce792e9a88ec879a52206fc27d9],
PUP.Optional.SystemSpeedup, C:\Users\Danielle\AppData\Roaming\Systweak\ssd\SSDPTstub.exe, Quarantined, [1ba9aa19f487e6501a3d2f9b8c763ac6],

Physical Sectors: 0
(No malicious items detected)


(end)

Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org

Database version: v2014.08.07.07

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.17126
Danielle :: IDEA-PC [administrator]

8/7/2014 12:36:33 PM
mbar-log-2014-08-07 (12-36-33).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 328342
Time elapsed: 37 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 5
C:\Users\Danielle\AppData\Local\fst_us_118\Download\majfstusau.exe (Adware.EoRezo) -> Delete on reboot.
C:\Windows\System32\drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64.sys (PUP.Optional.Sanbreel.A) -> Delete on reboot.
C:\Windows\System32\drivers\{825c5be7-672f-4c14-9929-48a3a5e1a660}w64.sys (PUP.Optional.Sanbreel.A) -> Delete on reboot.
C:\Windows\System32\drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}w64.sys (PUP.Optional.Sanbreel.A) -> Delete on reboot.
C:\Windows\System32\drivers\ssnfd.sys (PUP.Optional.SearchSnacks) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Rkill 2.6.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/07/2014 03:11:55 PM in x64 mode.
Windows Version: Windows 8.1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
 C:\Users\Danielle\Desktop\rkill\rkill-08-07-2014-03-11-59.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * AllUserInstallAgent [Missing Service]
 * SDRSVC [Missing Service]
 * adp94xx [Missing Service]
 * adpahci [Missing Service]
 * adpu320 [Missing Service]
 * arc [Missing Service]
 * AsyncMac [Missing Service]
 * discache [Missing Service]
 * HdAudAddService [Missing Service]
 * iirsp [Missing Service]
 * LSI_SCSI [Missing Service]
 * nfrd960 [Missing Service]
 * PptpMiniport [Missing Service]
 * RasAgileVpn [Missing Service]
 * Rasl2tp [Missing Service]
 * RasSstp [Missing Service]
 * Wanarp [Missing Service]
 * Wanarpv6 [Missing Service]
 * Wd [Missing Service]
 * AppMgmt [Missing Service]
 * CSC [Missing Service]
 * CscService [Missing Service]
 * PeerDistSvc [Missing Service]

 * SystemEventsBroker => %SystemRoot%\system32\svchost.exe -k DcomLaunch [Incorrect ImagePath]
 * WSService => %SystemRoot%\System32\svchost.exe -k wsappx [Incorrect ImagePath]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

  127.0.0.1    www.007guard.com
  127.0.0.1    007guard.com
  127.0.0.1    008i.com
  127.0.0.1    www.008k.com
  127.0.0.1    008k.com
  127.0.0.1    www.00hq.com
  127.0.0.1    00hq.com
  127.0.0.1    010402.com
  127.0.0.1    www.032439.com
  127.0.0.1    032439.com
  127.0.0.1    www.0scan.com
  127.0.0.1    0scan.com
  127.0.0.1    1000gratisproben.com
  127.0.0.1    www.1000gratisproben.com
  127.0.0.1    1001namen.com
  127.0.0.1    www.1001namen.com
  127.0.0.1    100888290cs.com
  127.0.0.1    www.100888290cs.com
  127.0.0.1    www.100sexlinks.com
  127.0.0.1    100sexlinks.com

  20 out of 15490 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 08/07/2014 03:12:47 PM
Execution time: 0 hours(s), 0 minute(s), and 52 seconds(s)
 



#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:38 PM

Posted 10 August 2014 - 03:50 PM

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

p22002970.gif Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


p22002970.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


p22002970.gif Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Click on "Run ESET Online Scanner" button.
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    NOTE. If Eset doesn't find any threats it'll NOT produce any log.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 Gordon C

Gordon C
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NC
  • Local time:07:38 PM

Posted 10 August 2014 - 05:07 PM

Here ya go...

 

=====================

TFC cleaned up 21 meg

=====================

# AdwCleaner v3.304 - Report created 10/08/2014 at 17:36:36
# Updated 08/08/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Danielle - IDEA-PC
# Running from : F:\adwcleaner_3.304.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : 70e6ca8c
[#] Service Deleted : Update Rock Turner
[#] Service Deleted : Util Rock Turner
[#] Service Deleted : {825c5be7-672f-4c14-9929-48a3a5e1a660}w64
[#] Service Deleted : {8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64
Service Deleted : {8ce1c375-1e13-43f7-a4fd-6530f47c4fde}w64

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\pastaleads
Folder Deleted : C:\ProgramData\DeaLsFinderPro
Folder Deleted : C:\ProgramData\ExtrAShoppEr
Folder Deleted : C:\ProgramData\ShoopperMuaster
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Folder Deleted : C:\Program Files (x86)\pastaleads
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Users\Danielle\AppData\Roaming\Systweak
File Deleted : C:\WINDOWS\System32\roboot64.exe
File Deleted : C:\Users\Danielle\AppData\Local\AnyProtectScannerSetup.exe
File Deleted : C:\Users\Danielle\AppData\Roaming\aps.uninstall.scan.results

***** [ Scheduled Tasks ] *****

Task Deleted : APSnotifierPP1
Task Deleted : APSnotifierPP2
Task Deleted : APSnotifierPP3
Task Deleted : LaunchApp

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\DealsFinderPRao.DealsFinderPRao
Key Deleted : HKLM\SOFTWARE\Classes\DealsFinderPRao.DealsFinderPRao.4.33
Key Deleted : HKLM\SOFTWARE\Classes\ExtraShopper.ExtraShopper
Key Deleted : HKLM\SOFTWARE\Classes\ExtraShopper.ExtraShopper.1.7
Key Deleted : HKLM\SOFTWARE\Classes\ShoopperMMaustera.ShoopperMMaustera
Key Deleted : HKLM\SOFTWARE\Classes\ShoopperMMaustera.ShoopperMMaustera.1.7
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1591BBD2-3C25-4790-96F5-2B073334143D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10A90347-0566-D9A8-D541-8D098D5D1A94}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14BF6BA2-9FDD-C94E-FBE7-C61FE99A9EC1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1591BBD2-3C25-4790-96F5-2B073334143D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10A90347-0566-D9A8-D541-8D098D5D1A94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14BF6BA2-9FDD-C94E-FBE7-C61FE99A9EC1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1591BBD2-3C25-4790-96F5-2B073334143D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10A90347-0566-D9A8-D541-8D098D5D1A94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{14BF6BA2-9FDD-C94E-FBE7-C61FE99A9EC1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1591BBD2-3C25-4790-96F5-2B073334143D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{10A90347-0566-D9A8-D541-8D098D5D1A94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{14BF6BA2-9FDD-C94E-FBE7-C61FE99A9EC1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{1591BBD2-3C25-4790-96F5-2B073334143D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10A90347-0566-D9A8-D541-8D098D5D1A94}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{14BF6BA2-9FDD-C94E-FBE7-C61FE99A9EC1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\Hyper Browser
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\Hyper Browser
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Tutorials
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{779D1843-0043-65D2-D781-8614F17B6222}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ac225167-00fc-452d-94c5-bb93600e7d9a}
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\searchprotect

\searchprotect\bin\spvc32loader.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:

\progra~2\optimi~1\optpro~2.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect

\SearchProtect\bin\SPVC64Loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:

\PROGRA~2\OPTIMI~1\OPTPRO~3.DLL

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [6080 octets] - [10/08/2014 17:29:18]
AdwCleaner[S0].txt - [5953 octets] - [10/08/2014 17:36:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6013 octets] ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Danielle on Sun 08/10/2014 at 17:46:58.77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\

\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 08/10/2014 at 17:54:01.77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#6 Gordon C

Gordon C
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NC
  • Local time:07:38 PM

Posted 13 August 2014 - 12:02 PM

... and on the off chance that you're waiting the results of the eset online scan, the unit can't process http and https requests successfully so that's not happening. The only scans/tests that can be done are those that can be brought to bear with a flash drive or a protocol other than http or https.



#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:38 PM

Posted 13 August 2014 - 02:10 PM

  • Download Sophos Free Virus Removal Tool and save it to your desktop
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#8 Gordon C

Gordon C
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NC
  • Local time:07:38 PM

Posted 14 August 2014 - 08:04 AM

Number of threats found: 0

Of course it wasn't possible to get updates because of the http break and I have no idea how good Sophos is about keeping an updated version/definitions downloadable.



#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:38 PM

Posted 14 August 2014 - 06:16 PM

None of our tools reports any internet connection issue.

Which browser do you use to access internet?

Did you try different browser?


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#10 Gordon C

Gordon C
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NC
  • Local time:07:38 PM

Posted 14 August 2014 - 08:22 PM

Both Chrome and IE report the same issue: proxy server unresponsive@127.0.0.1:50742

 

If I drop to a command line I can ping the world. A proxy is not listed in internet options but if you go into advanced settings you can see the proxy server properties (protocol, IP & port). I can eliminate the settings at which point I am asked if I want to disable the proxy server, to which I reply yes. You come out of the little wizard thingy and go right back into the advanced properties and the settings are exactly as first seen.

 

Sophos could not connect to get updates.


Edited by Gordon C, 14 August 2014 - 08:23 PM.


#11 Gordon C

Gordon C
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NC
  • Local time:07:38 PM

Posted 14 August 2014 - 08:31 PM

Specifically which of those tests run http and https requests? I've looked at the logs I've posted but my eyeballs are just as old as the rest of me.



#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:38 PM

Posted 14 August 2014 - 11:05 PM

Go Start>Run (Start Search in Vista/7), type in:
msconfig
Click OK (hit Enter in Vista/7).

Click on Startup tab.
Click Disable all
IMPORTANT! In case of laptop, make sure, you do NOT disable any keyboard, or touchpad entries.

Click Services tab.
Put checkmark in Hide all Microsoft services
Click Disable all.

Click OK.
Restart computer in Normal Mode.

NOTE. If you use different firewall, than Windows firewall, turn Windows firewall on, just for this test, since your regular firewall won't be running.
If you use Windows firewall, you're fine.

See if you can disable proxies now.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#13 Gordon C

Gordon C
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NC
  • Local time:07:38 PM

Posted 15 August 2014 - 10:39 AM

This is 8.1 so everything isn't exactly where your instructions directed but I found the settings and changed them. No change in behavior.

 

In my reply last night I was working from memory (always chancy) and mispoke, I AM working in internet properties, connection tab, LAN settings. In LAN settings the 'Use a proxy server...' is checked and 'Bypass proxy server for local...' is unchecked. Stroking the advanced button takes us to the dialogue for proxy settings where the IP and Port are displayed for HTTP and Secure. An exception is made for <loopback>.

 

Any changes made in this area don't "stick" that is, I can make the changes and hit OK but coming back into the Proxy Settings they remain unchanged.



#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:04:38 PM

Posted 16 August 2014 - 12:12 AM

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 3 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.

p22004342.gif


Once the above is done go to Step 4 and allow it to run System File Check by clicking on Do It button:

p22004343.gif


Go to Step 5 and under "System Restore" click on Create button:

p22004346.gif


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22004347.gif

Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#15 Gordon C

Gordon C
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NC
  • Local time:07:38 PM

Posted 18 August 2014 - 10:03 AM

Well, that repair took a gratifyingly long time but it had no corrective effect on browser behavior. "The proxy server isn't responding" is the response regardless of the requested URL. The repair log follows:

 

 
System Variables
--------------------------------------------------------------------------------
OS: Windows 8.1
OS Architecture: 64-bit
OS Version: 6.3.9600
OS Service Pack:  
Computer Name: IDEA-PC
Windows Drive: C:\
Windows Path: C:\WINDOWS
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\Danielle
Current Profile SID: S-1-5-21-501355956-4286567946-3003223455-1004
Current Profile Classes: S-1-5-21-501355956-4286567946-3003223455-1004_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\WINDOWS\ServiceProfiles
Local Settings AppData: C:\Users\Danielle\AppData\Local
--------------------------------------------------------------------------------
 
System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 19:36:22
 
Process Count: 40
Commit Total: 1.60 GB
Commit Limit: 4.78 GB
Commit Peak: 3.23 GB
Handle Count: 17921
Kernel Total: 381.50 MB
Kernel Paged: 272.39 MB
Kernel Non Paged: 109.11 MB
System Cache: 1.64 GB
Thread Count: 557
--------------------------------------------------------------------------------
 
Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.87 GB
Memory Used: 1.06 GB(27.4876%)
Memory Avail.: 2.81 GB
--------------------------------------------------------------------------------
 
Cleaning Memory Before Starting Repairs...
 
Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3.87 GB
Memory Used: 1.08 GB(27.9006%)
Memory Avail.: 2.79 GB
--------------------------------------------------------------------------------
 
Starting Repairs...
   Started at (8/18/2014 9:42:16 AM)
 
01 - Reset Registry Permissions
   Restore Windows 8 Default Registry Permissions
   Start (8/18/2014 9:42:26 AM)
 
Decompressing & Updating Windows 8 Permission File hkud.txt
Done,  1.42 seconds.
 
 
Decompressing & Updating Windows 8 Permission File hkcu.txt
Done,  0.44 seconds.
 
 
Decompressing & Updating Windows 8 Permission File hkcr.txt
Done,  1.3 seconds.
 
 
Decompressing & Updating Windows 8 Permission File hklm.txt
Done,  2.83 seconds.
 
   Running Repair Under System Account
   Running Repair Under Current User Account
   Done (8/18/2014 9:46:43 AM)
 
03 - Reset Service Permissions
   Start (8/18/2014 9:46:43 AM)
   Running Repair Under System Account
   Done (8/18/2014 9:46:54 AM)
 
04 - Register System Files
   Start (8/18/2014 9:46:54 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:47:29 AM)
 
05 - Repair WMI
   Start (8/18/2014 9:47:29 AM)
 
   Starting Security Center So We Can Export The Security Info.
 
   Exporting Antivirus Info...
   Windows Defender Exported.
 
   Exporting AntiSpyware Info...
   Windows Defender Exported.
 
   Exporting 3rd Party Firewall Info...
   No Firewall Products Reported.
 
   Running Repair Under Current User Account
   Done (8/18/2014 9:52:57 AM)
 
06 - Repair Windows Firewall
   Start (8/18/2014 9:52:57 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:53:22 AM)
 
07 - Repair Internet Explorer
   Start (8/18/2014 9:53:22 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:53:56 AM)
 
08 - Repair MDAC/MS Jet
   Start (8/18/2014 9:53:56 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:54:13 AM)
 
09 - Repair Hosts File
   Start (8/18/2014 9:54:13 AM)
   Running Repair Under System Account
   Done (8/18/2014 9:54:14 AM)
 
10 - Remove Policies Set By Infections
   Start (8/18/2014 9:54:14 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:54:16 AM)
 
11 - Repair Start Menu Icons Removed By Infections
   Start (8/18/2014 9:54:17 AM)
   Running Repair Under System Account
   Done (8/18/2014 9:54:18 AM)
 
12 - Repair Icons
   Start (8/18/2014 9:54:19 AM)
   Running Repair Under Current User Account
   Done (8/18/2014 9:54:20 AM)
 
13 - Repair Winsock & DNS Cache
   Start (8/18/2014 9:54:20 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:54:34 AM)
 
15 - Repair Proxy Settings
   Start (8/18/2014 9:54:34 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:54:38 AM)
 
17 - Repair Windows Updates
   Start (8/18/2014 9:54:38 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
   Done (8/18/2014 9:55:06 AM)
 
18 - Repair CD/DVD Missing/Not Working
   Start (8/18/2014 9:55:06 AM)
   iTunes not found, not applying UpperFilters iTunes Reg Key
   Done (8/18/2014 9:55:06 AM)
 
19 - Repair Volume Shadow Copy Service
   Start (8/18/2014 9:55:06 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:55:31 AM)
 
21 - Repair MSI (Windows Installer)
   Start (8/18/2014 9:55:31 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:55:46 AM)
 
23.01 - Repair bat Association
   Start (8/18/2014 9:55:47 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:55:49 AM)
 
23.02 - Repair cmd Association
   Start (8/18/2014 9:55:50 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:55:52 AM)
 
23.03 - Repair com Association
   Start (8/18/2014 9:55:53 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:55:55 AM)
 
23.04 - Repair Directory Association
   Start (8/18/2014 9:55:56 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:55:58 AM)
 
23.05 - Repair Drive Association
   Start (8/18/2014 9:55:59 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:56:01 AM)
 
23.06 - Repair exe Association
   Start (8/18/2014 9:56:01 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:56:03 AM)
 
23.07 - Repair Folder Association
   Start (8/18/2014 9:56:04 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:56:06 AM)
 
23.08 - Repair inf Association
   Start (8/18/2014 9:56:06 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:56:09 AM)
 
23.09 - Repair lnk (Shortcuts) Association
   Start (8/18/2014 9:56:09 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:56:11 AM)
 
23.10 - Repair msc Association
   Start (8/18/2014 9:56:12 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:56:14 AM)
 
23.11 - Repair reg Association
   Start (8/18/2014 9:56:14 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:56:19 AM)
 
23.12 - Repair scr Association
   Start (8/18/2014 9:56:19 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:56:21 AM)
 
24 - Repair Windows Safe Mode
   Start (8/18/2014 9:56:22 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:56:24 AM)
 
25 - Repair Print Spooler
   Start (8/18/2014 9:56:25 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:56:41 AM)
 
26 - Restore Important Windows Services
   Start (8/18/2014 9:56:41 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:56:53 AM)
 
27 - Set Windows Services To Default Startup
   Start (8/18/2014 9:56:53 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 9:57:01 AM)
 
28 - Repair Windows 8 App Store
   Start (8/18/2014 9:57:01 AM)
 
Decompressing & Updating Windows 8 Permission File hkcu.txt
Done,  0.36 seconds.
 
   Running Repair Under Current User Account
   Done (8/18/2014 9:57:39 AM)
 
29 - Repair Windows 8 Component Store
   Start (8/18/2014 9:57:40 AM)
   Running Repair Under Current User Account
   Done (8/18/2014 10:43:36 AM)
 
30 - Restore Windows 8 COM+ Unmarshalers
   Start (8/18/2014 10:43:36 AM)
   Running Repair Under System Account
Processing ACL of: <classes_root\Unmarshalers>
 
SetACL finished with error(s):  
SetACL error message: The call to SetNamedSecurityInfo () failed
Operating system error message: Access is denied.  
   Done (8/18/2014 10:43:39 AM)
 
31 - Repair Windows 'New' Submenu
   Start (8/18/2014 10:43:39 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (8/18/2014 10:43:42 AM)
 
Cleaning up empty logs...
 
All Selected Repairs Done.
   Done at (8/18/2014 10:43:43 AM)
   Total Repair Time: 01:01:38
 
 
...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users