Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Another victim of iYogi


  • Please log in to reply
7 replies to this topic

#1 bfalk9

bfalk9

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:08 AM

Posted 13 August 2014 - 09:35 PM

Hello,

   I have the free version of Avast anti-virus and experienced Avast blocking me while visiting a local County Property Appraiser's website

(escpa.org) I get the following: "Win32:Evo-gen [Susp]"   

 

I submitted a ticket to Avast and never got a response.  A few days later, I went to the site (http://escpa.org/CAMAGIS/?s=172S301300002009) with no issue, so I thought they fixed things. Today I go to the same site once again I get the "Win32:Evo-gen [Susp]" block.  I Google "Avast customer support" and unfortunately called to the iYogi ass clowns.  After hearing their spiel, I realize what was going on, terminated the call only to have them call me back...  I then see Avast has responded to my help ticket, literally while I was on the phone with iYogi, and they said the problem was fixed...

  Short story long, I went into airplane mode, then control panel and removed the obvious new programs.  But, I'm afraid there may still be some files lurking that I don't know about.  

   I contacted Avast and they wanted to charge me ALSO, to remove the crap and clean up my system.  I'm not quite savvy enough to do this on my own, hence my request for help...

  While talking to Avast, she informed me that I had Conduit on my system.  So, I downloaded Junkware Removal Tool to remove Conduit. I ran Avast, and it found nothing.  I ran Malwarebytes anti malware, and it found nothing, I also downloaded Malwarebytes Anti-Rootkit, and it found nothing.  This is the log from JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by asus on Wed 08/13/2014 at 13:08:25.68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\whitesmoke_new
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\s
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3289847
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{88809AC4-7F9D-453E-A865-AF0221738E6C}
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\end"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\conduit"
Successfully deleted: [Folder] "C:\Users\rac\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 08/13/2014 at 13:18:34.25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
   My question, what should I do now?  Any help would be Greatly Appreciated!!!  Thanks in advance for your help...
 

 



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:08 PM

Posted 13 August 2014 - 10:57 PM

Hi and Welcome,

 

Please note that iYogi is not a "bad program", just that it is used by "bad people" as it is simple to run.

 

We can do a quick check to be sure there is no problems left now.

 

Please download MiniToolBox  to desktop to run it.
 Checkmark the following boxes:

  • List content of Hosts
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size

 Click Go and Copy / Paste the result. (result.txt)

 

 

Please download and run RKill by Grinler.

  • A black DOS box will appear for a short time and then disappear.

  • This is normal and indicates the tool ran successfully.
  • At most the tool will usually run for about 2 minutes

Please Copy and Paste the log back here.

 

 
Do not reboot your computer until you complete the next step.

 

 

NOW :

  • Download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
     * Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button (only once)
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button only once for accuracy.
  • A report (AdwCleaner[R0].txt) will open in Notepad for your review.
  • Check the listed removals and see if you are OK with them.
  • If you have questions, post the Report log back here.

 Next

  • Click on the Clean button only once for accuracy
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK finally to allow AdwCleaner to Restart the computer and complete the removal process.
  • After rebooting, a log report (AdwCleaner[S0].txt) will open automatically.
    Copy and Paste the contents of that log in your next reply.

Note: With most Adware / Junkware / PUPs it is strongly recommended to deal with it like a legitimate program and uninstall from Programs and Features or Add/Remove Programs in the Control Panel. In many cases, using the uninstaller of the adware not only removes the adware more effectively, but it also restores any changed configuration. After uninstallation, then you can run specialized tools like AdwCleaner and JRT to fix any remaining entries they may find.

 

 

NEXT -

Please run a free online scan with the ESET Online Scanner

  • Temporarily Disable Your Anti-virus
  • Click on "Run ESET Online Scanner" button.
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer.
  • Please be patient as this will take some time. (1 to 2 hours is not unusual).
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

NOTE. If Eset doesn't find any threats it will NOT produce any log

 

 

To Clean up -

Please download Temp File Cleaner by Old Timer
Usage Instructions:

1.Download TFC from the download link above and save the file on your desktop.
2.Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
3.Double-click on the TFC icon.
4.When the program opens, click on the Start button.  TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
5.When done, press OK or Exit, and Reboot your computer and finish the cleanup

 

 

Thank You -



#3 bfalk9

bfalk9
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:08 AM

Posted 13 August 2014 - 11:29 PM

MiniToolBox by Farbar  Version: 21-07-2014
Ran by asus (administrator) on 13-08-2014 at 23:06:20
Running from "C:\Users\rac\Downloads"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================
 
 
 
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (08/13/2014 07:18:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledQuery 16631797
 
Error: (08/13/2014 07:18:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17303438
 
Error: (08/13/2014 07:18:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextCacheCheck 17284500
 
Error: (08/13/2014 07:18:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17303438
 
Error: (08/13/2014 07:18:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (08/13/2014 10:57:00 PM) (Source: Service Control Manager) (User: )
Description: The McAfee PC Task Scheduler Service service failed to start due to the following error: 
%%2
 
Error: (08/13/2014 10:56:07 PM) (Source: DCOM) (User: PERSONAL)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (08/13/2014 10:55:59 PM) (Source: DCOM) (User: PERSONAL)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (08/13/2014 10:52:48 PM) (Source: DCOM) (User: PERSONAL)
Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}
 
Error: (08/13/2014 10:52:48 PM) (Source: DCOM) (User: PERSONAL)
Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}
 
Error: (08/13/2014 10:52:47 PM) (Source: DCOM) (User: PERSONAL)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (08/13/2014 10:52:41 PM) (Source: DCOM) (User: PERSONAL)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (08/13/2014 10:52:41 PM) (Source: DCOM) (User: PERSONAL)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (08/13/2014 10:52:41 PM) (Source: DCOM) (User: PERSONAL)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (08/13/2014 10:52:41 PM) (Source: DCOM) (User: PERSONAL)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
 
Microsoft Office Sessions:
=========================
Error: (08/13/2014 07:18:07 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledQuery 16631797
 
Error: (08/13/2014 07:18:07 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17303438
 
Error: (08/13/2014 07:18:07 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextCacheCheck 17284500
 
Error: (08/13/2014 07:18:07 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17303438
 
Error: (08/13/2014 07:18:07 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
 
 ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.26 - ASUS)
=========================== Installed Programs ============================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.9.145.62246 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.9.145.62246 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.5 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.5 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS S Series Product Demo (HKLM-x32\...\{387AA3E2-B9FE-4DA1-A097-A0D2213E8794}) (Version: 1.0.0 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.0 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.0 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0014 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.26 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0026 - ASUS)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32241 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Citrix Online Launcher (HKLM-x32\...\{F17C3DC2-2ACA-4B0E-BDBF-ACE61B14E7CD}) (Version: 1.0.183 - Citrix)
CrystalDiskInfo 6.0.4 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.0.4 - Crystal Dew World)
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.2914 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.2914 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
DIRECTV Player (HKLM-x32\...\{69b8745b-65c2-4a2d-b5db-00e0cd841f1e}) (Version: 9.0 - DIRECTV)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoPro Studio 2.0.1 (HKLM-x32\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
GoToMeeting 6.3.0.1468 (HKCU\...\GoToMeeting) (Version: 6.3.0.1468 - CitrixOnline)
HP Officejet 6500 E710n-z Basic Device Software (HKLM\...\{D79A5962-7305-41B9-A39E-A98AB598F372}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.6.1082 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel® Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Kcast for Windows (HKLM-x32\...\{0668483D-B010-46A4-B33E-5EDE8E1F6627}) (Version: 3.2.0.0 - Kitco)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1165.0612 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.3.4 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 12.10.3002 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 5.9.0 (Version: 5.9.0 - Motorola Inc.) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MultiBit 0.5.18 (HKLM-x32\...\MultiBit 0.5.18) (Version: 0.5.18 - )
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RSDLite (HKLM-x32\...\{EAC93E1D-4807-43E2-B39A-8170B731B7D0}) (Version: 5.6 - Motorola)
Screencast-O-Matic (HKCU\...\Screencast-O-Matic) (Version:  - Screencast-O-Matic)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
TunnelBear (HKLM-x32\...\{625f2249-d094-455e-8548-72ca683eb9d3}) (Version: 2.2.21.0 - TunnelBear)
TunnelBear (x32 Version: 2.2.21.0 - TunnelBear) Hidden
Unified Remote (HKLM-x32\...\{BD96B1DF-2A2E-4ED1-B255-F8050DEB1B3D}) (Version: 2.14.2.0 - Unified Remote)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Driver Package - ASUS (ATP) Mouse  (05/09/2013 1.0.0.173) (HKLM\...\1016059FBF327ED9E3BAE758BD08CF10D3C6252D) (Version: 05/09/2013 1.0.0.173 - ASUS)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ??? (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ??? (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Workspace Desktop (HKCU\...\workspacedesktop) (Version:  - Starfield Technologies)
???? (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
??? (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
 
========================= Memory info: ===================================
 
Percentage of memory in use: 40%
Total physical RAM: 3981.7 MB
Available physical RAM: 2365.03 MB
Total Pagefile: 6285.7 MB
Available Pagefile: 4502.26 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.66 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:41.63 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:258.15 GB) (Free:71.35 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\PERSONAL
 
Administrator            asus                     Guest                    
 
 
**** End of log ****
 
Rkill 2.6.8 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 08/13/2014 11:09:05 PM in x64 mode.
Windows Version: Windows 8.1 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * MsKeyboardFilter [Missing Service]
 * CSC [Missing Service]
 * E1G60 [Missing Service]
 * HdAudAddService [Missing Service]
 * kbldfltr [Missing Service]
 * storvsp [Missing Service]
 * Vid [Missing Service]
 * vmbusr [Missing Service]
 * vpcivsp [Missing Service]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 08/13/2014 11:10:43 PM
Execution time: 0 hours(s), 1 minute(s), and 38 seconds(s)
 
# AdwCleaner v3.305 - Report created 13/08/2014 at 23:15:26
# Updated 14/08/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : asus - PERSONAL
# Running from : C:\Users\rac\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
Folder Found : C:\Users\rac\AppData\Local\Conduit
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Found : HKCU\Software\UpdateStar
Key Found : [x64] HKCU\Software\UpdateStar
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Mozilla Firefox v29.0.1 (en-US)
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
-\\ Google Chrome v36.0.1985.143
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Found [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
*************************
 
AdwCleaner[R0].txt - [30404 octets] - [13/08/2014 23:15:26]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [30465 octets] ##########
 
 
Not sure about the AdwCleaner results, you tell me.  Anything I shouldn't remove?
 
 
 


#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:08 PM

Posted 14 August 2014 - 12:41 AM

You have had me searching all over the internet for these answers -

 

Error: (08/13/2014 07:18:07 PM) (Source: Bonjour Service) (User: )
You will have Bonjour Service installed as iTunes, please uninstall it for now and we can reinstall later if required.
See Windows Club Instructions for good directions

This next program may be related, and you may know more about it than I do .........
azlyrics.com is a site to find song lyrics, and may be a bit suspect, but I have never dealt with them.

If you do not use it, please remove it.

 

 

If you do not use zabasearch.com, then remove it......... It is a family research history program.

Either program may also show in the ESET online scan.

 

 

The Chrome items can all go (adware)

 

 

A small problem with RKill, program, and I am still checking results.

 

Have you had any internet failures in the last few days ??

 

Let the ESET Online scan run, and post the results later, then we may have a better answer -



#5 bfalk9

bfalk9
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:08 AM

Posted 14 August 2014 - 01:11 AM

# AdwCleaner v3.305 - Report created 14/08/2014 at 00:44:07
# Updated 14/08/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : asus - PERSONAL
# Running from : C:\Users\rac\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\rac\AppData\Local\Conduit
File Deleted : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Deleted : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Deleted : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : HKCU\Software\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKCU\Software\UpdateStar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Mozilla Firefox v29.0.1 (en-US)
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
[ File : C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\2zj6fd47.default\prefs.js ]
 
 
-\\ Google Chrome v36.0.1985.143
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
Deleted [Extension] : klibnahbojhkanfgaglnlalfkgpcppfi
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [30558 octets] - [13/08/2014 23:15:26]
AdwCleaner[S0].txt - [8614 octets] - [14/08/2014 00:44:07]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8674 octets] ##########
 
I'm running the eset now; thank you very much for your help!


#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:08 PM

Posted 14 August 2014 - 02:41 AM

Reading back over your programs, I find that "azlyrics" and "zabasearch" have not been installed as programs.

This means that they were only either visited sites, or adware that has stuck in your system as visited sites only.

 

You can run a Full Clean from AdwCleaner program now as they may be stuck in Temp Files Folders, and can be removed.

Anything that is missed can be removed with Temp File Cleaner by Old Timer, as in the last step.

 

After that, re-open AdwCleaner by Xplode and hit the Uninstall Button to remove any quarantined files to help lighten your load.

If you wish to use the AdwCleaner program again, you can install a fresh updated version each time, and do not use the same version each time.

 

Please update us with the problems, or lack of problems, when finished -

 

EDIT - This entry still has me concerned "AppDataLow\software\whitesmoke_new" and is part of what I am checking on.


Edited by noknojon, 14 August 2014 - 02:45 AM.


#7 bfalk9

bfalk9
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:03:08 AM

Posted 14 August 2014 - 02:55 AM

C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e5d a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
C:\Users\rac\Desktop\Dan Kennedy -Magnetic Marketing.rar Win32/TrojanDownloader.Agent.PBL trojan deleted - quarantined
C:\Users\rac\Downloads\cbsidlm-cbsi176-CrystalDiskInfo-ORG-10832082.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
C:\Users\rac\Downloads\cbsidlm-cbsi183-Proxy-ORG-10027080.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
C:\Users\rac\Downloads\cbsidlm-cbsi213-Junkware_Removal_Tool-SEO-75910255 (1).exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
C:\Users\rac\Downloads\cbsidlm-cbsi213-Junkware_Removal_Tool-SEO-75910255.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
 
Results from TFC
 

->Flash cache emptied: 58519 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 41341740 bytes

 

Emptying RecycleBin. Do not interrupt.

 

RecycleBin emptied: 57797495 bytes

Process complete!

 

Total Files Cleaned = 425.00 mb

 

 

And, I Uninstalled AdwCleaner, should I download and run it again?  Wow, you're awesome!  Thank You...



#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:08 PM

Posted 14 August 2014 - 03:35 AM

Win32/CNETInstaller.B << These are not "infections" but when you download from CNET, they install a "Wrapper" with the program.

Our general advice is to use the original sites when you can.

 

 

This should be all that you need now - Again, tell me if you are not sure of any items.

 

Just another quick clean-up tool to check if you have any unwanted Tool-bars etc. All directions are included.

 
This tool serves to delete pesky and unwanted toolbars and plug-ins from your browser(s). Simply download and run the Browser Cleanup utility.
Once you run the utility, you will see a list of bad and good toolbars and plug-ins and be able to disable or to remove them.
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users