Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

viruses and malware that wont be deleted


  • Please log in to reply
33 replies to this topic

#1 kustum_man

kustum_man

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 17 January 2015 - 09:02 PM

hey there ive recently purchased an alienware laptop m17 r4 with window 8.1 and avast free anti virus pre installed . 

i proceeded with updating drivers , downloading bit torrent and downloading torrents. i think whilst installing torrents it has also installed alot of malware onto my computer .

 

ive recently dowloaded a nortan 360 anti virus tried to crack it and pressed something called purge on the program also had reset etc i think it was for resetting trial date and now it wont even open and wont remove from my computer and wont unistall proply but doesnt show up in programs like alot of other programs ive deleted such as optimizer pro i think its called .

 

 

since then my recycle bin my documents any folder in that fact wont open , when i try the system lags up and then the screen keeps resetting , over and over and my cd drive would make a noise like its insertign a cd ,  . 

ive tried to reach my documents through control panel and it lags up closes it and screen resets . 

 

ive recently downloaded bit defender total security 2015 and ran a scan it only picked up maby 5 -6 things.

i also downloaded malwarebytes anti - malware and it it picked up 220 problems and 7 were serious bugs so im thinking its more a malware.

 

most of the screen resetting stopped when i deleted alot of programs that where installed without me knowing through downloads and i also did a google chrome reset to defualt tool i had security protect and unisales and a whole lot of pop ups which are now gone and now the laptop only lags up when i try to open the program and screen resets. 

 

by resetting i mean the screen turns black for a split second and returns to normal like nothing happened but nothing opens and it lags before that

 

it was lot worse but only happens when i try to open something now i cant system restore i need a microsoft cd to do so , so id rather try and rid of the malware . 

 

if somehow i could get into my downloads of program files folders and delete unwanted programs i think it would fix the problem . 

 

please help because my malware and anti virus is very good and its still hiding from it . i can also still play games and go on the internet no problem i think because my games etc are on my D drive and all the malware is on my :C drive correct me if im wrong but its been downloaded all to downloads the n program files

 

thankyou for your time 

 

 

Lachlan

 

 

 

 



BC AdBot (Login to Remove)

 


m

#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:47 PM

Posted 17 January 2015 - 09:21 PM

Step 1: Minitoolbox.
 
Please download MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.
 
Step 2: Junkware Removal Tool.
 
Please download Junkware Removal Tool and save it on your desktop.

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Step 3: Adware Cleaner.
 
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Step 4: Adware Removal Tool.
 
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

LOr0Gd7.png

Hit Ok.

sYFsqHx.png

Hit next make sure to leave all items checked, for removal.

8NcZjGc.png


The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete,  then OK again to finish up. Post log generated by tool.
 
Step 5: Malwarebytes AntiRootkit
 
 
Download Malwarebytes Anti-Rootkit to your desktop.
  • Double-click the icon to start the tool.
  • It will ask you where to extract make sure it is on the desktop.
  • Malwarebytes Anti-Rootkit needs to be run from an account with admin rights.
  • Click next to continue.
  • Then Click Update
  • Once the update is Finished select Next then Scan.
  • If no malware has been found, at the end of scan select Exit
  • If an infection was found, make sure to select all items and click Cleanup.
  • Reboot your machine.
  • Open the MBAR folder and paste the content of the following into your next reply:
  • mbar-log-{date} (xx-xx-xx).txt
  • system-log.txt

[/*]

Step 6: Security Check Log.
 
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document

 
Step 7: Report
 
Tell me how the machine is performing, and if you need help performing any steps. Also post all requested logs.



#3 kustum_man

kustum_man
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 18 January 2015 - 01:09 AM

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Alienware (administrator) on 18-01-2015 at 16:06:35
Running from "C:\Users\Alienware\Downloads"
Microsoft Windows 8.1 Pro  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30) = Ethernet (Connected)
Intel® Centrino® Wireless-N 2230 = WiFi (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="WiFi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : AlienwareM17xR4
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home
 
Wireless LAN adapter Local Area Connection* 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 68-5D-43-21-6C-F5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 68-5D-43-21-6C-F8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet:
 
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
   Physical Address. . . . . . . . . : D4-BE-D9-28-AA-EE
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::691d:c4b6:487f:69a3%4(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.2.11(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, 18 January 2015 2:29:29 PM
   Lease Expires . . . . . . . . . . : Sunday, 25 January 2015 4:03:22 PM
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 81051353
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-28-F5-57-D4-BE-D9-28-AA-EE
   DNS Servers . . . . . . . . . . . : 192.168.2.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Wireless LAN adapter WiFi:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 2230
   Physical Address. . . . . . . . . : 68-5D-43-21-6C-F4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.2.1
 
Name:    google.com
Addresses:  2404:6800:4006:805::100e
 122.148.3.56
 122.148.3.57
 122.148.3.54
 122.148.3.50
 122.148.3.48
 122.148.3.51
 122.148.3.59
 122.148.3.55
 122.148.3.53
 122.148.3.49
 122.148.3.58
 122.148.3.52
 
 
Pinging google.com [122.148.3.49] with 32 bytes of data:
Request timed out.
Reply from 122.148.3.49: bytes=32 time=53ms TTL=60
 
Ping statistics for 122.148.3.49:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 53ms, Maximum = 53ms, Average = 53ms
Server:  DodoMP264.home
Address:  192.168.2.1
 
Name:    yahoo.com
Addresses:  98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=242ms TTL=45
Reply from 98.138.253.109: bytes=32 time=243ms TTL=45
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 242ms, Maximum = 243ms, Average = 242ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  7...68 5d 43 21 6c f5 ......Microsoft Wi-Fi Direct Virtual Adapter
  6...68 5d 43 21 6c f8 ......Bluetooth Device (Personal Area Network)
  4...d4 be d9 28 aa ee ......Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
  3...68 5d 43 21 6c f4 ......Intel® Centrino® Wireless-N 2230
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1     192.168.2.11     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.2.0    255.255.255.0         On-link      192.168.2.11    266
     192.168.2.11  255.255.255.255         On-link      192.168.2.11    266
    192.168.2.255  255.255.255.255         On-link      192.168.2.11    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.2.11    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.2.11    266
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  4    266 fe80::/64                On-link
  4    266 fe80::691d:c4b6:487f:69a3/128
                                    On-link
  1    306 ff00::/8                 On-link
  4    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51200] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/18/2015 00:51:56 PM) (Source: Perflib) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8
 
Error: (01/18/2015 00:51:56 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (01/18/2015 11:30:34 AM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.3.9600.17284, time stamp: 0x53f816dc
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e
Exception code: 0xc06d007e
Fault offset: 0x000000000000606c
Faulting process ID: 0xd00
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report ID: explorer.exe3
Faulting package full name: explorer.exe4
Faulting package-relative application ID: explorer.exe5
 
Error: (01/18/2015 11:10:23 AM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.3.9600.17284, time stamp: 0x53f816dc
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e
Exception code: 0xc06d007e
Fault offset: 0x000000000000606c
Faulting process ID: 0xae0
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report ID: explorer.exe3
Faulting package full name: explorer.exe4
Faulting package-relative application ID: explorer.exe5
 
Error: (01/18/2015 11:10:11 AM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.3.9600.17284, time stamp: 0x53f816dc
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e
Exception code: 0xc06d007e
Fault offset: 0x000000000000606c
Faulting process ID: 0x152c
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report ID: explorer.exe3
Faulting package full name: explorer.exe4
Faulting package-relative application ID: explorer.exe5
 
Error: (01/18/2015 11:09:40 AM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.3.9600.17284, time stamp: 0x53f816dc
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e
Exception code: 0xc06d007e
Fault offset: 0x000000000000606c
Faulting process ID: 0x70c
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report ID: explorer.exe3
Faulting package full name: explorer.exe4
Faulting package-relative application ID: explorer.exe5
 
Error: (01/18/2015 11:09:21 AM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.3.9600.17284, time stamp: 0x53f816dc
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e
Exception code: 0xc06d007e
Fault offset: 0x000000000000606c
Faulting process ID: 0x658
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report ID: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5
 
Error: (01/18/2015 11:06:26 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
 
Error: (01/18/2015 10:52:45 AM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.3.9600.17284, time stamp: 0x53f816dc
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e
Exception code: 0xc06d007e
Fault offset: 0x000000000000606c
Faulting process ID: 0xe8
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report ID: explorer.exe3
Faulting package full name: explorer.exe4
Faulting package-relative application ID: explorer.exe5
 
Error: (01/18/2015 10:51:35 AM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.3.9600.17284, time stamp: 0x53f816dc
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e
Exception code: 0xc06d007e
Fault offset: 0x000000000000606c
Faulting process ID: 0xf7c
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report ID: explorer.exe3
Faulting package full name: explorer.exe4
Faulting package-relative application ID: explorer.exe5
 
 
System errors:
=============
Error: (01/18/2015 02:29:31 PM) (Source: Service Control Manager) (User: )
Description: The Norton 360 service terminated with the following service-specific error: 
%%4294967295
 
Error: (01/18/2015 02:29:26 PM) (Source: BTHUSB) (User: )
Description: The local adapter does not support an important Low Energy controller state. The minimum required supported state mask is 0x1f7fffff, got 0x1f3fffff. Low Energy functionality will be disabled.
 
Error: (01/18/2015 01:34:18 PM) (Source: BTHUSB) (User: )
Description: The local adapter does not support an important Low Energy controller state. The minimum required supported state mask is 0x1f7fffff, got 0x1f3fffff. Low Energy functionality will be disabled.
 
Error: (01/18/2015 00:52:48 PM) (Source: DCOM) (User: AlienwareM17xR4)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (01/18/2015 00:52:18 PM) (Source: DCOM) (User: AlienwareM17xR4)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (01/18/2015 11:21:34 AM) (Source: BTHUSB) (User: )
Description: The local adapter does not support an important Low Energy controller state. The minimum required supported state mask is 0x1f7fffff, got 0x1f3fffff. Low Energy functionality will be disabled.
 
Error: (01/18/2015 11:09:05 AM) (Source: Service Control Manager) (User: )
Description: The Norton 360 service terminated with the following service-specific error: 
%%4294967295
 
Error: (01/18/2015 11:08:59 AM) (Source: BTHUSB) (User: )
Description: The local adapter does not support an important Low Energy controller state. The minimum required supported state mask is 0x1f7fffff, got 0x1f3fffff. Low Energy functionality will be disabled.
 
Error: (01/18/2015 10:47:57 AM) (Source: DCOM) (User: AlienwareM17xR4)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (01/18/2015 10:30:01 AM) (Source: Service Control Manager) (User: )
Description: The Norton 360 service terminated with the following service-specific error: 
%%4294967295
 
 
Microsoft Office Sessions:
=========================
Error: (01/18/2015 00:51:56 PM) (Source: Perflib)(User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8
 
Error: (01/18/2015 00:51:56 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
Error: (01/18/2015 11:30:34 AM) (Source: Application Error)(User: )
Description: explorer.exe6.3.9600.1728453f816dcKERNELBASE.dll6.3.9600.1727853eebf2ec06d007e000000000000606cd0001d032bb8e34635fC:\WINDOWS\explorer.exeC:\WINDOWS\system32\KERNELBASE.dll98c1a57e-9eb1-11e4-8272-685d43216cf8
 
Error: (01/18/2015 11:10:23 AM) (Source: Application Error)(User: )
Description: explorer.exe6.3.9600.1728453f816dcKERNELBASE.dll6.3.9600.1727853eebf2ec06d007e000000000000606cae001d032bb8745a5a8C:\WINDOWS\explorer.exeC:\WINDOWS\system32\KERNELBASE.dllc6ba6b2d-9eae-11e4-8272-685d43216cf8
 
Error: (01/18/2015 11:10:11 AM) (Source: Application Error)(User: )
Description: explorer.exe6.3.9600.1728453f816dcKERNELBASE.dll6.3.9600.1727853eebf2ec06d007e000000000000606c152c01d032bb750aa06aC:\WINDOWS\explorer.exeC:\WINDOWS\system32\KERNELBASE.dllbfce0fc0-9eae-11e4-8272-685d43216cf8
 
Error: (01/18/2015 11:09:40 AM) (Source: Application Error)(User: )
Description: explorer.exe6.3.9600.1728453f816dcKERNELBASE.dll6.3.9600.1727853eebf2ec06d007e000000000000606c70c01d032bb6a68c4f8C:\WINDOWS\explorer.exeC:\WINDOWS\system32\KERNELBASE.dllad336047-9eae-11e4-8272-685d43216cf8
 
Error: (01/18/2015 11:09:21 AM) (Source: Application Error)(User: )
Description: Explorer.EXE6.3.9600.1728453f816dcKERNELBASE.dll6.3.9600.1727853eebf2ec06d007e000000000000606c65801d032bb59d3f0d7C:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\KERNELBASE.dlla1a066e9-9eae-11e4-8272-685d43216cf8
 
Error: (01/18/2015 11:06:26 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
 
Error: (01/18/2015 10:52:45 AM) (Source: Application Error)(User: )
Description: explorer.exe6.3.9600.1728453f816dcKERNELBASE.dll6.3.9600.1727853eebf2ec06d007e000000000000606ce801d032b8fd1cb199C:\WINDOWS\explorer.exeC:\WINDOWS\system32\KERNELBASE.dll4ff95c03-9eac-11e4-8271-685d43216cf8
 
Error: (01/18/2015 10:51:35 AM) (Source: Application Error)(User: )
Description: explorer.exe6.3.9600.1728453f816dcKERNELBASE.dll6.3.9600.1727853eebf2ec06d007e000000000000606cf7c01d032b8dee4627bC:\WINDOWS\explorer.exeC:\WINDOWS\system32\KERNELBASE.dll267bc7ea-9eac-11e4-8271-685d43216cf8
 
 
 
=========================== Installed Programs ============================
AlienAutopsy (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.64 - Alienware)
Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.32.0.2C - )
Alienware On-Screen Display (x32 Version: 0.32.0.2C - ) Hidden
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.20.0.1429 - Bitdefender)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.37954 - BitTorrent Inc.)
Dell System Detect (HKCU\...\73f463568823ebbe) (Version: 5.13.0.1 - Dell)
Dodo Mobile Broadband (HKLM-x32\...\Dodo_Australia Imola Dodo Mobile Broadband_is1) (Version:  - Dodo_Australia)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dungeon Keeper 2 (HKLM\...\{4f94b43a-8a00-4ac4-bb94-269cf24aef97}.sdb) (Version:  - )
Dungeon Keeper 2 (HKLM-x32\...\Dungeon Keeper 2_is1) (Version:  - GOG.com)
EMSC (x32 Version: 0.0.0.25 - Compal Electronics, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Metro: Last Light Redux (HKLM-x32\...\Steam App 287390) (Version:  - 4A Games)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
NVIDIA 3D Vision Controller Driver 331.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.58 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Control Panel 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0046 - ST Microelectronics)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 31%
Total physical RAM: 8142.31 MB
Available physical RAM: 5593.77 MB
Total Pagefile: 9422.31 MB
Available Pagefile: 6316.2 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.55 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:50.36 GB) (Free:10.38 GB) NTFS
2 Drive d: (Storage) (Fixed) (Total:931.51 GB) (Free:855.06 GB) NTFS
4 Drive y: (RECOVERY) (Fixed) (Total:9.22 GB) (Free:2.3 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\ALIENWAREM17XR4
 
Administrator            Alienware                Guest                    
UpdatusUser              
 
 
**** End of log ****
 


#4 kustum_man

kustum_man
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 18 January 2015 - 01:11 AM

also the programs download to my download folder and i cant change that is that ok ? :)



#5 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:47 PM

Posted 18 January 2015 - 01:14 AM

You can open the downloads folder and drag the items to your desktop. If you can not do that then you are ok. :)



#6 kustum_man

kustum_man
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 18 January 2015 - 01:18 AM

STEP NUMBER 2 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 Pro x64
Ran by Alienware on Sun 18/01/2015 at 16:14:33.08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\WINDOWS\prefetch\DRIVERMANAGER.EXE-5BAAABB1.pf
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\Alienware\AppData\Roaming\pcdr"
Successfully deleted: [Folder] "C:\Users\Alienware\appdata\local\globalupdate"
Successfully deleted: [Folder] "C:\Program Files (x86)\globalupdate"
Successfully deleted: [Folder] "C:\Users\Alienware\documents\optimizer pro"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 18/01/2015 at 16:17:31.09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

 

 

 

 

 



#7 kustum_man

kustum_man
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 18 January 2015 - 01:34 AM

STEP 3
 
# AdwCleaner v4.108 - Report created 18/01/2015 at 16:31:14
# Updated 17/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 8.1 Pro  (64 bits)
# Username : Alienware - ALIENWAREM17XR4
# Running from : C:\Users\Alienware\Downloads\Bitdefender Safepay\adwcleaner_4.108.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\1cf45a20000014e7
Folder Deleted : C:\ProgramData\2de2706600000818
Folder Deleted : C:\ProgramData\78105629568688079
Folder Deleted : C:\ProgramData\a80bd3dd000055a0
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Folder Deleted : C:\Program Files (x86)\GU Player
Folder Deleted : C:\Users\Alienware\AppData\Roaming\SimpleFiles
Folder Deleted : C:\Users\Alienware\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GU Player
File Deleted : C:\WINDOWS\System32\drivers\CMWFP64.sys
File Deleted : C:\WINDOWS\System32\drivers\cmwr.sys
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : LuckyTab
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\P772300fa_39b3_4438_974f_cefbc6820e28_.P772300fa_39b3_4438_974f_cefbc6820e28_
Key Deleted : HKLM\SOFTWARE\Classes\P772300fa_39b3_4438_974f_cefbc6820e28_.P772300fa_39b3_4438_974f_cefbc6820e28_.9
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{772300fa-39b3-4438-974f-cefbc6820e28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{772300fa-39b3-4438-974f-cefbc6820e28}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{772300fa-39b3-4438-974f-cefbc6820e28}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\SimpleFiles
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKCU\Software\DriverSupport
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\SimpleFiles
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\TornTv Downloader
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Google Chrome v39.0.2171.99
 
[C:\Users\Alienware\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
[C:\Users\Alienware\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
 
*************************
 
AdwCleaner[R0].txt - [4574 octets] - [18/01/2015 16:29:34]
AdwCleaner[S0].txt - [4263 octets] - [18/01/2015 16:31:14]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4323 octets] ##########
 


#8 kustum_man

kustum_man
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 18 January 2015 - 01:46 AM

step 4 
 
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 
 
Adware Removal Tool v3.9
Time: 2015_01_18_16_41_39
OS: Windows 8 - 64 Bit
Account Name: Alienware
U0L0S20
 
\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\
 
Deleted - File - C:\Users\Alienware\Appdata\Local\Microsoft\CLR_v4.0_32\UsageLogs\Torntv Downloader.exe.log
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules:tcp query user{53054ec6-21d7-4dd2-8bfb-4d93272ee468}c:\users\alienware\appdata\roaming\torntv.com\torntv downloader.exe
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules:udp query user{9f66600c-c83d-4588-95f4-9496718c0a59}c:\users\alienware\appdata\roaming\torntv.com\torntv downloader.exe
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}:dllname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59755501-9D8C-4CAD-84A1-4598DED68550}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7F5470E-524-4686-BE66-87ABAACF139}:appname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D74B09BA-F63F-4CD1-BE9B-36541B6CC217}:appname
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules:tcp query user{53054ec6-21d7-4dd2-8bfb-4d93272ee468}c:\users\alienware\appdata\roaming\torntv.com\torntv downloader.exe
Deleted - RegistryValue - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules:udp query user{9f66600c-c83d-4588-95f4-9496718c0a59}c:\users\alienware\appdata\roaming\torntv.com\torntv downloader.exe
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application:Torntv
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{98889811-442D-49DD-99D7-DC866BE87DBC}
 
\\ Finished


#9 kustum_man

kustum_man
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 18 January 2015 - 02:20 AM

step 5 ----- no malware found



#10 kustum_man

kustum_man
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 18 January 2015 - 02:22 AM

step 6 
 
 
 Results of screen317's Security Check version 0.99.93  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Disabled!  
Bitdefender Antivirus        
Windows Defender             
Norton 360 Premier Edition   
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 16.0.0.257  
 Google Chrome (39.0.2171.95) 
 Google Chrome (39.0.2171.99) 
````````Process Check: objlist.exe by Laurent````````  
 Bitdefender Bitdefender 2015 vsserv.exe  
 Bitdefender Bitdefender 2015 updatesrv.exe  
 Bitdefender Bitdefender 2015 bdagent.exe  
 Bitdefender Bitdefender 2015 bdwtxag.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 


#11 kustum_man

kustum_man
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 18 January 2015 - 02:26 AM

step 7

my bitdefender 2015 is up to date and i see norton anti virus is still installed , i tried unistalling it and it didnt really work but removed from my programs but still is on the system showing from your scanning programs .

 

my computer is running as per normal before the malware was put onto my laptop , but it still hasnt fixed the problem with opening folders , my documents etc . the cd drive makes a noise well i think it is and the screen resets and the folder doesnt open. thankyou very much for your help so far but what else can i do to fix the problem



#12 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:47 PM

Posted 18 January 2015 - 02:27 AM

Did you crack Bitdefender? I would suggest that you uninstall that then run the BD Removal tool.

http://www.bitdefender.com/files/KnowledgeBase/file/The_New_Bitdefender_UninstallTool.exe

 

Run the  Norton Removal Tool

 

Reboot your computer.

 

I would suggest that you install  360 Total Security this free application uses Bitdefender Avira and its own virus engine. Run a full scan and post the log.

 

After you have completed this then Download 9-Lab Removal Tool. from one of the links below.

CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
 

Install the program onto your computer, then right click the icon RRXH2ZG.jpg run as administrator.

Go to the Update tab and update the program.

ZT1y9rP.png

Now go to the scanner tab and select Full Scan.

k68m97f.png

Upon Scan Completion Click Show Results.

FihDIFx.png

Now click the Clean button.

eCCJKcA.png

Once done cleaning you can go to the logs tab double click it and copy paste in your next reply.



#13 kustum_man

kustum_man
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 18 January 2015 - 02:42 AM

thankyou ill follow your instructions to see if it helps , i bought and downloaded bitdefender total security 2015 from bitdefender.com website or whatever it is and paid for it . 



#14 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:47 PM

Posted 18 January 2015 - 02:49 AM

Ok, if you paid for it then ignore the instructions to remove it. I was under the assumption that you cracked it since you mentioned cracking Norton.



#15 kustum_man

kustum_man
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 18 January 2015 - 02:57 AM

system scan log file
 
Product:
Bitdefender Total Security 2015
Scanning task:
System Scan
Log date:
Sunday, 18 January 2015 5:50:51 PM
Log path:
C:\ProgramData\Bitdefender\Desktop\Profiles\Logs\dcf483c4-26d0-4e6f-ba28-6a53a00adae1\1421567266_1_01.xml
 
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users