Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

advertising videos keep popping up, possible spyware, maleware issue!


  • Please log in to reply
62 replies to this topic

#1 resa83

resa83

  • Members
  • 163 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:louisiana
  • Local time:01:18 AM

Posted 29 January 2015 - 10:43 AM

I believe i may have spyware as well as malware. I dont have a antivirus or spyware or malware removal tools. I'll tell you what I did when problems started occuring...

 

Yesterday I downloaded Charlie webdebugger. I think thats what its called. I downloaded it on accident. However it installed several other things including 

vosteran and i noticed in the installed programs I had something called Internet Program. and there was other things I cant remember the name of. I uninstalled them and restarted my laptop. Well when it booted up all I received was a black screen. therefore I shutdown and restarted in safe mode. It started with no problems. I then restarted in safe mode with networking so i could come here. Well No browsers would open while in safemode with networking!!

I then searched my help and support on doing a system restore. I restored it to jan 26, 15.

 

Now I'm here bc when I try to open firefox it says "couldnt load XPCOM" , it immediately says that ....... I'm able to use Chrome. 

When I initially opened Chrome it said an extention was disabled named Vosteran because it wasn't in Chrome Extention List. I went to the extentions that are in Chrome and seen Vosteran and clicked on the trashcan button next to it.... 

As I'm searching Bleeping Computer site..... When looking at pinned post there's words that are double underlined, if I click them I'm taken to a webpage that has nothing to do with computers or bleepingcomputer.com  Along with that annoyance, at the bottom right on my page advertising video pop up and I cant X out of it until its finished playing.  I have screen shots but need to figure out how to upload them ..... as I'm typing this I'm rereading what I'm writing and some of my own words are underlined in red! This is annoying. If anyone can help me I'd  be very grateful. Will try to upload screen shots

 

ADDED INFORMATION IS.... i have tabs opening by themselves and it usually goes to a site that 'helps' with computer problems etc. edited information <<<

 

HP pavilion entertainment pc 

Running Windows Vista sp2

not directly connected to modem... using my wifi

sorry if im forgetting any important information


Edited by resa83, 29 January 2015 - 03:09 PM.


BC AdBot (Login to Remove)

 


m

#2 resa83

resa83
  • Topic Starter

  • Members
  • 163 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:louisiana
  • Local time:01:18 AM

Posted 29 January 2015 - 11:29 AM

Unfortunately I do not know how to upload my screenshots sorry



#3 ITPro01

ITPro01

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:18 AM

Posted 29 January 2015 - 01:23 PM

Are you only having the issue in Chrome?  I was having the same issue and it was an extension that was installed was causing it



#4 resa83

resa83
  • Topic Starter

  • Members
  • 163 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:louisiana
  • Local time:01:18 AM

Posted 29 January 2015 - 02:13 PM

I dont know if its only chrome considering firefox  wont open all it says is "couldn't load XPCOM"



#5 ITPro01

ITPro01

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:18 AM

Posted 29 January 2015 - 02:15 PM

I would run SUPERAntiSpyware on your PC and see what it finds.  Here is a link to the portable version http://superantispyware.com/portablescannerhome.html

 

Once this has completed run AdwCleaner on your PC and remove what it finds here is the link for that http://www.bleepingcomputer.com/download/adwcleaner/



#6 resa83

resa83
  • Topic Starter

  • Members
  • 163 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:louisiana
  • Local time:01:18 AM

Posted 29 January 2015 - 02:52 PM

I downloaded malwarebytes antimalware and here's the log (it did find alot of things however  it fixed nothing)

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 1/29/2015
Scan Time: 1:19:33 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.01.29.08
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: Theresa
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 338489
Time Elapsed: 20 min, 4 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 1
PUP.Optional.Softonic.A, HKU\S-1-5-21-817011883-3207125051-2993073492-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, , [7ad720d73752de58d310760ebb48a957], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 3
PUP.Optional.Vosteran.A, C:\Users\Theresa\AppData\Roaming\WSE_Vosteran, , [6ce5e611f9906ccaea0b452ea85bb050], 
PUP.Optional.Vosteran.A, C:\Users\Theresa\AppData\Roaming\WSE_Vosteran\UpdateProc, , [6ce5e611f9906ccaea0b452ea85bb050], 
PUP.Optional.Vosteran.A, C:\Program Files (x86)\WSE_Vosteran, , [4a0796612e5be84ebb3c5d1632d1ae52], 
 
Files: 9
PUP.Optional.Softonic, C:\Users\Theresa\Downloads\SoftonicDownloader_for_spotify.exe, , [3d144fa87c0dfb3b486d9fbb42bead53], 
PUP.Optional.Vosteran.A, C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\t0q1fgyl.default\searchplugins\Vosteran.xml, , [d27f19de4c3d181ec55d6d973bcac739], 
PUP.Optional.Vosteran.A, C:\Users\Theresa\AppData\Roaming\WSE_Vosteran\UpdateProc\bkup.dat, , [6ce5e611f9906ccaea0b452ea85bb050], 
PUP.Optional.Vosteran.A, C:\Users\Theresa\AppData\Roaming\WSE_Vosteran\UpdateProc\config.dat, , [6ce5e611f9906ccaea0b452ea85bb050], 
PUP.Optional.Vosteran.A, C:\Users\Theresa\AppData\Roaming\WSE_Vosteran\UpdateProc\info.dat, , [6ce5e611f9906ccaea0b452ea85bb050], 
PUP.Optional.Vosteran.A, C:\Users\Theresa\AppData\Roaming\WSE_Vosteran\UpdateProc\STTL.DAT, , [6ce5e611f9906ccaea0b452ea85bb050], 
PUP.Optional.Vosteran.A, C:\Users\Theresa\AppData\Roaming\WSE_Vosteran\UpdateProc\TTL.DAT, , [6ce5e611f9906ccaea0b452ea85bb050], 
PUP.Optional.Vosteran.A, C:\Program Files (x86)\WSE_Vosteran\astcnfg.dat, , [4a0796612e5be84ebb3c5d1632d1ae52], 
PUP.Optional.Vosteran.A, C:\Program Files (x86)\WSE_Vosteran\uninst.dat, , [4a0796612e5be84ebb3c5d1632d1ae52], 
 
Physical Sectors: 0


#7 resa83

resa83
  • Topic Starter

  • Members
  • 163 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:louisiana
  • Local time:01:18 AM

Posted 29 January 2015 - 03:05 PM

downloaded and ran adwcleaner and it fixed nothing here's the log

 

 

# AdwCleaner v4.109 - Report created 29/01/2015 at 14:00:10
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# Username : Theresa - THERESA-PC
# Running from : C:\Users\Theresa\Downloads\AdwCleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : Viewpoint Manager Service
 
***** [ Files / Folders ] *****
 
[!] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[!] Folder Deleted : C:\ProgramData\Viewpoint
[!] Folder Deleted : C:\Program Files (x86)\Viewpoint
[!] Folder Deleted : C:\Users\Theresa\AppData\LocalLow\HPAppData
[!] Folder Deleted : C:\Users\Theresa\Documents\CleanerPro
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Theresa\AppData\Roaming\Mozilla\Firefox\Profiles\t0q1fgyl.default\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8FF0415C-F933-4B77-B940-30B24B44A479}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8FF0415C-F933-4B77-B940-30B24B44A479}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8FF0415C-F933-4B77-B940-30B24B44A479}
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\Viewpoint
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16599
 
 
-\\ Mozilla Firefox v35.0 (x86 en-US)
 
 
-\\ Google Chrome v40.0.2214.91
 
 
*************************
 
AdwCleaner[R0].txt - [5680 octets] - [29/01/2015 13:55:27]
AdwCleaner[S0].txt - [5428 octets] - [29/01/2015 14:00:10]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5488 octets] ##########


#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:18 AM

Posted 29 January 2015 - 03:10 PM

Step 1: Minitoolbox.
 
Please download MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.
 
Step 2: Junkware Removal Tool.
 
Please download Junkware Removal Tool and save it on your desktop.

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Step 3: Adware Cleaner.
 
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Step 4: Adware Removal Tool.
 
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

LOr0Gd7.png

Hit Ok.

sYFsqHx.png

Hit next make sure to leave all items checked, for removal.

8NcZjGc.png


The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete,  then OK again to finish up. Post log generated by tool.
 
Step 5: Malwarebytes AntiRootkit
 
 
Download Malwarebytes Anti-Rootkit to your desktop.
  • Double-click the icon to start the tool.
  • It will ask you where to extract make sure it is on the desktop.
  • Malwarebytes Anti-Rootkit needs to be run from an account with admin rights.
  • Click next to continue.
  • Then Click Update
  • Once the update is Finished select Next then Scan.
  • If no malware has been found, at the end of scan select Exit
  • If an infection was found, make sure to select all items and click Cleanup.
  • Reboot your machine.
  • Open the MBAR folder and paste the content of the following into your next reply:
  • mbar-log-{date} (xx-xx-xx).txt
  • system-log.txt

[/*]

Step 6: Security Check Log.
 
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document

 
Step 7: Report
 
Tell me how the machine is performing, and if you need help performing any steps. Also post all requested logs.



#9 resa83

resa83
  • Topic Starter

  • Members
  • 163 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:louisiana
  • Local time:01:18 AM

Posted 29 January 2015 - 03:30 PM

minotoolbox log 

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Theresa (administrator) on 29-01-2015 at 14:29:11
Running from "C:\Users\Theresa\Downloads"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
::1             localhost
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Broadcom 802.11b/g WLAN = Wireless Network Connection (Connected)
Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0) = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Theresa-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
   Physical Address. . . . . . . . . : 00-21-00-5E-F6-71
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::1a9:1170:38dd:c9e3%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.14(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, January 29, 2015 2:02:06 PM
   Lease Expires . . . . . . . . . . : Thursday, January 29, 2015 3:28:18 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 285221120
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-F5-53-32-00-1E-68-F2-E2-E3
   DNS Servers . . . . . . . . . . . : 68.105.28.12
                                       68.105.29.12
                                       68.105.28.11
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
   Physical Address. . . . . . . . . : 00-1E-68-F2-E2-E3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 6:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{C63A1500-5E0B-4599-8FAE-D58629C5D874}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 7:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.{29CD0DFA-D3E8-4E0B-ABF5-3DBB65C2FE11}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 11:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:3863:26a2:3f57:fff1(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::3863:26a2:3f57:fff1%13(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  cdns2.cox.net
Address:  68.105.28.12
 
Name:    google.com
Addresses:  2607:f8b0:4000:805::1001
 74.125.227.200
 74.125.227.197
 74.125.227.195
 74.125.227.193
 74.125.227.201
 74.125.227.206
 74.125.227.194
 74.125.227.198
 74.125.227.199
 74.125.227.196
 74.125.227.192
 
 
 
Pinging google.com [216.58.218.206] with 32 bytes of data:
 
Reply from 216.58.218.206: bytes=32 time=18ms TTL=55
 
Reply from 216.58.218.206: bytes=32 time=17ms TTL=55
 
 
 
Ping statistics for 216.58.218.206:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 17ms, Maximum = 18ms, Average = 17ms
 
Server:  cdns2.cox.net
Address:  68.105.28.12
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.139.183.24
 98.138.253.109
 
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
 
Reply from 206.190.36.45: bytes=32 time=86ms TTL=51
 
Reply from 206.190.36.45: bytes=32 time=84ms TTL=51
 
 
 
Ping statistics for 206.190.36.45:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 84ms, Maximum = 86ms, Average = 85ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
 12 ...00 21 00 5e f6 71 ...... Broadcom 802.11b/g WLAN
 10 ...00 1e 68 f2 e2 e3 ...... Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
  1 ........................... Software Loopback Interface 1
 11 ...00 00 00 00 00 00 00 e0  isatap.{C63A1500-5E0B-4599-8FAE-D58629C5D874}
 14 ...00 00 00 00 00 00 00 e0  isatap.{29CD0DFA-D3E8-4E0B-ABF5-3DBB65C2FE11}
 13 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.14     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.14    281
     192.168.0.14  255.255.255.255         On-link      192.168.0.14    281
    192.168.0.255  255.255.255.255         On-link      192.168.0.14    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.14    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.14    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     18 2001::/32                On-link
 13    266 2001:0:9d38:6ab8:3863:26a2:3f57:fff1/128
                                    On-link
 12    281 fe80::/64                On-link
 13    266 fe80::/64                On-link
 12    281 fe80::1a9:1170:38dd:c9e3/128
                                    On-link
 13    266 fe80::3863:26a2:3f57:fff1/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    266 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48640] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/29/2015 02:03:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/29/2015 01:47:18 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/29/2015 08:49:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/29/2015 08:39:17 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/29/2015 08:38:33 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
 
Error: (01/29/2015 08:15:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/29/2015 08:14:48 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
 
Error: (01/29/2015 08:09:11 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/29/2015 08:02:50 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/29/2015 07:41:49 AM) (Source: Application Hang) (User: )
Description: The program cheatengine-x86_64.exe version 6.4.0.4107 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1564
Start Time: 01d03bc929725b50
Termination Time: 4
 
 
System errors:
=============
Error: (01/29/2015 02:04:04 PM) (Source: Service Control Manager) (User: )
Description: QuickPlay Task Scheduler (QTS)
 
Error: (01/29/2015 02:04:04 PM) (Source: Service Control Manager) (User: )
Description: QuickPlay Background Capture Service (QBCS)
 
Error: (01/29/2015 02:01:06 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: C:\Windows\System32\bcmihvsrv64.dll
 
Error: (01/29/2015 02:01:06 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: C:\Windows\System32\bcmihvsrv64.dll
 
Error: (01/29/2015 02:00:12 PM) (Source: Service Control Manager) (User: )
Description: Software Licensing11200001Restart the service
 
Error: (01/29/2015 02:00:11 PM) (Source: Service Control Manager) (User: )
Description: Windows Modules Installer11200001Restart the service
 
Error: (01/29/2015 02:00:11 PM) (Source: Service Control Manager) (User: )
Description: HP Health Check Service1600001Restart the service
 
Error: (01/29/2015 02:00:11 PM) (Source: Service Control Manager) (User: )
Description: Microsoft .NET Framework NGEN v4.0.30319_X6411200001Restart the service
 
Error: (01/29/2015 02:00:11 PM) (Source: Service Control Manager) (User: )
Description: Microsoft .NET Framework NGEN v4.0.30319_X8611200001Restart the service
 
Error: (01/29/2015 02:00:11 PM) (Source: Service Control Manager) (User: )
Description: Windows Search1300001Restart the service
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2015-01-29 13:27:19.329
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-29 13:27:19.198
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-29 13:27:19.071
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-29 13:27:18.944
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-29 13:27:18.630
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-29 13:27:18.503
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-29 13:27:18.360
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-29 13:27:18.234
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-29 13:20:13.360
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-29 13:20:13.231
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
 
 
=========================== Installed Programs ============================
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - LSI Corporation)
Agere Systems HDA Modem (HKLM-x32\...\Agere Systems Soft Modem) (Version:  - LSI Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.77.3 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM-x32\...\Broadcom 802.11b Network Adapter) (Version: 4.170.77.3 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CCleaner (HKLM-x32\...\CCleaner) (Version: 5.01 - Piriform)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Photosmart Essential 2.5 (HKLM-x32\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP QuickTouch 1.00 D2 (HKLM\...\{1AD2F8FE-A357-4728-BDF8-B92D794CE793}) (Version: 1.0.9 - Hewlett-Packard)
HP QuickTouch 1.00 D2 (HKLM-x32\...\{1AD2F8FE-A357-4728-BDF8-B92D794CE793}) (Version: 1.0.9 - Hewlett-Packard)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\HDMI) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM-x32\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM-x32\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (x32 Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (x32 Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Client (x32 Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM-x32\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM-x32\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x64) (x32 Version: 8.0.56336 - Microsoft Corporation) Hidden
ProtectSmart Hard Drive Protection (HKLM\...\{2F97CE84-9C33-4631-821B-85EA371EA254}) (Version: 3.10.1.7 - Hewlett-Packard)
ProtectSmart Hard Drive Protection (HKLM-x32\...\{2F97CE84-9C33-4631-821B-85EA371EA254}) (Version: 3.10.1.7 - Hewlett-Packard)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM-x32\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Synaptics Pointing Device Driver (HKLM-x32\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Unity Web Player (HKCU-x32\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM-x32\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (x32 Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Language Selector (x32 Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 44%
Total physical RAM: 3998.27 MB
Available physical RAM: 2226.3 MB
Total Pagefile: 8207.8 MB
Available Pagefile: 6069.62 MB
Total Virtual: 4095.88 MB
Available Virtual: 4001.49 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:221.74 GB) (Free:143.93 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.14 GB) (Free:1.84 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\THERESA-PC
 
Administrator            Guest                    Theresa                  
 
 
**** End of log ****


#10 resa83

resa83
  • Topic Starter

  • Members
  • 163 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:louisiana
  • Local time:01:18 AM

Posted 29 January 2015 - 03:39 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows ™ Vista Home Premium x64
Ran by Theresa on Thu 01/29/2015 at 14:32:31.83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Users\Theresa\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Theresa\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal"
Successfully deleted: [File] C:\Windows\prefetch\DRIVERINSTALLER.EXE-8CBB16EA.pf
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Theresa\appdata\local\{9B75AEC5-EBED-412C-9395-C6AACAAEF1B3}
Successfully deleted: [Empty Folder] C:\Users\Theresa\appdata\local\{BF9388F3-A9D7-4FB0-95CE-6A134D1FB788}
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\Theresa\AppData\Roaming\mozilla\firefox\profiles\t0q1fgyl.default\minidumps [5 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 01/29/2015 at 14:37:18.36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#11 resa83

resa83
  • Topic Starter

  • Members
  • 163 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:louisiana
  • Local time:01:18 AM

Posted 29 January 2015 - 03:45 PM

# AdwCleaner v4.109 - Report created 29/01/2015 at 14:42:55
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# Username : Theresa - THERESA-PC
# Running from : C:\Users\Theresa\Downloads\adwcleaner_4.109.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Deleted : C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16599
 
 
-\\ Mozilla Firefox v35.0 (x86 en-US)
 
 
-\\ Google Chrome v40.0.2214.93
 
 
*************************
 
AdwCleaner[R0].txt - [5680 octets] - [29/01/2015 13:55:27]
AdwCleaner[R1].txt - [1196 octets] - [29/01/2015 14:40:26]
AdwCleaner[S0].txt - [5572 octets] - [29/01/2015 14:00:10]
AdwCleaner[S1].txt - [1122 octets] - [29/01/2015 14:42:55]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1182 octets] ##########


#12 ITPro01

ITPro01

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:02:18 AM

Posted 29 January 2015 - 03:46 PM

After running these tools you are still having the issue? Try running Combo Fix http://www.bleepingcomputer.com/download/combofix/



#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:18 AM

Posted 29 January 2015 - 03:48 PM

After running these tools you are still having the issue? Try running Combo Fix http://www.bleepingcomputer.com/download/combofix/

 

Do not run combofix!! Unless instructed by BC staff!! Also it is not allowed in this forum.



#14 resa83

resa83
  • Topic Starter

  • Members
  • 163 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:louisiana
  • Local time:01:18 AM

Posted 29 January 2015 - 03:54 PM

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 
 
Adware Removal Tool v3.9
Time: 2015_01_29_14_46_40
OS: Windows 7 - 64 Bit
Account Name: Theresa
U0L0S11
 
\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\
 
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}:dllname
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{98889811-442D-49DD-99D7-DC866BE87DBC}
 
\\ Finished


#15 resa83

resa83
  • Topic Starter

  • Members
  • 163 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:louisiana
  • Local time:01:18 AM

Posted 29 January 2015 - 04:20 PM

malware antirootkit NOTHING FOUND NO LOG TO POST






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users