Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Shopperz Adware/Malware


  • Please log in to reply
34 replies to this topic

#1 nikae5

nikae5

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:55 PM

Posted 16 February 2015 - 07:44 PM

Dear Bleeping Computer,

 

This is my son's computer.  He has used it for online gaming over the last year and has downloaded what looks like every online game on the internet - to the point that he had no free space left on the hard disk - ~700GB!  He stopped using this computer because he said that he was constantly bombarded with advertising.  After deleting over a dozen adware programs and all the games, he still has only 286GB free - and sluggish performance.  One particularly pesky adware I can't get rid of - Shopperz. 

 

I have used Bleeping before and had great success, thanks!

 

Could I impose on you to aid me once again to remove the keyloggers/adware/spyware?

 

This machine is a HP ENVY dv6, running Windows 8.1, with Intel Core i7-3630QM CPU@ 2.4GHz and 12GB RAM on a 64-bi Operating System.

 

Thank You in advance.

 

 I look forward to working with you.

 

Regards,
Ken



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:55 PM

Posted 16 February 2015 - 10:23 PM

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.



If you already have MBAM 2.0 installed:

  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


How to get logs:
(Export log to save as txt)


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.



(Copy to clipboard for pasting into forum replies or tickets)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit (MBAR) to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"


NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 nikae5

nikae5
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:55 PM

Posted 17 February 2015 - 06:22 PM

Dear Broni,

I am so frustrated. I am at a total loss about how to post the results of the tests that I have spent the last 12 hours running.  EVERY time I try, bleepingcomputer.com locks up and then shuts down.

 

I try to copy and paste the results of the tests from the Word Doc that I have saved them in - all to no avail. There is no way to attach the test results to this website from what I can tell on the toolbar above. 

 

Please help,  I certainly don't blame you, at all, I am just so aggravated with this situation.

 

Thanks again,

Ken



#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:55 PM

Posted 17 February 2015 - 06:58 PM

All logs open in Notepad.

There is no reason to transfer them to any Word documents which actually will make logs larger.

Copy logs from Notepad and paste them one by one if needed.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 nikae5

nikae5
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:55 PM

Posted 17 February 2015 - 07:21 PM

Dear Broni,

I am not sure if you are getting any of these replies.  I have been trying for the last 2 hours to post the results of the 12 hours of tests that you requested.  Every time I try bleepingcomputer.com locks up and shuts down.  I am frustrated.

 

Please help me figure out how to contact you and post the results. 

 

Thank you,

Ken



#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:55 PM

Posted 17 February 2015 - 07:26 PM

Which browser are you using?

Did you try different browser?


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 nikae5

nikae5
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:55 PM

Posted 17 February 2015 - 07:31 PM

I am using internet explorer.

I have no other browser - I deleted all others to eliminate the confusion

 

I will have to run all tests again.  I deleted most of the notepads after copying them to WordDoc



#8 nikae5

nikae5
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:55 PM

Posted 17 February 2015 - 07:44 PM

Broni,

I have re-run the first test, 'Security Check' and have copied the notepad.  However, I CAN NOT paste it to this 'reply to this topic' !

 

I don't know what is wrong or what I am doing wrong but this is really getting my goat!  I am sorry. I don't think we're going to be able to work on this computer together on bleepingcomputer.com.

 

I will continue to try for a little longer but I can't spend another day running test and trying to post them.

 

MY loss...

 

This website just will not let me copy and paste anything to it - at all.  I have 'ctrl c' ; 'ctrl v'.  I have right clicked and manually copied and tried to paste.  I don't know what else to do. 



#9 nikae5

nikae5
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:55 PM

Posted 17 February 2015 - 07:50 PM

Broni,

I am sorry.  I know you do this voluntarily.  I wish I could figure it out.  I am not computer illiterate.  I know how to do an elementary copy and paste.  There is something wrong that I can not complete that simple process.  Maybe one of the malware/adware/keyloggers is blocking it - I don't know. 

 

I think Im at the point of just giving up....

 

Best Regards,
Ken



#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:55 PM

Posted 17 February 2015 - 08:07 PM

Upload the file(s) here: http://www.sendspace.com/
Click on Browse button and navigate to the file you want to upload.
Click on Upload button.
Click on FIRST Copy Link button and paste the link in your next reply.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#11 nikae5

nikae5
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:55 PM

Posted 17 February 2015 - 08:53 PM

Broni,

 

I regret that I can't copy and paste ANYTHING to this site.  not even the sendspace link.  So I have to manually enter it:

 

https://www.sendspace.com/file/gwn16y

 

I hope you can get to it. 



#12 nikae5

nikae5
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:55 PM

Posted 17 February 2015 - 08:56 PM

Here is the old Farbar scan from yesterday - I did save it.  Again, I have to manually enter the website address:

 

https://www.sendspace.com/file/arf6e7



#13 nikae5

nikae5
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:55 PM

Posted 17 February 2015 - 09:01 PM

Here is the scan for MiniToolBox:

 

https://www.sendspace.com/file/mo0g68



#14 nikae5

nikae5
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:55 PM

Posted 17 February 2015 - 09:04 PM

Here is the Malwarebytes scan from this morning:

 

https://www.sendspace.com/file/byfvc4



#15 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,710 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:01:55 PM

Posted 17 February 2015 - 09:17 PM

 Results of screen317's Security Check version 0.99.96  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Windows Defender             
AVG Internet Security 2015   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 AVG Web TuneUp   
 AVG PC TuneUp 2014 (en-US)
 Java 7 Update 55  
 Java version 32-bit out of Date!
  Java 64-bit 8 Update 31  
 Adobe Flash Player     16.0.0.305  
 Google Chrome (40.0.2214.111)
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 AVG avgwdsvc.exe
 IObit IObit Malware Fighter IMFsrv.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 IObit IObit Malware Fighter IMF.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````

 

================================

 

Farbar Service Scanner Version: 17-01-2015
Ran by Nolan (administrator) on 17-02-2015 at 00:45:21
Running from "C:\Users\Nolan\AppData\Local\Microsoft\Windows\INetCache\IE\FXVNO1VB"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

 

==========================================

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Nolan (administrator) on 17-02-2015 at 19:59:01
Running from "C:\Users\Nolan\Desktop"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\WINDOWS\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/17/2015 07:57:07 PM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/17/2015 07:57:07 PM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/17/2015 07:52:07 PM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/17/2015 07:52:07 PM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/17/2015 07:47:08 PM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/17/2015 07:47:07 PM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/17/2015 07:42:07 PM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/17/2015 07:42:07 PM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/17/2015 07:37:07 PM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/17/2015 07:37:07 PM) (Source: Bonjour Service) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."


System errors:
=============
Error: (02/17/2015 07:21:01 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/17/2015 07:17:20 PM) (Source: Service Control Manager) (User: )
Description: The AVG PC TuneUp Service service failed to start due to the following error:
%%3

Error: (02/17/2015 07:17:20 PM) (Source: Service Control Manager) (User: )
Description: The SWUpdaterSvc service failed to start due to the following error:
%%3

Error: (02/17/2015 07:17:18 PM) (Source: Service Control Manager) (User: )
Description: The JO Service component service failed to start due to the following error:
%%3

Error: (02/17/2015 07:17:18 PM) (Source: Service Control Manager) (User: )
Description: The URL Sign In service failed to start due to the following error:
%%3

Error: (02/17/2015 07:17:06 PM) (Source: Service Control Manager) (User: )
Description: The csrcc service failed to start due to the following error:
%%2

Error: (02/17/2015 07:15:35 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.

Error: (02/17/2015 07:14:52 PM) (Source: Service Control Manager) (User: )
Description: The AVG PC TuneUp Service service failed to start due to the following error:
%%3

Error: (02/17/2015 07:14:52 PM) (Source: Service Control Manager) (User: )
Description: The SWUpdaterSvc service failed to start due to the following error:
%%3

Error: (02/17/2015 07:14:51 PM) (Source: Service Control Manager) (User: )
Description: The JO Service component service failed to start due to the following error:
%%3


Microsoft Office Sessions:
=========================
Error: (02/17/2015 07:57:07 PM) (Source: Bonjour Service)(User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/17/2015 07:57:07 PM) (Source: Bonjour Service)(User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/17/2015 07:52:07 PM) (Source: Bonjour Service)(User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/17/2015 07:52:07 PM) (Source: Bonjour Service)(User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/17/2015 07:47:08 PM) (Source: Bonjour Service)(User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/17/2015 07:47:07 PM) (Source: Bonjour Service)(User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/17/2015 07:42:07 PM) (Source: Bonjour Service)(User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/17/2015 07:42:07 PM) (Source: Bonjour Service)(User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/17/2015 07:37:07 PM) (Source: Bonjour Service)(User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (02/17/2015 07:37:07 PM) (Source: Bonjour Service)(User: )
Description: AppendDNSNameString: Illegal empty label in name "."


CodeIntegrity Errors:
===================================
  Date: 2014-04-24 13:03:29.478
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-04-24 13:03:29.380
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-04-14 12:11:52.038
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-04-14 12:11:52.023
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-04-14 12:11:52.007
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-04-14 12:11:46.663
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-04-14 12:11:46.538
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-04-11 17:58:12.070
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-04-11 17:58:12.051
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-04-11 16:47:45.620
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.



=========================== Installed Programs ============================
AdFender (HKLM-x32\...\AdFender) (Version: 1.80 - AdFender, Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.1.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk MatchMover 2014 (HKLM\...\{B151ECD3-2DBE-45E9-816E-F8AA6238F6A8}) (Version: 14.00.0000 - Autodesk)
Autodesk Maya 2014 (HKLM\...\Autodesk Maya 2014) (Version: 16.0.0.0 - Autodesk)
Autodesk Maya 2014 (Version: 16.0.0.0 - Autodesk) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5646 - AVG Technologies)
AVG 2015 (Version: 15.0.4284 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5646 - AVG Technologies) Hidden
AVG PC TuneUp 2014 (en-US) (x32 Version: 14.0.1001.519 - AVG) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.0.6.10 - AVG Technologies)
Better Image Viewer (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BubbleSound (HKLM\...\BubbleSound) (Version: 1.0 - )
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version:  - cbrreader.com)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ContentExplorer (HKLM-x32\...\ContentExplorer) (Version: 6.0 - ContentExplorer.net)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6119 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
FileZilla Client 3.7.1.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.1.1 - Tim Kosse)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
GameStop App (x32 Version: 4.00 - GameStop) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Gyazo 1.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Toshiyuki Masui)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Backup (HKLM-x32\...\{6BA5F6E7-6CC1-4117-816D-A549A06CE44E}) (Version: 8.7.0.0 - Autonomy)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{92524C67-A99D-44C6-8995-04F5E76486AF}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\{4BACA3B8-F63A-44ED-9A8D-48B4D02AD268}) (Version: 6.0.100.276 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.9.1002 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IObit Apps Toolbar v10.9 (HKLM-x32\...\{F24EACD5-A33B-4DBB-ABCD-94AB54C04EC1}) (Version: 10.9 - Spigot, Inc.)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.1 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Lightshot-5.2.0.17 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.0.17 - Skillbrains)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
mental ray renderer for Autodesk Maya 2014 (HKLM\...\{4F5AD3FF-38C6-43FB-BB6F-8EF830DEDF16}) (Version: 13.0.0.0 - mental ray)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Mixlr version 1.10.0 (HKLM-x32\...\{F021F776-6BD4-4301-985D-0C1D27EEC8ED}_is1) (Version: 1.10.0 - Mixlr, Ltd.)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
Muvic Smartbar (HKLM-x32\...\{847917E3-683B-4A08-8CEB-FBB46CA2785A}) (Version: 11.40.58.16153 - PinWid Ltd.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.6 - Black Tree Gaming)
Ninja Loader (HKLM-x32\...\Ninja Loader) (Version: 127.0.0.473 - CLICK YES BELOW LP)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
Spotify (HKCU\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 2.0.1 - IObit)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TELL ME MORE (HKLM-x32\...\TMM90bis) (Version:  - )
TELL ME MORE (HKLM-x32\...\TMM90InitiationSPA) (Version:  - )
Validity WBF DDK (HKLM\...\{1F91C200-8F0F-4009-A75E-DB6CE151BD4E}) (Version: 4.4.234.0 - Validity Sensors, Inc.)
Vegas Pro 12.0 (64-bit) (HKLM\...\{EE45F85E-ED91-11E2-9CD7-F04DA23A5C58}) (Version: 12.0.670 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

========================= Devices: ================================

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 12177.27 MB
Available physical RAM: 9139.43 MB
Total Pagefile: 24465.27 MB
Available Pagefile: 21023.33 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.52 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:672.02 GB) (Free:294.57 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:25.5 GB) (Free:2.95 GB) NTFS

========================= Users: ========================================

User accounts for \\TYRONE

Administrator            Guest                    Nolan                    

========================= Restore Points ==================================

17-02-2015 19:16:29 Scheduled Checkpoint

**** End of log ****
 

 

==================================================

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2/17/2015
Scan Time: 12:55:09 AM
Logfile: Malware Scan.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.02.17.04
Rootkit Database: v2015.02.03.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Nolan

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 449140
Time Elapsed: 36 min, 18 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 3
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\shopperz, Delete-on-Reboot, [42468c937d0de353270b474ecf342ed2],
PUP.Optional.Shopperz.A, HKLM\SOFTWARE\WOW6432NODE\shopperz, Delete-on-Reboot, [89ff6cb35535ac8ab0829104ba49d42c],
PUP.Optional.Shopperz.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\70F4EEDB-1367-4b4f-8247-3133551A7415, Delete-on-Reboot, [4a3e73ac3f4b2412589f7e1845be0ff1],

Registry Values: 0
(No malicious items detected)

Registry Data: 1
PUP.Optional.HelperBar.A, HKU\S-1-5-21-3839215583-3684377433-1432924042-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://feed.helperbar.com/?publisher=MuvicAMBS&dpid=MuvicAMBS&co=US&userid=ea49c877-ea16-e0ee-d648-4ffed3467be4&searchtype=hp&installDate={installDate}&barcodeid={barcodeID}&um={UM}, Good: (www.google.com), Bad: (http://feed.helperbar.com/?publisher=MuvicAMBS&dpid=MuvicAMBS&co=US&userid=ea49c877-ea16-e0ee-d648-4ffed3467be4&searchtype=hp&installDate={installDate}&barcodeid={barcodeID}&um={UM}),Replaced,[e6a24bd451393df9bf3c199f9075e020]

Folders: 1
PUP.Optional.Shopperz.A, C:\Program Files\shopperz, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],

Files: 22
PUP.Optional.cherimoya.A, C:\Windows\System32\drivers\CHERIMOYA.SYS, Delete-on-Reboot, [d9affc23f29863d3152ddeb6b2515da3],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\csrcc.exe, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\garrus.dll, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\grunt.exe, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\kasumi32.dll, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\kasumi64.dll, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\krios.dll, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\krios64.dll, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\liara.dll, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\liara64.dll, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\mseff32.dll, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\nfregdrv64.exe, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\nseven.exe, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\prc64.exe, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\prexec.exe, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\spdata.dat, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\tree.js, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\tsoni.dll, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\tsoni64.dll, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\unins000.exe, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\wrex.exe, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],
PUP.Optional.Shopperz.A, C:\Program Files\shopperz\wrex64.exe, Delete-on-Reboot, [d0b87ba45a300c2ae539fb8ecf34fb05],

Physical Sectors: 0
(No malicious items detected)


(end)


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users