Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Update Program Pop-up // C-drive filling // computer shutting off


  • Please log in to reply
3 replies to this topic

#1 JuicyRennik

JuicyRennik

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 09 March 2015 - 06:54 PM

So I have either been experiencing three separate issues, or it is all one issue combined. I will explain them in the order that I noticed them and explain them as separate issues just for argument's sake. I have used computers all my life, but I am a noob at troubleshooting and the like. Just never got good at it, so my experience with fixing anything but the simplest issues on a computer is pretty much nil.

 

Here was the first issue I noticed. In the bottom right of my screen a pop up would occasionally appear whether I am browsing the web or not. There never seems to be a specific trigger as to why it appears. It always says the following verbatim excluding quotes at beginning and end: "You have an old version of (Insert program). This should be updated to version (Insert version number). Note: It is important to keep your software updated to avoid system problems, crashes and security threats." 

 

The first time I saw the pop up I knew it was suspect so I just hit the x on it because I couldn't find another way to close it. When you close it, the box scrolls down really slow. I have never clicked the links on this pop-up, but I have a feeling even clicking the x to close it is an issue. I ran my Avast, Malware Bytes, Adaware cleaner, and MRT. They all found issues, but the box still appears so none of them caught the issue I am seeing. I will attach an image of exactly what the box looks like. It pops up for all sorts of programs. The program is entirely interchangeable, but the box is always identical. 

 

The second issue I have experienced is my C-Drive rapidly filling up. Not small things either. I am talking like 40gb just appearing in there. I haven't really noticed a time frame on how quickly it builds up, but I did the basic disc clean. 

 

The third and most recent issue is my computer randomly shutting off. It just completely powers off at times. I have run all the programs I previously mentioned for each issue. They are still issues. I do not know if all three of these issues are directly related. I suspect the C-drive filling up and the computer simply dying is related, but I am no computer expert and have no evidence to support the claim. I really hope you guys can help.

Attached Files


Edited by hamluis, 10 March 2015 - 11:28 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 jh1234l

jh1234l

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:04:51 PM

Posted 10 March 2015 - 12:31 PM

Hello, Juicyrenik! Let's start with some important instructions:

  • Avoid installing or uninstalling programs during the malware removal process, because doing so can cause discrepancies between the information in different log files created by different programs at different times.
  • Do NOT run tools such as Combofix unless instructed by a BleepingComputer staff member. These tools can break your computer if used improperly, so you should only run them if you know what you are doing or if the person who told you to use Combofix knows what they're doing.
  • If you want to, you should back up all important documents and files to an external storage device or online file backup service. Malware infections--and attempts to fix them--can prevent your computer from booting up, making your files unaccessable; this means that backing up your files to an USB flash drive or to an online service like Dropbox before attempting to remove malware is a good idea.

Step 1: Rkill

 

  1. Please download Rkill by Grinler, and save it to your desktop.
  2. Run the program. If you are using Windows Vista or above, you should right click the program and select "Run as administrator".
  3. A Black DOS box should appear; this indicates that the program is functioning.
  4. The program will generate a log file on your desktop. Post the contents of that file in your next reply.
  5. Do not restart your computer until the other steps are finished.

 

Step 2: Please download MiniToolBox by Farbar, and save it to your desktop.

 

Run the program. Please select the following options:

 

  1. Flush DNS
  2. Report IE proxy settings
  3. Reset IE proxy settings
  4. Report FF proxy settings
  5. Reset FF proxy settings
  6. List winsock entries
  7. List content of Hosts
  8. List installed programs
  9. List restore points

After the program finishes its job, it will create a log file called "Result.txt" on your desktop. Post the contents of that file in your next reply.

 

Step 3: Run ESET online scanner

 

  1. Using Internet Explorer, navigate to http://www.eset.com/us/online-scanner-popup/ (If you used another web browser, such as Firefox, you will have to download an installer file)
  2. Read through the program's terms of use. If you agree with it, check the checkbox which confirms that you accepted the program's terms of use. If you do not agree with its terms of use, then notify me and I can find another virus cleaning solution for you.
  3. Accept any security warnings which may appear.
  4. Click on the advanced settings part, and select "Scan for potentially unsafe applications","remove found threats", and "Scan archives".
  5. Check "scan for potentially unwanted applications".
  6. Click "start".
  7. Eset will download updates and scan your computer; this may take a few minutes to a few hours.
  8. When the scan completes, click "list threats".
  9. Click "Export", and save the log file to your desktop.
  10. Post the contents of the log file to your next forum post. Please note that if ESET does not detect anything, it may not necessarily generate a log file.

Step 4: Please download AdwCleaner by Xplode, and save it to your desktop.

 

  1. Click on the "scan" button.
  2. The tool will scan your computer for adware; this may take a few minutes.
  3. After the scan has finished, click on the "Report" button. A logfile, AdwCleaner[R0].txt, will show.
  4. After viewing the log, close the log file window. View the list of adware detections, and uncheck ones that you do not want to remove(i.e. the ones which you're sure to be benign).
  5. Press the "Clean" button. You will be requested to restart your computer.
  6. After restarting your computer, a log file called AdwCleaner[S0].txt will show. Post the contents of that log file in your next reply.

 

Step 5: Please download Junkware Removal Tool by thisisu to your desktop.

  1. Please turn off your antivirus program before running the tool to avoid conflicts. Remember to turn your antivirus back on afterwards.
  2. Run the program. If you are using Windows Vista or above, right-mouse click JRT.exe and select "Run as Administrator" instead of double-clicking.
  3. The tool will start scanning your computer. A DOS box will appear; this is normal and indicates that the tool is working.
  4. After the scan finishes, a log file called JRT.txt will appear on your desktop. Post the contents of that log file in your next reply.

Edited by jh1234l, 10 March 2015 - 12:33 PM.


#3 JuicyRennik

JuicyRennik
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:51 AM

Posted 10 March 2015 - 06:43 PM

Thank you for the timely reply. I have followed your steps and below are the requested log files.

 

Rkill

 

Program started at: 03/10/2015 04:15:10 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Windows\SysWOW64\HsMgr.exe (PID: 2244) [WD-HEUR]
 * C:\Windows\system\HsMgr64.exe (PID: 4636) [WD-HEUR]
 * C:\Users\Touchy\AppData\Local\Apps\2.0\PLWV6TNR.W77\RC6V6KHQ.327\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe (PID: 5884) [UP-HEUR]
 
3 proccesses terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * C:\Windows\System32\drivers\usbuhci.sys : 30,720 : 03/24/2011 11:29 PM : 62069a34518bcf9c1fd9e74b3f6db7cd [NoSig]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_d5d6e7e900318837\usbuhci.sys : 30,720 : 11/26/2013 09:41 PM : dd253afc3bc6cba412342de60c3647f3 [Pos Repl]
 +-> C:\Windows\System32\DriverStore\FileRepository\usbport.inf_amd64_neutral_f935002f367d5bb0\usbuhci.sys : 30,720 : 07/13/2009 08:06 PM : 81fb2216d3a60d1284455d511797db3d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.17514_none_1be864e21a2d2b97\usbuhci.sys : 30,720 : 07/13/2009 08:06 PM : 81fb2216d3a60d1284455d511797db3d [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.18328_none_1be17b8a1a31cc37\usbuhci.sys : 30,720 : 11/26/2013 09:41 PM : dd253afc3bc6cba412342de60c3647f3 [Pos Repl]
 +-> C:\Windows\winsxs\amd64_usbport.inf_31bf3856ad364e35_6.1.7601.22526_none_1c6919a73351367a\usbuhci.sys : 30,720 : 11/26/2013 09:42 PM : 2e682dce4319a90e02a327f8a427544a [Pos Repl]
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 03/10/2015 04:15:27 PM
Execution time: 0 hours(s), 0 minute(s), and 16 seconds(s)
 
 
MiniToolBox Results
 
MiniToolBox by Farbar  Version: 09-03-2015
Ran by Touchy (administrator) on 10-03-2015 at 16:28:20
Running from "C:\Users\Touchy\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Model: To be filled by O.E.M. Manufacturer: To be filled by O.E.M.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
 
=========================== Installed Programs ============================
3DXChat (HKLM-x32\...\3DXChat_is1) (Version:  - SexGameDevil)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Advanced Combat Tracker (remove only) (HKLM-x32\...\Advanced Combat Tracker) (Version:  - )
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Xonar Essence STX Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bing Bar (HKLM-x32\...\{F0839DB3-FBB8-4D14-936F-1D457A088224}) (Version: 7.0.601.0 - Microsoft Corporation)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Blockscape (HKLM-x32\...\Steam App 223490) (Version:  - ioneo)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
Caribbean! (HKLM-x32\...\Steam App 293010) (Version:  - Snowbird Games)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.3 - Electronic Arts)
Dropbox (HKCU\...\Dropbox) (Version: 3.0.4 - Dropbox, Inc.)
Evolve (HKLM-x32\...\Steam App 273350) (Version:  - Turtle Rock Studios)
File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
Frontlines: Fuel of War (HKLM-x32\...\Steam App 9460) (Version:  - Kaos Studios)
GameFly Download Manager (HKCU\...\7998bdbe8c95db7f) (Version: 1.0.0.98 - GameFly)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Grand Ages: Rome (HKLM-x32\...\Steam App 23450) (Version:  - Haemimont Games)
GridStream Player (HKCU\...\{77585712-e0d0-11e1-b641-0008c7a4704e}) (Version: 4.0.0.738 - GridStream Productions)
Hegemony Rome: The Rise of Caesar (HKLM-x32\...\Steam App 227060) (Version:  - Longbow Games)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 18.2 - Intel)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.31.13 - Oracle Corporation) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LOOT (HKLM-x32\...\LOOT) (Version: 0.6.0 - LOOT Development Team)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version:  - The Creative Assembly)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Business 2013 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 15.0.4693.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6012.0828 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
Minion (HKCU\...\{Minion}}_is1) (Version: 2.0 - ZAM Network LLC)
Mount and Blade - Warband (HKLM-x32\...\1207666913_is1) (Version: 2.1.0.6 - GOG.com)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig)
NEKOPARA vol.1 (HKLM-x32\...\{64DC04AF-BD7C-4CF4-9CA4-938953224328}) (Version:  - NEKO WORKs)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.52.3 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA Control Panel 347.09 (Version: 347.09 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.18.9 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.172.1357 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.1 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.14.0702 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.18.9 (Version: 16.18.9 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 16.18.9 (Version: 16.18.9 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.18.9 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.27 (Version: 1.2.27 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.82.106.0 - Overwolf Ltd.)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version:  - Capcom)
Ryse: Son of Rome (HKLM-x32\...\Steam App 302510) (Version:  - Crytek)
Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C1902}) (Version: 12.25.2.60 - APN, LLC)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Sins of a Solar Empire®: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Smart File Advisor 1.1.6 (HKLM-x32\...\Smart File Advisor_is1) (Version: 1.1.6 - Filefacts.net)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 8.0.0.5 - Bioware/EA)
Star Wars: Empire at War Gold (HKLM-x32\...\Steam App 32470) (Version:  - Petroglyph)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
State of Decay (HKLM-x32\...\Steam App 241540) (Version:  - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold Crusader 2 (HKLM-x32\...\Steam App 232890) (Version:  - FireFly Studios)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Guild II - Pirates of the European Seas (HKLM-x32\...\Steam App 39660) (Version:  - 4 Head Studios)
The Guild II (HKLM-x32\...\Steam App 39650) (Version:  - 4 Head Studios)
The Guild II: Renaissance (HKLM-x32\...\Steam App 39680) (Version:  - Rune Forge)
The Secret World (HKLM-x32\...\Steam App 215280) (Version:  - Funcom)
The Secret World (HKLM-x32\...\The Secret World_is1) (Version: 1.0.0 - Funcom)
Third Age - Total War 3.0 (Part 1of2) (HKCU\...\Third Age - Total War 3.0 (Part 1of2)) (Version:  - )
Third Age - Total War 3.0 (Part 2of2) (HKCU\...\Third Age - Total War 3.0 (Part 2of2)) (Version:  - )
Total War: ATTILA (HKLM-x32\...\Steam App 325610) (Version:  - Creative Assembly)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Undead Overlord (HKLM-x32\...\Steam App 291370) (Version:  - JumpCore Productions)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Viking: Battle for Asgard (HKLM-x32\...\Steam App 211160) (Version:  - Creative Assembly, PC Port - Hardlight)
Virtual Audio Cable 4.13 (HKLM\...\Virtual Audio Cable 4.13) (Version:  - )
Warriors Orochi (HKLM-x32\...\Warriors Orochi) (Version: 1.0.0.0 - KOEI)
WD Black² Dual Drive (HKLM-x32\...\{CA4C4325-B9D0-45A2-A32A-7AE2BC204D78}Visible) (Version: 5.1.530.1 - Western Digital)
WD Black² Dual Drive (x32 Version: 5.1.530.1 - Western Digital) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
========================= Restore Points ==================================
 
10-03-2015 07:00:44 Windows Update
 
**** End of log ****
 
 
ESET Online Scanner
 
C:\AdwCleaner\Quarantine\C\Program Files (x86)\PennyBee\Resources\ntdisie_32.dll.vir Win32/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\PennyBee\Resources\ntdis_32.dll.vir Win32/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\PennyBee\Resources\ntdis_64.dll.vir Win64/Toolbar.Linkury.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\PennyBee\DPHelper.dll.vir a variant of Win32/DealPly.T potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\PennyBee\PennyBee.exe.vir MSIL/Toolbar.Linkury.L potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\PennyBee\smia64.exe.vir MSIL/Toolbar.Linkury.M potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\PennyBee\uninstall.exe.vir Win32/Toolbar.Linkury.I potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\wse_astromenda\BRS\brs.exe.vir a variant of Win32/AdWare.Agent.NNW application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Touchy\AppData\Roaming\PennyBee\UpdateProc\bkup.dat.vir VBS/Kryptik.DY trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Touchy\AppData\Roaming\PennyBee\UpdateProc\UpdateTask.exe.vir a variant of Win32/DealPly.Z potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Touchy\AppData\Roaming\wse_astromenda\UpdateProc\bkup.dat.vir VBS/Kryptik.DY trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Touchy\AppData\Roaming\wse_astromenda\UpdateProc\UpdateTask.exe.vir a variant of Win32/DealPly.U potentially unwanted application deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSS.exe a variant of Win32/Systweak.L potentially unwanted application deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSHelper.dll a variant of Win32/Systweak.N potentially unwanted application deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe a variant of Win32/Systweak.L potentially unwanted application deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe a variant of Win32/Systweak potentially unwanted application deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegistryOptimizer.exe a variant of Win32/Systweak.L potentially unwanted application deleted - quarantined
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSSystemCleaner.exe a variant of Win32/Systweak.L potentially unwanted application deleted - quarantined
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application deleted - quarantined
C:\Program Files (x86)\Smart File Advisor\sfa_inst.exe a variant of Win32/SmartFileAdvisor.A potentially unwanted application deleted - quarantined
C:\Users\Touchy\AppData\Local\520669311dsisetup5206700442.exe a variant of Win32/Adware.DsiLoad.A application cleaned by deleting - quarantined
C:\Users\Touchy\AppData\Local\dsisetup2478513772.exe Win32/Adware.DsiLoad.A application cleaned by deleting - quarantined
C:\Users\Touchy\AppData\Local\dsisetup5069632192.exe Win32/Adware.DsiLoad.A application cleaned by deleting - quarantined
C:\Users\Touchy\AppData\Local\dsisetup675214132.exe Win32/Adware.DsiLoad.A application cleaned by deleting - quarantined
C:\Users\Touchy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\Helper.dll a variant of MSIL/Rebrand.LittleRegClean.B potentially unwanted application deleted - quarantined
C:\Users\Touchy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\ProPCCleaner.exe a variant of MSIL/Rebrand.LittleRegClean.B potentially unwanted application deleted - quarantined
C:\Users\Touchy\AppData\Roaming\Rainmaker Software Group LLC.?\Pro PC Cleaner 2.5.6\install\A5A8ADA\Uninst000.CA.dll a variant of MSIL/Rebrand.LittleRegClean.B potentially unwanted application deleted - quarantined
C:\Windows\Installer\16aabda9.msi a variant of Win32/Systweak.L potentially unwanted application deleted - quarantined
C:\Windows\Temp\avast_ash\WinZip (64 Bit)\winzip190-64.msi a variant of Win32/Systweak.L potentially unwanted application deleted - quarantined
G:\The Secret World\xfire_installer.TheSecretWorld.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
 

ADWCleaner

 

# AdwCleaner v4.112 - Logfile created 10/03/2015 at 19:28:56

# Updated 09/03/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Touchy - TOUCHY-PC
# Running from : H:\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
Service Deleted : APNMCP
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Users\Touchy\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Touchy\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Touchy\AppData\Local\Rainmaker_Software_Group_
Folder Deleted : C:\Users\Touchy\AppData\Roaming\Rainmaker Software Group LLC.?
File Deleted : C:\Users\Touchy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage
File Deleted : C:\Users\Touchy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage-journal
File Deleted : C:\Users\Touchy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart File Advisor_is1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17631
 
 
-\\ Google Chrome v40.0.2214.115
 
 
-\\ Chromium v
 
 
*************************
 
AdwCleaner[R0].txt - [4238 bytes] - [14/01/2015 12:55:02]
AdwCleaner[R1].txt - [1402 bytes] - [06/02/2015 03:47:09]
AdwCleaner[R2].txt - [2489 bytes] - [10/03/2015 19:26:05]
AdwCleaner[S0].txt - [4096 bytes] - [14/01/2015 12:57:00]
AdwCleaner[S1].txt - [1367 bytes] - [06/02/2015 14:29:45]
AdwCleaner[S2].txt - [2399 bytes] - [10/03/2015 19:28:56]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2458  bytes] ##########
 
Junkware Removal Tool
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 7 Professional x64
Ran by Touchy on Tue 03/10/2015 at 19:32:19.71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 03/10/2015 at 19:35:55.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Those are the requested log files. Thank you again for the timely reply.



#4 jh1234l

jh1234l

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:04:51 PM

Posted 12 March 2015 - 01:34 PM

Hello again, JuicyRennik!

 

:step1: There are some programs which I think you should remove; if you trust them, you can reinstall them later or just skip this step altogether.

 

  1. 3DXChat
  2. Bing Bar

:step2:  Please open Malwarebytes Antimalware.(Download it from www.malwarebytes.com, if you do not already have it.)

  1. Press the blue "update now" link on the dashboard.
  2. After the program updates, press "Scan now" to run a threat scan.
  3. Wait for the scan to finish.
  4. If Malwarebytes detects any malware, press "Apply Actions" to remove all of the malware programs.
  5. You may have to restart your computer.
  6. Open Malwarebytes again, and go to history tab > application logs.
  7. Double click the "Scan log" with the time at which the scan was run.
  8. Click "Export" and save it as a .txt file.

 

NEVER MIND, DON'T MAKE A NEW THREAD


Edited by jh1234l, 12 March 2015 - 07:29 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users