Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Youtube


  • Please log in to reply
14 replies to this topic

#1 ncdaking

ncdaking

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:47 AM

Posted 18 April 2015 - 11:17 PM

Following my first post, I have used adwcleaner, YAC, and other malware/adware cleaners which helped out a lot. However, whenever i click on a annotation on youtube, AdBlock blocks a pop up under unitspybookukset.in Is this spyware?



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:47 AM

Posted 19 April 2015 - 02:09 AM

First, unisntall Yet Another Cleaner, it is crapware....

 

Step 1: eScanAV.

 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

Download the eScanAV Anti-Virus Toolkit (MWAV)
http://www.escanav.com/english/content/products/downloadlink/downloadcounter.asp?pcode=MWAV&src=english_dwn&type=alter
Save the file to your desktop.
Right click run as administrator.
A new icon will appear on your desktop.
Right click run as administrator on new icon.
Click on the update tab.
ZCDJtZN.png
Once you have updated the program, make sure the settings are the same as the picture below.
7DUFn5c.png
Once you have made sure the settings match the picture, hit the Scan & Clean button.
Upon scan completion, click View Log.
ApSVXsQ.png
Copy and paste entire log into your next reply.
Note: Reboot if needed to remove infections.

 

Step 2: Zemana

 

Run a full scan with Zemana antimalware.

http://www.zemana.us/product/zemana-antimalware/default.aspx

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply.

 

 

Step 3: Junkware Removal Tool.
 
Please download Junkware Removal Tool and save it on your desktop.

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Step 4: Adware Cleaner.
 
Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


#3 ncdaking

ncdaking
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:47 AM

Posted 19 April 2015 - 03:52 AM

19 Apr 2015 03:35:24 [0de0] - **********************************************************
19 Apr 2015 03:35:24 [0de0] - MWAV - eScanAV AntiVirus Toolkit.
19 Apr 2015 03:35:24 [0de0] - Copyright © MicroWorld Technologies
19 Apr 2015 03:35:24 [0de0] - **********************************************************
19 Apr 2015 03:35:24 [0de0] - Source: C:\Users\NIELPU~1\DOWNLO~1\mwav.exe
19 Apr 2015 03:35:24 [0de0] - Version 14.0.178 (C:\USERS\NIEL PUERTOLLANO\APPDATA\LOCAL\TEMP\MEXE.COM)
19 Apr 2015 03:35:24 [0de0] - Log File: C:\Users\Niel Puertollano\AppData\Local\Temp\MWAV.LOG
19 Apr 2015 03:35:24 [0de0] - MWAV Registered: TRUE
19 Apr 2015 03:35:24 [0de0] - User Account: Niel Puertollano (Administrator Mode)
19 Apr 2015 03:35:24 [0de0] - OS Type: Windows Workstation [InstallType: Client]
19 Apr 2015 03:35:24 [0de0] - OS: Windows 7 64-Bit [OS Install Date: 11 Dec 2012 15:52:20]
19 Apr 2015 03:35:24 [0de0] - Ver: Personal Service Pack 1 (Build 7601)
19 Apr 2015 03:35:24 [0de0] - System Up Time: 2 Hours, 45 Minutes, 25 Seconds
 
 
19 Apr 2015 03:35:24 [0de0] - Parent Process Name : C:\Users\Niel Puertollano\Downloads\mwav.exe
19 Apr 2015 03:35:24 [0de0] - Windows Root  Folder: C:\Windows
19 Apr 2015 03:35:24 [0de0] - Windows Sys32 Folder: C:\Windows\system32
19 Apr 2015 03:35:24 [0de0] - DHCP NameServer: 192.168.1.1
19 Apr 2015 03:35:24 [0de0] - Interface0 DHCPNameServer: 192.168.1.1
19 Apr 2015 03:35:24 [0de0] - Interface1 DHCPNameServer: 172.20.10.1
19 Apr 2015 03:35:24 [0de0] - Interface2 DHCPNameServer: 192.168.1.1
19 Apr 2015 03:35:24 [0de0] - Local Fixed Drives: c:\,d:\,q:\
19 Apr 2015 03:35:24 [0de0] - MWAV Mode(A): Scan and Clean files (for viruses, adware and spyware)
19 Apr 2015 03:35:24 [0de0] - [CREATED ZIP FILE: C:\Users\Niel Puertollano\AppData\Local\Temp\pinfect.zip]
19 Apr 2015 03:35:24 [0de0] - Latest Date of files inside MWAV: Mon Mar  2 17:13:53 2015.
19 Apr 2015 03:35:26 [0de0] - ** Changed Value of "Path"
19 Apr 2015 03:35:26 [0de0] - ** Changed Value of "HKEY_CLASSES_ROOT\.htm" from "ChromeHTML" to "htmlfile"
19 Apr 2015 03:35:26 [0de0] - ** Changed Value of "HKEY_CLASSES_ROOT\.html" from "ChromeHTML" to "htmlfile"
19 Apr 2015 03:35:26 [0de0] - Loading/Creating FileScan Cache Database C:\ProgramData\MicroWorld\MWAV\ESCANDBY.MDB [Log: C:\Users\Niel Puertollano\AppData\Local\Temp\ESCANDB.LOG]
19 Apr 2015 03:35:29 [0de0] - Loaded/Created FileScan Cache Database...
19 Apr 2015 03:35:29 [0de0] - Loading AV Library [DB]...
19 Apr 2015 03:36:08 [0de0] - ArchiveScan: DISABLED
19 Apr 2015 03:36:08 [0de0] - AV Library Loaded - MultiThreaded - 8 : [DB-DIRECT].
19 Apr 2015 03:36:08 [0de0] - MWAV doing self scanning...
19 Apr 2015 03:36:08 [0de0] - MWAV files are clean.
19 Apr 2015 03:36:50 [0de0] - ArchiveScan: DISABLED
19 Apr 2015 03:36:50 [0de0] - Virus Database Date: 02 Mar 2015
19 Apr 2015 03:36:50 [0de0] - Virus Database Count: 6701505
19 Apr 2015 03:36:50 [0de0] - Sign Version: 7.59505 [518257]
19 Apr 2015 03:36:56 [0de0] - Downloading AntiVirus and Anti-Spyware Databases...
19 Apr 2015 03:40:17 [0de0] - Update Successful...
19 Apr 2015 03:40:21 [0de0] - Indexed Spyware Databases Successfully Created...
19 Apr 2015 03:40:21 [0de0] - Old Sign Version: 7.59505 New Sign Version: 7.60184
19 Apr 2015 03:40:47 [0de0] - Reload of AntiVirus Signatures successfully done.
19 Apr 2015 03:40:47 [0de0] - Virus Database Date: 19 Apr 2015
19 Apr 2015 03:40:47 [0de0] - Virus Database Count: 5651644
19 Apr 2015 03:40:47 [0de0] - Sign Version: 7.60184 [518936]
 
19 Apr 2015 03:43:28 [0de0] - **********************************************************
19 Apr 2015 03:43:28 [0de0] - MWAV - eScanAV AntiVirus Toolkit.
19 Apr 2015 03:43:28 [0de0] - Copyright © MicroWorld Technologies
19 Apr 2015 03:43:28 [0de0] - 
19 Apr 2015 03:43:28 [0de0] - Support: support@escanav.com
19 Apr 2015 03:43:28 [0de0] - Web: http://www.escanav.com
19 Apr 2015 03:43:28 [0de0] - **********************************************************
19 Apr 2015 03:43:28 [0de0] - Version 14.0.178[DB] (C:\USERS\NIEL PUERTOLLANO\APPDATA\LOCAL\TEMP\MEXE.COM)
19 Apr 2015 03:43:28 [0de0] - Log File: C:\Users\Niel Puertollano\AppData\Local\Temp\MWAV.LOG
19 Apr 2015 03:43:28 [0de0] - User Account: Niel Puertollano (Administrator Mode)
19 Apr 2015 03:43:28 [0de0] - Parent Process Name : C:\Users\Niel Puertollano\Downloads\mwav.exe
19 Apr 2015 03:43:28 [0de0] - Windows Root  Folder: C:\Windows
19 Apr 2015 03:43:28 [0de0] - Windows Sys32 Folder: C:\Windows\system32
19 Apr 2015 03:43:28 [0de0] - OS: Windows 7 64-Bit [OS Install Date: 11 Dec 2012 15:52:20]
19 Apr 2015 03:43:28 [0de0] - Ver: Personal Service Pack 1 (Build 7601)
19 Apr 2015 03:43:28 [0de0] - Latest Date of files inside MWAV: Mon Mar  2 17:13:53 2015.
 
19 Apr 2015 03:43:28 [08d0] - Options Selected by User:
19 Apr 2015 03:43:28 [08d0] - Memory Check: Enabled
19 Apr 2015 03:43:28 [08d0] - Registry Check: Enabled
19 Apr 2015 03:43:28 [08d0] - StartUp Folder Check: Enabled
19 Apr 2015 03:43:28 [08d0] - System Folder Check: Enabled
19 Apr 2015 03:43:28 [08d0] - Services Check: Enabled
19 Apr 2015 03:43:28 [08d0] - Scan Spyware: Enabled
19 Apr 2015 03:43:28 [08d0] - Scan Archives: Disabled
19 Apr 2015 03:43:28 [08d0] - Drive Check: Enabled
19 Apr 2015 03:43:28 [08d0] - All Drive Check :Disabled
19 Apr 2015 03:43:28 [08d0] - Drive Selected = C:\
19 Apr 2015 03:43:28 [08d0] - Folder Check: Disabled
19 Apr 2015 03:43:28 [08d0] - SCAN: All_Files [ANSI]
19 Apr 2015 03:43:28 [08d0] - MWAV Mode(B): Scan and Clean files (for viruses, adware and spyware)
 
19 Apr 2015 03:43:28 [08d0] - Scanning DNS Records...
19 Apr 2015 03:43:28 [08d0] - Scanning Master Boot Record (User)...
19 Apr 2015 03:43:28 [08d0] - Scanning Logical Boot Records...
19 Apr 2015 03:43:28 [08d0] - ***** Scanning For Hidden Rootkit Processes *****
19 Apr 2015 03:43:28 [08d0] - ***** Scanning For Hidden Rootkit Services *****
 
19 Apr 2015 03:43:31 [08d0] - ***** Scanning Memory Files *****
 
19 Apr 2015 03:43:37 [08d0] - ***** Scanning Registry Files *****
19 Apr 2015 03:43:38 [08d0] - ** NON-STANDARD WINLOGON NOTIFY KEY [SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
19 Apr 2015 03:43:38 [08d0] - Invalid Entry DllName = SDWinLogon.dll (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon). Action Taken: Deleting Registry Key SDWinLogon.
19 Apr 2015 03:43:39 [08d0] - ERROR(3)!!! Invalid Entry StubPath = "C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome (in key HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}). Action Taken: Removing it.
19 Apr 2015 03:43:39 [08d0] - ERROR(3)!!! Invalid Entry RESTART_STICKY_NOTES = C:\Windows\system32\StikyNot.exe (in key HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). Action Taken: Removing it.
 
19 Apr 2015 03:43:39 [08d0] - ***** Scanning StartUp Folders *****
19 Apr 2015 03:47:24 [0f0c] - ScanFile (C:\ProgramData\Battle.net\Agent\Agent.3915\Agent.exe) took 5241 ms
19 Apr 2015 03:48:31 [0f1c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Barowwsoe2Save-0000.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [09c4] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0001.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [0f0c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\7-Zip-0000.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [0d5c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0001.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [0548] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0000.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [09c4] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0000.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [063c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0002.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [0f1c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0000.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [07a8] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [0d5c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MediaPlex-0001.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [0548] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MediaPlex-0002.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [09c4] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0000.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [0f0c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MediaPlex-0000.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [0548] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Wordpad-0000.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [0f1c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [0d5c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Media Player-0000.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [063c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [0548] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [0c4c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Paint-0000.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [0d5c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [09c4] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0001.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [063c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0002.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [0c4c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0004.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [09c4] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [0d5c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0005.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [0548] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0003.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [0f1c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0001.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [07a8] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0001.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [0f0c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Right Media-0000.zip not Scanned. Possibly password protected...
19 Apr 2015 03:48:31 [063c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Zedo-0000.zip not Scanned. Possibly password protected...
 
19 Apr 2015 03:48:45 [08d0] - ***** Scanning Service Files *****
19 Apr 2015 03:48:45 [0f1c] - Scanning File C:\ProgramData\..\install.res.1040.dll
19 Apr 2015 03:48:51 [08d0] - ERROR(2)!!! Invalid Entry \??\C:\Windows\system32\drivers\EagleX64.sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\EagleX64.
19 Apr 2015 03:49:01 [08d0] - ERROR(2)!!! Invalid Entry C:\Windows\system32\PnkBstrA.exe. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\PnkBstrA.
19 Apr 2015 03:49:06 [08d0] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TrkWks].
19 Apr 2015 03:49:10 [08d0] - ERROR(2)!!! Invalid Entry \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\WinRing0_1_2_0.
19 Apr 2015 03:49:11 [08d0] - ERROR(2)!!! Invalid Entry \??\C:\Windows\SysWOW64\Drivers\X6va012. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\X6va012.
 
19 Apr 2015 03:49:11 [08d0] - ***** Scanning Registry and File system for Adware/Spyware *****
19 Apr 2015 03:49:11 [08d0] - Loading Spyware Signatures from new External Database [Name: C:\Users\NIELPU~1\AppData\Local\Temp\spydb.avs, Size: 464724]...
19 Apr 2015 03:49:11 [08d0] - Indexed Spyware Databases Successfully Created...
 
19 Apr 2015 03:49:17 [08d0] - Offending file found: C:\Users\Niel Puertollano\Desktop\League of Legends\DreamerRO\exe.exe
19 Apr 2015 03:49:17 [08d0] - System found infected with System Defragmenter Trojan-Downloader (exe.exe)! Action taken: File Deleted.
19 Apr 2015 03:49:17 [08d0] - Object "System Defragmenter Trojan-Downloader" found in File System! Action Taken: File Deleted.
 
19 Apr 2015 03:49:19 [08d0] - Offending file found: C:\ProgramData\Promote Installer\Starter.exe
19 Apr 2015 03:49:19 [08d0] - System found infected with PrecisionPop Spyware/Adware (Starter.exe)! Action taken: File Deleted.
19 Apr 2015 03:49:19 [08d0] - Object "PrecisionPop Spyware/Adware" found in File System! Action Taken: File Deleted.
 
19 Apr 2015 03:49:20 [08d0] - Offending Registry Entry found: HKCU\Software\Classes\.exe\DefaultIcon
19 Apr 2015 03:49:20 [08d0] - System found infected with XP Internet Security 2010 Spyware/Adware (HKCU\Software\Classes\.exe\DefaultIcon)! Action taken: Entries Removed.
19 Apr 2015 03:49:20 [08d0] - Object "XP Internet Security 2010 Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
19 Apr 2015 03:49:20 [08d0] - Offending Registry Entry found: HKCU\Software\Classes\.exe\shell\open\command
19 Apr 2015 03:49:20 [08d0] - System found infected with XP Internet Security 2010 Spyware/Adware (HKCU\Software\Classes\.exe\shell\open\command)! Action taken: Entries Removed.
19 Apr 2015 03:49:20 [08d0] - Object "XP Internet Security 2010 Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
19 Apr 2015 03:49:20 [08d0] - Offending Registry Entry found: HKCU\Software\Classes\.exe\shell\runas\command
19 Apr 2015 03:49:20 [08d0] - System found infected with XP Internet Security 2010 Spyware/Adware (HKCU\Software\Classes\.exe\shell\runas\command)! Action taken: Entries Removed.
19 Apr 2015 03:49:20 [08d0] - Object "XP Internet Security 2010 Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
19 Apr 2015 03:49:20 [08d0] - Offending Registry Entry found: HKCU\Software\Classes\.exe\shell\start\command
19 Apr 2015 03:49:20 [08d0] - System found infected with XP Internet Security 2010 Spyware/Adware (HKCU\Software\Classes\.exe\shell\start\command)! Action taken: Entries Removed.
19 Apr 2015 03:49:20 [08d0] - Object "XP Internet Security 2010 Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
 
19 Apr 2015 03:49:20 [08d0] - ***** Scanning Registry Files *****
19 Apr 2015 03:49:20 [08d0] - ** Possible invalid line [127.0.0.1  download-mcafee.com] in HOSTS file!
19 Apr 2015 03:49:21 [08d0] - ** Value in HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://www.google.com
19 Apr 2015 03:49:21 [08d0] - ** Deleted Value of "NoActiveDesktop" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer". Its value was DWORD:1.
19 Apr 2015 03:49:21 [08d0] - ** Deleted Value of "ForceActiveDesktopOn" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer". Its value was DWORD:0.
19 Apr 2015 03:49:21 [08d0] - ** Deleted Value of "NoComponents" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop". Its value was DWORD:1.
19 Apr 2015 03:49:21 [08d0] - ** Deleted Value of "NoAddingComponents" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop". Its value was DWORD:1.
19 Apr 2015 03:49:21 [08d0] - ** Value in 64-bit HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://www.google.com
19 Apr 2015 03:49:21 [08d0] - ** Value in HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = http://www.google.com
19 Apr 2015 03:49:21 [08d0] - ** Value in 64-bit HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = about:blank
 
19 Apr 2015 03:49:22 [08d0] - ***** Scanning System32 Folders *****
 
 
19 Apr 2015 03:50:26 [08d0] - ***** Scanning Drive C:\ *****
19 Apr 2015 03:55:46 [0f0c] - C:\Program Files (x86)\PDF Complete\resources\pdfnet.res not Scanned. Possibly password protected...
19 Apr 2015 03:55:49 [0d5c] - ScanFile (C:\Program Files (x86)\ooVoo\ooVoo.exe) took 7005 ms
19 Apr 2015 03:56:06 [07a8] - ScanFile (C:\Program Files (x86)\Samsung\Kies\Theme\Kies.Theme.dll) took 7442 ms
19 Apr 2015 03:56:07 [0c4c] - ScanFile (C:\Program Files (x86)\Samsung\Kies\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe) took 8720 ms
19 Apr 2015 04:03:24 [0f1c] - Scanning File C:\System Volume Information\{a2a9057c-e328-11e4-9d14-6c626d84ad6e}{3808876b-c176-4e48-b7ae-04046e6cc752}
19 Apr 2015 04:03:24 [07a8] - Scanning File C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
19 Apr 2015 04:03:24 [0d5c] - Scanning File C:\System Volume Information\{8ab3e336-e24f-11e4-af6b-6c626d84ad6e}{3808876b-c176-4e48-b7ae-04046e6cc752}
19 Apr 2015 04:03:24 [0f0c] - Scanning File C:\System Volume Information\{8ab3e32e-e24f-11e4-af6b-6c626d84ad6e}{3808876b-c176-4e48-b7ae-04046e6cc752}
19 Apr 2015 04:03:24 [0548] - Scanning File C:\System Volume Information\{8ab3e31a-e24f-11e4-af6b-6c626d84ad6e}{3808876b-c176-4e48-b7ae-04046e6cc752}
19 Apr 2015 04:03:24 [0c4c] - Scanning File C:\System Volume Information\{05c87525-e546-11e4-b627-6c626d84ad6e}{3808876b-c176-4e48-b7ae-04046e6cc752}
19 Apr 2015 04:11:35 [07a8] - ScanFile (C:\Users\Niel Puertollano\AppData\Local\osu!\osu!ui.dll) took 6505 ms
19 Apr 2015 04:12:01 [0548] - ScanFile (C:\Users\Niel Puertollano\AppData\Local\Roblox\Versions\version-3c333d16b2ee4af9\RobloxPlayerBeta.exe) took 14461 ms
19 Apr 2015 04:13:46 [0f1c] - ScanFile (C:\Users\Niel Puertollano\Downloads\mwav.exe) took 6786 ms
19 Apr 2015 04:14:31 [09c4] - ScanFile (C:\Users\Niel Puertollano\Downloads\SkypeSetupFull.exe) took 27191 ms
19 Apr 2015 04:14:31 [09c4] - Scanning of C:\Users\Niel Puertollano\Downloads\SkypeSetupFull.exe Timed out!!!
19 Apr 2015 04:14:59 [0548] - ScanFile (C:\Users\Niel Puertollano\Music\iTunes\iTunes Media\Mobile Applications\Dictionary 3.0.1.ipa) took 6771 ms
19 Apr 2015 04:18:04 [07a8] - ScanFile (C:\Users\Nixon Puertollano\AppData\Local\Roblox\Versions\version-68c511c8ee3948f6\RobloxPlayerBeta.exe) took 12480 ms
19 Apr 2015 04:18:05 [0f0c] - ScanFile (C:\Users\Nixon Puertollano\AppData\Local\Roblox\Versions\version-d11d3bd1dfae46fa\RobloxPlayerBeta.exe) took 7722 ms
19 Apr 2015 04:21:03 [0548] - ScanFile (C:\Users\Nixon Puertollano\Desktop\DeSmuME_0.9.10_x86.exe) took 13151 ms
19 Apr 2015 04:23:03 [09c4] - ScanFile (C:\Windows\Installer\1bffb856.msp) took 6069 ms
19 Apr 2015 04:23:04 [0f0c] - ScanFile (C:\Windows\Installer\1bffb7b0.msp) took 7457 ms
19 Apr 2015 04:23:19 [0f1c] - ScanFile (C:\Windows\Installer\ad3ae89.msp) took 6490 ms
19 Apr 2015 04:23:19 [0c4c] - ScanFile (C:\Windows\Installer\f638de5.msp) took 5179 ms
19 Apr 2015 04:23:19 [0548] - ScanFile (C:\Windows\Installer\3ec64.msi) took 10577 ms
19 Apr 2015 04:30:04 [0f1c] - ScanFile (C:\Windows\winsxs\amd64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7600.17038_none_c85710852b81d6e2\shell32.dll) took 8284 ms
 
19 Apr 2015 04:38:57 [08d0] - ***** Checking for specific ITW Viruses *****
 
19 Apr 2015 04:38:57 [08d0] - ***** Scanning complete. *****
 
19 Apr 2015 04:38:57 [08d0] - Total Objects Scanned: 418639
19 Apr 2015 04:38:57 [08d0] - Total Critical Objects: 6
19 Apr 2015 04:38:57 [08d0] - Total Disinfected Objects: 0
19 Apr 2015 04:38:57 [08d0] - Total Objects Renamed: 0
19 Apr 2015 04:38:57 [08d0] - Total Deleted Objects: 6
19 Apr 2015 04:38:57 [08d0] - Total Errors: 7
19 Apr 2015 04:38:57 [08d0] - Time Elapsed: 00:54:43
19 Apr 2015 04:38:57 [08d0] - Virus Database Date: 19 Apr 2015
19 Apr 2015 04:38:57 [08d0] - Virus Database Count: 5651644
19 Apr 2015 04:38:57 [08d0] - Sign Version: 7.60184 [518936]
 
19 Apr 2015 04:38:57 [08d0] - Scan Completed.


#4 ncdaking

ncdaking
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:47 AM

Posted 19 April 2015 - 04:18 AM

Zemana AntiMalware 2.10.2.18 (Installed)
-------------------------------------------------------
Scan Result           : Completed
Scan Date             : 2015/4/19
Operating System      : Windows 7 64-bit
Processor             : 4X Intel® Core™ i3 CPU  550 @ 3.20GHz
BIOS Mode             : Legacy
CUID                  : 001108EA16C4D641B67442
Scan Type             : Deep Scan
Duration              : 23m 32s
Scanned Objects       : 97352
Detected Objects      : 4
Excluded Objects      : 0
Read Level            : SCSI
Auto Upload           : Yes
Show All Extensions   : No
Scan Documents        : Yes
Engines               : Zemana, Avira, Eset, Bitdefender, AVG, Kaspersky
 
 
Detected Objects
-------------------------------------------------------
Hosts File
   Status             : Scanned
   Object             : %systemroot%\system32\drivers\etc\hosts
   MD5                : 75726EDBBB4177E09FBF4F871116B7B6
   Publisher          : -
   Size               : 450771
   Version            : -
   Detections         : Hosts Hijack
   Cleaning Action    : Repair
   Traces             :
                Hosts File - 127.0.0.1 - blogspot.com
 
yet_another_cleaner_sk_7279475.exe
   Status             : Scanned
   Object             : %userprofile%\downloads\yet_another_cleaner_sk_7279475.exe
   MD5                : 23F63797090FB97879454CA17F34202E
   Publisher          : Elex do Brasil Participações Ltda
   Size               : 822120
   Version            : 1.0.167.24346
   Detections         : Eset: a variant of Win32/ELEX.CC application
   Cleaning Action    : Quarantine
   Traces             :
                File - %userprofile%\downloads\yet_another_cleaner_sk_7279475.exe
 
Windows Cleaner.exe
   Status             : Scanned
   Object             : %userprofile%\downloads\download\windows cleaner.exe
   MD5                : 3BBB1ACFBEC583D0ADC63F2963692FAE
   Publisher          : Cheng Du VTools Information Technology
   Size               : 6648032
   Version            : 1.0.0.0
   Detections         : AVG: Toolbar.MU, Kaspersky: not-a-virus:Downloader.Win32.Agent.bwfh
   Cleaning Action    : Quarantine
   Traces             :
                File - %userprofile%\downloads\download\windows cleaner.exe
 
All_In_One_v2.9.exe
   Status             : Failed
   Object             : %userprofile%\downloads\all_in_one_v2.9.exe
   MD5                : DB097D916B340A466241E1AA8A796CBA
   Publisher          : -
   Size               : 192512
   Version            : 2.0.0.32
   Detections         : 
   Cleaning Action    : Quarantine
   Traces             :
                File - %userprofile%\downloads\all_in_one_v2.9.exe
 
3F.tmp
   Status             : Scanned
   Object             : %userprofile%\downloads\3f.tmp
   MD5                : 003BB7FAD54596F8DA0EDA8657D7C9A5
   Publisher          : -
   Size               : 110982
   Version            : -
   Detections         : AVG: Suspicious
   Cleaning Action    : Quarantine
   Traces             :
                File - %userprofile%\downloads\3f.tmp
 
DreamerRO-Fullv9.2.exe
   Status             : Failed
   Object             : %userprofile%\desktop\league of legends\dreamerro\dreamerro-fullv9.2.exe
   MD5                : 89C5431D3C12074B3E9C276C44A50FD1
   Publisher          : -
   Size               : 201728
   Version            : -
   Detections         : 
   Cleaning Action    : Quarantine
   Traces             :
                File - %userprofile%\desktop\league of legends\dreamerro\dreamerro-fullv9.2.exe


#5 ncdaking

ncdaking
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:47 AM

Posted 19 April 2015 - 04:21 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.8 (04.17.2015:1)
OS: Windows 7 Home Premium x64
Ran by Niel Puertollano on Sun 04/19/2015 at  5:19:32.74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 04/19/2015 at  5:21:20.87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#6 ncdaking

ncdaking
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:47 AM

Posted 19 April 2015 - 04:23 AM

# AdwCleaner v4.201 - Logfile created 19/04/2015 at 05:22:26
# Updated 08/04/2015 by Xplode
# Database : 2015-04-18.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Niel Puertollano - NIELPUERTOLLANO
# Running from : C:\Users\Niel Puertollano\Downloads\adwcleaner_4.201 (3).exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\Niel Puertollano\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\glmfgahfleepmdfffonfckpmkondpdkg
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17728
 
 
-\\ Google Chrome v41.0.2272.118
 
 
*************************
 
AdwCleaner[R0].txt - [22827 bytes] - [13/04/2015 22:17:11]
AdwCleaner[R1].txt - [3020 bytes] - [18/04/2015 23:49:38]
AdwCleaner[R2].txt - [1302 bytes] - [19/04/2015 00:47:06]
AdwCleaner[R3].txt - [973 bytes] - [19/04/2015 05:22:26]
AdwCleaner[S0].txt - [22302 bytes] - [13/04/2015 22:38:42]
AdwCleaner[S1].txt - [3108 bytes] - [18/04/2015 23:50:54]
AdwCleaner[S2].txt - [1378 bytes] - [19/04/2015 00:49:17]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1209 bytes] ##########


#7 ncdaking

ncdaking
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:47 AM

Posted 19 April 2015 - 04:34 AM

To see if the problem was resolved, i clicked on a box link (like those in a youtube video that redirects you to another youtube video) and it redirected me to pcfixing3.info, telling me that my computer was at risk, etc. This only happens when i click on a youtube redirect box, when a video tells you to subscribe to their channel, check out another video, etc..



#8 ncdaking

ncdaking
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:47 AM

Posted 19 April 2015 - 04:39 AM

(update) On a side note, there is a solution i have found where i can turn off annotations on youtube videos permanently. I will be doing this for now



#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:47 AM

Posted 19 April 2015 - 05:12 AM

Adware Removal Tool.
 
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

LOr0Gd7.png

Hit Ok.

sYFsqHx.png

Hit next make sure to leave all items checked, for removal.

8NcZjGc.png


The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete,  then OK again to finish up. Post log generated by tool.

 

Step 2: ZHP Cleaner.

 

Download and save ZHP Cleaner to your desktop.

http://www.nicolascoolman.fr/download/zhpcleaner-2/

Right Click and run as administrator.

Click on the Repair button.

At the end of the process you will be asked to reboot your machine.

After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 

Step 3: Security Check.

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document

 

 

 

Step 4: Minitoolbox.

 

Please download [b]MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

Eset Scan
 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

 
 
 esetonlinebtn.png
 

  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.


#10 ncdaking

ncdaking
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:47 AM

Posted 19 April 2015 - 05:32 AM

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 
 
Adware Removal Tool v3.9
Time: 2015_04_19_06_25_32
OS: Windows 7 - 64 Bit
Account Name: Niel Puertollano
U0L0S20
 
\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\
 
Deleted - File - C:\Users\Niel Puertollano\Appdata\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.ico
Deleted - File - C:\Users\Niel Puertollano\Appdata\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.xml
Deleted - Folder - C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\product\babylonia
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}:dllname
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4241030070-4210351703-2223377630-1001\Software\mixidj\mixidj\iestrg:prdct
Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4241030070-4210351703-2223377630-1001\Software\mixidj\mixidj\iestrg:prtnrid
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\Uninstall\Movies Toolbar:path
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{98889811-442D-49DD-99D7-DC866BE87DBC}
Deleted - RegistryKey - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4241030070-4210351703-2223377630-1001\Software:mixidj
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\microsoft\windows\Currentversion\Uninstall:Movies Toolbar
 
\\ Finished


#11 ncdaking

ncdaking
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:47 AM

Posted 19 April 2015 - 05:39 AM

~ ZHPCleaner v2015.4.18.174 by Nicolas Coolman (19/04/2015)
~ Run by Niel Puertollano (Administrator)  (19/04/2015 06:34:05)
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Niel Puertollano\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Niel Puertollano\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)
 
 
---\\  Services (0)
~ No malicious items found.
 
 
---\\  Browser internet (1)
REPLACED Proxy: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyHttp1.1 ( 1 )
 
 
---\\  Hosts file (0)
~ No malicious items found.
 
 
---\\  Scheduled automatic tasks. (0)
~ No malicious items found.
 
 
---\\  Explorer ( File, Folder) (1)
MOVED folder: C:\Program Files\Enigma Software Group\SpyHunter (PUP.EnigmaSoftware)
 
 
---\\  Registry ( Key, Value, Data) (0)
~ No malicious items found.
 
 
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
 
 
---\\ Statistics
~ Items scanned : 70871
~ Items found : 0
~ Items repaired : 2
 
 
End of clean at 06:38:59
===================
ZHPCleaner-[R]-19042015-06_38_59.txt


#12 ncdaking

ncdaking
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:47 AM

Posted 19 April 2015 - 05:44 AM

~ ZHPCleaner v2015.4.18.174 by Nicolas Coolman (19/04/2015)
~ Run by Niel Puertollano (Administrator)  (19/04/2015 06:39:54)
~ State version : Version OK
~ Type : Scan
~ Report : C:\Users\Niel Puertollano\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Niel Puertollano\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)
 
 
---\\  Services (0)
~ No malicious items found.
 
 
---\\  Browser internet (0)
~ No malicious items found.
 
 
---\\  Hosts file (0)
~ No malicious items found.
 
 
---\\  Scheduled automatic tasks. (0)
~ No malicious items found.
 
 
---\\  Explorer ( File, Folder) (3)
FOUND folder: C:\Program Files\Enigma Software Group (PUP.EnigmaSoftware)
FOUND file: C:\Users\Niel Puertollano\Downloads\Speedtest_TuneUpUtilities2013_en-US.exe [TuneUp Software - TuneUp Utilities 2013](Adware.ScriptHost)
FOUND file: C:\Users\Niel Puertollano\AppData\Roaming\appdataFr3.bin  (PUP.Optional)
 
 
---\\  Registry ( Key, Value, Data) (5)
FOUND key: [X64] HKLM\SOFTWARE\Classes\AppID\SECMAN.DLL [] (Trojan.Camec)
FOUND key: [X64] HKLM\SOFTWARE\Classes\Applications\iLividSetup-r477-n-bc.exe [] (Adware.Bandoo)
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\mamverifier [] (Toolbar.Mamverifier)
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\SECMAN.DLL [] (Trojan.Camec)
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E9BD4A8A-35ED-4726-9D89-3804CCC5D6E1} [C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1 (Not File)] (PUP.Datamngr)
 
 
---\\ Result of repair
~ Any repair made
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
 
 
---\\ Statistics
~ Items scanned : 70916
~ Items found : 8
~ Items repaired : 0
 
 
End of clean at 06:44:00
===================
ZHPCleaner-[R]-19042015-06_38_59.txt
ZHPCleaner-[S]-19042015-06_44_00.txt


#13 ncdaking

ncdaking
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:47 AM

Posted 19 April 2015 - 05:47 AM

 Results of screen317's Security Check version 1.00  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
PC Matic Super Shield   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Zemana AntiMalware    
 Java version 32-bit out of Date! 
  Adobe Flash Player 16.0.0.296 Flash Player out of Date!  
 Adobe Reader XI  
 Google Chrome (41.0.2272.101) 
 Google Chrome (41.0.2272.118) 
 Google Chrome (GoogleUpdate.dll..) 
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled! 
 Zemana AntiMalware ZAM.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 


#14 ncdaking

ncdaking
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:47 AM

Posted 19 April 2015 - 05:49 AM

MiniToolBox by Farbar  Version: 14-04-2015
Ran by Niel Puertollano (administrator) on 19-04-2015 at 06:48:26
Running from "C:\Users\Niel Puertollano\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: p6630f Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
Hosts file not detected in the default directory
========================= IP Configuration: ================================
 
802.11n Wireless LAN Card = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global defaultcurhoplimit=64 icmpredirects=enabled taskoffload=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : NielPuertollano
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 1C-65-9D-59-4D-0B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 6C-62-6D-84-AD-6E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::e59b:5516:4778:5f07%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.148(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, April 19, 2015 5:24:33 AM
   Lease Expires . . . . . . . . . . : Monday, April 20, 2015 5:24:33 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 309092973
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-70-E0-0B-6C-62-6D-84-AD-6E
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 802.11n Wireless LAN Card
   Physical Address. . . . . . . . . : 1C-65-9D-59-4D-0A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::28b7:c787:12b4:cb4b%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.136(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, April 19, 2015 5:24:37 AM
   Lease Expires . . . . . . . . . . : Monday, April 20, 2015 5:24:38 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 203187613
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-70-E0-0B-6C-62-6D-84-AD-6E
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  Niel-Nixon-C-Pu
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4006:80f::200e
 216.58.219.238
 
 
Pinging google.com [216.58.219.238] with 32 bytes of data:
Reply from 216.58.219.238: bytes=32 time=12ms TTL=55
Reply from 216.58.219.238: bytes=32 time=13ms TTL=55
 
Ping statistics for 216.58.219.238:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 12ms, Maximum = 13ms, Average = 12ms
Server:  Niel-Nixon-C-Pu
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.139.183.24
 98.138.253.109
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=57ms TTL=51
Reply from 98.138.253.109: bytes=32 time=58ms TTL=51
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 57ms, Maximum = 58ms, Average = 57ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 18...1c 65 9d 59 4d 0b ......Microsoft Virtual WiFi Miniport Adapter
 11...6c 62 6d 84 ad 6e ......Realtek PCIe GBE Family Controller
 10...1c 65 9d 59 4d 0a ......802.11n Wireless LAN Card
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.148     10
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.136     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.148    266
      192.168.1.0    255.255.255.0         On-link     192.168.1.136    281
    192.168.1.136  255.255.255.255         On-link     192.168.1.136    281
    192.168.1.148  255.255.255.255         On-link     192.168.1.148    266
    192.168.1.255  255.255.255.255         On-link     192.168.1.148    266
    192.168.1.255  255.255.255.255         On-link     192.168.1.136    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.148    266
        224.0.0.0        240.0.0.0         On-link     192.168.1.136    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.148    266
  255.255.255.255  255.255.255.255         On-link     192.168.1.136    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    266 fe80::/64                On-link
 10    281 fe80::/64                On-link
 10    281 fe80::28b7:c787:12b4:cb4b/128
                                    On-link
 11    266 fe80::e59b:5516:4778:5f07/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    266 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/19/2015 05:18:41 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddWin32ServiceFiles: Unable to back up image of service PnkBstrA since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
.
 
Error: (04/19/2015 01:15:59 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (04/19/2015 00:45:41 AM) (Source: Application Error) (User: )
Description: Faulting application name: iSafeSvc.exe, version: 4.0.0.1, time stamp: 0x53477040
Faulting module name: ntdll.dll, version: 6.1.7601.18798, time stamp: 0x5507b3e0
Exception code: 0xc0000005
Fault offset: 0x00039181
Faulting process id: 0x300
Faulting application start time: 0xiSafeSvc.exe0
Faulting application path: iSafeSvc.exe1
Faulting module path: iSafeSvc.exe2
Report Id: iSafeSvc.exe3
 
Error: (04/19/2015 00:11:42 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (04/19/2015 00:11:42 AM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4400}. The service will attempt to automatically correct this problem by rebuilding the index.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (04/19/2015 00:11:42 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (04/19/2015 00:11:42 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (04/19/2015 00:11:42 AM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (04/19/2015 00:11:42 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (04/19/2015 00:11:42 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
 
System errors:
=============
Error: (04/19/2015 06:31:57 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (04/19/2015 06:31:26 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (04/19/2015 05:23:39 AM) (Source: Service Control Manager) (User: )
Description: The HP Support Assistant Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (04/19/2015 05:23:39 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (04/19/2015 05:23:39 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Updating Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (04/19/2015 05:23:39 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (04/19/2015 05:23:39 AM) (Source: Service Control Manager) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (04/19/2015 05:23:39 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (04/19/2015 05:23:39 AM) (Source: Service Control Manager) (User: )
Description: The Client Virtualization Handler service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (04/19/2015 05:23:39 AM) (Source: Service Control Manager) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (04/19/2015 05:18:41 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddWin32ServiceFiles: Unable to back up image of service PnkBstrA since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
 
Error: (04/19/2015 01:15:59 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (04/19/2015 00:45:41 AM) (Source: Application Error)(User: )
Description: iSafeSvc.exe4.0.0.153477040ntdll.dll6.1.7601.187985507b3e0c00000050003918130001d07a54bf96c0a5C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exeC:\Windows\SysWOW64\ntdll.dllee084714-e64e-11e4-af5d-6c626d84ad6e
 
Error: (04/19/2015 00:11:42 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
 
Error: (04/19/2015 00:11:42 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
4400
 
Error: (04/19/2015 00:11:42 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (04/19/2015 00:11:42 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (04/19/2015 00:11:42 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (04/19/2015 00:11:42 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
 
Error: (04/19/2015 00:11:42 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
Search.JetPropStore
 
 
 
=========================== Installed Programs ============================
7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 17.0.0.124 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\{AF82C1A9-56DC-4CCD-A36C-CAE56D541DFA}) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\{8C901387-B304-404D-93C0-E2E0C2D53D90}) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{3CE0C7DC-ED5B-450E-9C5F-49702C263544}) (Version: 12.1.7.157 - Adobe Systems, Inc)
Apple Application Support (32-bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.12284.0 - Cisco Consumer Products LLC)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2823 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 7.0.2823 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Geometry Wars 3: Dimensions (HKLM-x32\...\Steam App 310790) (Version:  - Lucid Games)
Google Chrome (HKLM-x32\...\{F63650CA-7DDA-348C-8787-B0E5494463A8}) (Version: 66.41.32879 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.7 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Game Console (x32 Version:  - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.1.4229 - Hewlett-Packard) Hidden
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4301 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.1.4301 - Hewlett-Packard) Hidden
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.1.4211 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.1.4214 - Hewlett-Packard) Hidden
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BDDA1E1E-204E-4368-B0C2-737F16B76307}) (Version: 1.0.3.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet Pro 8500 A910 Basic Device Software (HKLM\...\{13BE337F-9557-416D-A696-F91A6807B170}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8500 A910 Help (HKLM-x32\...\{13D324E9-9DB1-478D-944C-28BBE1BB80DC}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8500 A910 Help (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8500 A910 Product Improvement Study (HKLM\...\{24E45339-C750-4EAE-8241-BA25A7DABBDD}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard)
Hulu Desktop (HKCU\...\HuluDesktop) (Version: 0.9.13 - Hulu LLC)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4 - HP)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2119 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.31.13 - Oracle Corporation) Hidden
Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version:  - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2823 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2823 - CyberLink Corp.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Logitech SetPoint 6.1 (HKLM\...\SP6) (Version: 6.10.65 - Logitech)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Marketsplash Print Software (HKLM-x32\...\{F3AB5277-869F-4CD6-8397-6E7A0B448A28}) (Version: 1.0.0.31 - Hewlett-Packard)
Marketsplash Shortcuts (HKLM-x32\...\{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}) (Version: 1.0.0.9 - Hewlett-Packard)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.6.5001 - ooVoo LLC.)
osu! (HKLM-x32\...\{36080db1-1700-40b9-8794-1b9d9311080b}) (Version: latest - ppy Pty Ltd)
PC Matic 1.1.0.50 (HKLM-x32\...\PC Matic_is1) (Version: 1.1.0.50 - PC Pitstop LLC)
PC Matic Super Shield 1.0.0.54 (HKLM-x32\...\PC Pitstop SuperShield_is1) (Version: 1.0.0.54 - PC Pitstop LLC)
PC Pitstop Download Nitro 1.5.0.0 (HKLM-x32\...\PC Pitstop Download Nitro_is1) (Version: 1.5.0.0 - PC Pitstop, LLC)
PC Pitstop Info Center 1.0.0.16 (HKLM-x32\...\PCPitstopInfoCenter_is1) (Version: 1.0.0.16 - PC Pitstop LLC.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.28 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4022 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4022 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2906 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2906 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975D}) (Version: 5.10.621.0 -  NewspaperDirect Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version:  - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2926 - CyberLink Corp.) Hidden
ROBLOX Player for Niel Puertollano (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
Roxio CinemaNow 2.0 (x32 Version: 1.0.284 - Hewlett-Packard) Hidden
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_16 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_16 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SavetheChildren Reminder by We-Care.com v4.1.23.4 (HKLM-x32\...\{F6EB7E7B-F6E1-45F8-A0CD-7C65AE552223}) (Version: 4.1.23.4 - We-Care.com)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC)
The Weather Channel App (HKLM-x32\...\{167158CE-1637-4167-8A1C-C2549EEA966A}) (Version: 1.00.0000 - The Weather Channel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update for Microsoft .NET Framework 4.5 (KB2750147) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2750147) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805221) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2805221) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805226) (HKLM-x32\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2805226) (Version: 1 - Microsoft Corporation)
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Driver Package - Ralink Technology, Corp. (netr28x) Net  (11/14/2011 3.02.07.0000) (HKLM\...\5C3D8D507E2CC48CF2BA058331D0647D4B4FA2E5) (Version: 11/14/2011 3.02.07.0000 - Ralink Technology, Corp.)
Windows Driver Package - Realtek (RTL8167) Net  (06/12/2012 7.061.0612.2012) (HKLM\...\D7AE157A02BBDD2AFDC7ACDBE7652D398B0B265E) (Version: 06/12/2012 7.061.0612.2012 - Realtek)
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (03/29/2013 6.0.1.6873) (HKLM\...\79BCF5E03F45ECD40E2A3AFEA5B1A5B48D86D732) (Version: 03/29/2013 6.0.1.6873 - Realtek Semiconductor Corp.)
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (06/19/2012 6.0.1.6662) (HKLM\...\7B8CB01A84E3456C95B732366C105F2FCDA598A5) (Version: 06/19/2012 6.0.1.6662 - Realtek Semiconductor Corp.)
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (07/16/2013 6.0.1.6971) (HKLM\...\A440136A3C30DCD4B04E51EDC29211DAD3E192E3) (Version: 07/16/2013 6.0.1.6971 - Realtek Semiconductor Corp.)
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (09/13/2013 6.0.1.7040) (HKLM\...\8A5A391EFA0BBCA5DDA029D44CB4EBE310E64A9E) (Version: 09/13/2013 6.0.1.7040 - Realtek Semiconductor Corp.)
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (11/05/2013 6.0.1.7083) (HKLM\...\1794AB0BDCE118058504A3AE1B86BFA256F8F722) (Version: 11/05/2013 6.0.1.7083 - Realtek Semiconductor Corp.)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.10.2.18 - Zemana Ltd.)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.2811 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.2811 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
========================= Devices: ================================
 
Name: 
Description: 
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer: 
Service: 
Device ID: ROOT\PRINTER\0000
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Microsoft 6to4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*6TO4MP\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*ISATAP\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*ISATAP\0001
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 36%
Total physical RAM: 5879.08 MB
Available physical RAM: 3707.21 MB
Total Pagefile: 11756.35 MB
Available Pagefile: 9594.21 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.52 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:919.46 GB) (Free:694.74 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.96 GB) (Free:1.43 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\NIELPUERTOLLANO
 
Administrator            Guest                    Niel Puertollano         
Nixon Puertollano        
 
 
**** End of log ****


#15 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:47 AM

Posted 19 April 2015 - 03:54 PM

Eset Scan? How is the issue?

 

 

Update your PC.

https://patchmypc.net/freeupdater/PatchMyPC.exe






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users