Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

mystartsearch browser hijack


  • Please log in to reply
26 replies to this topic

#1 ozseagull

ozseagull

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 AM

Posted 07 May 2015 - 11:44 PM

Got caught with this and can't remove it.

 

Tried Control Panel, didn't work.

 

Did the about:config . Reset browser tutorial. Didn't work.

 

Ran MBAM and it found malware, but hijack still happening after restart.

 

Can anyone assist?



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 08 May 2015 - 12:10 AM

Download and run wipe  and system ninja,

 

https://privacyroot.com/software/www/en/wipe.php

https://singularlabs.com/software/system-ninja/

 

Then.....

 

Go ahead and install ccleaner Now that you have the program installed go ahead and run the cleaner function.

https://www.piriform.com/ccleaner/download
kwLN4uv.png


Now that you have cleaned out some temp files, lets go ahead and disable all of the items starting up with your machine except your antivirus. To do this you will need to click on tools then start up select each item then disable.

GjWwvEu.png

Now that you have disabled those un-needed start ups lets go into the settings, we will have Ccleaner run when your machine boots, so that you will never have to worry about cleaning temp files again.

To do this:

  • Hit options.
  • Settings.
  • Place a tick to run Ccleaner when the computer starts.


Lxioao1.png

Now go to the advanced tab, and select close program after cleaning, now run the cleaner again this will close Ccleaner.

SnqZ2JW.png

 

Reboot your machine and then follow the  instructions below.

 

Step 1: eScanAV.

 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

Download the eScanAV Anti-Virus Toolkit (MWAV)
http://www.escanav.com/english/content/products/downloadlink/downloadcounter.asp?pcode=MWAV&src=english_dwn&type=alter

 

Source

http://www.escanav.com/english/content/products/downloadlink/downloadproduct.asp?pcode=MWAV
Save the file to your desktop.
Right click run as administrator.
A new icon will appear on your desktop.
Right click run as administrator on new icon.
Click on the update tab.
ZCDJtZN.png
Once you have updated the program, make sure the settings are the same as the picture below.
7DUFn5c.png
Once you have made sure the settings match the picture, hit the Scan & Clean button.
Upon scan completion, click View Log.
ApSVXsQ.png
Copy and paste entire log into your next reply.
Note: Reboot if needed to remove infections.

 

Step 2: Zemana

 

Run a full scan with Zemana antimalware.

http://www.zemana.us/product/zemana-antimalware/default.aspx

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply.

 

 

Step 3: Junkware Removal Tool.
 
Please download Junkware Removal Tool and save it on your desktop.

Source

http://thisisudax.org/

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Step 4: Adware Cleaner.
 
Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


#3 ozseagull

ozseagull
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 AM

Posted 09 May 2015 - 07:39 PM

Got error message post is too long with all logs in it so am sending them by separate posts.

 

During running first scan MWAV got a DOS window popped up with a message to switch off restore. So I did that and let it run.

 

Here's the message:

 

VIRUSES  FOUND  IN  _RESTORE  FOLDER:

*******************************************************************
How to clean files in C:\System Volume Information\_restore folder
on Windows XP?
*******************************************************************

1. Right-click on the My Computer icon on your desktop and choose
   the "Properties" option.

2. In the System Properties window, click on the System Restore
   tab and then put a check in the box next to the
   "Turn off System Restore" option and hit the "OK" button.

3. Click "Yes" in the resulting confirmation box. You may
   experience a slight delay as your change is applied;
   the Properties window will close automatically when
   the operation is complete.

4. Run another full scan with MWAV program to verify that
   your system is clean.

5. Turn On System Restore option (by following step 2).

*******************************************************************
How to clean files in C:\_restore folder on Windows ME?
*******************************************************************

1. Click Start, point to Settings, and then click Control Panel.

2. Double-click System, and then click the Performance tab.

3. Click File System, and then click the Troubleshooting tab.

4. Click to select the Disable System Restore check box, click
   Apply, click to clear the Disable  System Restore check box,
   click Apply, and then click OK.

5. Restart the computer when you are prompted to do so. When the
   computer restarts, the data  store is purged and the System
   Restore feature begins monitoring the system again.

MicroWorld Technologies Inc.
http://www.mwti.net
 

 

And here's the MWAV log:

 

 

08 May 2015 16:08:06 [11dc] - **********************************************************
08 May 2015 16:08:06 [11dc] - MWAV - eScanAV AntiVirus Toolkit.
08 May 2015 16:08:06 [11dc] - Copyright © MicroWorld Technologies
08 May 2015 16:08:06 [11dc] - **********************************************************
08 May 2015 16:08:06 [11dc] - Source: C:\DOCUME~1\Mark\MYDOCU~1\DOWNLO~1\mwav.exe
08 May 2015 16:08:06 [11dc] - Version 14.0.178 (C:\DOCUMENTS AND SETTINGS\MARK\LOCAL SETTINGS\TEMP\MEXE.COM)
08 May 2015 16:08:06 [11dc] - Log File: C:\Documents and Settings\Mark\Local Settings\Temp\MWAV.LOG
08 May 2015 16:08:06 [11dc] - MWAV Registered: TRUE
08 May 2015 16:08:06 [11dc] - User Account: Mark (Administrator Mode)
08 May 2015 16:08:06 [11dc] - OS Type: Windows Workstation
08 May 2015 16:08:06 [11dc] - OS: Windows XP [OS Install Date: 17 Oct 2012 16:56:07]
08 May 2015 16:08:06 [11dc] - Ver: Professional Service Pack 3 (Build 2600)
08 May 2015 16:08:06 [11dc] - System Up Time: 23 Minutes, 39 Seconds


08 May 2015 16:08:06 [11dc] - Parent Process Name : C:\Documents and Settings\Mark\My Documents\Downloads\mwav.exe
08 May 2015 16:08:06 [11dc] - Windows Root  Folder: C:\WINDOWS
08 May 2015 16:08:06 [11dc] - Windows Sys32 Folder: C:\WINDOWS\system32
08 May 2015 16:08:07 [11dc] - DHCP NameServer: 10.1.1.1
08 May 2015 16:08:07 [11dc] - Interface0 DHCPNameServer: 10.1.1.1
08 May 2015 16:08:07 [11dc] - Interface1 DHCPNameServer: 10.1.1.1
08 May 2015 16:08:07 [11dc] - Local Fixed Drives: c:\
08 May 2015 16:08:07 [11dc] - MWAV Mode(A): Scan and Clean files (for viruses, adware and spyware)
08 May 2015 16:08:07 [11dc] - [CREATED ZIP FILE: C:\Documents and Settings\Mark\Local Settings\Temp\pinfect.zip]
08 May 2015 16:08:07 [11dc] - Latest Date of files inside MWAV: Mon Mar  2 17:13:53 2015.
08 May 2015 16:08:09 [11dc] - ** Deleted Value of "RPSessionInterval" in "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore". Its value was DWORD:0.
08 May 2015 16:08:09 [11dc] - ** Changed Value of "Path"
08 May 2015 16:08:10 [11dc] - Loading/Creating FileScan Cache Database C:\Documents and Settings\All Users\Application Data\MicroWorld\MWAV\ESCANDBY.MDB [Log: C:\Documents and Settings\Mark\Local Settings\Temp\ESCANDB.LOG]
08 May 2015 16:08:11 [11dc] - Loaded/Created FileScan Cache Database...
08 May 2015 16:08:11 [11dc] - Loading AV Library [DB]...
08 May 2015 16:08:37 [11dc] - ArchiveScan: DISABLED
08 May 2015 16:08:38 [11dc] - AV Library Loaded - MultiThreaded - 2 : [DB-DIRECT].
08 May 2015 16:08:38 [11dc] - MWAV doing self scanning...
08 May 2015 16:08:38 [11dc] - MWAV files are clean.
08 May 2015 16:08:43 [11dc] - ArchiveScan: DISABLED
08 May 2015 16:08:43 [11dc] - Virus Database Date: 03 Mar 2015
08 May 2015 16:08:43 [11dc] - Virus Database Count: 6701505
08 May 2015 16:08:43 [11dc] - Sign Version: 7.59505 [518257]
 
08 May 2015 16:10:01 [11dc] - **********************************************************
08 May 2015 16:10:01 [11dc] - MWAV - eScanAV AntiVirus Toolkit.
08 May 2015 16:10:01 [11dc] - Copyright © MicroWorld Technologies
08 May 2015 16:10:01 [11dc] -
08 May 2015 16:10:01 [11dc] - Support: support@escanav.com
08 May 2015 16:10:01 [11dc] - Web: http://www.escanav.com
08 May 2015 16:10:01 [11dc] - **********************************************************
08 May 2015 16:10:01 [11dc] - Version 14.0.178[DB] (C:\DOCUMENTS AND SETTINGS\MARK\LOCAL SETTINGS\TEMP\MEXE.COM)
08 May 2015 16:10:01 [11dc] - Log File: C:\Documents and Settings\Mark\Local Settings\Temp\MWAV.LOG
08 May 2015 16:10:01 [11dc] - User Account: Mark (Administrator Mode)
08 May 2015 16:10:01 [11dc] - Parent Process Name : C:\Documents and Settings\Mark\My Documents\Downloads\mwav.exe
08 May 2015 16:10:01 [11dc] - Windows Root  Folder: C:\WINDOWS
08 May 2015 16:10:01 [11dc] - Windows Sys32 Folder: C:\WINDOWS\system32
08 May 2015 16:10:01 [11dc] - OS: Windows XP [OS Install Date: 17 Oct 2012 16:56:07]
08 May 2015 16:10:01 [11dc] - Ver: Professional Service Pack 3 (Build 2600)
08 May 2015 16:10:01 [11dc] - Latest Date of files inside MWAV: Mon Mar  2 17:13:53 2015.
 
08 May 2015 16:10:01 [17dc] - Options Selected by User:
08 May 2015 16:10:01 [17dc] - Memory Check: Enabled
08 May 2015 16:10:01 [17dc] - Registry Check: Enabled
08 May 2015 16:10:01 [17dc] - StartUp Folder Check: Enabled
08 May 2015 16:10:01 [17dc] - System Folder Check: Enabled
08 May 2015 16:10:01 [17dc] - Services Check: Enabled
08 May 2015 16:10:01 [17dc] - Scan Spyware: Enabled
08 May 2015 16:10:01 [17dc] - Scan Archives: Disabled
08 May 2015 16:10:01 [17dc] - Drive Check: Enabled
08 May 2015 16:10:01 [17dc] - All Drive Check :Disabled
08 May 2015 16:10:01 [17dc] - Drive Selected = C:\
08 May 2015 16:10:01 [17dc] - Folder Check: Disabled
08 May 2015 16:10:01 [17dc] - SCAN: All_Files [ANSI]
08 May 2015 16:10:01 [17dc] - MWAV Mode(B): Scan and Clean files (for viruses, adware and spyware)
 
08 May 2015 16:10:01 [17dc] - Scanning DNS Records...
08 May 2015 16:10:01 [17dc] - Scanning Master Boot Record (Kernel)...
08 May 2015 16:10:02 [17dc] - Scanning Logical Boot Records...
08 May 2015 16:10:02 [17dc] - ***** Scanning For Hidden Rootkit Processes *****
08 May 2015 16:10:02 [17dc] - ***** Scanning For Hidden Rootkit Services *****
 
08 May 2015 16:10:18 [17dc] - ***** Scanning Memory Files *****
 
08 May 2015 16:10:32 [17dc] - ***** Scanning Registry Files *****
08 May 2015 16:10:37 [17dc] - Giving rights(a) to [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Credentials].
 
08 May 2015 16:10:39 [17dc] - ***** Scanning StartUp Folders *****
 
08 May 2015 16:13:23 [17dc] - ***** Scanning Service Files *****
08 May 2015 16:13:32 [17dc] - Giving rights(a) to [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\DS].
08 May 2015 16:13:32 [17dc] - Giving rights(a) to [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\LSA].
08 May 2015 16:13:32 [17dc] - Giving rights(a) to [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\NetDDE Object].
08 May 2015 16:13:32 [17dc] - Giving rights(a) to [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\SC Manager].
08 May 2015 16:13:32 [17dc] - Giving rights(a) to [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security].
08 May 2015 16:13:32 [17dc] - Giving rights(a) to [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Security Account Manager].
08 May 2015 16:13:32 [17dc] - Giving rights(a) to [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\ServiceModel 3.0.0.0].
08 May 2015 16:13:33 [17dc] - Giving rights(a) to [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\ServiceModel 4.0.0.0].
08 May 2015 16:13:33 [17dc] - Giving rights(a) to [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Security\Spooler].
08 May 2015 16:13:41 [17dc] - Giving rights(a) to [HKLM\SYSTEM\CurrentControlSet\Services\MRxDAV\EncryptedDirectories].
 
08 May 2015 16:13:59 [17dc] - ***** Scanning Registry and File system for Adware/Spyware *****
08 May 2015 16:14:00 [17dc] - Loading Spyware Signatures from new External Database [Name: C:\DOCUME~1\Mark\LOCALS~1\Temp\spydb.avs, Size: 464717]...
08 May 2015 16:14:00 [17dc] - Indexed Spyware Databases Successfully Created...
 
08 May 2015 16:14:17 [17dc] - Offending Folder found: C:\Documents and Settings\Mark\My Documents\COMMUNITIES\Boat stuff\Comms, Maps & Charts\NZ Maps\PERMITS\HSA
08 May 2015 16:14:17 [17dc] - Deltree of Folder C:\Documents and Settings\Mark\My Documents\COMMUNITIES\Boat stuff\Comms, Maps & Charts\NZ Maps\PERMITS\HSA...
08 May 2015 16:14:17 [17dc] - Object "hsa Spyware/Adware" found in File System! Action Taken: Entries Removed.

08 May 2015 16:14:46 [17dc] - Offending Registry Entry found: HKCU\Software\Microsoft\OLE
08 May 2015 16:14:46 [17dc] - System found infected with Backdoor (IRCBot) Trojans Spyware/Adware (HKCU\Software\Microsoft\OLE)! Action taken: Entries Removed.
08 May 2015 16:14:46 [17dc] - Object "Backdoor (IRCBot) Trojans Spyware/Adware" found in File System! Action Taken: Entries Removed.

08 May 2015 16:14:47 [17dc] - Offending Registry Entry found: HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers
08 May 2015 16:14:47 [17dc] - System found infected with AntiSpyware Pro XP Corrupted Adware/Spyware (HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers)! Action taken: Entries Removed.
08 May 2015 16:14:47 [17dc] - Object "AntiSpyware Pro XP Corrupted Adware/Spyware" found in File System! Action Taken: Entries Removed.

 
08 May 2015 16:14:47 [17dc] - ***** Scanning Registry Files *****
08 May 2015 16:14:48 [17dc] - ** Possible invalid line [127.0.0.1  engine.awaps.net] in HOSTS file!
08 May 2015 16:14:48 [17dc] - ** Renamed C:\WINDOWS\system32\drivers\etc\hosts to C:\WINDOWS\system32\drivers\etc\hosts.77659111
08 May 2015 16:14:48 [17dc] - ** Value in HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = www.google.com
08 May 2015 16:14:48 [17dc] - ** Value in HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = www.google.com
 
08 May 2015 16:14:48 [17dc] - ***** Scanning System32 Folders *****
 
 
08 May 2015 16:15:38 [17dc] - ***** Scanning Drive C:\ *****
08 May 2015 16:25:05 [1210] - ScanFile (C:\Documents and Settings\Mark\My Documents\COMMUNITIES\Boat stuff\24 ft tri\HullForm\my_hf.exe) took 5875 ms
08 May 2015 16:25:50 [17dc] - INVALID ATTRIBUTES FOR FOLDER [C:\Documents and Settings\Mark\My Documents\COMMUNITIES\Boat stuff\Comms, Maps & Charts\AUs Street\CN Australia New Zealand Navteq NT 2014.10.part1\CN Australia New Zealand Navteq NT 2014.10\City Navigator Australia New Zealand Navteq NT 2014.10.gmap\CN_AustNZ_2014_10_mdr]: LastErr: 206. IGNORING.
08 May 2015 16:25:50 [17dc] - INVALID ATTRIBUTES FOR FOLDER [C:\Documents and Settings\Mark\My Documents\COMMUNITIES\Boat stuff\Comms, Maps & Charts\AUs Street\CN Australia New Zealand Navteq NT 2014.10.part2\CN Australia New Zealand Navteq NT 2014.10\City Navigator Australia New Zealand Navteq NT 2014.10.gmap\CN_AustNZ_2014_10_mdr]: LastErr: 206. IGNORING.
08 May 2015 16:27:11 [10a0] - C:\Documents and Settings\Mark\My Documents\COMMUNITIES\Boat stuff\E-books & articles\mm-report\mm-report\addendum-smalltri-multihulls-report.pdf not Scanned. Possibly password protected...
08 May 2015 16:27:12 [1210] - C:\Documents and Settings\Mark\My Documents\COMMUNITIES\Boat stuff\E-books & articles\mm-report-addendum\addendum-smalltri-multihulls-report.pdf not Scanned. Possibly password protected...
08 May 2015 16:29:09 [10a0] - ScanFile (C:\Documents and Settings\Mark\My Documents\COMMUNITIES\Boat stuff\Other designers\Miscellaneous designs and plans\UN FAO fishing dories.pdf) took 5859 ms
08 May 2015 16:31:43 [10a0] - ScanFile (C:\Documents and Settings\Mark\My Documents\Downloads\adwcleaner_4.105.exe) took 7094 ms
08 May 2015 16:32:11 [1210] - ScanFile (C:\Documents and Settings\Mark\My Documents\Downloads\ChromeSetup.exe) took 27718 ms
08 May 2015 16:32:11 [1210] - Scanning of C:\Documents and Settings\Mark\My Documents\Downloads\ChromeSetup.exe Timed out!!!
08 May 2015 16:32:13 [10a0] - Scanning File C:\Documents and Settings\Mark\My Documents\Downloads\moi3d Full.exe
08 May 2015 16:32:13 [1210] - Scanning File C:\Documents and Settings\Mark\My Documents\Downloads\Moi3d v3.0 beta   Moi3d v2.0.rar(1).exe
08 May 2015 16:32:14 [1210] - File C:\Documents and Settings\Mark\My Documents\Downloads\Moi3d v3.0 beta   Moi3d v2.0.rar(1).exe infected by "Gen:Variant.Symmi.7785 (DB)" Virus! Action Taken: File Renamed.

08 May 2015 16:32:14 [10a0] - File C:\Documents and Settings\Mark\My Documents\Downloads\moi3d Full.exe infected by "Gen:Variant.Symmi.7785 (DB)" Virus! Action Taken: File Renamed.

08 May 2015 16:32:16 [10a0] - Scanning File C:\Documents and Settings\Mark\My Documents\Downloads\Moi3d v3.0 beta   Moi3d v2.0.rar.exe
08 May 2015 16:32:16 [10a0] - File C:\Documents and Settings\Mark\My Documents\Downloads\Moi3d v3.0 beta   Moi3d v2.0.rar.exe infected by "Gen:Variant.Symmi.7785 (DB)" Virus! Action Taken: File Renamed.

08 May 2015 16:32:46 [1210] - ScanFile (C:\Documents and Settings\Mark\My Documents\Downloads\QuarkXPress.v9.2.Multilingual.Incl.Keymaker-AGAiN\Quark Update\setup.exe) took 17844 ms
08 May 2015 16:33:47 [10a0] - ScanFile (C:\Documents and Settings\Mark\My Documents\EV\lib\.svn\text-base\swing-layout-1.0.3.jar.svn-base) took 5313 ms
08 May 2015 16:33:48 [1210] - ScanFile (C:\Documents and Settings\Mark\My Documents\EV\EvCalc.jar) took 8266 ms
08 May 2015 16:35:57 [17dc] - INVALID ATTRIBUTES FOR FOLDER [C:\Documents and Settings\Mark\My Documents\My Music\iTunes\iTunes Music\Compilations\Falla_ Nights in the Gardens of Spain·de]: LastErr: 2. IGNORING.
08 May 2015 16:39:11 [1210] - Scanning File C:\FRST\Quarantine\C\Program Files\BuayNSiave\BuayNSiave.exe
08 May 2015 16:39:14 [1210] - File C:\FRST\Quarantine\C\Program Files\BuayNSiave\BuayNSiave.exe infected by "Trojan.Generic.12781468 (DB)" Virus! Action Taken: File Renamed.

08 May 2015 16:39:23 [10a0] - ScanFile (C:\Garmin\CondMgr.dll) took 11859 ms
08 May 2015 16:39:54 [1210] - ScanFile (C:\Program Files\7-Zip\Uninstall.exe) took 8766 ms
08 May 2015 17:07:18 [1210] - ScanFile (C:\Program Files\QuickTime\Plugins\QuickTimePlugin.class) took 13969 ms
08 May 2015 17:23:02 [10a0] - ScanFile (C:\System Volume Information\_restore{F0592140-3DFB-4C56-80DC-F06171F3E413}\RP574\A0158353.dll) took 5219 ms
08 May 2015 17:24:57 [10a0] - Scanning File C:\System Volume Information\_restore{F0592140-3DFB-4C56-80DC-F06171F3E413}\RP574\A0158941.exe
08 May 2015 17:24:57 [10a0] - ScanFile (C:\System Volume Information\_restore{F0592140-3DFB-4C56-80DC-F06171F3E413}\RP574\A0158941.exe) took 9656 ms
08 May 2015 17:24:59 [10a0] - File C:\System Volume Information\_restore{F0592140-3DFB-4C56-80DC-F06171F3E413}\RP574\A0158941.exe infected by "Trojan.Generic.12781468 (DB)" Virus! Action Taken: File Renamed.

08 May 2015 17:35:40 [10a0] - ScanFile (C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\a3dutils.dll) took 6015 ms
08 May 2015 17:35:40 [1210] - ScanFile (C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\Accessibility.api_NON_OPT) took 5594 ms
08 May 2015 17:35:51 [1210] - ScanFile (C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\AcroRd32.exe) took 7953 ms
08 May 2015 17:36:29 [1210] - ScanFile (C:\WINDOWS\Installer\1206db.msi) took 5063 ms
08 May 2015 17:44:32 [10a0] - ScanFile (C:\WINDOWS\system32\spool\drivers\w32x86\3\SUGG1lf.DLL) took 7438 ms
 
08 May 2015 17:46:50 [17dc] - ***** Checking for specific ITW Viruses *****
 
08 May 2015 17:46:53 [17dc] - ***** Scanning complete. *****
 
08 May 2015 17:46:53 [17dc] - Total Objects Scanned: 221787
08 May 2015 17:46:53 [17dc] - Total Critical Objects: 8
08 May 2015 17:46:53 [17dc] - Total Disinfected Objects: 0
08 May 2015 17:46:53 [17dc] - Total Objects Renamed: 5
08 May 2015 17:46:53 [17dc] - Total Deleted Objects: 3
08 May 2015 17:46:53 [17dc] - Total Errors: 0
08 May 2015 17:46:53 [17dc] - Time Elapsed: 01:36:50
08 May 2015 17:46:53 [17dc] - Virus Database Date: 03 Mar 2015
08 May 2015 17:46:53 [17dc] - Virus Database Count: 6701505
08 May 2015 17:46:53 [17dc] - Sign Version: 7.59505 [518257]
 
08 May 2015 17:46:53 [17dc] - Scan Completed.
 



#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 10 May 2015 - 07:05 PM

Continue with the other scans. :) I would turn system restore back on.



#5 ozseagull

ozseagull
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 AM

Posted 10 May 2015 - 10:09 PM

Done them. Seems to be fixed.

 

Sent via PM. Zemana log crashes Reply Post with error message "Post too long"

 

Tried cutting it in half, still crashes the Reply Post.

 

Ideas?



#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 11 May 2015 - 05:27 PM

Skip the Zemana log, Post the others. :)

 

 

Also....

 

Adware Removal Tool.
 
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

LOr0Gd7.png

Hit Ok.

sYFsqHx.png

Hit next make sure to leave all items checked, for removal.

8NcZjGc.png


The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete,  then OK again to finish up. Post log generated by tool.

 

Step 2: ZHP Cleaner.

 

Download and save ZHP Cleaner to your desktop.

http://www.nicolascoolman.fr/download/zhpcleaner-2/

Right Click and run as administrator.

Click on the Repair button.

At the end of the process you will be asked to reboot your machine.

After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 

Step 3: Security Check.

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document

 

 

 

Step 4: Minitoolbox.

 

Please download [b]MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

Eset Scan
 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

 
 
 esetonlinebtn.png
 

  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.


#7 ozseagull

ozseagull
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 AM

Posted 12 May 2015 - 01:29 AM

# AdwCleaner v4.203 - Logfile created 09/05/2015 at 14:06:07
# Updated 30/04/2015 by Xplode
# Database : 2015-04-30.2 [Local]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Mark - KC-MARK-PC
# Running from : C:\Documents and Settings\Mark\My Documents\Downloads\adwcleaner_4.203.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\5967151468256037450

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com]
Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2D81E70-2A98-4A08-A628-94388B063C5E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v37.0.2 (x86 en-US)


*************************

AdwCleaner[R0].txt - [3725 bytes] - [17/12/2014 10:09:05]
AdwCleaner[R1].txt - [1354 bytes] - [09/05/2015 13:54:42]
AdwCleaner[S0].txt - [4198 bytes] - [17/12/2014 10:11:08]
AdwCleaner[S1].txt - [1289 bytes] - [09/05/2015 14:06:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1348  bytes] ##########
 

 

 

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Adware Removal Tool v3.9
Time: 2015_05_12_12_20_06
OS: Windows XP - 32 Bit
Account Name: Mark
U0L0S2

\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966:1aafdd4d73ce9254dab54a33da6e6826
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\UserData\S-1-5-18\Components\D2A425F405350054677AA787E6479D47:d2a425f405350054677a7a857bc05100

\\ Finished
 

 

 

 

MiniToolBox by Farbar  Version: 11-05-2015 01
Ran by Mark (administrator) on 12-05-2015 at 14:11:28
Running from "C:\Documents and Settings\Mark\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Model: MS-7519 Manufacturer: MSI
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection 3 (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 3"

set address name="Local Area Connection 3" source=dhcp
set dns name="Local Area Connection 3" source=dhcp register=PRIMARY
set wins name="Local Area Connection 3" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : kc-mark-pc

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Broadcast

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection 3:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller

        Physical Address. . . . . . . . . : 00-21-85-15-2C-85

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 10.1.1.2

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 10.1.1.1

        DHCP Server . . . . . . . . . . . : 10.1.1.1

        DNS Servers . . . . . . . . . . . : 10.1.1.1

        Lease Obtained. . . . . . . . . . : Tuesday, 12 May 2015 2:04:17 PM

        Lease Expires . . . . . . . . . . : Thursday, 14 May 2015 2:04:17 PM

Server:  UnKnown
Address:  10.1.1.1

Name:    google.com
Addresses:  150.101.161.167, 150.101.161.174, 150.101.161.173, 150.101.161.187
      150.101.161.181, 150.101.161.153, 150.101.161.146, 150.101.161.152, 150.101.161.180
      150.101.161.166, 150.101.161.160, 150.101.161.159



Pinging google.com [150.101.161.152] with 32 bytes of data:



Reply from 150.101.161.152: bytes=32 time=26ms TTL=60

Reply from 150.101.161.152: bytes=32 time=26ms TTL=60



Ping statistics for 150.101.161.152:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 26ms, Maximum = 26ms, Average = 26ms

Server:  UnKnown
Address:  10.1.1.1

Name:    yahoo.com
Addresses:  98.138.253.109, 98.139.183.24, 206.190.36.45



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=231ms TTL=52

Reply from 206.190.36.45: bytes=32 time=200ms TTL=52



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 200ms, Maximum = 231ms, Average = 215ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 21 85 15 2c 85 ...... Realtek PCIe GBE Family Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.1.1.1        10.1.1.2      20
         10.1.1.0    255.255.255.0         10.1.1.2        10.1.1.2      20
         10.1.1.2  255.255.255.255        127.0.0.1       127.0.0.1      20
   10.255.255.255  255.255.255.255         10.1.1.2        10.1.1.2      20
     71.194.247.6  255.255.255.255         10.1.1.1        10.1.1.2      20
     92.22.41.236  255.255.255.255         10.1.1.1        10.1.1.2      20
  124.170.101.108  255.255.255.255         10.1.1.1        10.1.1.2      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      169.254.0.0      255.255.0.0         10.1.1.2        10.1.1.2      20
   203.122.45.171  255.255.255.255         10.1.1.1        10.1.1.2      20
        224.0.0.0        240.0.0.0         10.1.1.2        10.1.1.2      20
  255.255.255.255  255.255.255.255         10.1.1.2        10.1.1.2      1
Default Gateway:          10.1.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/08/2015 05:59:47 PM) (Source: Application Hang) (User: )
Description: Hanging application rundll32.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/04/2015 02:21:51 PM) (Source: Application Error) (User: )
Description: Faulting application acrobat.exe, version 8.0.0.456, faulting module acrobat.dll, version 8.0.0.456, fault address 0x0001bb7f.
Processing media-specific event for [acrobat.exe!ws!]

Error: (05/04/2015 02:20:50 PM) (Source: Application Error) (User: )
Description: Faulting application acrobat.exe, version 8.0.0.456, faulting module acrobat.dll, version 8.0.0.456, fault address 0x0001bb7f.
Processing media-specific event for [acrobat.exe!ws!]

Error: (05/04/2015 02:05:21 PM) (Source: Application Error) (User: )
Description: Faulting application acrobat.exe, version 8.0.0.456, faulting module acrobat.dll, version 8.0.0.456, fault address 0x0001bb7f.
Processing media-specific event for [acrobat.exe!ws!]

Error: (04/16/2015 05:04:41 PM) (Source: Application Error) (User: )
Description: Faulting application acrobat.exe, version 8.0.0.456, faulting module acrobat.dll, version 8.0.0.456, fault address 0x0001bb7f.
Processing media-specific event for [acrobat.exe!ws!]

Error: (04/16/2015 02:53:08 PM) (Source: Application Error) (User: )
Description: Faulting application acrobat.exe, version 8.0.0.456, faulting module acrobat.dll, version 8.0.0.456, fault address 0x0001bb7f.
Processing media-specific event for [acrobat.exe!ws!]

Error: (04/16/2015 01:22:43 PM) (Source: Application Error) (User: )
Description: Faulting application acrobat.exe, version 8.0.0.456, faulting module acrobat.dll, version 8.0.0.456, fault address 0x0001bb7f.
Processing media-specific event for [acrobat.exe!ws!]

Error: (04/14/2015 03:36:27 PM) (Source: Application Error) (User: )
Description: Faulting application acrobat.exe, version 8.0.0.456, faulting module unknown, version 0.0.0.0, fault address 0x087b970a.
Processing media-specific event for [acrobat.exe!ws!]

Error: (04/14/2015 02:47:43 PM) (Source: Application Error) (User: )
Description: Faulting application acrobat.exe, version 8.0.0.456, faulting module acrobat.dll, version 8.0.0.456, fault address 0x0001bb7f.
Processing media-specific event for [acrobat.exe!ws!]

Error: (04/14/2015 01:47:10 PM) (Source: Application Error) (User: )
Description: Faulting application acrobat.exe, version 8.0.0.456, faulting module acrobat.dll, version 8.0.0.456, fault address 0x0001bb7f.
Processing media-specific event for [acrobat.exe!ws!]


System errors:
=============
Error: (05/09/2015 02:06:07 PM) (Source: Service Control Manager) (User: )
Description: The FLEXnet Licensing Service service terminated unexpectedly.  It has done this 2 time(s).

Error: (05/09/2015 02:06:06 PM) (Source: Service Control Manager) (User: )
Description: The Office Software Protection Platform service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/09/2015 02:06:06 PM) (Source: Service Control Manager) (User: )
Description: The Application Layer Gateway Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/09/2015 02:06:06 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (05/09/2015 00:52:27 PM) (Source: Service Control Manager) (User: )
Description: The FLEXnet Licensing Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/09/2015 00:52:27 PM) (Source: Service Control Manager) (User: )
Description: The iPod Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/09/2015 00:52:26 PM) (Source: Service Control Manager) (User: )
Description: The Canon Camera Access Library 8 service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/09/2015 00:52:26 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Network Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/09/2015 00:52:26 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Driver Helper Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/09/2015 00:52:26 PM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service terminated unexpectedly.  It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (05/08/2015 05:59:47 PM) (Source: Application Hang)(User: )
Description: rundll32.exe5.1.2600.5512hungapp0.0.0.000000000

Error: (05/04/2015 02:21:51 PM) (Source: Application Error)(User: )
Description: acrobat.exe8.0.0.456acrobat.dll8.0.0.4560001bb7f

Error: (05/04/2015 02:20:50 PM) (Source: Application Error)(User: )
Description: acrobat.exe8.0.0.456acrobat.dll8.0.0.4560001bb7f

Error: (05/04/2015 02:05:21 PM) (Source: Application Error)(User: )
Description: acrobat.exe8.0.0.456acrobat.dll8.0.0.4560001bb7f

Error: (04/16/2015 05:04:41 PM) (Source: Application Error)(User: )
Description: acrobat.exe8.0.0.456acrobat.dll8.0.0.4560001bb7f

Error: (04/16/2015 02:53:08 PM) (Source: Application Error)(User: )
Description: acrobat.exe8.0.0.456acrobat.dll8.0.0.4560001bb7f

Error: (04/16/2015 01:22:43 PM) (Source: Application Error)(User: )
Description: acrobat.exe8.0.0.456acrobat.dll8.0.0.4560001bb7f

Error: (04/14/2015 03:36:27 PM) (Source: Application Error)(User: )
Description: acrobat.exe8.0.0.456unknown0.0.0.0087b970a

Error: (04/14/2015 02:47:43 PM) (Source: Application Error)(User: )
Description: acrobat.exe8.0.0.456acrobat.dll8.0.0.4560001bb7f

Error: (04/14/2015 01:47:10 PM) (Source: Application Error)(User: )
Description: acrobat.exe8.0.0.456acrobat.dll8.0.0.4560001bb7f


=========================== Installed Programs ============================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
7-Zip 9.30 alpha (HKLM\...\7-Zip) (Version:  - )
Add or Remove Adobe Creative Suite 3 Design Premium (HKLM\...\Adobe_c14ac4070fd9614ffe63f4bb533db2c) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Acrobat 8 Professional (HKLM\...\{AC76BA86-1033-0000-7760-000000000003}) (Version: 8.0.0 - Adobe Systems) Hidden
Adobe Anchor Service CS3 (HKLM\...\{90176341-0A8B-4CCC-A78D-F862228A6B95}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (HKLM\...\{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}) (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (HKLM\...\{9C9824D9-9000-4373-A6A5-D0E5D4831394}) (Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (HKLM\...\{08B32819-6EEF-4057-AEDA-5AB681A36A23}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe BridgeTalk Plugin CS3 (HKLM\...\{B7F560B3-6EFF-4026-A982-843895A41149}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (HKLM\...\{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}) (Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (HKLM\...\{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (HKLM\...\{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings (HKLM\...\{51846830-E7B2-4218-8968-B77F0FF475B8}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (HKLM\...\{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings (HKLM\...\{95655ED4-7CA5-46DF-907F-7144877A32E5}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 3 Design Premium (HKLM\...\{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (HKLM\...\{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (HKLM\...\{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CS3 (HKLM\...\{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}) (Version: 9 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (HKLM\...\{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS3 (HKLM\...\{BE5F3842-8309-4754-92D5-83E02E6077A3}) (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Flash CS3 (HKLM\...\{6B52140A-F189-4945-BFFC-DB3F00B8C589}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Video Encoder (HKLM\...\{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All (HKLM\...\{6ABE0BEE-D572-4FE8-B434-9E72A289431B}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (HKLM\...\{04AF207D-9A77-465A-8B76-991F6AB66245}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS3 (HKLM\...\{F08E8D2E-F132-4742-9C87-D5FF223A016A}) (Version: 13.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS3 (HKLM\...\{CB3F8375-B600-4B9F-83C9-238ED1E583FD}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS3 Icon Handler (HKLM\...\{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (HKLM\...\{54793AA1-5001-42F4-ABB6-C364617C6078}) (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files (HKLM\...\{6B708481-748A-4EB4-97C1-CD386244FF77}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (HKLM\...\{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}) (Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM\...\{0046FA01-C5B9-4985-BACB-398DC480FC05}) (Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Setup (HKLM\...\{09E2111C-16B1-4DDF-BF0D-F994C9A12350}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe SING CS3 (HKLM\...\{B671CBFD-4109-4D35-9252-3062D3CCB7B2}) (Version: 0.1 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (HKLM\...\{29E5EA97-5F74-4A57-B8B2-D4F169117183}) (Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (HKLM\...\{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (HKLM\...\{E69AE897-9E0B-485C-8552-7841F48D42D8}) (Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (HKLM\...\{D0DFF92A-492E-4C40-B862-A74A173C25C5}) (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Server (HKLM\...\{1D58229F-C505-45CA-8223-F35F3A34B963}) (Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe WAS CS3 (HKLM\...\{C5BD220A-EFE8-48A5-B70E-9503D535FACE}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (HKLM\...\{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (HKLM\...\{802771A9-A856-4A41-ACF7-1450E523C923}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
AHV content for Acrobat and Flash (HKLM\...\{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}) (Version: 1 - Adobe Systems Incorporated) Hidden
Amazon Kindle (HKLM\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\{29802B07-34B0-4EB0-91BF-E78F85C30ED2}) (Version: 15.0.5863 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\{F681821A-708F-450B-A9F3-6E400ACCF1FA}) (Version: 15.0.4342 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
Belarc Advisor 8.4 (HKLM\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BSB Reader (HKLM\...\{C39487DF-42CD-428D-AC36-F59978A0A6B3}) (Version: 1.0.0 -  )
BurnAware Free 6.9.4 (HKLM\...\BurnAware Free_is1) (Version:  - Burnaware)
calibre (HKLM\...\{DD649DA2-BBD9-4247-85DD-E04F7C1E8552}) (Version: 1.48.0 - Kovid Goyal)
Canon Camera Access Library (HKLM\...\CAL) (Version: 8.2.0.1 - )
Canon Camera Support Core Library (HKLM\...\CSCLIB) (Version: 7.3.1.6 - )
Canon Camera WIA Driver (HKLM\...\{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}) (Version: 5.7 - Canon) Hidden
Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM\...\CameraWindowDVC5) (Version: 5.4.5.17 - )
Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.3.0.11 - )
Canon Camera Window MC 6 for ZoomBrowser EX (HKLM\...\CameraWindowMC) (Version: 6.2.0.11 - )
Canon CanoScan Toolbox 4.9 (HKLM\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version:  - )
Canon EOS 5D WIA Driver (HKLM\...\InstallShield_{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}) (Version: 5.7 - Canon)
Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 2.6.0.13 - )
Canon RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.6.0.9 - )
Canon ScanGear Starter (HKLM\...\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}) (Version:  - )
Canon Utilities Digital Photo Professional 3.0 (HKLM\...\DPP) (Version: 3.0.2.6 - )
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 2.0.2.26 - )
Canon Utilities Original Data Security Tools (HKLM\...\ODSK) (Version: 1.0.1.4 - )
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.19.43 - )
Canon Utilities WFT-E1/E2 Utility (HKLM\...\WFTK) (Version: 3.0.1.14 - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 5.8.0.74 - )
Cipher Classics (HKLM\...\ST5UNST #1) (Version:  - )
Dropbox (HKCU\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-200 Series Printer Uninstall (HKLM\...\EPSON XP-200 Series) (Version:  - SEIKO EPSON Corporation)
Free RAR Extract Frog (HKLM\...\Free RAR Extract Frog) (Version: 5.20 - Philipp Winterberg)
Garmin Trip and Waypoint Manager v3 (HKLM\...\{5414086B-AE06-4332-8A59-26FF0F630D1B}) (Version: 3.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.26.9 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
High-Definition Video Playback (HKLM\...\{237CCB62-8454-43E3-B158-3ACD0134852E}) (Version: 7.1.13500.43.0 - Nero AG) Hidden
iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.710 - Oracle)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.1.71.14 - Oracle, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Manual CanoScan LiDE 25 (HKLM\...\{C45EB9E5-7165-4FB0-8C31-77FC4743362F}) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30730 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Moment of Inspiration 2.0 trial (HKLM\...\MoI_v2_nosave_trial_is1) (Version:  - Triple Squid Software Design)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 Menu TemplatePack Basic (HKLM\...\{63AA3EAB-23BB-48B2-9AD0-44F878075604}) (Version: 10.2.10000.0.0 - Nero AG) Hidden
Nero 10 Movie ThemePack Basic (HKLM\...\{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}) (Version: 10.2.10000.0.0 - Nero AG) Hidden
Nero Control Center 10 (HKLM\...\{6DFB899F-17A2-48F0-A533-ED8D6866CF38}) (Version: 10.2.11100.1.1 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (HKLM\...\{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}) (Version: 10.5.10000 - Nero AG) Hidden
Nero Core Components 10 (HKLM\...\{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}) (Version: 2.0.17800.8.5 - Nero AG) Hidden
Nero Express 10 (HKLM\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11500.17.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM\...\{7E21FC0E-E116-44BD-A38E-3149F5E14496}) (Version: 10.5.10000 - Nero AG)
Nero Recode 10 (HKLM\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.8.10400.3.100 - Nero AG)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA nView 141.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.33 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenCPN 3.2.2 (HKLM\...\OpenCPN 3.2.2) (Version: 3.2.2 - opencpn.org)
PDF Settings (HKLM\...\{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
PL-2303 USB-to-Serial (HKLM\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
Quark Update (HKLM\...\{82154114-943B-4A6F-9B20-073C9573E93E}) (Version: 1.0.0.2 - Quark, Inc.)
QuarkXPress (HKLM\...\{CE949716-2A5A-40F2-BA31-54CE71B37FE5}) (Version: 9.5.1.0 - Quark Software Inc.)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.35.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.7111 - Realtek Semiconductor Corp.)
ScanSoft OmniPage SE 4.0 (HKLM\...\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}) (Version: 15.00.0020 - Nuance Communications, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{945F1D43-451D-4383-9BBE-241F37950B15}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
TSST OEM Content (HKLM\...\{885AFEC2-0809-47CE-8B3F-00AEC19DDD5F}) (Version: 10.0.10300.0.0 - Nero AG)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebFldrs XP (HKLM\...\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 3583.09 MB
Available physical RAM: 2644.51 MB
Total Pagefile: 7002.01 MB
Available Pagefile: 6219.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.84 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.75 GB) (Free:284.13 GB) NTFS

========================= Users: ========================================

User accounts for \\KC-MARK-PC

Administrator            ASPNET                   Guest                    
HelpAssistant            Mark                     SUPPORT_388945a0         


**** End of log ****
 

 

 

~ ZHPCleaner v2015.5.11.224 by Nicolas Coolman (12/05/2015)
~ Run by Mark (Administrator)  (12/05/2015 14:01:15)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Documents and Settings\Mark\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Documents and Settings\Mark\Application Data\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
~ Windows XP, 32-bit Service Pack 3 (Build 2600)


---\\  Services (0)
~ No malicious items found.


---\\  Browser internet (0)
~ No malicious items found.


---\\  Hosts file (0)
~ No malicious items found.


---\\  Scheduled automatic tasks. (0)
~ No malicious items found.


---\\  Explorer ( File, Folder) (4)
MOVED folder: C:\Program Files\PriceMinus (Adware.Multiplug)
MOVED folder: C:\Program Files\PriiceMiinus (Adware.Multiplug)
MOVED folder: C:\Documents and Settings\Mark\Application Data\AVG Web TuneUp (Toolbar.AVGSafeGuard)
MOVED folder: C:\Documents and Settings\Mark\Local Settings\Application Data\AVG Web TuneUp (Toolbar.AVGSafeGuard)


---\\  Registry ( Key, Value, Data) (19)
REPLACED data: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope \\\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} (Hijacker.SearchScopes)
DELETED key*: HKEY_USERS\S-1-5-21-1275210071-1645522239-682003330-1003\Software\AVG Web TuneUp [] (Toolbar.AVGSafeGuard)
DELETED key: HKCU\Software\AVG Web TuneUp [] (Toolbar.AVGSafeGuard)
DELETED key*: HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] (Toolbar.Ask)
DELETED key*: HKLM\SOFTWARE\Classes\SearchAssistantOC.SearchAssistantOC [] (PUP.SearchAssist)
DELETED key*: HKLM\SOFTWARE\Classes\SearchAssistantOC.SearchAssistantOC.1 [] (PUP.SearchAssist)
DELETED key*: HKLM\SOFTWARE\Classes\SrchUI.SearchAssistant [] (PUP.SearchAssist)
DELETED key*: HKLM\SOFTWARE\Classes\SrchUI.SearchAssistant.1 [] (PUP.SearchAssist)
DELETED key*: HKLM\SOFTWARE\Classes\Zb_ui.ZbUiBrowserViewMgr [] (Adware.CrossRider)
DELETED key*: HKLM\SOFTWARE\Classes\Zb_ui.ZbUiBrowserViewMgr.1 [] (Adware.CrossRider)
DELETED key*: HKLM\SOFTWARE\Classes\CLSID\{2E71FD0F-AAB1-42c0-9146-6D2C4EDCF07D} [SearchAssistantOC] (PUP.SearchAssist)
DELETED key*: HKLM\SOFTWARE\Classes\CLSID\{B45FF030-4447-11D2-85DE-00C04FA35C89} [SearchAssistantOC] (PUP.SearchAssist)
DELETED key*: HKLM\SOFTWARE\AVG Web TuneUp [] (Toolbar.AVGSafeGuard)
DELETED key*: HKLM\SOFTWARE\FFPluginHp [] (PUP.SweetSearch)
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp [AVG Technologies] (Toolbar.AVGSafeGuard)
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Web TuneUp [] (Toolbar.AVGSafeGuard)
DELETED key*: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ba20b5da-0f48-40c5-b8c9-2cda4ecf75c2} [C:\Program Files\Toolbar Cleaner (Not File)] (PUP.ToolbarCleaner)
DELETED key: HKLM\SOFTWARE\Classes\CLSID\{2E71FD0F-AAB1-42c0-9146-6D2C4EDCF07D}\InprocServer32 [%SystemRoot%\system32\shdocvw.dll] (PUP.SearchAssist)
DELETED key: HKLM\SOFTWARE\Classes\CLSID\{B45FF030-4447-11D2-85DE-00C04FA35C89}\InprocServer32 [%SystemRoot%\system32\shdocvw.dll] (PUP.SearchAssist)


---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 2530
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 23


End of clean at 14:01:27
===================
ZHPCleaner-[R]-12052015-14_01_27.txt
ZHPCleaner-[S]-12052015-13_58_14.txt
 

 

 

 Results of screen317's Security Check version 1.001  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
AVG AntiVirus Free Edition 2015   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 71  
 Java version 32-bit out of Date!
 Adobe Flash Player     17.0.0.169  
 Adobe Reader XI  
 Mozilla Firefox (37.0.2)
 Google Chrome (42.0.2311.135)
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe
 AVG avgrsx.exe
 AVG avgnsx.exe
 AVG avgemc.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 28% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 

 

 

 

C:\Documents and Settings\Mark\My Documents\Downloads\ccsetup505.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Documents and Settings\Mark\My Documents\Downloads\ninja-setup-3.0.6.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Program Files\Adware-Removal-Tool\ARTP3.exe    MSIL/FakeTool.PS trojan    cleaned by deleting - quarantined
C:\zoek_backup\C_Documents and Settings_Mark_Local Settings_Application Data_AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Documents and Settings_Mark_Local Settings_Application Data_AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Documents and Settings_Mark_Local Settings_Application Data_AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\apnmcp.exe    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\APNSetup.exe    a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\UpdateManager.exe    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\ORJ-SPE\Source\AskToolbarInstaller-12.21.0_ORJ-SPE.msi    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\ChromeUtils\APNNativeMsgHost.exe    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\searchhook.dll    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\SO.dll    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\toolbar.dll    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\ORJ-SPE\Source\program files\VNT\vntldr.exe    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll    a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application    deleted - quarantined
C:\zoek_backup\C_Program Files_Conduit\Community Alerts\Alert.dll    Win32/Toolbar.Conduit.Y potentially unwanted application    deleted - quarantined
 



#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 12 May 2015 - 04:00 PM

The version of malwarebytes you have installed is old, please uninstall it and see below.

 

 

Download Malwrebytes from the link below.
https://www.malwarebytes.org/
Select update.
jBVKBI0.png
Then Select Scan Now.
js1M2HF.png
Once the scan is completed.
Remove anything found.
Then go to the History tab.
Then go to the application logs.
Then go to scan log.
Export.
Copy to clipboard.
Post it here in your next reply.

 



#9 ozseagull

ozseagull
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 AM

Posted 12 May 2015 - 08:30 PM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 13/05/2015
Scan Time: 10:43:36 AM
Logfile:
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.12.08
Rootkit Database: v2015.04.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Mark

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 379246
Time Elapsed: 44 min, 45 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.MultiPlug, HKU\S-1-5-21-1275210071-1645522239-682003330-1003_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}, Quarantined, [8a3ef59d7b0f0432362d0d832ed5c937],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 12 May 2015 - 09:08 PM

How is your machine running?



#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 12 May 2015 - 09:11 PM

Quote

Hosts file not detected in the default directory

 

  • Click here to download  RstHosts v2.0
  • Save the file to your desktop.
  • Right Click and Run as Administrator.

r7b6F8y.png

After you run this tool, make a new scan with minitoolbox and tick only list hosts.  Post that log, in your next reply.
 



#12 ozseagull

ozseagull
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 AM

Posted 12 May 2015 - 09:17 PM

MiniToolBox by Farbar  Version: 11-05-2015 01
Ran by Mark (administrator) on 13-05-2015 at 12:15:56
Running from "C:\Documents and Settings\Mark\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Model: MS-7519 Manufacturer: MSI
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1             localhost
127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection 3 (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 3"

set address name="Local Area Connection 3" source=dhcp
set dns name="Local Area Connection 3" source=dhcp register=PRIMARY
set wins name="Local Area Connection 3" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : kc-mark-pc

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Broadcast

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection 3:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller

        Physical Address. . . . . . . . . : 00-21-85-15-2C-85

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 10.1.1.2

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 10.1.1.1

        DHCP Server . . . . . . . . . . . : 10.1.1.1

        DNS Servers . . . . . . . . . . . : 10.1.1.1

        Lease Obtained. . . . . . . . . . : Wednesday, 13 May 2015 11:34:40 AM

        Lease Expires . . . . . . . . . . : Friday, 15 May 2015 11:34:40 AM

Server:  UnKnown
Address:  10.1.1.1

Name:    google.com
Addresses:  150.101.161.167, 150.101.161.152, 150.101.161.181, 150.101.161.159
      150.101.161.166, 150.101.161.146, 150.101.161.160, 150.101.161.153, 150.101.161.173
      150.101.161.174, 150.101.161.180, 150.101.161.187



Pinging google.com [150.101.161.159] with 32 bytes of data:



Reply from 150.101.161.159: bytes=32 time=26ms TTL=59

Reply from 150.101.161.159: bytes=32 time=27ms TTL=59



Ping statistics for 150.101.161.159:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 26ms, Maximum = 27ms, Average = 26ms

Server:  UnKnown
Address:  10.1.1.1

Name:    yahoo.com
Addresses:  98.138.253.109, 206.190.36.45, 98.139.183.24



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=229ms TTL=51

Reply from 206.190.36.45: bytes=32 time=205ms TTL=51



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 205ms, Maximum = 229ms, Average = 217ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 21 85 15 2c 85 ...... Realtek PCIe GBE Family Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.1.1.1        10.1.1.2      20
         10.1.1.0    255.255.255.0         10.1.1.2        10.1.1.2      20
         10.1.1.2  255.255.255.255        127.0.0.1       127.0.0.1      20
   10.255.255.255  255.255.255.255         10.1.1.2        10.1.1.2      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      169.254.0.0      255.255.0.0         10.1.1.2        10.1.1.2      20
     182.56.86.67  255.255.255.255         10.1.1.1        10.1.1.2      20
        224.0.0.0        240.0.0.0         10.1.1.2        10.1.1.2      20
  255.255.255.255  255.255.255.255         10.1.1.2        10.1.1.2      1
Default Gateway:          10.1.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/08/2015 05:59:47 PM) (Source: Application Hang) (User: )
Description: Hanging application rundll32.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/04/2015 02:21:51 PM) (Source: Application Error) (User: )
Description: Faulting application acrobat.exe, version 8.0.0.456, faulting module acrobat.dll, version 8.0.0.456, fault address 0x0001bb7f.
Processing media-specific event for [acrobat.exe!ws!]

Error: (05/04/2015 02:20:50 PM) (Source: Application Error) (User: )
Description: Faulting application acrobat.exe, version 8.0.0.456, faulting module acrobat.dll, version 8.0.0.456, fault address 0x0001bb7f.
Processing media-specific event for [acrobat.exe!ws!]

Error: (05/04/2015 02:05:21 PM) (Source: Application Error) (User: )
Description: Faulting application acrobat.exe, version 8.0.0.456, faulting module acrobat.dll, version 8.0.0.456, fault address 0x0001bb7f.
Processing media-specific event for [acrobat.exe!ws!]

Error: (04/16/2015 05:04:41 PM) (Source: Application Error) (User: )
Description: Faulting application acrobat.exe, version 8.0.0.456, faulting module acrobat.dll, version 8.0.0.456, fault address 0x0001bb7f.
Processing media-specific event for [acrobat.exe!ws!]

Error: (04/16/2015 02:53:08 PM) (Source: Application Error) (User: )
Description: Faulting application acrobat.exe, version 8.0.0.456, faulting module acrobat.dll, version 8.0.0.456, fault address 0x0001bb7f.
Processing media-specific event for [acrobat.exe!ws!]

Error: (04/16/2015 01:22:43 PM) (Source: Application Error) (User: )
Description: Faulting application acrobat.exe, version 8.0.0.456, faulting module acrobat.dll, version 8.0.0.456, fault address 0x0001bb7f.
Processing media-specific event for [acrobat.exe!ws!]

Error: (04/14/2015 03:36:27 PM) (Source: Application Error) (User: )
Description: Faulting application acrobat.exe, version 8.0.0.456, faulting module unknown, version 0.0.0.0, fault address 0x087b970a.
Processing media-specific event for [acrobat.exe!ws!]

Error: (04/14/2015 02:47:43 PM) (Source: Application Error) (User: )
Description: Faulting application acrobat.exe, version 8.0.0.456, faulting module acrobat.dll, version 8.0.0.456, fault address 0x0001bb7f.
Processing media-specific event for [acrobat.exe!ws!]

Error: (04/14/2015 01:47:10 PM) (Source: Application Error) (User: )
Description: Faulting application acrobat.exe, version 8.0.0.456, faulting module acrobat.dll, version 8.0.0.456, fault address 0x0001bb7f.
Processing media-specific event for [acrobat.exe!ws!]


System errors:
=============
Error: (05/13/2015 11:35:45 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
nvata

Error: (05/09/2015 02:06:07 PM) (Source: Service Control Manager) (User: )
Description: The FLEXnet Licensing Service service terminated unexpectedly.  It has done this 2 time(s).

Error: (05/09/2015 02:06:06 PM) (Source: Service Control Manager) (User: )
Description: The Office Software Protection Platform service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/09/2015 02:06:06 PM) (Source: Service Control Manager) (User: )
Description: The Application Layer Gateway Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/09/2015 02:06:06 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (05/09/2015 00:52:27 PM) (Source: Service Control Manager) (User: )
Description: The FLEXnet Licensing Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/09/2015 00:52:27 PM) (Source: Service Control Manager) (User: )
Description: The iPod Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/09/2015 00:52:26 PM) (Source: Service Control Manager) (User: )
Description: The Canon Camera Access Library 8 service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/09/2015 00:52:26 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Network Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/09/2015 00:52:26 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Driver Helper Service service terminated unexpectedly.  It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (05/08/2015 05:59:47 PM) (Source: Application Hang)(User: )
Description: rundll32.exe5.1.2600.5512hungapp0.0.0.000000000

Error: (05/04/2015 02:21:51 PM) (Source: Application Error)(User: )
Description: acrobat.exe8.0.0.456acrobat.dll8.0.0.4560001bb7f

Error: (05/04/2015 02:20:50 PM) (Source: Application Error)(User: )
Description: acrobat.exe8.0.0.456acrobat.dll8.0.0.4560001bb7f

Error: (05/04/2015 02:05:21 PM) (Source: Application Error)(User: )
Description: acrobat.exe8.0.0.456acrobat.dll8.0.0.4560001bb7f

Error: (04/16/2015 05:04:41 PM) (Source: Application Error)(User: )
Description: acrobat.exe8.0.0.456acrobat.dll8.0.0.4560001bb7f

Error: (04/16/2015 02:53:08 PM) (Source: Application Error)(User: )
Description: acrobat.exe8.0.0.456acrobat.dll8.0.0.4560001bb7f

Error: (04/16/2015 01:22:43 PM) (Source: Application Error)(User: )
Description: acrobat.exe8.0.0.456acrobat.dll8.0.0.4560001bb7f

Error: (04/14/2015 03:36:27 PM) (Source: Application Error)(User: )
Description: acrobat.exe8.0.0.456unknown0.0.0.0087b970a

Error: (04/14/2015 02:47:43 PM) (Source: Application Error)(User: )
Description: acrobat.exe8.0.0.456acrobat.dll8.0.0.4560001bb7f

Error: (04/14/2015 01:47:10 PM) (Source: Application Error)(User: )
Description: acrobat.exe8.0.0.456acrobat.dll8.0.0.4560001bb7f


=========================== Installed Programs ============================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
7-Zip 9.30 alpha (HKLM\...\7-Zip) (Version:  - )
Add or Remove Adobe Creative Suite 3 Design Premium (HKLM\...\Adobe_c14ac4070fd9614ffe63f4bb533db2c) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Acrobat 8 Professional (HKLM\...\{AC76BA86-1033-0000-7760-000000000003}) (Version: 8.0.0 - Adobe Systems) Hidden
Adobe Anchor Service CS3 (HKLM\...\{90176341-0A8B-4CCC-A78D-F862228A6B95}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (HKLM\...\{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}) (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (HKLM\...\{9C9824D9-9000-4373-A6A5-D0E5D4831394}) (Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (HKLM\...\{08B32819-6EEF-4057-AEDA-5AB681A36A23}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe BridgeTalk Plugin CS3 (HKLM\...\{B7F560B3-6EFF-4026-A982-843895A41149}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (HKLM\...\{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}) (Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (HKLM\...\{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (HKLM\...\{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings (HKLM\...\{51846830-E7B2-4218-8968-B77F0FF475B8}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (HKLM\...\{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings (HKLM\...\{95655ED4-7CA5-46DF-907F-7144877A32E5}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 3 Design Premium (HKLM\...\{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (HKLM\...\{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (HKLM\...\{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CS3 (HKLM\...\{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}) (Version: 9 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (HKLM\...\{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS3 (HKLM\...\{BE5F3842-8309-4754-92D5-83E02E6077A3}) (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Flash CS3 (HKLM\...\{6B52140A-F189-4945-BFFC-DB3F00B8C589}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Video Encoder (HKLM\...\{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All (HKLM\...\{6ABE0BEE-D572-4FE8-B434-9E72A289431B}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (HKLM\...\{04AF207D-9A77-465A-8B76-991F6AB66245}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS3 (HKLM\...\{F08E8D2E-F132-4742-9C87-D5FF223A016A}) (Version: 13.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS3 (HKLM\...\{CB3F8375-B600-4B9F-83C9-238ED1E583FD}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS3 Icon Handler (HKLM\...\{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (HKLM\...\{54793AA1-5001-42F4-ABB6-C364617C6078}) (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files (HKLM\...\{6B708481-748A-4EB4-97C1-CD386244FF77}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (HKLM\...\{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}) (Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM\...\{0046FA01-C5B9-4985-BACB-398DC480FC05}) (Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Setup (HKLM\...\{09E2111C-16B1-4DDF-BF0D-F994C9A12350}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe SING CS3 (HKLM\...\{B671CBFD-4109-4D35-9252-3062D3CCB7B2}) (Version: 0.1 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (HKLM\...\{29E5EA97-5F74-4A57-B8B2-D4F169117183}) (Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (HKLM\...\{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (HKLM\...\{E69AE897-9E0B-485C-8552-7841F48D42D8}) (Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (HKLM\...\{D0DFF92A-492E-4C40-B862-A74A173C25C5}) (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Server (HKLM\...\{1D58229F-C505-45CA-8223-F35F3A34B963}) (Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe WAS CS3 (HKLM\...\{C5BD220A-EFE8-48A5-B70E-9503D535FACE}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (HKLM\...\{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (HKLM\...\{802771A9-A856-4A41-ACF7-1450E523C923}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
AHV content for Acrobat and Flash (HKLM\...\{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}) (Version: 1 - Adobe Systems Incorporated) Hidden
Amazon Kindle (HKLM\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\{29802B07-34B0-4EB0-91BF-E78F85C30ED2}) (Version: 15.0.5863 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\{F681821A-708F-450B-A9F3-6E400ACCF1FA}) (Version: 15.0.4342 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
Belarc Advisor 8.4 (HKLM\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BSB Reader (HKLM\...\{C39487DF-42CD-428D-AC36-F59978A0A6B3}) (Version: 1.0.0 -  )
BurnAware Free 6.9.4 (HKLM\...\BurnAware Free_is1) (Version:  - Burnaware)
calibre (HKLM\...\{DD649DA2-BBD9-4247-85DD-E04F7C1E8552}) (Version: 1.48.0 - Kovid Goyal)
Canon Camera Access Library (HKLM\...\CAL) (Version: 8.2.0.1 - )
Canon Camera Support Core Library (HKLM\...\CSCLIB) (Version: 7.3.1.6 - )
Canon Camera WIA Driver (HKLM\...\{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}) (Version: 5.7 - Canon) Hidden
Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM\...\CameraWindowDVC5) (Version: 5.4.5.17 - )
Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.3.0.11 - )
Canon Camera Window MC 6 for ZoomBrowser EX (HKLM\...\CameraWindowMC) (Version: 6.2.0.11 - )
Canon CanoScan Toolbox 4.9 (HKLM\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version:  - )
Canon EOS 5D WIA Driver (HKLM\...\InstallShield_{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}) (Version: 5.7 - Canon)
Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 2.6.0.13 - )
Canon RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.6.0.9 - )
Canon ScanGear Starter (HKLM\...\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}) (Version:  - )
Canon Utilities Digital Photo Professional 3.0 (HKLM\...\DPP) (Version: 3.0.2.6 - )
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 2.0.2.26 - )
Canon Utilities Original Data Security Tools (HKLM\...\ODSK) (Version: 1.0.1.4 - )
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.19.43 - )
Canon Utilities WFT-E1/E2 Utility (HKLM\...\WFTK) (Version: 3.0.1.14 - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 5.8.0.74 - )
Cipher Classics (HKLM\...\ST5UNST #1) (Version:  - )
Dropbox (HKCU\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-200 Series Printer Uninstall (HKLM\...\EPSON XP-200 Series) (Version:  - SEIKO EPSON Corporation)
Free RAR Extract Frog (HKLM\...\Free RAR Extract Frog) (Version: 5.20 - Philipp Winterberg)
Garmin Trip and Waypoint Manager v3 (HKLM\...\{5414086B-AE06-4332-8A59-26FF0F630D1B}) (Version: 3.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.26.9 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
High-Definition Video Playback (HKLM\...\{237CCB62-8454-43E3-B158-3ACD0134852E}) (Version: 7.1.13500.43.0 - Nero AG) Hidden
iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.710 - Oracle)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.1.71.14 - Oracle, Inc.) Hidden
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Manual CanoScan LiDE 25 (HKLM\...\{C45EB9E5-7165-4FB0-8C31-77FC4743362F}) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30730 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Moment of Inspiration 2.0 trial (HKLM\...\MoI_v2_nosave_trial_is1) (Version:  - Triple Squid Software Design)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 Menu TemplatePack Basic (HKLM\...\{63AA3EAB-23BB-48B2-9AD0-44F878075604}) (Version: 10.2.10000.0.0 - Nero AG) Hidden
Nero 10 Movie ThemePack Basic (HKLM\...\{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}) (Version: 10.2.10000.0.0 - Nero AG) Hidden
Nero Control Center 10 (HKLM\...\{6DFB899F-17A2-48F0-A533-ED8D6866CF38}) (Version: 10.2.11100.1.1 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (HKLM\...\{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}) (Version: 10.5.10000 - Nero AG) Hidden
Nero Core Components 10 (HKLM\...\{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}) (Version: 2.0.17800.8.5 - Nero AG) Hidden
Nero Express 10 (HKLM\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11500.17.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM\...\{7E21FC0E-E116-44BD-A38E-3149F5E14496}) (Version: 10.5.10000 - Nero AG)
Nero Recode 10 (HKLM\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.8.10400.3.100 - Nero AG)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA nView 141.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.33 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenCPN 3.2.2 (HKLM\...\OpenCPN 3.2.2) (Version: 3.2.2 - opencpn.org)
PDF Settings (HKLM\...\{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
PL-2303 USB-to-Serial (HKLM\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
Quark Update (HKLM\...\{82154114-943B-4A6F-9B20-073C9573E93E}) (Version: 1.0.0.2 - Quark, Inc.)
QuarkXPress (HKLM\...\{CE949716-2A5A-40F2-BA31-54CE71B37FE5}) (Version: 9.5.1.0 - Quark Software Inc.)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.35.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.7111 - Realtek Semiconductor Corp.)
ScanSoft OmniPage SE 4.0 (HKLM\...\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}) (Version: 15.00.0020 - Nuance Communications, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{945F1D43-451D-4383-9BBE-241F37950B15}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
TSST OEM Content (HKLM\...\{885AFEC2-0809-47CE-8B3F-00AEC19DDD5F}) (Version: 10.0.10300.0.0 - Nero AG)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebFldrs XP (HKLM\...\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 3583.09 MB
Available physical RAM: 2682.06 MB
Total Pagefile: 7001.86 MB
Available Pagefile: 6239.35 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.77 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.75 GB) (Free:283.83 GB) NTFS

========================= Users: ========================================

User accounts for \\KC-MARK-PC

Administrator            ASPNET                   Guest                    
HelpAssistant            Mark                     SUPPORT_388945a0         


**** End of log ****
 



#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 12 May 2015 - 09:18 PM

Ok, good this is what I was looking for. :)

 

========================= Hosts content: =================================

::1             localhost
127.0.0.1       localhost

 

 

 

How is your computer running?



#14 ozseagull

ozseagull
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:19 AM

Posted 12 May 2015 - 09:20 PM

Sorry, should have said - seems to be running much better. Appears to have found and cleared whatever was blocking googleadservices and all the other ad servers.

 

I did have to do a config to convince FF I wanted Google as home page, but once that was done it all seems to be fine.

 

Anything else I need to do?



#15 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 12 May 2015 - 09:26 PM

Update you software.

https://patchmypc.net/freeupdater/PatchMyPC.exe

 

https://patchmypc.net/download

 

 

Qualys BrowserCheck To update plugins.

Safe Browsing Tool Web of trust to keep away from shady sites.

Unchecky  To avoid bundled software.

Adblock Plus  To browse the web ad free.

Malwarebytes Anti-Exploit To block Zero day attacks.

Malwarebytes | StartUpLITE To disable un-needed start ups.

http://www.toolwiz.com/en/products/toolwiz-smart-defrag/ Defrag your machine.

adguard use with adblock for basically zero ads

https://chrome.google.com/webstore/detail/adguard-adblocker/bgnkhhnnamicmpeenaelnjfhikgbkllg?hl=en

https://addons.mozilla.org/en-uS/firefox/addon/adguard-adblocker/

 

 

 

Download DelFix by "Xplode" to your Desktop.
Right Click the tool and Run as Admin ( Xp Users Double Click)
Put a check mark next the items below:


Remove disinfection tools
Create registry backup
Purge System Restore




Now click on "Run" button.
allow the program to complete its work.
all the tools we used will be removed.
Tool will create and open a log report (DelFix.txt)
Note: The report can be located at the following location C:\DelFix.txt






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users