Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DirectControl


  • Please log in to reply
10 replies to this topic

#1 froggy007

froggy007

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 08 May 2015 - 11:07 PM

there is a file that has recently showed up on my computer called DirectControl the type of file is Application (.exe)and I don't know where it came from but I don't think that I should have it can anyone tell me about it. I have looked but cant find anything helpful about it as far as info that is trustworthy 

Thank you  froggy007.



BC AdBot (Login to Remove)

 


m

#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:09:42 AM

Posted 09 May 2015 - 03:57 AM

Hi there,

Can you upload the file to VirusTotal and copy the link of the result here?

Thank you.

Regards,
Alex

#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,007 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:12:42 AM

Posted 09 May 2015 - 04:42 PM

Please run AdwCleaner
 
Please download AdwCleaner and install it.
 
When AdwCleaner opens you will see an image like the one below.
 
adwcleaner11_zps48314883.png
 
Click on Scan to start the scan.
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  If you have any questions about any items in the list please copy and paste the list in your topic so we can review it.  
 
You will receive a message telling you that all programs will be closed so that the infections can be removed.  Click on OK.  The computer will be restarted to complete the cleaning process.
 
When the cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your topic.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 froggy007

froggy007
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 09 May 2015 - 07:38 PM

Here is the link to the report from virustotal 

 

https://www.virustotal.com/en/file/0046c354b86d37bf918a68bcd800684b0e64f4a833a97dac23d954343e89cc14/analysis/1431217947/



#5 froggy007

froggy007
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 09 May 2015 - 08:26 PM

to dc3 here is the report 

 

# AdwCleaner v4.203 - Logfile created 09/05/2015 at 18:09:33
# Updated 30/04/2015 by Xplode
# Database : 2015-05-09.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : anita - TOM-PC
# Running from : C:\Users\anita\Downloads\adwcleaner_4.203.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[#] Service Deleted : globalUpdatem
[#] Service Deleted : YahooAUService
Service Deleted : {45b8e725-8a70-491e-9060-7a276a194e29}w64
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Free Ride Games
Folder Deleted : C:\ProgramData\iWin
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Player Pro
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiDefMedia
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPlayer
Folder Deleted : C:\Program Files (x86)\Flash Player Pro
Folder Deleted : C:\Program Files (x86)\Free Ride Games
Folder Deleted : C:\Program Files (x86)\HiDefMedia
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Playbryte
Folder Deleted : C:\Program Files (x86)\PopularScreensavers
Folder Deleted : C:\Program Files (x86)\Web Protect
Folder Deleted : C:\Program Files (x86)\Coupons
Folder Deleted : C:\Program Files (x86)\VideoPlayer
Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect
Folder Deleted : C:\Program Files\Uninstaller
Folder Deleted : C:\Users\anita\AppData\Local\Conduit
Folder Deleted : C:\Users\anita\AppData\Local\globalUpdate
Folder Deleted : C:\Users\anita\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\anita\AppData\Local\visi_coupon
Folder Deleted : C:\Users\anita\AppData\Local\Wajam
Folder Deleted : C:\Users\anita\AppData\LocalLow\Playbryte
Folder Deleted : C:\Users\anita\AppData\LocalLow\PopularScreensavers
Folder Deleted : C:\Users\anita\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\anita\AppData\Roaming\Babylon
Folder Deleted : C:\Users\anita\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\anita\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\anita\AppData\Roaming\iSafe
Folder Deleted : C:\Users\anita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games
Folder Deleted : C:\Users\froggy\AppData\Roaming\iSafe
Folder Deleted : C:\Users\anita\AppData\Roaming\Mozilla\Firefox\Profiles\ln3543ny.default\Extensions\playbryte@playbryte.com
Folder Deleted : C:\Users\anita\AppData\Roaming\Mozilla\Firefox\Profiles\ln3543ny.default\Extensions\plugin@selectionlinks.com
Folder Deleted : C:\Users\anita\AppData\Roaming\Mozilla\Firefox\Profiles\ln3543ny.default\Extensions\{07cbf788-1359-421b-a4e3-5a8d041b90a3}
Folder Deleted : C:\Users\anita\AppData\Roaming\Mozilla\Firefox\Profiles\ln3543ny.default\Extensions\{739df940-c5ee-4bab-9d7e-270894ae687a}
Folder Deleted : C:\Users\anita\AppData\Roaming\Mozilla\Firefox\Profiles\ln3543ny.default\Extensions\{94625830-343a-4df0-88c1-444d195064d0}
Folder Deleted : C:\Users\anita\AppData\Roaming\Mozilla\Firefox\Profiles\ln3543ny.default\Extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}
Folder Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
Folder Deleted : C:\Users\froggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl
Folder Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf
Folder Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Extensions\khopmdnhncdeojhcdpelanocficgdfng
Folder Deleted : C:\Users\anita\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kgdaeidiojbdgmnjnpmklilaodjlkbjp
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\klibnahbojhkanfgaglnlalfkgpcppfi
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mppnoffgpafgpgbaigljliadgbnhljfl_0.localstorage
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mppnoffgpafgpgbaigljliadgbnhljfl_0.localstorage-journal
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage-journal
File Deleted : C:\monitor.exe
File Deleted : C:\monitorsvc.exe
File Deleted : C:\Windows\SysWOW64\MyOSProtect.dll
File Deleted : C:\Windows\SysWOW64\MyOSProtect.ini
File Deleted : C:\Windows\SysWOW64\MyOSProtectOff.ini
File Deleted : C:\Windows\SysWOW64\p5PSSavr.scr
File Deleted : C:\Windows\System32\log\iSafeKrnlCall.log
File Deleted : C:\Windows\System32\MyOSProtect64.dll
File Deleted : C:\Windows\System32\MyOSProtectOff.ini
File Deleted : C:\Windows\System32\drivers\{45b8e725-8a70-491e-9060-7a276a194e29}w64.sys
File Deleted : C:\Users\anita\daemonprocess.txt
File Deleted : C:\Users\anita\AppData\Local\funmoods-speeddial.crx
File Deleted : C:\Users\anita\AppData\Roaming\Mozilla\Firefox\Profiles\ln3543ny.default\searchplugins\Askcom.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\Users\anita\AppData\Roaming\Mozilla\Firefox\Profiles\ln3543ny.default\searchplugins\conduit-search.xml
File Deleted : C:\Users\anita\AppData\Roaming\Mozilla\Firefox\Profiles\ln3543ny.default\searchplugins\trovi-search.xml
File Deleted : C:\Users\anita\AppData\Roaming\Mozilla\Firefox\Profiles\ln3543ny.default\user.js
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.selectgo00.selectgo.net_0.localstorage
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.selectgo00.selectgo.net_0.localstorage-journal
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_wlogin.icq.com_0.localstorage
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_wlogin.icq.com_0.localstorage-journal
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.icq.com_0.localstorage
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.icq.com_0.localstorage-journal
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_chat.icq.com_0.localstorage
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_chat.icq.com_0.localstorage-journal
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_websearch.about.com_0.localstorage
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_websearch.about.com_0.localstorage-journal
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.deltafaucet.com_0.localstorage
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.deltafaucet.com_0.localstorage-journal
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.icq.com_0.localstorage
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.icq.com_0.localstorage-journal
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.reimageplus.com_0.localstorage
File Deleted : C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.reimageplus.com_0.localstorage-journal
 
***** [ Scheduled tasks ] *****
 
Task Deleted : BackgroundContainer Startup Task
Task Deleted : GoforFilesUpdate
Task Deleted : PostPoneInstall
Task Deleted : Run_Bobby_Browser
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdcnnmifdmlmjffdgeieikcokcogpbej
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pnbbffeddnekkhjmokkhdebbfbibbflc
Key Deleted : HKCU\Software\Google\Chrome\Extensions\dmkpdpkjmmdacleogmmlinafnhdfdlmp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dmkpdpkjmmdacleogmmlinafnhdfdlmp
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\SelectionLinks.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GameTreatWidget.GameTreatWidget
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\net
Key Deleted : HKLM\SOFTWARE\Classes\net.5.14
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@PopularScreensavers.com/Plugin
Key Deleted : HKLM\SOFTWARE\86f4315b-8b18-252b-5191-b65249773098
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FB5B50A-863D-4C0D-8E84-92A59565D087}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C39937A0-C59D-4506-A9FC-0A0138192287}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C39937A9-C59D-4506-A9FC-0A0138192287}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD55C1D4-CE89-4E93-866E-3F4A4962BD68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE26843-9171-4F23-A8E5-5421701276A4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A73204A3-4E2A-4924-95DA-D5DF58717368}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B5DB5A94-1E55-4E2E-AA50-49C8C8215D56}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055445579}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455365528}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066446679}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466366628}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{103DFC4E-147A-5606-9B4E-1C216DF227A1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C39937A5-C59D-4506-A9FC-0A0138192287}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B2E5F9A4-0587-4525-8602-E08E32510243}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{300BEC06-B743-4D19-86B9-11DC711D7FFB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E1420D09-ACC8-4EFD-9965-E7AE3C5B977C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{575680EE-F79E-E520-EECD-A7351E38ACEE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57669773-E201-5202-F6BE-19F89DE42C22}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C3169EA1-54B7-0247-93AD-702F73FF9214}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D221E016-B8A3-5A7E-4741-D432E65F362E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{300BEC06-B743-4D19-86B9-11DC711D7FFB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{300BEC06-B743-4D19-86B9-11DC711D7FFB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{44D07CAA-4FC4-5A84-9951-A485AD808D0E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{575680EE-F79E-E520-EECD-A7351E38ACEE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C3169EA1-54B7-0247-93AD-702F73FF9214}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D221E016-B8A3-5A7E-4741-D432E65F362E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C39937A9-C59D-4506-A9FC-0A0138192287}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DD55C1D4-CE89-4E93-866E-3F4A4962BD68}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{300BEC06-B743-4D19-86B9-11DC711D7FFB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8798BBE7-DDF6-448B-AE0E-83C9E28A5598}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F37BCE7B-6055-418C-A301-E715F36F1E79}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE26843-9171-4F23-A8E5-5421701276A4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5C6B193D-C4D0-4A0C-8509-8EA566380A7C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A73204A3-4E2A-4924-95DA-D5DF58717368}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B5DB5A94-1E55-4E2E-AA50-49C8C8215D56}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D01C1E11-ED7A-4791-8408-E63EECDA48FF}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055445579}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455365528}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066446679}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466366628}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{91607FA7-3C2F-4F90-93E3-D5337A6B0AC2}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5C5C024B-05F9-44B1-86AA-6DC763402109}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Compete
Key Deleted : HKCU\Software\Conduit
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Giant Savings
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\WebProtect
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\BoBrowser
Key Deleted : HKCU\Software\GetPrivate
Key Deleted : HKCU\Software\DownLite
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PopularScreensavers
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\CompeteInc
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\firstsearch
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\GoforFiles
Key Deleted : HKLM\SOFTWARE\InstallIQ
Key Deleted : HKLM\SOFTWARE\SProtector
Key Deleted : HKLM\SOFTWARE\SW-Booster
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\WebProtect
Key Deleted : HKLM\SOFTWARE\Clara
Key Deleted : HKLM\SOFTWARE\Taronja
Key Deleted : HKLM\SOFTWARE\VideoPlayer
Key Deleted : HKLM\SOFTWARE\PopularScreensavers
Key Deleted : HKU\.DEFAULT\Software\TornTv Downloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.2
Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
Key Deleted : [x64] HKLM\SOFTWARE\TornTv Downloader
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C168639F-5810-4EC8-B1E8-0251AA8A771C}
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17728
 
 
-\\ Mozilla Firefox v25.0.1 (en-US)
 
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3306061.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3306061.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3306061&SearchSource=2&CUI=UN37287261424589586&UM=2&q=");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3306061.installType", "conduitnsisintegration");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3306061.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?gd=&ctid=CT3306061&octid=CT3306061&ISID=ISID_ID&SearchSource=15&CUI=UN37287261424589586&SSPV=&[...]
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3306061.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3315827&CUI=UN27016857132909715&UM=2&SearchSource=13");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3306061.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3315827&SearchSource=2&CUI=UN27016857132909715&UM=2&q=");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3306061.smartbar.CTID", "CT3306061");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3306061.smartbar.Uninstall", "0");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3306061.smartbar.homepage", true);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3306061.smartbar.toolbarName", "Connect DLC 5 ");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3315827.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3315827.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3315827&SearchSource=2&CUI=UN27016857132909715&UM=2&q=");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3315827.installType", "conduitnsisintegration");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3315827.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?gd=&ctid=CT3315827&octid=CT3315827&ISID=ISID_ID&SearchSource=15&CUI=UN27016857132909715&SSPV=&[...]
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3315827.originalHomepage", "hxxp://search.conduit.com/?UM=2&SSPV=&ctid=CT3289847&SearchSource=13&CUI=UN18487890903030511");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3315827.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=&ctid=CT3289847&SearchSource=2&CUI=UN18487890903030511&UM=2&q=");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3315827.originalSearchEngine", "WhiteSmoke New Customized Web Search");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3315827.originalSearchEngineName", "WhiteSmoke New Customized Web Search");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3315827.smartbar.CTID", "CT3315827");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3315827.smartbar.Uninstall", "0");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3315827.smartbar.homepage", "true");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("CT3315827.smartbar.toolbarName", "InternetHelper3.6 ");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("FirstSearch.aol_toolbar.search.hasDoneFirst", 124);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "Connect DLC 5 Customized Web Search");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3306061&SearchSource=2&CUI=UN37287261424589586&UM=2&q=");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=&ctid=CT3289847&SearchSource=2&CUI=UN18487890903030511&UM=2&q=");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3306061");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.aolmail", "");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.aolmail.address", "");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.aolmail.count", "0");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.aolmail.id", "value");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.aolmail.imagelist.layout", "empty");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.aolmail.popup.autoclose", "true");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.aolmail.user", "");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.button.netflix_46519.click", "1");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.button.radio_46530.click", "1");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.button.twitter_40883.click", "1");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.button.yahoo_mail_46508.click", "1");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.buttons.layout", ";facebook_40839;mapquest_40872;twitter_40883;_40905;_40916;_40927;ebay_46278;wikipedia_46497;yahoo_mail_46508;netflix_46519;radio_46530;_46541");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.calendar.date", "{system.date.timestamp}");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.calendar.displaydate", "{system.date.locale}");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.calendar.timestamp", "1385020934067");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.cookie.homepage", "");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.cookie.search", "");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.curtain.congrats", "curtain");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.homepage.protection", true);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.homepage.url", "hxxp://www.aol.com/?mtmhp=hyplogusaolp00000023");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.newtab.check", false);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.search.check", true);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.search.label", "AOL Search");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.search.url", "hxxp://search.aol.com/search/search?q={searchTerms}&s_it=adknowledgeaol-ff&s_qt=sb&tb_uuid=20120908210519519&tb_oid=09-09-2012&tb_mrud=15-11-2013");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.firsttime.showwindow", false);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.guid", "{E1FD8742-D89C-7578-65D3-7371B0DC4B68}");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.historybutton.active", true);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.historybutton.enabled", true);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.historybutton.ignoreids", "");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.homepageprotection.enabled", true);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.install.distroid", "aol");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.install.homepage", "hxxp://www.aol.com/?mtmhp={mtmhp}");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.install.homepage.label", "AOL.com");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.install.lastTbVersion", "5.74.1.9838");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.install.lid", "hyplognew00000010");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.install.mtmhp", "hyplogusaolp00000023");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.install.ncid", "");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.install.sethomepage", "0");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.install.setnewtab", "0");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.install.setsearch", "1");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.install.type", "upgrade");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.activestampdate", "31");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.activestampmonth", "2");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.activestampyear", "2015");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.log", false);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.originalDate", "9");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.originalHours", "2");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.originalMinutes", "6");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.originalMonth", "9");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.originalSeconds", "3");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.originalYear", "2012");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.presethomepage", "aol.com");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.presetnewtab", "about:newtab");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.presetsearch", "InternetHelper3.1 Customized Web Search");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.relatednews.enabled", false);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.remote.config.js", "");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.remote.historyconfig.js", "");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.remote.publish.xml", "1427796101861");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.remote.searchterm.js", "");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.reset.flag", "1");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.reset.style", "B");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.resetprompt.daily.num", "8");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.resetprompt.daily.timestamp", "Mon May 13 2013 01:36:07 GMT-0700 (US Mountain Standard Time)");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.resetprompt.display.limit", "8");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.rtw.active", false);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.button", true);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.cid", "15-11-2013");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.focusnewtab", true);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.instd", "20120908210519519");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.newtab", true);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.oid", "09-09-2012");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.placement", "right");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.populateoncomplete", false);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.savehistory", false);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.searchtype", "web");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.source", "adknowledgeaol-ff");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.searchengine.label", "AOL Search");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.searchprotection.enabled", true);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.skin.custom", false);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.date", "24");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.lastDate", "22");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.lastMonth", "9");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.lastYear", "2013");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.month", "24");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.prevMonth", "14");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.total", "3718");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.week", "24");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.year", "1250");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.ticker.active", false);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.toolbar.langlocale", "en-US");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.uninstallreset", "3");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.upgrade.showwindow", false);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.condition", "27_n");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.degc", "3");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.degf", "37");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.degrees", "F");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.image", "chrome://aoltoolbar/skin/weather/29_n.png");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.lastupdate", "");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.locationid", "USNY0996");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.metric", true);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.tooltip", "New York , NY : Partly Cloudy");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.update", "1382430638405");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.zipcode", "10006");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.widgets.layout", "aolmail");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.widgets.log", false);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.widgets.timestamp", "1427796111451");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.widgets.version", "5.74.1.9838");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.winamp.volume", "");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Connect DLC 5 Customized Web Search");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultthis.engineName", "InternetHelper3.6 Customized Web Search");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.eazytosearch.info/?pid=721&r=2014/05/10&hid=2282721497840128649&lg=EN&cc=US&l=1&q=");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "WebSearch");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Connect DLC 5 Customized Web Search");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.admin", false);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.id", "d86d0a41000000000000687f7462f4e6");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15619");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=d86d0a41000000000000687f7462f4e6&q=");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.8.0.7");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.8.0.7");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "about:home");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.0.715:02:56");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "13a4f9b08ebb6a676508a984fa4d99d5");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.admin", false);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.aflt", "babsst");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.dfltLng", "en");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.excTlbr", false);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.id", "d86d0a41000000000000687f7462f4e6");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.instlDay", "15941");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.instlRef", "sst");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.newTab", false);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.prdct", "delta");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.rvrt", "false");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.smplGrp", "none");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.tlbrId", "base");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.vrsn", "1.8.24.6");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.24.60:39:26");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta.vrsni", "1.8.24.6");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta_i.babExt", "");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=124005&tsp=4984");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3306061&SearchSource=2&CUI=UN37287261424589586&UM=2&q=");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 2);
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3306061");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3289663&CUI=UN32586510352672301&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3289663&octid=CT3289663&SearchSource[...]
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289663&SearchSource=2&CUI=UN32586510352672301&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?SSP[...]
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3306061");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3306061");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("smartbar.machineId", "HDWYTOLPBNNYMNOOLGK/VEAPESXPJOP4LHVXREOXDSXYECNVTGOACJFAT8JSRJ4KSHVTRBZ4HP9WKE68M3LYCQ");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://www.aol.com/?mtmhp=hyplogusaolp00000023");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("smartbar.originalSearchAddressUrl", "");
[ln3543ny.default\prefs.js] - Line Deleted : user_pref("smartbar.originalSearchEngine", "");
 
-\\ Google Chrome v42.0.2311.135
 
[C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3331493&octid=EB_ORIGINAL_CTID&ISID=MA8E83737-A2D5-44E5-80EF-517F37B3FDB7&SearchSource=58&CUI=&UM=8&UP=SPE8B95994-85C2-4EDE-8F85-34CAA2C29B6D&q={searchTerms}&SSPV=
[C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
[C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : dajedkncpodkggklbegccjpmnglmnflm
[C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
[C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : jpmbfleldcgkldadpdinhjjopdfpjfjp
[C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
[C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : mppnoffgpafgpgbaigljliadgbnhljfl
[C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : nafaimnnclfjfedmmabolbppcngeolgf
[C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : khopmdnhncdeojhcdpelanocficgdfng
[C:\Users\anita\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : hxxp://search.conduit.com/?ctid=CT3306061&SearchSource=48&CUI=UN36824431971028311&UM=2
[C:\Users\froggy\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN14819981388969766&ctid=CT3298573&UM=2
[C:\Users\froggy\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN54908386413803296&ctid=CT3289663&UM=2
[C:\Users\froggy\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&cui=UN30086245785255236&ctid=CT3272718
[C:\Users\froggy\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={DCE51BC8-CACA-42D1-8D6E-3D461921E733}&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms}
[C:\Users\froggy\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
[C:\Users\froggy\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\froggy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : jpmbfleldcgkldadpdinhjjopdfpjfjp
 
-\\ Chrome Canary v
 
 
*************************
 
AdwCleaner[R0].txt - [61176 bytes] - [09/05/2015 17:58:46]
AdwCleaner[S0].txt - [61675 bytes] - [09/05/2015 18:09:33]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [61735  bytes] ##########


#6 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:09:42 AM

Posted 12 May 2015 - 12:15 AM

Hi there,

This appears to be adware. Please run the following next to check things out.

MiniToolbox by Farbar

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore Points
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

===

Security Check by screen317
  • Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt. Please copy and paste the contents of the log in your next reply.

===

Junkware Removal Tool

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Apologies for the late reply.

Regards,
Alex

#7 froggy007

froggy007
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 12 May 2015 - 04:28 PM

To Alex thank you here is the mini toolbox log 

MiniToolBox by Farbar  Version: 11-05-2015 01
Ran by anita (administrator) on 12-05-2015 at 14:20:56
Running from "C:\Users\anita\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: MS-7578 Manufacturer: MSI
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
NVIDIA nForce 10/100/1000 Mbps Ethernet  = Local Area Connection (Connecting)
Compact Wireless-G USB Network Adapter with SpeedBooster ver.2 = Wireless Network Connection 3 (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="Local Area Connection" address=192.168.0.1 mask=255.255.255.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : tom-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : domain.invalid
 
Wireless LAN adapter Wireless Network Connection 3:
 
   Connection-specific DNS Suffix  . : domain.invalid
   Description . . . . . . . . . . . : Compact Wireless-G USB Network Adapter with SpeedBooster ver.2
   Physical Address. . . . . . . . . : 68-7F-74-62-F4-E6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::6431:e874:3d8:c644%15(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.254.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, May 09, 2015 6:20:55 PM
   Lease Expires . . . . . . . . . . : Friday, June 18, 2151 8:49:19 PM
   Default Gateway . . . . . . . . . : 192.168.254.254
   DHCP Server . . . . . . . . . . . : 192.168.254.254
   DHCPv6 IAID . . . . . . . . . . . : 258506612
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-80-FD-E7-40-61-86-C9-2A-F5
   DNS Servers . . . . . . . . . . . : 192.168.254.254
                                       192.168.254.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet 
   Physical Address. . . . . . . . . : 40-61-86-C9-2A-F5
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::495b:c48f:2550:cdb8%10(Deprecated) 
   Autoconfiguration IPv4 Address. . : 169.254.205.184(Tentative) 
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   IPv4 Address. . . . . . . . . . . : 192.168.0.1(Tentative) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  UnKnown
Address:  192.168.254.254
 
Name:    google.com
Addresses:  2607:f8b0:4005:803::200e
 216.58.192.46
 
 
Pinging google.com [216.58.192.46] with 32 bytes of data:
Reply from 216.58.192.46: bytes=32 time=45ms TTL=56
Reply from 216.58.192.46: bytes=32 time=45ms TTL=56
 
Ping statistics for 216.58.192.46:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 45ms, Maximum = 45ms, Average = 45ms
Server:  UnKnown
Address:  192.168.254.254
 
Name:    yahoo.com
Addresses:  98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=82ms TTL=51
Reply from 98.138.253.109: bytes=32 time=81ms TTL=51
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 81ms, Maximum = 82ms, Average = 81ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...68 7f 74 62 f4 e6 ......Compact Wireless-G USB Network Adapter with SpeedBooster ver.2
 10...40 61 86 c9 2a f5 ......NVIDIA nForce 10/100/1000 Mbps Ethernet 
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.254.254    192.168.254.2     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
    192.168.254.0    255.255.255.0         On-link     192.168.254.2    281
    192.168.254.2  255.255.255.255         On-link     192.168.254.2    281
  192.168.254.255  255.255.255.255         On-link     192.168.254.2    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.254.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.254.2    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 15    281 fe80::/64                On-link
 15    281 fe80::6431:e874:3d8:c644/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/11/2015 05:37:37 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-280293833-2678401902-238087964-1001.bak).  hr = 0x80070539, The security ID structure is invalid.
.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {7f5e7eaa-2bf5-4c7b-9c63-c5f9ec954151}
 
Error: (05/11/2015 02:39:47 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/11/2015 01:17:37 AM) (Source: Windows Backup) (User: )
Description: The backup was not successful. The error is: There is not enough free space on the backup storage location to back up the data. (0x80780048).
 
Error: (05/11/2015 01:17:35 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-280293833-2678401902-238087964-1001.bak).  hr = 0x80070539, The security ID structure is invalid.
.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {97d18f42-d3f3-42a7-845e-8af040299ac7}
 
Error: (05/11/2015 01:17:31 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-280293833-2678401902-238087964-1001.bak).  hr = 0x80070539, The security ID structure is invalid.
.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {97d18f42-d3f3-42a7-845e-8af040299ac7}
 
Error: (05/11/2015 01:17:26 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-280293833-2678401902-238087964-1001.bak).  hr = 0x80070539, The security ID structure is invalid.
.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {97d18f42-d3f3-42a7-845e-8af040299ac7}
 
Error: (05/11/2015 00:58:28 AM) (Source: SignInAssistant) (User: )
Description: StartService failed with hr = 0x80070002
 
Error: (05/11/2015 00:55:21 AM) (Source: SignInAssistant) (User: )
Description: StartService failed with hr = 0x80070002
 
Error: (05/11/2015 00:51:50 AM) (Source: SignInAssistant) (User: )
Description: StartService failed with hr = 0x80070002
 
Error: (05/11/2015 00:50:04 AM) (Source: SignInAssistant) (User: )
Description: StartService failed with hr = 0x80070002
 
 
System errors:
=============
Error: (05/11/2015 07:48:00 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (05/11/2015 07:48:00 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (05/11/2015 07:48:00 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
Error: (05/11/2015 07:48:00 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error: 
%%-2140993535
 
Error: (05/11/2015 07:48:00 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801
 
Error: (05/11/2015 07:48:00 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801
 
Error: (05/11/2015 07:59:17 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (05/11/2015 05:38:36 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (05/11/2015 05:38:34 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (05/11/2015 03:28:00 AM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
%%-2140993535
 
 
Microsoft Office Sessions:
=========================
Error: (05/11/2015 05:37:37 AM) (Source: VSS)(User: )
Description: ConvertStringSidToSid(S-1-5-21-280293833-2678401902-238087964-1001.bak)0x80070539, The security ID structure is invalid.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {7f5e7eaa-2bf5-4c7b-9c63-c5f9ec954151}
 
Error: (05/11/2015 02:39:47 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{6FCD4D5A-20B9-4D79-ABA5-4E7048944025}\recordingmanager.exe
 
Error: (05/11/2015 01:17:37 AM) (Source: Windows Backup)(User: )
Description: There is not enough free space on the backup storage location to back up the data. (0x80780048)
 
Error: (05/11/2015 01:17:35 AM) (Source: VSS)(User: )
Description: ConvertStringSidToSid(S-1-5-21-280293833-2678401902-238087964-1001.bak)0x80070539, The security ID structure is invalid.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {97d18f42-d3f3-42a7-845e-8af040299ac7}
 
Error: (05/11/2015 01:17:31 AM) (Source: VSS)(User: )
Description: ConvertStringSidToSid(S-1-5-21-280293833-2678401902-238087964-1001.bak)0x80070539, The security ID structure is invalid.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {97d18f42-d3f3-42a7-845e-8af040299ac7}
 
Error: (05/11/2015 01:17:26 AM) (Source: VSS)(User: )
Description: ConvertStringSidToSid(S-1-5-21-280293833-2678401902-238087964-1001.bak)0x80070539, The security ID structure is invalid.
 
 
Operation:
   OnIdentify event
   Gathering Writer Data
 
Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {97d18f42-d3f3-42a7-845e-8af040299ac7}
 
Error: (05/11/2015 00:58:28 AM) (Source: SignInAssistant)(User: )
Description: StartService failed with hr = 0x80070002
 
Error: (05/11/2015 00:55:21 AM) (Source: SignInAssistant)(User: )
Description: StartService failed with hr = 0x80070002
 
Error: (05/11/2015 00:51:50 AM) (Source: SignInAssistant)(User: )
Description: StartService failed with hr = 0x80070002
 
Error: (05/11/2015 00:50:04 AM) (Source: SignInAssistant)(User: )
Description: StartService failed with hr = 0x80070002
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-05-07 18:50:48.609
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-05-07 18:50:48.562
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-04-18 03:57:47.573
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-25 03:34:45.853
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-13 03:29:46.051
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-06 23:27:26.675
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-02-06 23:27:26.589
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-03 07:56:43.365
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-01-03 07:56:43.287
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-12-11 03:27:04.661
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Web Protect\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
.sol Editor 1.1.0.1 (HKLM-x32\...\.sol Editor) (Version: 1.1.0.1 - alexisisaac.net)
7Spins (HKLM-x32\...\7Spins) (Version:  - Topgame)
8BallClub Billiards (HKLM-x32\...\8BallClub) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atlantis Gold Casino (HKCU\...\{88458270-ef4a-11e0-be50-0800200c9a66}) (Version:  - )
Black Diamond (HKLM-x32\...\Blackdiamond) (Version:  - Topgame)
Bookworm Adventures Volume 2 (HKLM-x32\...\WTA-82189ee2-26e0-4138-92c5-65a8cb8c7aa9) (Version: 2.2.0.95 - WildTangent) Hidden
Bovada Casino  (HKLM-x32\...\Bovada Casino) (Version:  - Bovada)
CaptainJack Casino (HKLM-x32\...\{f654807f-f836-42da-bf8e-5500455bd24d}) (Version: 14.11.0-RTG - RealTimeGaming Software)
Casino Royal Club (HKLM-x32\...\CasinoRoyalClub) (Version: 1.0 - Rival)
Casino Titan (HKLM-x32\...\{293c8461-5817-46ce-936e-6d326e961de0}) (Version: 13.1.0-RTG - RealTimeGaming Software)
cleosviproom (HKLM-x32\...\Cleos Vip Room_is1) (Version:  - kingsbury)
Club Player Casino (HKLM-x32\...\{cd18be10-99c1-4a70-ad3a-3ca88606edb8}) (Version: 13.1.0-RTG - RealTimeGaming Software)
Compact Wireless-G USB Network Adapter with SpeedBooster Driver - WUSB54GSC (HKLM-x32\...\{65563451-00B6-458C-9F9A-03A7757355A6}) (Version: 1.0 - Linksys, A Division of Cisco.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dendera Casino (HKLM-x32\...\DenderaCasino) (Version: 1.0 - Rival)
Diamond VIP Club (HKLM-x32\...\DiamondVipClub) (Version:  - Topgame)
DomGame (HKLM-x32\...\DomGame) (Version: 1.0 - Rival)
Dream Aquarium 1.234 (HKLM-x32\...\Dream Aquarium) (Version: 1.234 - Dream Aquarium Screensaver)
EaseUS Data Recovery Wizard 5.8.5 (HKLM-x32\...\EaseUS Data Recovery Wizard 5.8.5_is1) (Version:  - EaseUS)
EasyViewer (HKLM-x32\...\{EECD7B96-1416-4D3A-B12D-0D2512120C36}) (Version: 1.3.0.9 - MSI) Hidden
EasyViewer (HKLM-x32\...\InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}) (Version: 1.3.0.9 - MSI)
Express Zip (HKLM-x32\...\ExpressZip) (Version: 2.17 - NCH Software)
Fire Spiral (HKLM-x32\...\Fire Spiral) (Version:  - )
Flash Player Pro V5.4 (HKLM-x32\...\Flash Player Pro_is1) (Version:  - FlashPlayerPro.com)
Free Spin (HKLM-x32\...\{d1b18aee-4bb1-4faa-903b-2375aff4022a}) (Version: 13.1.0-RTG - RealTimeGaming Software)
FreeRide Games (HKLM-x32\...\{6C26A305-4549-4A8A-9F03-25719C03B0FB}) (Version: 07.05.83.00 - Exent Technologies)
Glary Utilities 5.23 (HKLM-x32\...\Glary Utilities 5) (Version: 5.23.0.42 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.26.9 - Google Inc.) Hidden
Grand Fortune Casino USD (HKLM-x32\...\{f99a9fba-0e42-43c4-a0dd-6d634f6642ab}) (Version: 14.12.0-RTG - RealTimeGaming Software)
GrandLuxe Casino (HKLM-x32\...\Grandluxe) (Version:  - Topgame)
HiDef Media Player 1.1.12 (HKLM-x32\...\HiDef Media Player) (Version: 1.1.12 - HiDefMedia)
Jackpot Capital (HKLM-x32\...\{fe986ae8-5283-4177-9178-52ba8d21bb10}) (Version: 13.1.0-RTG - RealTimeGaming Software)
Java 7 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417072FF}) (Version: 7.0.720 - Oracle)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Las Vegas USA Casino (HKLM-x32\...\{f1f75b50-c5af-446d-ad5b-b11d94445775}) (Version: 14.12.0-RTG - RealTimeGaming Software)
Liberty Slots Casino (HKLM-x32\...\{FE8C9237-59BF-45A4-A179-EF24C882C03D}) (Version: 1.00.0000 - LibertySlots)
Live Update 5 (HKLM-x32\...\{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1) (Version: 5.0.098 - MSI)
LUXOR - 5th Passage (HKLM-x32\...\exent_710650) (Version:  - )
Luxor 2 HD (HKLM-x32\...\Luxor 2 HD1.0) (Version: 1.0 - Foxy Games)
Mahjongg Dimensions (HKLM-x32\...\Mahjongg Dimensions) (Version: 32.0.0.0 - Shockwave.com)
Mahjongg Dimensions Deluxe 2 - Tiles in Time (HKLM-x32\...\Mahjongg Dimensions Deluxe 2 - Tiles in Time1.0) (Version: 1.0 - Foxy Games)
Miami Club Casino (HKLM-x32\...\{859BA615-476A-4A60-90C3-04D26EEED51E}) (Version: 1.00.0000 - Miami Club Casino)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft DirectX SDK (February 2010) (HKLM-x32\...\Microsoft DirectX SDK (February 2010)) (Version: 9.28.1886.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MixPad (HKLM-x32\...\MixPad) (Version:  - NCH Software)
Mona Casino (HKLM-x32\...\Mona) (Version:  - Topgame)
Monarchs Online Casino (HKLM-x32\...\MonarchsOnlineCasino) (Version:  - Topgame)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 25.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 25.0.1 (x86 en-US)) (Version: 25.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 25.0.1 - Mozilla)
MPC-HC 1.6.8 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.6.8.7417 - MPC-HC Team)
MPC-HC 1.7.0 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.0.7858 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9713 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7325.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
OpenOffice.org 3.4 (HKLM-x32\...\{51071D66-D034-4239-94E0-723FCA10B6FE}) (Version: 3.4.9590 - OpenOffice.org)
PhotoPad Image Editor (HKLM-x32\...\PhotoPad) (Version:  - NCH Software)
PhotoStage Slideshow Producer (HKLM-x32\...\PhotoStage) (Version: 3.18 - NCH Software)
Pixillion Image Converter (HKLM-x32\...\Pixillion) (Version:  - NCH Software)
Pixorial Uploader (HKLM-x32\...\{ED30C4E2-81D2-8C86-2F77-D663FC3B1950}) (Version: 1.4 - Pixorial, Inc) Hidden
Pixorial Uploader (HKLM-x32\...\PixorialUploader) (Version: 1.4 - Pixorial, Inc)
Popular Screensavers (HKLM-x32\...\Popular Screensavers) (Version: 2.0.0.0 - Mindspark Interactive Network)
Pos Panorama Pro (HKLM-x32\...\Pos Panorama Pro) (Version: 1.20 - PowerOfSoftware Ltd.)
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.25 - NCH Software)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raging Bull Casino (HKLM-x32\...\{60CA1912-5BA8-4A4B-B689-F898D1B67E4A}) (Version: 15.01.0-RTG - RealTimeGaming Software)
RealDownloader (HKLM-x32\...\{6FCD4D5A-20B9-4D79-ABA5-4E7048944025}) (Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (HKLM-x32\...\{e6171278-8759-449d-9e0b-c1825debc2ad}) (Version: 17.0.15.7 - RealNetworks) Hidden
RealDownloader (HKLM-x32\...\{FBEFDC9E-F8FB-4B66-A78B-09B7B380D59D}) (Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM\...\{21E47F47-C9A7-4454-BA48-388327B0EA00}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6473 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Rialto (HKLM-x32\...\Rialto) (Version:  - Topgame)
RomeCasino (HKLM-x32\...\RomeCasino) (Version:  - Topgame)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Serif DrawPlus Starter Edition (HKLM-x32\...\{33311EA4-0ECA-4E7F-83E5-8A92CD760152}) (Version: 2.0.2.010 - Serif (Europe) Ltd)
SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
SketchUp 2015 (HKLM\...\{319CD380-1AAB-4CAD-BE1D-59189A780FA6}) (Version: 15.2.685 - Trimble Navigation Limited)
SketchUp 8 (HKLM-x32\...\{8EB62C87-AAA6-4850-A5BC-64155884B973}) (Version: 3.0.16846 - Trimble Navigation Limited)
Slot Madness Casino (HKLM-x32\...\{8c1a957c-3450-4960-b966-449e613e7c3c}) (Version: 13.1.0-NuWorks - Nuworks Gaming)
Slots Casino  (HKLM-x32\...\Slots Casino) (Version:  - Slots)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.012 - MSI)
Treasure Island Jackpots (HKCU\...\{0CF1AA97-47BC-41D8-B8DF-EE79C86B1573}) (Version:  - )
Tropicana Gold Casino (HKLM-x32\...\TropicanaGold) (Version:  - Topgame)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
uPlayer (HKLM-x32\...\{06810DC6-3501-40FE-BCB3-1A7BE6398A36}) (Version: 1.0.0 - Full Spectrum Interactive)
Vegas Strip (HKLM-x32\...\{25f1674a-fcbf-43cf-96db-9c2025d63009}) (Version: 13.1.0-RTG - RealTimeGaming Software)
Video Downloader (HKLM-x32\...\{62796191-6F12-4ABE-BA8B-B4D4A266C997}) (Version: 1.0.0 - RealNetworks) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 5.48 - NCH Software)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames) (Version: 4.0.11.14 - WildTangent) Hidden
Windows Essentials Media Codec Pack 4.7 [64-Bit] (HKLM-x32\...\Windows Essentials Media Codec Pack) (Version: 4.7 - Media Codec)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E7}) (Version: 19.0.11294 - WinZip Computing, S.L. )
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Zuma's Revenge! (HKLM-x32\...\Zuma's Revenge!1.0) (Version: 1.0 - AllSmartGames)
 
========================= Devices: ================================
 
Name: X5XSEx_Pr143
Description: X5XSEx_Pr143
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: X5XSEx_Pr143
Device ID: ROOT\LEGACY_X5XSEX_PR143\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 31%
Total physical RAM: 6015.24 MB
Available physical RAM: 4122.49 MB
Total Pagefile: 12028.68 MB
Available Pagefile: 10231.54 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.2 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:152.57 GB) (Free:43.07 GB) NTFS
2 Drive d: (XTV_STR_DSK) (Fixed) (Total:149.05 GB) (Free:24.53 GB) NTFS
3 Drive e: (My Disc) (CDROM) (Total:0.04 GB) (Free:0 GB) CDFS
4 Drive f: (120ide) (Fixed) (Total:111.78 GB) (Free:40.71 GB) NTFS
5 Drive g: (May 07 2015) (CDROM) (Total:0.74 GB) (Free:0 GB) UDF
 
========================= Users: ========================================
 
User accounts for \\TOM-PC
 
Administrator            anita                    froggy                   
Guest                    UpdatusUser              
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
24-04-2015 14:23:27 Windows Update
27-04-2015 02:01:03 Windows Backup
27-04-2015 19:18:33 Windows Update
01-05-2015 13:33:14 Windows Update
04-05-2015 02:00:52 Windows Backup
04-05-2015 14:02:33 Windows Update
08-05-2015 01:37:56 ComboFix created restore point
08-05-2015 02:18:10 Windows Update
11-05-2015 07:22:58 Windows Backup
11-05-2015 12:37:37 Windows Update
 
**** End of log ****


#8 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:09:42 AM

Posted 13 May 2015 - 12:25 AM

Hi there,

Please post the logs from SecurityCheck and JRT when they are done. Thank you.

Please uninstall the following software from Programs and Features:

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)

Do you play WildTangent games?

Regards,
Alex

#9 froggy007

froggy007
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 13 May 2015 - 03:58 AM

to Alex here is theJRT file log

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.0 (05.09.2015:1)
OS: Windows 7 Home Premium x64
Ran by anita on Wed 05/13/2015 at  1:50:17.16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
Successfully deleted: [Task] C:\Windows\system32\tasks\TopArcadeHits
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{976d7863-9e6c-4066-8c67-0993db9de35f}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{adff4c9a-4f49-4a1f-8885-360e107b7938}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{23EDD019-4784-A206-04A5-2EB65BC71E45}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411361128}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{976d7863-9e6c-4066-8c67-0993db9de35f}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{adff4c9a-4f49-4a1f-8885-360e107b7938}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{6C8DB2EC-499B-4897-A784-0E3186C97E9D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{976d7863-9e6c-4066-8c67-0993db9de35f}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{adff4c9a-4f49-4a1f-8885-360e107b7938}
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Windows\couponprinter.ocx
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARMANAGER_BA9226F4-3D073F18.pf
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-7AE0A20E.pf
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARUSER_32.EXE-34B1B1C5.pf
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\Program Files (x86)\Bucksbee Loyalty Plugin - 100815
Successfully deleted: [Folder] C:\Program Files (x86)\whitesmoke_new
Successfully deleted: [Folder] C:\Users\anita\appdata\local\cre
Successfully deleted: [Folder] C:\Users\anita\appdata\locallow\whitesmoke_new
Successfully deleted: [Folder] C:\Users\anita\AppData\Roaming\microsoft\windows\start menu\programs\toparcadehits
Successfully deleted: [Folder] C:\Users\anita\AppData\Roaming\FCTB000100815
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\Users\anita\AppData\Roaming\mozilla\firefox\profiles\ln3543ny.default\searchplugins\aol-search.xml
Successfully deleted: [Folder] C:\Users\anita\AppData\Roaming\mozilla\firefox\profiles\ln3543ny.default\smartbar
Failed to delete: [Folder] C:\Users\anita\AppData\Roaming\mozilla\firefox\profiles\ln3543ny.default\extensions\staged
Successfully deleted: [Folder] C:\Users\anita\AppData\Roaming\mozilla\firefox\profiles\ln3543ny.default\extensions\{0113d088-8ed1-468c-b225-585a9c53b5e3}
Successfully deleted: [Folder] C:\Users\anita\AppData\Roaming\mozilla\firefox\profiles\ln3543ny.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
Successfully deleted the following from C:\Users\anita\AppData\Roaming\mozilla\firefox\profiles\ln3543ny.default\prefs.js
 
user_pref(CT3289663_Firefox.csv, [{\from\:\Abs Layer\,\action\:\loading toolbar\,\time\:1427817909429,\isWithState\:\\,\timeFromStart\:0,\timeFromPrev\:0}
user_pref(CT3289847_Firefox.csv, [{\from\:\Abs Layer\,\action\:\loading toolbar\,\time\:1427817909413,\isWithState\:\\,\timeFromStart\:0,\timeFromPrev\:0}
user_pref(CT3306061.ENABALE_HISTORY, {\dataType\:\string\,\data\:\true\});
user_pref(CT3306061.FF19Solved, true);
user_pref(CT3306061.FirstTime, true);
user_pref(CT3306061.FirstTimeFF3, true);
user_pref(CT3306061.UserID, UN37287261424589586);
user_pref(CT3306061.addressBarTakeOverEnabledInHidden, true);
user_pref(CT3306061.appOptions, {});
user_pref(CT3306061.browser.search.defaultthis.engineName, true);
user_pref(CT3306061.countryCode, US);
user_pref(CT3306061.defaultSearch, true);
user_pref(CT3306061.enableAlerts, true);
user_pref(CT3306061.enableSearchFromAddressBar, true);
user_pref(CT3306061.firstTimeDialogOpened, true);
user_pref(CT3306061.fixPageNotFoundError, true);
user_pref(CT3306061.fixPageNotFoundErrorByUser, true);
user_pref(CT3306061.fixPageNotFoundErrorInHidden, true);
user_pref(CT3306061.fullUserID, UN37287261424589586.IN.20140112054102);
user_pref(CT3306061.homepageuserchanged, true);
user_pref(CT3306061.installDate, 12/01/2014 05:41:06);
user_pref(CT3306061.installSessionId, {4071ED05-811F-4469-9929-5177385BE1BA});
user_pref(CT3306061.installSp, TRUE);
user_pref(CT3306061.installUsage, 12/01/2014 05:50:46);
user_pref(CT3306061.installUsageEarly, 12/01/2014 05:50:46);
user_pref(CT3306061.installerVersion, 1.8.1.4);
user_pref(CT3306061.isCheckedStartAsHidden, true);
user_pref(CT3306061.isEnableAllDialogs, {\dataType\:\string\,\data\:\true\});
user_pref(CT3306061.isFirstTimeToolbarLoading, false);
user_pref(CT3306061.isToolbarShrinked, {\dataType\:\string\,\data\:\false\});
user_pref(CT3306061.keyword, true);
user_pref(CT3306061.lastVersion, 10.23.0.722);
user_pref(CT3306061.navigationAliasesJson, {\EB_MAIN_FRAME_URL\:\hxxp%3A%2F%2Fwww.jizzwar.com%2Fvideo%2F39%2FParty-girls-love-to-ride-big-dicks\,\EB_MAIN_FRAME_TITLE\
user_pref(CT3306061.openThankYouPage, false);
user_pref(CT3306061.openUninstallPage, true);
user_pref(CT3306061.originalSearchEngine, Trovi search);
user_pref(CT3306061.originalSearchEngineName, Trovi search);
user_pref(CT3306061.revertSettingsEnabled, true);
user_pref(CT3306061.search.searchAppId, 130158552044204297);
user_pref(CT3306061.search.searchCount, 1);
user_pref(CT3306061.searchFromAddressBarEnabledByUser, true);
user_pref(CT3306061.searchInNewTabEnabledByUser, true);
user_pref(CT3306061.searchInNewTabEnabledInHidden, true);
user_pref(CT3306061.searchRevert, true);
user_pref(CT3306061.searchSuggestEnabledByUser, true);
user_pref(CT3306061.searchUninstallUserMode, 2);
user_pref(CT3306061.searchUserMode, 2);
user_pref(CT3306061.selectToSearchBoxEnabled, {\dataType\:\string\,\data\:\true\});
user_pref(CT3306061.serviceLayer_service_login_isFirstLoginInvoked, {\dataType\:\boolean\,\data\:\true\});
user_pref(CT3306061.serviceLayer_service_login_loginCount, {\dataType\:\number\,\data\:\3\});
user_pref(CT3306061.serviceLayer_service_toolbarGrouping_activeCTID, {\dataType\:\string\,\data\:\CT3306061\});
user_pref(CT3306061.serviceLayer_service_toolbarGrouping_activeDownloadUrl, {\dataType\:\string\,\data\:\hxxp://ConnectDLC5.OurToolbar.com//xpi\});
user_pref(CT3306061.serviceLayer_service_toolbarGrouping_activeToolbarName, {\dataType\:\string\,\data\:\Connect DLC 5 \});
user_pref(CT3306061.serviceLayer_service_toolbarGrouping_invoked, {\dataType\:\string\,\data\:\true\});
user_pref(CT3306061.serviceLayer_service_usage_toolbarUsageCount, {\dataType\:\number\,\data\:\2\});
user_pref(CT3306061.serviceLayer_services_Configuration_lastUpdate, 1427805926826);
user_pref(CT3306061.serviceLayer_services_appTrackingFirstTime_lastUpdate, 1427796109629);
user_pref(CT3306061.serviceLayer_services_appsMetadata_lastUpdate, 1427796108511);
user_pref(CT3306061.serviceLayer_services_gottenAppsContextMenu_lastUpdate, 1427796108779);
user_pref(CT3306061.serviceLayer_services_login_10.23.0.722_lastUpdate, 1427810327253);
user_pref(CT3306061.serviceLayer_services_otherAppsContextMenu_lastUpdate, 1427796108573);
user_pref(CT3306061.serviceLayer_services_searchAPI_lastUpdate, 1427805926807);
user_pref(CT3306061.serviceLayer_services_serviceMap_lastUpdate, 1427805926547);
user_pref(CT3306061.serviceLayer_services_toolbarContextMenu_lastUpdate, 1427796108910);
user_pref(CT3306061.serviceLayer_services_toolbarSettings_lastUpdate, 1427817529132);
user_pref(CT3306061.serviceLayer_services_translation_lastUpdate, 1427796108169);
user_pref(CT3306061.settingsINI, true);
user_pref(CT3306061.shouldFirstTimeDialog, false);
user_pref(CT3306061.showToolbarPermission, false);
user_pref(CT3306061.startPage, true);
user_pref(CT3306061.toolbarBornServerTime, 31-3-2015);
user_pref(CT3306061.toolbarCurrentServerTime, 31-3-2015);
user_pref(CT3306061.toolbarInstallDate, 12-01-2014 05:41:03);
user_pref(CT3306061.toolbarLoginClientTime, Tue Mar 31 2015 03:01:46 GMT-0700 (US Mountain Standard Time));
user_pref(CT3306061.versionFromInstaller, 10.23.0.722);
user_pref(CT3306061.xpeMode, 1);
user_pref(CT3306061_Firefox.csv, [{\from\:\Abs Layer\,\action\:\loading toolbar\,\time\:1427817909457,\isWithState\:\\,\timeFromStart\:0,\timeFromPrev\:0}
user_pref(CT3315827.1000082.isPlayDisplay, true);
user_pref(CT3315827.1000082.state, {\state\:\stopped\,\text\:\Californi...\,\description\:\California Rock - Rock\,\url\:\hxxp://www.feedlive.net/california.
user_pref(CT3315827.1000234.TWC_TMP_city, LAKE HAVASU CITY);
user_pref(CT3315827.1000234.TWC_TMP_country, US);
user_pref(CT3315827.1000234.TWC_country, UNITED STATES);
user_pref(CT3315827.1000234.TWC_locId, USAZ0116);
user_pref(CT3315827.1000234.TWC_location, Lake Havasu City, AZ);
user_pref(CT3315827.1000234.TWC_region, US);
user_pref(CT3315827.1000234.TWC_temp_dis, f);
user_pref(CT3315827.1000234.TWC_wind_dis, mph);
user_pref(CT3315827.ENABALE_HISTORY, {\dataType\:\string\,\data\:\true\});
user_pref(CT3315827.FF19Solved, true);
user_pref(CT3315827.FirstTime, true);
user_pref(CT3315827.FirstTimeFF3, true);
user_pref(CT3315827.UserID, UN27016857132909715);
user_pref(CT3315827.addressBarTakeOverEnabledInHidden, true);
user_pref(CT3315827.appOptions, {});
user_pref(CT3315827.browser.search.defaultthis.engineName, true);
user_pref(CT3315827.countryCode, US);
user_pref(CT3315827.defaultSearch, true);
user_pref(CT3315827.enableAlerts, true);
user_pref(CT3315827.enableSearchFromAddressBar, true);
user_pref(CT3315827.firstTimeDialogOpened, true);
user_pref(CT3315827.fixPageNotFoundError, true);
user_pref(CT3315827.fixPageNotFoundErrorByUser, true);
user_pref(CT3315827.fixPageNotFoundErrorInHidden, true);
user_pref(CT3315827.fullUserID, UN27016857132909715.IN.20131214152445);
user_pref(CT3315827.homepageuserchanged, true);
user_pref(CT3315827.installDate, 14/12/2013 15:25:22);
user_pref(CT3315827.installSessionId, {5A5408D0-C139-4BA5-A2B1-00D0FF82500A});
user_pref(CT3315827.installSp, TRUE);
user_pref(CT3315827.installUsage, 2015-03-31T13:00:52.2856001+03:00);
user_pref(CT3315827.installUsageEarly, 2015-03-31T13:00:47.7303125+03:00);
user_pref(CT3315827.installerVersion, 1.8.1.4);
user_pref(CT3315827.isCheckedStartAsHidden, true);
user_pref(CT3315827.isEnableAllDialogs, {\dataType\:\string\,\data\:\true\});
user_pref(CT3315827.isFirstTimeToolbarLoading, false);
user_pref(CT3315827.isToolbarShrinked, {\dataType\:\string\,\data\:\false\});
user_pref(CT3315827.keyword, true);
user_pref(CT3315827.lastVersion, 10.23.0.722);
user_pref(CT3315827.navigationAliasesJson, {\EB_MAIN_FRAME_URL\:\hxxp%3A%2F%2Fwww.jizzwar.com%2Fvideo%2F39%2FParty-girls-love-to-ride-big-dicks\,\EB_MAIN_FRAME_TITLE\
user_pref(CT3315827.openThankYouPage, false);
user_pref(CT3315827.openUninstallPage, true);
user_pref(CT3315827.revertSettingsEnabled, false);
user_pref(CT3315827.search.searchAppId, 130246923221938706);
user_pref(CT3315827.search.searchCount, 0);
user_pref(CT3315827.searchFromAddressBarEnabledByUser, true);
user_pref(CT3315827.searchInNewTabEnabledByUser, true);
user_pref(CT3315827.searchInNewTabEnabledInHidden, true);
user_pref(CT3315827.searchRevert, false);
user_pref(CT3315827.searchSuggestEnabledByUser, true);
user_pref(CT3315827.searchUninstallUserMode, 2);
user_pref(CT3315827.searchUserMode, 2);
user_pref(CT3315827.selectToSearchBoxEnabled, {\dataType\:\string\,\data\:\true\});
user_pref(CT3315827.serviceLayer_service_login_isFirstLoginInvoked, {\dataType\:\boolean\,\data\:\true\});
user_pref(CT3315827.serviceLayer_service_login_loginCount, {\dataType\:\number\,\data\:\3\});
user_pref(CT3315827.serviceLayer_service_toolbarGrouping_activeCTID, {\dataType\:\string\,\data\:\CT3315827\});
user_pref(CT3315827.serviceLayer_service_toolbarGrouping_activeDownloadUrl, {\dataType\:\string\,\data\:\hxxp://InternetHelper36.OurToolbar.com//xpi\});
user_pref(CT3315827.serviceLayer_service_toolbarGrouping_activeToolbarName, {\dataType\:\string\,\data\:\InternetHelper3.6 \});
user_pref(CT3315827.serviceLayer_service_toolbarGrouping_invoked, {\dataType\:\string\,\data\:\true\});
user_pref(CT3315827.serviceLayer_service_usage_toolbarUsageCount, {\dataType\:\number\,\data\:\2\});
user_pref(CT3315827.serviceLayer_services_Configuration_lastUpdate, 1427805926790);
user_pref(CT3315827.serviceLayer_services_appTrackingFirstTime_lastUpdate, 1427796108520);
user_pref(CT3315827.serviceLayer_services_appsMetadata_lastUpdate, 1427796108499);
user_pref(CT3315827.serviceLayer_services_gottenAppsContextMenu_lastUpdate, 1427796108841);
user_pref(CT3315827.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate, 1427796104111);
user_pref(CT3315827.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate, 1427796108492);
user_pref(CT3315827.serviceLayer_services_login_10.23.0.722_lastUpdate, 1427810327158);
user_pref(CT3315827.serviceLayer_services_otherAppsContextMenu_lastUpdate, 1427796108734);
user_pref(CT3315827.serviceLayer_services_searchAPI_lastUpdate, 1427805927003);
user_pref(CT3315827.serviceLayer_services_serviceMap_lastUpdate, 1427805926471);
user_pref(CT3315827.serviceLayer_services_toolbarContextMenu_lastUpdate, 1427796108682);
user_pref(CT3315827.serviceLayer_services_toolbarSettings_lastUpdate, 1427817529159);
user_pref(CT3315827.serviceLayer_services_translation_lastUpdate, 1427796108150);
user_pref(CT3315827.settingsINI, true);
user_pref(CT3315827.shouldFirstTimeDialog, false);
user_pref(CT3315827.showToolbarPermission, false);
user_pref(CT3315827.startPage, true);
user_pref(CT3315827.toolbarBornServerTime, 31-3-2015);
user_pref(CT3315827.toolbarCurrentServerTime, 31-3-2015);
user_pref(CT3315827.toolbarInstallDate, 14-12-2013 15:24:46);
user_pref(CT3315827.toolbarLoginClientTime, Tue Mar 31 2015 03:01:45 GMT-0700 (US Mountain Standard Time));
user_pref(CT3315827.versionFromInstaller, 10.23.0.722);
user_pref(CT3315827.xpeMode, 0);
user_pref(CT3315827_Firefox.csv, [{\from\:\Abs Layer\,\action\:\loading toolbar\,\time\:1427817909443,\isWithState\:\\,\timeFromStart\:0,\timeFromPrev\:0}
user_pref(playbryte.defaultsearchprocessed, true);
user_pref(playbryte.installpixelfired, true);
user_pref(playbryte.pingdate, Wed Apr 01 2015 03:01:39 GMT-0700 (US Mountain Standard Time));
user_pref(valueApps.CT3289663.mam_gk_appStateReportTime, 6E756C6C);
user_pref(valueApps.CT3289663.mam_gk_appStateReportTime.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_appState_CouponBuddy, );
user_pref(valueApps.CT3289663.mam_gk_appState_CouponBuddy.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_appState_Discover, );
user_pref(valueApps.CT3289663.mam_gk_appState_Discover.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_appState_Discover_Apps, );
user_pref(valueApps.CT3289663.mam_gk_appState_Discover_Apps.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_appState_Easytobook, );
user_pref(valueApps.CT3289663.mam_gk_appState_Easytobook.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_appState_Easytobook_targeted, );
user_pref(valueApps.CT3289663.mam_gk_appState_Easytobook_targeted.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_appState_Find-a-Pro, );
user_pref(valueApps.CT3289663.mam_gk_appState_Find-a-Pro.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_appState_PriceGong, );
user_pref(valueApps.CT3289663.mam_gk_appState_PriceGong.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_appState_WindowShopper, );
user_pref(valueApps.CT3289663.mam_gk_appState_WindowShopper.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_appState_YieldKit, );
user_pref(valueApps.CT3289663.mam_gk_appState_YieldKit.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_appState_app13, );
user_pref(valueApps.CT3289663.mam_gk_appState_app13.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_appsDefaultEnabled, 6E756C6C);
user_pref(valueApps.CT3289663.mam_gk_appsDefaultEnabled.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_currentVersion, 312E31322E302E35);
user_pref(valueApps.CT3289663.mam_gk_currentVersion.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_existingUsersRecoveryDone, 6E756C6C);
user_pref(valueApps.CT3289663.mam_gk_existingUsersRecoveryDone.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_first_time, 6E756C6C);
user_pref(valueApps.CT3289663.mam_gk_first_time.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_globalKeysMigratedToLocalStorage, 6E756C6C);
user_pref(valueApps.CT3289663.mam_gk_globalKeysMigratedToLocalStorage.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_installer_preapproved, 6E756C6C);
user_pref(valueApps.CT3289663.mam_gk_installer_preapproved.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_lastLoginTime, 6E756C6C);
user_pref(valueApps.CT3289663.mam_gk_lastLoginTime.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_localization, 6E756C6C);
user_pref(valueApps.CT3289663.mam_gk_localization.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_migrated_from_ls, 31);
user_pref(valueApps.CT3289663.mam_gk_migrated_from_ls.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_new_welcome_experience, 6E756C6C);
user_pref(valueApps.CT3289663.mam_gk_new_welcome_experience.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_pgUnloadedOnce, 6E756C6C);
user_pref(valueApps.CT3289663.mam_gk_pgUnloadedOnce.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_settings1.11.4.2, 6E756C6C);
user_pref(valueApps.CT3289663.mam_gk_settings1.11.4.2.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_showWelcomeGadget, 6E756C6C);
user_pref(valueApps.CT3289663.mam_gk_showWelcomeGadget.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_stamp, 6E756C6C);
user_pref(valueApps.CT3289663.mam_gk_stamp.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_userId, 6E756C6C);
user_pref(valueApps.CT3289663.mam_gk_userId.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_user_approval_interacted, 6E756C6C);
user_pref(valueApps.CT3289663.mam_gk_user_approval_interacted.storedInFile, false);
user_pref(valueApps.CT3289663.mam_gk_welcomeDialogMode, 6E756C6C);
user_pref(valueApps.CT3289663.mam_gk_welcomeDialogMode.storedInFile, false);
user_pref(valueApps.CT3306061.mam_gk_currentVersion, 312E31332E302E3137);
user_pref(valueApps.CT3306061.mam_gk_currentVersion.storedInFile, false);
user_pref(valueApps.CT3306061.mam_gk_migrated_from_ls, 31);
user_pref(valueApps.CT3306061.mam_gk_migrated_from_ls.storedInFile, false);
user_pref(valueApps.CT3306061.mam_gk_userBornDate, 4E2F41);
user_pref(valueApps.CT3306061.mam_gk_userBornDate.storedInFile, false);
user_pref(valueApps.storage.mam_gk_userId, 36343437666639642D613532332D346635642D616331632D613135303133366631313263);
Emptied folder: C:\Users\anita\AppData\Roaming\mozilla\firefox\profiles\ln3543ny.default\minidumps [41 files]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 05/13/2015 at  1:53:44.35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#10 froggy007

froggy007
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:42 AM

Posted 13 May 2015 - 04:01 AM

to Alex here is the security check log 

 

 Results of screen317's Security Check version 1.001  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
Microsoft Security Essentials   
  (On Access scanning disabled!) 
 Error obtaining update status for antivirus!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 40  
 Java version 32-bit out of Date! 
 Adobe Flash Player 17.0.0.169  
 Adobe Reader XI  
 Mozilla Firefox 25.0.1 Firefox out of Date!  
 Google Chrome (42.0.2311.135) 
 Google Chrome (42.0.2311.90) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 


#11 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:09:42 AM

Posted 13 May 2015 - 05:17 AM

Hi there,

Can you follow the other instructions I have posted above?

When you are done, please do this.

Malwarebytes Anti-Malware

Download Malwarebytes Anti-Malware from here.

Double click on the file mbam-setup-2.x.x.xxxx.exe to install the application. (x.x.xxxx is the version)
  • Follow the prompt. At the end place a checkmark in Launch Malwarebytes Anti-Malware, then choose Finish.
  • When MBAM opens it will says Your database is out of date. Choose Fix Now.
  • Click on the Scan tab at the top of the window, choose Threat Scan, then Scan Now.
  • If you receive a message that updates are available, choose Update Now button (the scan will start after updates are completed).
  • Please be patient as the scan will take some time.
  • If MBAM detected threats, choose Quarantine for all items, then click Apply Actions.
  • While still on the Scan tab, choose View detailed log. In the window that opens, click the Export button, choose Text file (*.txt) and save the log to your Desktop.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


===

ESET Online Scanner

You will need to use Internet Explorer for this scan.
  • Hold down Ctrl and click here to open ESET Online Scanner in a new window.
  • Click the ESET Online Scanner button.
  • Put a checkmark in "YES, I accept the Terms of Use."
  • Click Start.
  • Accept any security warnings from your browser.
  • Under Scan settings, put a checkmark in Scan Archives.
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Scan.
  • ESET Online Scanner will automatically update and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats.
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
Regards,
Alex




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users