Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Abnormal Blue Screen of Death


  • Please log in to reply
18 replies to this topic

#1 skullknight

skullknight

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:08 PM

Posted 11 May 2015 - 05:19 PM

Ok so I am having a serious blue screen issue. Whenever I have Skype open talking to someone while playing video games I blue screen randomly. This never happens when I am not in Skype talking to someone. It isn't just a certain game, it is all PC games. I have updated Skype, Java and my Video Card but it still happens. Need some help guys.


Edited by hamluis, 12 May 2015 - 09:51 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,365 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:08 PM

Posted 11 May 2015 - 06:39 PM

Please download and install Speccy to provide us with information about your computer.  Clicking on this link will automatically initiate the download. 
 
When Speccy opens you will see a screen similar to the one below.
 
speccy9_zps2d9cdedc.png
 
Click on File which is outlined in red in the screen above, and then click on Publish Snapshot.
 
The following screen will appear, click on Yes.
 
speccy7_zpsfa02105f.png
 
The following screen will appear, click on Copy to Clipboard.
 
speccy3_zps1791b093.png
 
In your next post right click inside the Reply to Topic box, then click on Paste.  This will load a link to the Speccy log.
 
==========
 

Please download MiniToolBox, save it to your desktop and run it.
 
Checkmark only the following checkboxes:
 
• List last 10 Event Viewer log
• List Installed Programs
• List Users, Partitions and Memory size.
• List Minidump Files
 
Click on Go to start the scan.  Once it is finished highlight the text, copy it and paste it in your next post.
 
 
 
 

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 skullknight

skullknight
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:08 PM

Posted 11 May 2015 - 08:49 PM

http://speccy.piriform.com/results/tGEd7v8fzGiAu2QhmwfzBRx

 

MiniToolBox by Farbar  Version: 11-05-2015 01
Ran by Derrick (administrator) on 11-05-2015 at 18:47:52
Running from "C:\Users\Derrick\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: MS-7693 Manufacturer: MSI
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/11/2015 04:52:07 PM) (Source: Application Hang) (User: )
Description: The program MarvelHeroes2015.exe version 1.34.0.211 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1754

Start Time: 01d08c42eda4e85c

Termination Time: 191

Application Path: C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\unrealengine3\binaries\win64\MarvelHeroes2015.exe

Report Id: b2b668ef-f838-11e4-81aa-448a5b89967e

Error: (05/11/2015 10:07:28 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/10/2015 05:50:57 PM) (Source: Application Hang) (User: )
Description: The program MarvelHeroes2015.exe version 1.34.0.211 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1658

Start Time: 01d08b82d34a3112

Termination Time: 156

Application Path: C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\unrealengine3\binaries\win64\MarvelHeroes2015.exe

Report Id: c5292f9c-f777-11e4-a32c-448a5b89967e

Error: (05/10/2015 05:36:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/10/2015 05:13:55 PM) (Source: Application Hang) (User: )
Description: The program MarvelHeroes2015.exe version 1.34.0.211 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 13e8

Start Time: 01d08b7f43caa6a5

Termination Time: 86

Application Path: C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\unrealengine3\binaries\win64\MarvelHeroes2015.exe

Report Id: 98bf86a5-f772-11e4-aebe-448a5b89967e

Error: (05/10/2015 04:55:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/10/2015 04:28:38 PM) (Source: Application Hang) (User: )
Description: The program MarvelHeroes2015.exe version 1.34.0.211 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 15c4

Start Time: 01d08b7566ffa4f7

Termination Time: 319

Application Path: C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\unrealengine3\binaries\win64\MarvelHeroes2015.exe

Report Id: 4179a113-f76c-11e4-8672-448a5b89967e

Error: (05/10/2015 10:49:48 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/09/2015 11:20:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/09/2015 05:53:24 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_SysMain, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: sysmain.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c9db
Exception code: 0xc0000005
Fault offset: 0x0000000000004e03
Faulting process id: 0xb88
Faulting application start time: 0xsvchost.exe_SysMain0
Faulting application path: svchost.exe_SysMain1
Faulting module path: svchost.exe_SysMain2
Report Id: svchost.exe_SysMain3


System errors:
=============
Error: (05/11/2015 10:47:05 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (05/11/2015 10:06:36 AM) (Source: Service Control Manager) (User: )
Description: The OutfoxTvService service failed to start due to the following error:
%%2

Error: (05/10/2015 05:34:59 PM) (Source: Service Control Manager) (User: )
Description: The OutfoxTvService service failed to start due to the following error:
%%2

Error: (05/10/2015 05:34:23 PM) (Source: BugCheck) (User: )
Description: 0x000000f7 (0xfffff8800bb9c768, 0x00003fa59bef4949, 0xffffc05a6410b6b6, 0x0000000000000000)C:\Windows\MEMORY.DMP051015-43227-01

Error: (05/10/2015 05:34:10 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 5:31:51 PM on ‎5/‎10/‎2015 was unexpected.

Error: (05/10/2015 04:54:26 PM) (Source: Service Control Manager) (User: )
Description: The OutfoxTvService service failed to start due to the following error:
%%2

Error: (05/10/2015 04:54:07 PM) (Source: BugCheck) (User: )
Description: 0x00000124 (0x0000000000000000, 0xfffffa800b258028, 0x00000000b640a000, 0x0000000000000135)C:\Windows\MEMORY.DMP

Error: (05/10/2015 04:54:07 PM) (Source: BugCheck) (User: )
Description:

Error: (05/10/2015 04:54:05 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:52:34 PM on ‎5/‎10/‎2015 was unexpected.

Error: (05/10/2015 10:48:32 AM) (Source: Service Control Manager) (User: )
Description: The OutfoxTvService service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (05/11/2015 04:52:07 PM) (Source: Application Hang)(User: )
Description: MarvelHeroes2015.exe1.34.0.211175401d08c42eda4e85c191C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\unrealengine3\binaries\win64\MarvelHeroes2015.exeb2b668ef-f838-11e4-81aa-448a5b89967e

Error: (05/11/2015 10:07:28 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/10/2015 05:50:57 PM) (Source: Application Hang)(User: )
Description: MarvelHeroes2015.exe1.34.0.211165801d08b82d34a3112156C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\unrealengine3\binaries\win64\MarvelHeroes2015.exec5292f9c-f777-11e4-a32c-448a5b89967e

Error: (05/10/2015 05:36:22 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/10/2015 05:13:55 PM) (Source: Application Hang)(User: )
Description: MarvelHeroes2015.exe1.34.0.21113e801d08b7f43caa6a586C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\unrealengine3\binaries\win64\MarvelHeroes2015.exe98bf86a5-f772-11e4-aebe-448a5b89967e

Error: (05/10/2015 04:55:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/10/2015 04:28:38 PM) (Source: Application Hang)(User: )
Description: MarvelHeroes2015.exe1.34.0.21115c401d08b7566ffa4f7319C:\Program Files (x86)\Steam\steamapps\common\Marvel Heroes\unrealengine3\binaries\win64\MarvelHeroes2015.exe4179a113-f76c-11e4-8672-448a5b89967e

Error: (05/10/2015 10:49:48 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/09/2015 11:20:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/09/2015 05:53:24 PM) (Source: Application Error)(User: )
Description: svchost.exe_SysMain6.1.7600.163854a5bc3c1sysmain.dll6.1.7601.175144ce7c9dbc00000050000000000004e03b8801d08a598e4d4af9C:\Windows\system32\svchost.exec:\windows\system32\sysmain.dllf5f082f7-f6ae-11e4-95d0-448a5b89967e


=========================== Installed Programs ============================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
AdFender (HKLM-x32\...\AdFender) (Version: 1.75 - AdFender, Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
AI Suite (HKLM-x32\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 1.06.22 - )
AMD Catalyst Install Manager (HKLM\...\{DD562794-C098-A1E5-66ED-10E8BD1C84C5}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{4835750F-F8A7-4D3C-A6A9-123E31C12AF8}) (Version: 4.1.0.0575 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
AVG 2015 (HKLM\...\{3A1B060C-5D3F-4FFA-914E-6292A6F7464E}) (Version: 15.0.4342 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\{B38CFE4C-C9C4-460B-8353-F56DF2AC3877}) (Version: 15.0.5941 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5941 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Boilsoft Video Splitter 6.33 (HKLM-x32\...\{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1) (Version:  - Boilsoft, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser Configuration Utility (HKLM-x32\...\{BA88EE67-8974-459D-A1DB-C8281D9AC6F6}) (Version: 1.0.12.1 - DeviceVM, Inc.)
CPUID CPU-Z 1.58 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.19 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Free CBR Reader (HKLM-x32\...\{B9240DAE-EFA1-4A0E-824F-17B3F99194F8}) (Version: 1.0.0 - Free Picture Solutions)
Free Video Joiner (HKLM-x32\...\{14FA6DD9-92ED-493D-A937-81A78870E08A}_is1) (Version:  - FreeVideoJoiner.com)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 4.54 - Happy Cloud, Inc.)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Mega Codec Pack 7.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.9.0 - )
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version:  - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Marvel Heroes 2015 (HKLM-x32\...\Steam App 226320) (Version:  - Gazillion Entertainment)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft DirectX SDK (June 2010) (HKLM-x32\...\Microsoft DirectX SDK (June 2010)) (Version: 9.29.1962.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig)
Naruto Shippuden Ultimate Ninja Storm Revolution ver. 1.0.0.0 *upd2* (HKLM-x32\...\{6578762-23GT-45NM-90P0-81RTYF4657JH}_is1) (Version: 1.0.0.0 *upd2* - BANDAI NAMCO Games)
NVIDIA 3D Vision Controller Driver 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6959 - Realtek Semiconductor Corp.)
Rocketfish HD Webcam (1.00.06.00) (HKLM\...\Rocketfish VF0650) (Version:  - Rocketfish)
Rocketfish Live! Central (HKLM-x32\...\Rocketfish Live! Central) (Version: 2.00.53 - Creative Technology Ltd)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wondershare Video Converter Ultimate(Build 7.1.3.3) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 7.1.3.3 - Wondershare Software)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC)
ZoneAlarm Firewall (HKLM-x32\...\{954146E0-49FF-4039-AF58-2257506C7D45}) (Version: 12.0.104.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 12.0.104.000 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{B769E2BD-8A06-4B03-9496-5B991025A2C6}) (Version: 12.0.104.000 - Check Point Software Technologies Ltd.) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 12252.24 MB
Available physical RAM: 5647.88 MB
Total Pagefile: 24502.67 MB
Available Pagefile: 17282.8 MB
Total Virtual: 4095.88 MB
Available Virtual: 3977.47 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:88.4 GB) NTFS
2 Drive d: (New Volume) (Fixed) (Total:279.47 GB) (Free:16.21 GB) NTFS

========================= Users: ========================================

User accounts for \\

Administrator            ASPNET                                    
Guest                    

========================= Minidump Files ==================================

No minidump file found


**** End of log ****



#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:08 AM

Posted 11 May 2015 - 09:14 PM

Hi -

Do you have a full version of the ZoneAlarm Security Suite or just a firewall, as you also have AVG 2015 installed, and neither will work together.

 

We need to remove OutfoxTvService since this is causing most of the problems .......

 

Please download RKill by Grinler to your desktop

  • If you have an old version, please delete it first
  • Right click on the new Red icon and select Run as Administrator
  • A black DOS box will appear for a short time and then disappear.
  • This is normal and indicates the tool ran successfully.
  • At most the tool will usually run for about 2 minutes
  • Please Copy and Paste the small log back here.

Do not reboot your computer until you complete the next step.

Now :

  • Download AdwCleaner by Xplode from Here or Here and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
     * Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button (only once)
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button only once for accuracy.
  • A report (AdwCleaner[R0].txt) will open in Notepad for your review.
  • Check the listed removals and see if you are OK with them.
  • If you have questions, post the Report log back here.
     Next
  • Click on the Clean button only once for accuracy
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK finally to allow AdwCleaner to Restart the computer and complete the removal process.
  • After rebooting, a log report (AdwCleaner[S0].txt) will open automatically.
  • **Copy and Paste the contents of that log in your next reply.**
  • To restore an item that has been deleted by accident : Open the program again,
  • Go to Tools (top left) > Quarantine Manager > check what you want restored > now click on Restore.

 

 

NEXT -

If you already have a current version installed, Please update it
Please download Malwarebytes Anti-Malware

  • Follow the simple directions to install the program to desktop
  • Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
  • Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
  • Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.
  • If you find malware and tick it to remove it, you may be asked to re-boot the computer to finish cleaning.
  • Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

 

 

Also pay attention to other directions from dc3 for further help ....

 

Thank You -



#5 skullknight

skullknight
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:08 PM

Posted 11 May 2015 - 11:32 PM

I just have the firewall of Zonealarm. So what do you mean they won't work together? What should I use instead of those two?

 

Rkill Results

Program started at: 05/11/2015 08:28:12 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

 * Windows Firewall Disabled

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 05/11/2015 08:28:58 PM
Execution time: 0 hours(s), 0 minute(s), and 46 seconds(s)

 

AdwCleaner Results

# AdwCleaner v4.203 - Logfile created 11/05/2015 at 20:36:30
# Updated 30/04/2015 by Xplode
# Database : 2015-05-11.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username :
# Running from : C:\Users\\Desktop\adwcleaner_4.203.exe
# Option : Scan

***** [ Services ] *****

Service Found : BCUService

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
File Found : C:\Users\Derrick\AppData\Roaming\Mozilla\Firefox\Profiles\fnd8y55y.default\invalidprefs.js
File Found : C:\Users\Derrick\AppData\Roaming\Mozilla\Firefox\Profiles\fnd8y55y.default\searchplugins\Askcom.xml
File Found : C:\Users\Derrick\AppData\Roaming\Mozilla\Firefox\Profiles\fnd8y55y.default\searchplugins\bingp.xml
File Found : C:\Users\Derrick\AppData\Roaming\Mozilla\Firefox\Profiles\fnd8y55y.default\searchplugins\zonealarm.xml
File Found : C:\Users\Derrick\AppData\Roaming\Mozilla\Firefox\Profiles\fnd8y55y.default\user.js
File Found : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Folder Found : C:\Program Files (x86)\DeviceVM
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\AVG Security Toolbar
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Conduit
Folder Found : C:\ProgramData\DeviceVM
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Fix Speed
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\Derrick\AppData\Local\Babylon
Folder Found : C:\Users\Derrick\AppData\Local\Conduit
Folder Found : C:\Users\Derrick\AppData\Local\StormFall
Folder Found : C:\Users\Derrick\AppData\Local\wincheck
Folder Found : C:\Users\Derrick\AppData\LocalLow\Conduit
Folder Found : C:\Users\Derrick\AppData\LocalLow\zoomify
Folder Found : C:\Users\Derrick\AppData\Roaming\BrowserExtensions
Folder Found : C:\Users\Derrick\AppData\Roaming\DeviceVM
Folder Found : C:\Users\Derrick\AppData\Roaming\download Manager
Folder Found : C:\Users\Derrick\AppData\Roaming\Systweak

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\lyrixeeker
Key Found : HKCU\Software\AppDataLow\Software\zoomify
Key Found : HKCU\Software\BABSOLUTION
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\Delta
Key Found : HKCU\Software\DeviceVM
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{18FD2695-AF6A-4B62-BC7A-17312906BB22}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{223EEA70-DC97-40EC-9982-80648294A3CA}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2B468C37-9AB7-4B53-8CDE-57D938FC5CAE}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{516A3098-EECF-47E8-AA14-8DFEA4339500}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\SpeedBit
Key Found : HKCU\Software\Zugo
Key Found : [x64] HKCU\Software\BABSOLUTION
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Cr_Installer
Key Found : [x64] HKCU\Software\Delta
Key Found : [x64] HKCU\Software\DeviceVM
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{18FD2695-AF6A-4B62-BC7A-17312906BB22}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{223EEA70-DC97-40EC-9982-80648294A3CA}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2B468C37-9AB7-4B53-8CDE-57D938FC5CAE}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{516A3098-EECF-47E8-AA14-8DFEA4339500}
Key Found : [x64] HKCU\Software\SpeedBit
Key Found : [x64] HKCU\Software\Zugo
Key Found : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\96da8de135ec15
Key Found : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\AVG Secure Search
Key Found : HKLM\SOFTWARE\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\1ClicktorrentFile
Key Found : HKLM\SOFTWARE\Classes\1ClicktorrentFile1
Key Found : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Found : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00004}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00005}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00006}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00007}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00008}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00009}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Ionic.Crc.CRC32
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.BadCrcException
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.BadPasswordException
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.BadReadException
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.BadStateException
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.ComHelper
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.ReadOptions
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.SelfExtractorSaveOptions
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.SfxGenerationException
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipEntry
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipException
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipFile
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zlib.Adler
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zlib.ZlibCodec
Key Found : HKLM\SOFTWARE\Classes\Ionic.Zlib.ZlibException
Key Found : HKLM\SOFTWARE\Classes\oneclick
Key Found : HKLM\SOFTWARE\Classes\oneclickmg
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3289663
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3306058
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Delta
Key Found : HKLM\SOFTWARE\DeviceVM
Key Found : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKLM\SOFTWARE\ORBTR
Key Found : HKLM\SOFTWARE\SpeedBit
Key Found : HKLM\SOFTWARE\SPPDCOM
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : [x64] HKLM\SOFTWARE\SpeedBit
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Key Found : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v37.0.2 (x86 en-US)

[fnd8y55y.default] - Line Found : user_pref("CT3289663.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
[fnd8y55y.default] - Line Found : user_pref("CT3289663.embeddedsData", "[{\"appId\":\"130067724014616498\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
[fnd8y55y.default] - Line Found : user_pref("CT3289663.installType", "conduitnsisintegration");
[fnd8y55y.default] - Line Found : user_pref("CT3289663.originalSearchAddressUrl", "hxxp://www.dnsbasic.com/?prt=dnsbsc50r1&sp=google&keywords=");
[fnd8y55y.default] - Line Found : user_pref("CT3289663.smartbar.CTID", "CT3289663");
[fnd8y55y.default] - Line Found : user_pref("CT3289663.smartbar.Uninstall", "0");
[fnd8y55y.default] - Line Found : user_pref("CT3289663.smartbar.homepage", true);
[fnd8y55y.default] - Line Found : user_pref("CT3289663.smartbar.toolbarName", "InternetHelper3.1 ");
[fnd8y55y.default] - Line Found : user_pref("CT3306058.smartbar.homepage", "true");
[fnd8y55y.default] - Line Found : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3306058&octid=CT3306058&SearchSource=61&CUI=UN20631951161673920&UM=2&UP=SP917D8FC7-9736-464C-A6D0-13518F434ACC");
[fnd8y55y.default] - Line Found : user_pref("Smartbar.ConduitSearchEngineList", "");
[fnd8y55y.default] - Line Found : user_pref("Smartbar.ConduitSearchUrlList", "");
[fnd8y55y.default] - Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
[fnd8y55y.default] - Line Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT3289663");
[fnd8y55y.default] - Line Found : user_pref("browser.search.defaultthis.engineName", "Connect DLC 2 Customized Web Search");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.admin", false);
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.aflt", "babsst");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.autoRvrt", "false");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.dfltLng", "en");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.excTlbr", false);
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.ffxUnstlRst", true);
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.id", "b04de90d000000000000f46d04d3201c");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.instlDay", "15913");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.instlRef", "sst");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.newTab", false);
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.prdct", "delta");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.prtnrId", "delta");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.rvrt", "false");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.smplGrp", "none");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.tlbrId", "base");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.tlbrSrchUrl", "");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.vrsn", "1.8.22.0");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.vrsnTs", "1.8.22.016:13:55");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta.vrsni", "1.8.22.0");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta_i.babExt", "");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta_i.babTrack", "affID=119360&tsp=4956");
[fnd8y55y.default] - Line Found : user_pref("extensions.delta_i.srcExt", "ss");
[fnd8y55y.default] - Line Found : user_pref("extensions.helperbar.DockingPositionDown", false);
[fnd8y55y.default] - Line Found : user_pref("extensions.helperbar.SmartbarDisabled", false);
[fnd8y55y.default] - Line Found : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[fnd8y55y.default] - Line Found : user_pref("extensions.helperbar.Visibility", false);
[fnd8y55y.default] - Line Found : user_pref("extensions.helperbar.countryiso", "us");
[fnd8y55y.default] - Line Found : user_pref("extensions.helperbar.downloadprovider", "quickobrw");
[fnd8y55y.default] - Line Found : user_pref("extensions.helperbar.installationid", "3aa172b0-17d9-6cf3-b4c5-55597f761c97");
[fnd8y55y.default] - Line Found : user_pref("extensions.helperbar.installdate", "19/10/2013");
[fnd8y55y.default] - Line Found : user_pref("extensions.helperbar.publisher", "quickobrw");
[fnd8y55y.default] - Line Found : user_pref("extensions.zonealarm.hmpgUrl", "hxxp://search.zonealarm.com/?src=hp&tbid=goughGA&Lan=en&gu=6d4ce65f78804117bad7d509f4b000cc&tu=10GXy00Bc2C01g0&sku=&tstsId=&ver=&");
[fnd8y55y.default] - Line Found : user_pref("extensions.zonealarm.kw_url", "hxxp://search.zonealarm.com/search?src=sp&tbid=goughGA&Lan=en&gu=6d4ce65f78804117bad7d509f4b000cc&tu=10GXy00Bc2C01g0&sku=&tstsId=&ver=&&q=");
[fnd8y55y.default] - Line Found : user_pref("extensions.zonealarm.lastB", "hxxp://search.zonealarm.com/?src=hp&tbid=goughGA&Lan=en&gu=6d4ce65f78804117bad7d509f4b000cc&tu=10GXy00Bc2C01g0&sku=&tstsId=&ver=&");
[fnd8y55y.default] - Line Found : user_pref("extensions.zonealarm.newTabUrl", "hxxp://search.zonealarm.com/?src=nt&tbid=goughGA&Lan=en&gu=6d4ce65f78804117bad7d509f4b000cc&tu=10GXy00Bc2C01g0&sku=&tstsId=&ver=&");
[fnd8y55y.default] - Line Found : user_pref("extensions.zonealarm.tlbrSrchUrl", "hxxp://search.zonealarm.com/search?src=tb&tbid=goughGA&Lan={dfltLng}&gu=6d4ce65f78804117bad7d509f4b000cc&tu=10GXy00Bc2C01g0&sku=&tstsId=&ver=&&q=");
[fnd8y55y.default] - Line Found : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,ezLooker,pagerage,buzzdock,toprelatedtopics,YontooNewOffers");
[fnd8y55y.default] - Line Found : user_pref("extentions.y2layers.installId", "267BA573-C4B4-D267-00BC-7F2D76E980A2");
[fnd8y55y.default] - Line Found : user_pref("extentions.y2layers.installId_backup", "267BA573-C4B4-D267-00BC-7F2D76E980A2");
[fnd8y55y.default] - Line Found : user_pref("smartbar.addressBarOwnerCTID", "CT3306058");
[fnd8y55y.default] - Line Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3289663&CUI=UN39200896872857026&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3306058&CUI=UN20631951161673920&UM=2[...]
[fnd8y55y.default] - Line Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289663&SearchSource=2&CUI=UN39200896872857026&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
[fnd8y55y.default] - Line Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT3306058");
[fnd8y55y.default] - Line Found : user_pref("smartbar.homePageOwnerCTID", "CT3306058");
[fnd8y55y.default] - Line Found : user_pref("smartbar.machineId", "FH878KKZ6N7WW7JNXPEXLV73UKQV689JTMULJBFHGKMULGF8YD7/YCIP+A3XBJSRBKB194HZ7J1I/6I2YMKTJG");

*************************

AdwCleaner[R0].txt - [20389 bytes] - [11/05/2015 20:36:30]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [20449 bytes] ##########
 

Malwarebytes Report

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/11/2015
Scan Time: 8:54:18 PM
Logfile: report.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.05.11.07
Rootkit Database: v2015.04.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User:

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 381125
Time Elapsed: 19 min, 49 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


Edited by skullknight, 11 May 2015 - 11:35 PM.


#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:08 AM

Posted 12 May 2015 - 03:05 AM

Do you have a full version of the ZoneAlarm Security Suite or just a firewall, as you also have AVG 2015 installed, and neither will work together.

Z.A. also have a "Full Security Suite" that also includes Antivirus program, so the question was based on that basis.

If you have more than one Antivirus running, it will create more problems than it could cure ..

 

You can remove a lot of garbage with AdwCleaner program, so tell me if the computer any better then ? ?

I would reopen AdwCleaner now and hit CLEAN ; unless you do not wish to remove any of those entries.

  •  Now -
  • Click on the Clean button only once for accuracy
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK finally to allow AdwCleaner to Restart the computer and complete the removal process.
  • After rebooting, a log report (AdwCleaner[S0].txt) will open automatically.
  • **Copy and Paste the contents of that log in your next reply.**
  • To restore an item that has been deleted by accident : Open the program again,
  • Go to Tools (top left) > Quarantine Manager > check what you want restored > now click on Restore.

Then please tell me if there is still a Blue Screen problem.

 

 

Run ESET Online Scanner.

Temporarily Disable your Antivirus while this scan runs ..

  • For Internet Explorer users only, hold down Control  (Ctrl) and click on This Link to open ESET OnlineScan in a new window.
  • Click the ESET Online button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu. to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives and Remove Threats"
  • Click Advanced settings and select the following:
    Scan potentially unwanted applications
     Scan for potentially unsafe applications
     Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer.
  • Please be patient as this will take some time (2 hours is not unusual for a first scan).
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.

 

Thanks -



#7 skullknight

skullknight
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:08 PM

Posted 12 May 2015 - 08:43 AM

Well I successfully went through one night of being in Skype for 4hrs playing a game and no blue screens! Hopefully the issue is fixed but I will for sure let you know if it happens still. Here are the 2 reports you asked for. The ESET Online Scanner took forever because it had to go through ALL my manga....which is a lot lol.

 

AdwCleaner Report

# AdwCleaner v4.203 - Logfile created 12/05/2015 at 02:45:45
# Updated 30/04/2015 by Xplode
# Database : 2015-05-12.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Derrick - DERRICK-PC
# Running from : C:\Users\Derrick\Downloads\adwcleaner_4.203.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : BCUService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\DeviceVM
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Fix Speed
Folder Deleted : C:\Program Files (x86)\DeviceVM
Folder Deleted : C:\Users\Derrick\AppData\Local\Babylon
Folder Deleted : C:\Users\Derrick\AppData\Local\Conduit
Folder Deleted : C:\Users\Derrick\AppData\Local\wincheck
Folder Deleted : C:\Users\Derrick\AppData\Local\StormFall
Folder Deleted : C:\Users\Derrick\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Derrick\AppData\LocalLow\zoomify
Folder Deleted : C:\Users\Derrick\AppData\Roaming\DeviceVM
Folder Deleted : C:\Users\Derrick\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Derrick\AppData\Roaming\BrowserExtensions
Folder Deleted : C:\Users\Derrick\AppData\Roaming\download Manager
File Deleted : C:\END
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
File Deleted : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
File Deleted : C:\Users\Derrick\AppData\Roaming\Mozilla\Firefox\Profiles\fnd8y55y.default\invalidprefs.js
File Deleted : C:\Users\Derrick\AppData\Roaming\Mozilla\Firefox\Profiles\fnd8y55y.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Derrick\AppData\Roaming\Mozilla\Firefox\Profiles\fnd8y55y.default\searchplugins\bingp.xml
File Deleted : C:\Users\Derrick\AppData\Roaming\Mozilla\Firefox\Profiles\fnd8y55y.default\searchplugins\zonealarm.xml
File Deleted : C:\Users\Derrick\AppData\Roaming\Mozilla\Firefox\Profiles\fnd8y55y.default\user.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\1ClicktorrentFile
Key Deleted : HKLM\SOFTWARE\Classes\1ClicktorrentFile1
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\oneclick
Key Deleted : HKLM\SOFTWARE\Classes\oneclickmg
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zlib.Adler
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zlib.ZlibCodec
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zlib.ZlibException
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Crc.CRC32
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadCrcException
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadPasswordException
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadReadException
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadStateException
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ComHelper
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ReadOptions
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.SelfExtractorSaveOptions
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.SfxGenerationException
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipEntry
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipException
Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipFile
Key Deleted : HKLM\SOFTWARE\96da8de135ec15
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289663
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3306058
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00004}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00005}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00006}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00007}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00008}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00009}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{18FD2695-AF6A-4B62-BC7A-17312906BB22}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{223EEA70-DC97-40EC-9982-80648294A3CA}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2B468C37-9AB7-4B53-8CDE-57D938FC5CAE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{516A3098-EECF-47E8-AA14-8DFEA4339500}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKCU\Software\BABSOLUTION
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\DeviceVM
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\SpeedBit
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\lyrixeeker
Key Deleted : HKCU\Software\AppDataLow\Software\zoomify
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Delta
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\ORBTR
Key Deleted : HKLM\SOFTWARE\SPPDCOM
Key Deleted : HKLM\SOFTWARE\SpeedBit
Key Deleted : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\SpeedBit
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v37.0.2 (x86 en-US)

[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("CT3289663.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("CT3289663.embeddedsData", "[{\"appId\":\"130067724014616498\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("CT3289663.installType", "conduitnsisintegration");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("CT3289663.originalSearchAddressUrl", "hxxp://www.dnsbasic.com/?prt=dnsbsc50r1&sp=google&keywords=");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("CT3289663.smartbar.CTID", "CT3289663");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("CT3289663.smartbar.Uninstall", "0");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("CT3289663.smartbar.homepage", true);
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("CT3289663.smartbar.toolbarName", "InternetHelper3.1 ");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("CT3306058.smartbar.homepage", "true");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3306058&octid=CT3306058&SearchSource=61&CUI=UN20631951161673920&UM=2&UP=SP917D8FC7-9736-464C-A6D0-13518F434ACC");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3289663");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultthis.engineName", "Connect DLC 2 Customized Web Search");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.admin", false);
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.aflt", "babsst");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.dfltLng", "en");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.excTlbr", false);
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.id", "b04de90d000000000000f46d04d3201c");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.instlDay", "15913");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.instlRef", "sst");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.newTab", false);
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.prdct", "delta");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.rvrt", "false");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.smplGrp", "none");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.tlbrId", "base");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.vrsn", "1.8.22.0");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.22.016:13:55");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta.vrsni", "1.8.22.0");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta_i.babExt", "");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=119360&tsp=4956");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.Visibility", false);
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.countryiso", "us");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.downloadprovider", "quickobrw");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.installationid", "3aa172b0-17d9-6cf3-b4c5-55597f761c97");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.installdate", "19/10/2013");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.helperbar.publisher", "quickobrw");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.zonealarm.hmpgUrl", "hxxp://search.zonealarm.com/?src=hp&tbid=goughGA&Lan=en&gu=6d4ce65f78804117bad7d509f4b000cc&tu=10GXy00Bc2C01g0&sku=&tstsId=&ver=&");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.zonealarm.kw_url", "hxxp://search.zonealarm.com/search?src=sp&tbid=goughGA&Lan=en&gu=6d4ce65f78804117bad7d509f4b000cc&tu=10GXy00Bc2C01g0&sku=&tstsId=&ver=&&q=");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.zonealarm.lastB", "hxxp://search.zonealarm.com/?src=hp&tbid=goughGA&Lan=en&gu=6d4ce65f78804117bad7d509f4b000cc&tu=10GXy00Bc2C01g0&sku=&tstsId=&ver=&");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.zonealarm.newTabUrl", "hxxp://search.zonealarm.com/?src=nt&tbid=goughGA&Lan=en&gu=6d4ce65f78804117bad7d509f4b000cc&tu=10GXy00Bc2C01g0&sku=&tstsId=&ver=&");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extensions.zonealarm.tlbrSrchUrl", "hxxp://search.zonealarm.com/search?src=tb&tbid=goughGA&Lan={dfltLng}&gu=6d4ce65f78804117bad7d509f4b000cc&tu=10GXy00Bc2C01g0&sku=&tstsId=&ver=&&q=");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,ezLooker,pagerage,buzzdock,toprelatedtopics,YontooNewOffers");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extentions.y2layers.installId", "267BA573-C4B4-D267-00BC-7F2D76E980A2");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("extentions.y2layers.installId_backup", "267BA573-C4B4-D267-00BC-7F2D76E980A2");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3306058");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3289663&CUI=UN39200896872857026&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3306058&CUI=UN20631951161673920&UM=2[...]
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3289663&SearchSource=2&CUI=UN39200896872857026&UM=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?cti[...]
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3306058");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3306058");
[fnd8y55y.default\prefs.js] - Line Deleted : user_pref("smartbar.machineId", "FH878KKZ6N7WW7JNXPEXLV73UKQV689JTMULJBFHGKMULGF8YD7/YCIP+A3XBJSRBKB194HZ7J1I/6I2YMKTJG");

*************************

AdwCleaner[R0].txt - [20655 bytes] - [12/05/2015 02:44:18]
AdwCleaner[S0].txt - [20755 bytes] - [12/05/2015 02:45:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20815  bytes] ##########

 

ESET Online Scanner Report

C:\AdwCleaner\Quarantine\C\ProgramData\Conduit\Multi\CT3306058\UninstallerUI.exe.vir    a variant of Win32/Toolbar.Conduit.AJ potentially unwanted application    deleted - quarantined
C:\Program Files\CheckPoint\ZAForceField\TBI.exe    a variant of Win32/Toolbar.Conduit.AI potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\CheckPoint\Install\CUninstallerZA.exe    Win32/Toolbar.Conduit potentially unwanted application    deleted - quarantined
C:\Program Files (x86)\CheckPoint\Install\zatb.exe    Win32/Toolbar.Montiera.I potentially unwanted application    deleted - quarantined



#8 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,365 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:08 PM

Posted 12 May 2015 - 09:34 AM

The ZoneAlarm Free Version: 12.0.104.000 has the antivirus and firewall, and just the firewall.  The problem we can't be sure which one of these is installed.  There is a simple solution which will allow you to continue using a ZoneAlarm fire wall and remove any question about what you have installed.  Your version was released in 2013, there is a 2015 free firewall now offered.  I would suggest uninstalling the version currently installed, download the 2015 ZoneAlarm Free Firewall and install it.
 
What noknojon was trying to explain is that you should never have more than one antivirus installed on a computer.  Quietman7 explains this quite clearly below.
 
IMPORTANT NOTE: Using more than one anti-virus program is not advisable. Why? The primary concern with doing so is due to Windows resource management and significant conflicts that can arise especially when they are running in real-time protection mode simultaneously. Even if one of them is disabled for use as a stand-alone on demand scanner, it can affect the other and cause conflicts. Anti-virus software components insert themselves deep into the operating systems core where they install kernel mode drivers that load at boot-up regardless of whether real-time protection is enabled or not. Thus, using multiple anti-virus solutions can result in kernel mode conflicts causing system instability, catastrophic crashes, slow performance and waste vital system resources. When actively running in the background while connected to the Internet, each anti-virus may try to update their definition databases at the same time. As the programs compete for resources required to download the necessary files this often can result in sluggish system performance or unresponsive behavior.
 
There is one other scan I would like for you to run.

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Edited by dc3, 12 May 2015 - 12:39 PM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#9 skullknight

skullknight
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:08 PM

Posted 12 May 2015 - 01:35 PM

Well in Zonealarm it says "Firewall Protected" but under Antivirus it says "Antivirus is available but not installed". So I think I'm fine in that department right? Here are the results of the scan.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.0 (05.09.2015:1)
OS: Windows 7 Home Premium x64
Ran by Derrick on Tue 05/12/2015 at 11:29:13.64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111271161}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111271161}



~~~ Files

Failed to delete: [File] C:\Windows\syswow64\wscm64.dll
Successfully deleted: [File] C:\Windows\syswow64\wscm32.dll



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\AdFender
Successfully deleted: [Folder] C:\ProgramData\AdFender
Successfully deleted: [Folder] C:\Users\Derrick\appdata\local\AdFender
Successfully deleted: [Folder] C:\Windows\syswow64\ai_recyclebin



~~~ FireFox

Successfully deleted: [File] C:\Users\Derrick\AppData\Roaming\mozilla\firefox\profiles\fnd8y55y.default\searchplugins\bing-zugo.xml
Successfully deleted: [Folder] C:\Program Files (x86)\Mozilla Firefox\extensions\ecyoivyyjrojzoyplneg@nrbkkafymvigofepbi.org
Successfully deleted: [Folder] C:\Users\Derrick\AppData\Roaming\mozilla\firefox\profiles\fnd8y55y.default\conduitcommon
Successfully deleted: [Folder] C:\Users\Derrick\AppData\Roaming\mozilla\firefox\profiles\fnd8y55y.default\smartbar
Successfully deleted the following from C:\Users\Derrick\AppData\Roaming\mozilla\firefox\profiles\fnd8y55y.default\prefs.js

user_pref(CT3289663.1000082.isPlayDisplay, true);
user_pref(CT3289663.1000082.state, {\state\:\stopped\,\text\:\Californi...\,\description\:\California Rock - Rock\,\url\:\hxxp://www.feedlive.net/california.
user_pref(CT3289663.1000234.TWC_TMP_city, VANCOUVER);
user_pref(CT3289663.1000234.TWC_TMP_country, US);
user_pref(CT3289663.1000234.TWC_country, UNITED STATES);
user_pref(CT3289663.1000234.TWC_locId, USWA0468);
user_pref(CT3289663.1000234.TWC_location, Vancouver, WA);
user_pref(CT3289663.1000234.TWC_region, US);
user_pref(CT3289663.1000234.TWC_temp_dis, f);
user_pref(CT3289663.1000234.TWC_wind_dis, mph);
user_pref(CT3289663.ENABALE_HISTORY, {\dataType\:\string\,\data\:\true\});
user_pref(CT3289663.FirstTime, true);
user_pref(CT3289663.FirstTimeFF3, true);
user_pref(CT3289663.UserID, UN39200896872857026);
user_pref(CT3289663.addressBarTakeOverEnabledInHidden, true);
user_pref(CT3289663.browser.search.defaultthis.engineName, true);
user_pref(CT3289663.countryCode, US);
user_pref(CT3289663.defaultSearch, true);
user_pref(CT3289663.enableAlerts, true);
user_pref(CT3289663.enableSearchFromAddressBar, true);
user_pref(CT3289663.firstTimeDialogOpened, true);
user_pref(CT3289663.fixPageNotFoundError, true);
user_pref(CT3289663.fixPageNotFoundErrorByUser, true);
user_pref(CT3289663.fixPageNotFoundErrorInHidden, true);
user_pref(CT3289663.fullUserID, UN39200896872857026.IN.20130925212024);
user_pref(CT3289663.installId, stub.exe);
user_pref(CT3289663.isCheckedStartAsHidden, true);
user_pref(CT3289663.isEnableAllDialogs, {\dataType\:\string\,\data\:\true\});
user_pref(CT3289663.isFirstTimeToolbarLoading, false);
user_pref(CT3289663.isToolbarShrinked, {\dataType\:\string\,\data\:\false\});
user_pref(CT3289663.keyword, true);
user_pref(CT3289663.lastVersion, 10.20.1.101);
user_pref(CT3289663.navigationAliasesJson, {\EB_SEARCH_TERM\:\\,\EB_MAIN_FRAME_URL\:\about%3Aaddons\,\EB_MAIN_FRAME_TITLE\:\\,\EB_TOOLBAR_SUB_DOMAIN\:\hxxp:/
user_pref(CT3289663.openThankYouPage, false);
user_pref(CT3289663.openUninstallPage, true);
user_pref(CT3289663.originalHomepage, chrome://branding/locale/browserconfig.properties);
user_pref(CT3289663.originalSearchEngine, Google);
user_pref(CT3289663.originalSearchEngineName, Google);
user_pref(CT3289663.revertSettingsEnabled, false);
user_pref(CT3289663.search.searchAppId, 130067724014616498);
user_pref(CT3289663.search.searchCount, 0);
user_pref(CT3289663.searchFromAddressBarEnabledByUser, true);
user_pref(CT3289663.searchInNewTabEnabledByUser, true);
user_pref(CT3289663.searchInNewTabEnabledInHidden, true);
user_pref(CT3289663.searchSuggestEnabledByUser, true);
user_pref(CT3289663.searchUserMode, 2);
user_pref(CT3289663.selectToSearchBoxEnabled, {\dataType\:\string\,\data\:\true\});
user_pref(CT3289663.serviceLayer_service_login_isFirstLoginInvoked, {\dataType\:\boolean\,\data\:\true\});
user_pref(CT3289663.serviceLayer_service_login_loginCount, {\dataType\:\number\,\data\:\4\});
user_pref(CT3289663.serviceLayer_service_toolbarGrouping_activeCTID, {\dataType\:\string\,\data\:\CT3289663\});
user_pref(CT3289663.serviceLayer_service_toolbarGrouping_activeDownloadUrl, {\dataType\:\string\,\data\:\hxxp://InternetHelper31.OurToolbar.com//xpi\});
user_pref(CT3289663.serviceLayer_service_toolbarGrouping_activeToolbarName, {\dataType\:\string\,\data\:\InternetHelper3.1 \});
user_pref(CT3289663.serviceLayer_service_toolbarGrouping_invoked, {\dataType\:\string\,\data\:\true\});
user_pref(CT3289663.serviceLayer_service_usage_toolbarUsageCount, {\dataType\:\number\,\data\:\2\});
user_pref(CT3289663.serviceLayer_services_Configuration_lastUpdate, 1380169281738);
user_pref(CT3289663.serviceLayer_services_appTrackingFirstTime_lastUpdate, 1380169284377);
user_pref(CT3289663.serviceLayer_services_appsMetadata_lastUpdate, 1380169714753);
user_pref(CT3289663.serviceLayer_services_gottenAppsContextMenu_lastUpdate, 1380169284137);
user_pref(CT3289663.serviceLayer_services_login_10.20.1.101_lastUpdate, 1380169471031);
user_pref(CT3289663.serviceLayer_services_otherAppsContextMenu_lastUpdate, 1380169284103);
user_pref(CT3289663.serviceLayer_services_searchAPI_lastUpdate, 1380169284165);
user_pref(CT3289663.serviceLayer_services_serviceMap_lastUpdate, 1380169281571);
user_pref(CT3289663.serviceLayer_services_setupAPI_lastUpdate, 1380169282207);
user_pref(CT3289663.serviceLayer_services_toolbarContextMenu_lastUpdate, 1380169284079);
user_pref(CT3289663.serviceLayer_services_toolbarSettings_lastUpdate, 1380169714786);
user_pref(CT3289663.serviceLayer_services_translation_lastUpdate, 1380169284253);
user_pref(CT3289663.settingsINI, true);
user_pref(CT3289663.shouldFirstTimeDialog, false);
user_pref(CT3289663.showToolbarPermission, false);
user_pref(CT3289663.startPage, true);
user_pref(CT3289663.toolbarBornServerTime, 26-9-2013);
user_pref(CT3289663.toolbarCurrentServerTime, 26-9-2013);
user_pref(CT3289663.toolbarDisabled, true);
user_pref(CT3289663.toolbarLoginClientTime, Wed Sep 25 2013 21:21:21 GMT-0700 (Pacific Standard Time));
user_pref(CT3289663_Firefox.csv, [{\from\:\Abs Layer\,\action\:\loading toolbar\,\time\:1380169793257,\isWithState\:\\,\timeFromStart\:0,\timeFromPrev\:0}
user_pref(CT3306058.FF19Solved, true);
user_pref(CT3306058.UserID, UN20631951161673920);
user_pref(CT3306058.browser.search.defaultthis.engineName, true);
user_pref(CT3306058.fullUserID, UN20631951161673920.IN.20131204190224);
user_pref(CT3306058.installDate, 04/12/2013 19:02:25);
user_pref(CT3306058.installSessionId, {E5AA59D8-9B53-4A01-B386-29766C5BBE3D});
user_pref(CT3306058.installSp, TRUE);
user_pref(CT3306058.installerVersion, 1.8.1.4);
user_pref(CT3306058.keyword, true);
user_pref(CT3306058.originalHomepage, about:home);
user_pref(CT3306058.originalSearchAddressUrl, );
user_pref(CT3306058.originalSearchEngine, );
user_pref(CT3306058.originalSearchEngineName, );
user_pref(CT3306058.searchProtector.notifyChanges, {\dataType\:\string\,\data\:\false\});
user_pref(CT3306058.searchRevert, true);
user_pref(CT3306058.searchUninstallUserMode, 2);
user_pref(CT3306058.searchUserMode, 2);
user_pref(CT3306058.toolbarInstallDate, 04-12-2013 19:02:24);
user_pref(CT3306058.versionFromInstaller, 10.22.5.10);
user_pref(CT3306058.xpeMode, 0);
user_pref(extensions.dnsbasic.init, true);
Emptied folder: C:\Users\Derrick\AppData\Roaming\mozilla\firefox\profiles\fnd8y55y.default\minidumps [516 files]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 05/12/2015 at 11:33:35.21
End of JRT log


Edited by skullknight, 12 May 2015 - 01:36 PM.


#10 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,365 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:05:08 PM

Posted 12 May 2015 - 02:25 PM

Please do what I requested.  You should have the newer version anyway.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#11 skullknight

skullknight
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:08 PM

Posted 13 May 2015 - 03:54 AM

Ok I have the new version and it just blue screened again. Same situation. Playing a game in Skype with someone.



#12 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:08 AM

Posted 13 May 2015 - 04:35 AM

Hi -

 

Download BlueScreenView 32bit (in Zip file) .. or .. BlueScreenView 64-bit (in Zip file) from Nirsoft to your desktop (It requires no installing).

Unzip the program and run it from the desktop (only takes a few seconds once unzipped).

Copy and paste at least the last 3 Blue Screen events that will be listed. This will give us the information that is missing .

 

Thank You -



#13 skullknight

skullknight
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:08 PM

Posted 13 May 2015 - 05:00 AM

What do I do once its open to get the events?



#14 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:08 AM

Posted 13 May 2015 - 05:20 AM


Please read Bleeping Computer Review :
BlueScreenView is a useful, free, portable application that allows you to view minidump files that are created when Windows stops and displays a "blue screen of death". The program will show each minidump individually, with information such as the minidump's filename, the date/time of that crash and the minidump's creation. It will also show the basic crash information such as a Bug Check Code and 4 parameters. The details of the driver or module that possibly caused the crash is reported; this includes the filename, product name, file description, and file version of the driver/module. 

The program is portable, which means it does not need to be installed on the system before it can be used and that there are no keys added to the registry. When downloaded, all the user has to do is unzip the program files, then run the executable file. Since it is portable, the program can be used from a USB key. The program can also output the minidump information to a text file, which can be used in the forums to help diagnose blue screens.



#15 skullknight

skullknight
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:05:08 PM

Posted 13 May 2015 - 02:01 PM

It's only listing one crash and it was 2 days ago. I have had multiple ones in 2 days and the most recent one happened last night and it's not on there.

 

file:///C:/Users/Derrick/AppData/Local/Temp/report.html






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users