Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

have to refresh browser(s) multiple times to fully load a page


  • Please log in to reply
14 replies to this topic

#1 themaninthejar

themaninthejar

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:12:33 AM

Posted 17 May 2015 - 05:44 AM

Hi- hope someone can give me a fix for this-I have to reload then refresh every page I go to-then everything runs perfectly. I've tried msconfig/flushdns and also NETSH  INT  IP  RESET

        NETSH  WINHTTP  RESET  PROXY(this might be or windows 8)
        IPCONFIG  /FLUSHDNS
pressing enter after each command, then restarting > this does not  work. Is there a fix? or am I being hijacked?
thank you for any help


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:33 PM

Posted 17 May 2015 - 06:05 AM

Download and run wipe  and system ninja,

 

https://privacyroot.com/software/www/en/wipe.php

https://singularlabs.com/software/system-ninja/

 

Then.....

 

Go ahead and install ccleaner Now that you have the program installed go ahead and run the cleaner function.

https://www.piriform.com/ccleaner/download
kwLN4uv.png


Now that you have cleaned out some temp files, lets go ahead and disable all of the items starting up with your machine except your antivirus. To do this you will need to click on tools then start up select each item then disable.

GjWwvEu.png

Now that you have disabled those un-needed start ups lets go into the settings, we will have Ccleaner run when your machine boots, so that you will never have to worry about cleaning temp files again.

To do this:

  • Hit options.
  • Settings.
  • Place a tick to run Ccleaner when the computer starts.


Lxioao1.png

Now go to the advanced tab, and select close program after cleaning, now run the cleaner again this will close Ccleaner.

SnqZ2JW.png

 

Reboot your machine and then follow the  instructions below.

 

Step 1: eScanAV.

 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

Download the eScanAV Anti-Virus Toolkit (MWAV)
http://www.escanav.com/english/content/products/downloadlink/downloadcounter.asp?pcode=MWAV&src=english_dwn&type=alter

 

Source

http://www.escanav.com/english/content/products/downloadlink/downloadproduct.asp?pcode=MWAV
Save the file to your desktop.
Right click run as administrator.
A new icon will appear on your desktop.
Right click run as administrator on new icon.
Click on the update tab.
ZCDJtZN.png
Once you have updated the program, make sure the settings are the same as the picture below.
7DUFn5c.png
Once you have made sure the settings match the picture, hit the Scan & Clean button.
Upon scan completion, click View Log.
ApSVXsQ.png
Copy and paste entire log into your next reply.
Note: Reboot if needed to remove infections.

 

Step 2: Zemana

 

Run a full scan with Zemana antimalware.

http://www.zemana.us/product/zemana-antimalware/default.aspx

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply.

 

 

Step 3: Junkware Removal Tool.
 
Please download Junkware Removal Tool and save it on your desktop.

Source

http://thisisudax.org/

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Step 4: Adware Cleaner.
 
Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


#3 themaninthejar

themaninthejar
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:12:33 AM

Posted 17 May 2015 - 04:02 PM

First off- thank you very much for your time and effort to help me with this- that was quite the menu..

 

~ I had no success with "WIPE" an error popped up each time stating that it did not recognize the fonts- so finally I deleted it

~Zemana would crash and close at 63%(in fact I just got another notification-didnt realize it ran at start up...)

for what its worth it stopped at the same file hp cpc ehelp audio_software.his(failed)

 

Here are the log files from JRT:

 

Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.2 (05.15.2015:1)
OS: Windows 7 Home Premium x64
Ran by themaninthejar on Sun 05/17/2015 at 15:53:03.59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
Successfully stopped: [Service] yahooauservice
Successfully deleted: [Service] yahooauservice
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\ProgramData\microsoft\windows\start menu\programs\uniblue
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 05/17/2015 at 15:56:07.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
and here is the log from eScan:
 
17 May 2015 13:11:00 [1128] - **********************************************************
17 May 2015 13:11:00 [1128] - MWAV - eScanAV AntiVirus Toolkit.
17 May 2015 13:11:00 [1128] - Copyright © MicroWorld Technologies
17 May 2015 13:11:00 [1128] - **********************************************************
17 May 2015 13:11:00 [1128] - Version 14.0.178 (C:\USERS\VICTOR\APPDATA\LOCAL\TEMP\MWAVSCAN.EXE)
17 May 2015 13:11:00 [1128] - Log File: C:\Users\victor\AppData\Local\Temp\LOG\MWAV.LOG
17 May 2015 13:11:00 [1128] - MWAV Registered: TRUE
17 May 2015 13:11:00 [1128] - User Account: victor (Administrator Mode)
17 May 2015 13:11:00 [1128] - OS Type: Windows Workstation [InstallType: Client]
17 May 2015 13:11:00 [1128] - OS: Windows 7 64-Bit [OS Install Date: 30 Oct 2010 15:46:32]
17 May 2015 13:11:00 [1128] - Ver: Personal Service Pack 1 (Build 7601)
17 May 2015 13:11:00 [1128] - System Up Time: 8 Minutes, 36 Seconds
 
 
17 May 2015 13:11:00 [1128] - Parent Process Name : c:\Windows\explorer.exe
17 May 2015 13:11:00 [1128] - Windows Root  Folder: C:\Windows
17 May 2015 13:11:00 [1128] - Windows Sys32 Folder: C:\Windows\system32
17 May 2015 13:11:00 [1128] - DHCP NameServer: 192.168.1.1
17 May 2015 13:11:00 [1128] - Interface0 NameServer: 8.8.8.8,8.8.4.4
17 May 2015 13:11:00 [1128] - Interface0 DHCPNameServer: 192.168.1.1
17 May 2015 13:11:00 [1128] - Interface1 DHCPNameServer: 192.168.1.1
17 May 2015 13:11:00 [1128] - Local Fixed Drives: c:\,d:\,q:\
17 May 2015 13:11:00 [1128] - MWAV Mode(A): Scan and Clean files (for viruses, adware and spyware)
17 May 2015 13:11:00 [1128] - [CREATED ZIP FILE: C:\Users\victor\AppData\Local\Temp\pinfect.zip]
17 May 2015 13:11:48 [1128] - Latest Date of files inside MWAV: Sun May 17 18:40:14 2015.
17 May 2015 13:11:49 [1128] - Loading/Creating FileScan Cache Database C:\ProgramData\MicroWorld\MWAV\ESCANDBY.MDB [Log: C:\Users\victor\AppData\Local\Temp\LOG\ESCANDB.LOG]
17 May 2015 13:11:49 [1128] - Loaded/Created FileScan Cache Database...
17 May 2015 13:11:49 [1128] - Loading AV Library [DB]...
17 May 2015 13:11:58 [1128] - ArchiveScan: DISABLED
17 May 2015 13:11:58 [1128] - AV Library Loaded - MultiThreaded - 8 : [DB-DIRECT].
17 May 2015 13:11:58 [1128] - MWAV doing self scanning...
17 May 2015 13:11:59 [1128] - MWAV files are clean.
17 May 2015 13:11:59 [1128] - ArchiveScan: DISABLED
17 May 2015 13:11:59 [1128] - Virus Database Date: 17 May 2015
17 May 2015 13:11:59 [1128] - Virus Database Count: 5519494
17 May 2015 13:11:59 [1128] - Sign Version: 7.60626 [519378]
 
17 May 2015 13:16:55 [1128] - **********************************************************
17 May 2015 13:16:55 [1128] - MWAV - eScanAV AntiVirus Toolkit.
17 May 2015 13:16:55 [1128] - Copyright © MicroWorld Technologies
17 May 2015 13:16:55 [1128] - 
17 May 2015 13:16:55 [1128] - Support: support@escanav.com
17 May 2015 13:16:55 [1128] - Web: http://www.escanav.com
17 May 2015 13:16:55 [1128] - **********************************************************
17 May 2015 13:16:55 [1128] - Version 14.0.178[DB] (C:\USERS\VICTOR\APPDATA\LOCAL\TEMP\MWAVSCAN.EXE)
17 May 2015 13:16:55 [1128] - Log File: C:\Users\victor\AppData\Local\Temp\LOG\MWAV.LOG
17 May 2015 13:16:55 [1128] - User Account: victor (Administrator Mode)
17 May 2015 13:16:55 [1128] - Parent Process Name : c:\Windows\explorer.exe
17 May 2015 13:16:55 [1128] - Windows Root  Folder: C:\Windows
17 May 2015 13:16:55 [1128] - Windows Sys32 Folder: C:\Windows\system32
17 May 2015 13:16:55 [1128] - OS: Windows 7 64-Bit [OS Install Date: 30 Oct 2010 15:46:32]
17 May 2015 13:16:55 [1128] - Ver: Personal Service Pack 1 (Build 7601)
17 May 2015 13:16:55 [1128] - Latest Date of files inside MWAV: Sun May 17 18:40:14 2015.
 
17 May 2015 13:16:55 [1030] - Options Selected by User:
17 May 2015 13:16:55 [1030] - Memory Check: Enabled
17 May 2015 13:16:55 [1030] - Registry Check: Enabled
17 May 2015 13:16:55 [1030] - StartUp Folder Check: Enabled
17 May 2015 13:16:55 [1030] - System Folder Check: Enabled
17 May 2015 13:16:55 [1030] - Services Check: Enabled
17 May 2015 13:16:55 [1030] - Scan Spyware: Enabled
17 May 2015 13:16:55 [1030] - Scan Archives: Disabled
17 May 2015 13:16:55 [1030] - Drive Check: Enabled
17 May 2015 13:16:55 [1030] - All Drive Check :Disabled
17 May 2015 13:16:55 [1030] - Drive Selected = C:\
17 May 2015 13:16:55 [1030] - Folder Check: Disabled
17 May 2015 13:16:55 [1030] - SCAN: All_Files [ANSI]
17 May 2015 13:16:55 [1030] - MWAV Mode(B): Scan and Clean files (for viruses, adware and spyware)
 
17 May 2015 13:16:55 [1030] - Scanning DNS Records...
17 May 2015 13:16:55 [1030] - Scanning Master Boot Record (User)...
17 May 2015 13:16:55 [1030] - Scanning Logical Boot Records...
17 May 2015 13:16:57 [1030] - ***** Scanning For Hidden Rootkit Processes *****
17 May 2015 13:16:57 [1030] - ***** Scanning For Hidden Rootkit Services *****
17 May 2015 13:17:01 [1030] - Walk through registry failed!
 
17 May 2015 13:17:01 [1030] - ***** Scanning Memory Files *****
 
17 May 2015 13:17:08 [1030] - ***** Scanning Registry Files *****
17 May 2015 13:17:09 [1030] - ERROR(3)!!! Invalid Entry {5F327514-6C5E-4d60-8F16-D07FA08A78ED} = C:\Windows\system32\wuaucpl.cpl (in key HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved). Action Taken: Removing it.
17 May 2015 13:17:11 [1030] - ERROR(3)!!! Invalid Entry cmdline = %SystemRoot%\system32\ntvdm.exe (in key HKLM64\SYSTEM\CurrentControlSet\Control\WOW). Action Taken: Removing it.
17 May 2015 13:17:12 [1030] - ERROR(3)!!! Invalid Entry GarminExpressTrayApp = "C:\Program Files (x86)\Garmin\Express Tray\tray.exe" (in key HKU64\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). Action Taken: Removing it.
 
17 May 2015 13:17:12 [1030] - ***** Scanning StartUp Folders *****
17 May 2015 13:17:40 [16c4] - ScanFile (C:\ProgramData\CSIS\HeimdalData\heimdal_download\BE33634E2964A917178D1E4EAD8D34C1_HeimdalSetup.exe) took 6474 ms
17 May 2015 13:19:10 [1470] - C:\ProgramData\Spybot - Search & Destroy\Recovery\ConduitSearchProtect.zip not Scanned. Possibly password protected...
17 May 2015 13:19:10 [1284] - C:\ProgramData\Spybot - Search & Destroy\Recovery\iCrossRider.zip not Scanned. Possibly password protected...
17 May 2015 13:19:10 [1798] - C:\ProgramData\Spybot - Search & Destroy\Recovery\iCrossRider1.zip not Scanned. Possibly password protected...
17 May 2015 13:19:10 [16c4] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WiIQfraud.zip not Scanned. Possibly password protected...
 
17 May 2015 13:19:12 [1030] - ***** Scanning Service Files *****
17 May 2015 13:19:12 [1500] - Scanning File C:\ProgramData\..\TDSSKiller.3.0.0.44_07.05.2015_19.34.33_log.txt
17 May 2015 13:19:15 [1030] - ERROR(2)!!! Invalid Entry %SystemRoot%\System32\appmgmts.dll. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\AppMgmt.
17 May 2015 13:19:22 [1030] - ERROR(2)!!! Invalid Entry C:\Users\victor\AppData\Local\Temp\7zS0BAA\hpslpsvc64.dll. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\HPSLPSVC.
17 May 2015 13:19:33 [1030] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TrkWks].
 
17 May 2015 13:19:42 [1030] - ***** Scanning Registry and File system for Adware/Spyware *****
17 May 2015 13:19:42 [1030] - Loading Spyware Signatures from new External Database [Name: C:\Users\victor\AppData\Local\Temp\spydb.avs, Size: 464724]...
17 May 2015 13:19:42 [1030] - Indexed Spyware Databases Successfully Created...
 
17 May 2015 13:19:48 [1030] - Offending file found: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\Logs\LU.dat
17 May 2015 13:19:48 [1030] - System found infected with ImIServer IEPlugin Spyware/Adware (LU.dat)! Action taken: File Deleted.
17 May 2015 13:19:48 [1030] - Object "ImIServer IEPlugin Spyware/Adware" found in File System! Action Taken: File Deleted.
 
17 May 2015 13:19:48 [1030] - Offending Registry Entry found: HKCU\Software\Microsoft\OLE
17 May 2015 13:19:48 [1030] - System found infected with Backdoor (IRCBot) Trojans Spyware/Adware (HKCU\Software\Microsoft\OLE)! Action taken: Entries Removed.
17 May 2015 13:19:48 [1030] - Object "Backdoor (IRCBot) Trojans Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
17 May 2015 13:19:49 [1030] - Offending Registry Entry found: HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers
17 May 2015 13:19:49 [1030] - System found infected with AntiSpyware Pro XP Corrupted Adware/Spyware (HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers)! Action taken: Entries Removed.
17 May 2015 13:19:49 [1030] - Object "AntiSpyware Pro XP Corrupted Adware/Spyware" found in File System! Action Taken: Entries Removed.
 
 
17 May 2015 13:19:49 [1030] - ***** Scanning Registry Files *****
17 May 2015 13:19:49 [1030] - ** Value in HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
17 May 2015 13:19:49 [1030] - ** Value in 64-bit HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
17 May 2015 13:19:49 [1030] - ** Value in HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = https://my.yahoo.com/?mkg=015
17 May 2015 13:19:49 [1030] - ** Value in 64-bit HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = about:blank
17 May 2015 13:19:49 [1030] - ** Value in HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\main/Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
17 May 2015 13:19:49 [1030] - ** Value in 64-bit HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\main/Start Page = about:blank
 
17 May 2015 13:19:49 [1030] - ***** Scanning System32 Folders *****
17 May 2015 13:19:56 [16c4] - ScanFile (C:\Windows\SysWOW64\atioglxx.dll) took 5179 ms
 
 
17 May 2015 13:21:05 [1030] - ***** Scanning Drive C:\ *****
17 May 2015 13:29:29 [17ac] - C:\Program Files (x86)\PDF Complete\resources\pdfnet.res not Scanned. Possibly password protected...
17 May 2015 13:30:21 [1798] - ScanFile (C:\Program Files (x86)\Skype\Phone\Skype.exe) took 7519 ms
17 May 2015 13:31:34 [16c4] - ScanFile (C:\swsetup\DRV\Graphics\AMD\UMAGraphics\8.733\src\Packages\Drivers\Display\W76A_INF\B_99826\atioglxx.dl_) took 6786 ms
17 May 2015 13:31:39 [1284] - ScanFile (C:\swsetup\sp50177\Packages\Drivers\Display\W76A_INF\B_99826\atio6axx.dl_) took 5428 ms
17 May 2015 13:31:41 [1184] - ScanFile (C:\swsetup\sp50177\Packages\Drivers\Display\W76A_INF\B_99826\atioglxx.dl_) took 7379 ms
17 May 2015 13:31:49 [16c4] - ScanFile (C:\swsetup\sp51956\Packages\Drivers\Display\W76A_INF\B111234\atioglxx.dl_) took 6771 ms
17 May 2015 13:31:52 [17ac] - ScanFile (C:\swsetup\sp51956\Packages\Drivers\Display\W7_INF\B111234\atioglxx.dl_) took 7473 ms
17 May 2015 13:32:00 [1798] - ScanFile (C:\swsetup\sp53263\Packages\Drivers\Display\W76A_INF\B114977\atioglxx.dl_) took 7161 ms
17 May 2015 13:32:03 [1284] - ScanFile (C:\swsetup\sp53263\Packages\Drivers\Display\W7_INF\B114977\atioglxx.dl_) took 7426 ms
17 May 2015 13:32:11 [16c4] - ScanFile (C:\swsetup\sp54532\Packages\Drivers\Display\W76A_INF\B122325\atioglxx.dl_) took 6958 ms
17 May 2015 13:32:14 [1184] - ScanFile (C:\swsetup\sp54532\Packages\Drivers\Display\W7_INF\B122325\atioglxx.dl_) took 7847 ms
17 May 2015 13:32:22 [17ac] - Scanning File C:\System Volume Information\{13c0c173-f8f6-11e4-b230-d48564ab468b}{3808876b-c176-4e48-b7ae-04046e6cc752}
17 May 2015 13:32:22 [1500] - Scanning File C:\System Volume Information\{75c5b38f-fc77-11e4-b403-d48564ab468b}{3808876b-c176-4e48-b7ae-04046e6cc752}
17 May 2015 13:32:22 [1284] - Scanning File C:\System Volume Information\{dde90e6a-f9c1-11e4-9281-d48564ab468b}{3808876b-c176-4e48-b7ae-04046e6cc752}
17 May 2015 13:32:22 [1184] - Scanning File C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
17 May 2015 13:32:24 [1798] - ScanFile (C:\swsetup\sp55618\Packages\Drivers\Display\W76A_INF\B126813\atioglxx.dl_) took 7347 ms
17 May 2015 13:32:26 [15a4] - ScanFile (C:\swsetup\sp55618\Packages\Drivers\Display\W7_INF\B126813\atioglxx.dl_) took 7348 ms
17 May 2015 13:37:13 [1470] - ScanFile (C:\Windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.6612\MSACCESS.EXE) took 7067 ms
17 May 2015 13:37:13 [1284] - ScanFile (C:\Windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\WWLIB.DLL) took 10108 ms
17 May 2015 13:37:40 [17ac] - ScanFile (C:\Windows\Installer\214203.msp) took 6583 ms
17 May 2015 13:37:41 [1470] - ScanFile (C:\Windows\Installer\223ac4.msp) took 7270 ms
17 May 2015 13:37:42 [1798] - ScanFile (C:\Windows\Installer\228170.msp) took 6614 ms
17 May 2015 13:37:46 [16c4] - ScanFile (C:\Windows\Installer\29631d.msp) took 6131 ms
17 May 2015 13:37:47 [17ac] - ScanFile (C:\Windows\Installer\296381.msp) took 6069 ms
17 May 2015 13:37:47 [1500] - ScanFile (C:\Windows\Installer\2b5ae1.msp) took 5429 ms
17 May 2015 13:37:48 [1184] - ScanFile (C:\Windows\Installer\1ddeee.msp) took 16723 ms
17 May 2015 13:37:56 [15a4] - ScanFile (C:\Windows\Installer\571e54.msp) took 6676 ms
17 May 2015 13:38:06 [1500] - ScanFile (C:\Windows\Installer\5d7c3a.msp) took 6567 ms
17 May 2015 13:38:07 [1184] - ScanFile (C:\Windows\Installer\628a63.msp) took 5335 ms
17 May 2015 13:38:08 [15a4] - ScanFile (C:\Windows\Installer\628a9e.msp) took 6630 ms
17 May 2015 13:38:12 [17ac] - ScanFile (C:\Windows\Installer\64e243.msp) took 9812 ms
17 May 2015 13:38:16 [1798] - ScanFile (C:\Windows\Installer\7a6a41.msp) took 5428 ms
17 May 2015 13:38:19 [1500] - ScanFile (C:\Windows\Installer\87d15d.msp) took 5445 ms
17 May 2015 13:41:37 [16c4] - ScanFile (C:\Windows\System32\atioglxx.dll) took 5148 ms
17 May 2015 13:42:42 [1798] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\c7100495.inf_amd64_neutral_6e5060fef0783257\B_99826\atioglxx.dll) took 5414 ms
17 May 2015 13:42:43 [17ac] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\c7121996.inf_amd64_neutral_da4744658b698429\B121879\atioglxx.dll) took 5085 ms
17 May 2015 13:49:05 [1184] - ScanFile (C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18044_none_ca35d705cadb185a\ntoskrnl.exe) took 6021 ms
17 May 2015 13:50:03 [16c4] - ScanFile (C:\Windows\winsxs\amd64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7600.17038_none_c85710852b81d6e2\shell32.dll) took 6614 ms
17 May 2015 14:01:03 [1500] - ScanFile (C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_96780994e42bbfd5\mshtml.dll) took 6287 ms
 
17 May 2015 14:05:49 [1030] - ***** Checking for specific ITW Viruses *****
 
17 May 2015 14:05:49 [1030] - ***** Scanning complete. *****
 
17 May 2015 14:05:49 [1030] - Total Objects Scanned: 301011
17 May 2015 14:05:49 [1030] - Total Critical Objects: 3
17 May 2015 14:05:49 [1030] - Total Disinfected Objects: 0
17 May 2015 14:05:49 [1030] - Total Objects Renamed: 0
17 May 2015 14:05:49 [1030] - Total Deleted Objects: 3
17 May 2015 14:05:49 [1030] - Total Errors: 5
17 May 2015 14:05:49 [1030] - Time Elapsed: 00:48:13
17 May 2015 14:05:49 [1030] - Virus Database Date: 17 May 2015
17 May 2015 14:05:49 [1030] - Virus Database Count: 5519494
17 May 2015 14:05:49 [1030] - Sign Version: 7.60626 [519378]
 
17 May 2015 14:05:49 [1030] - Scan Completed.
 
About Zemuna-before it closed i did notice it picked up a couple of trojans (Win32)- nothing else detected anything
 
I also allowed Uniblue Powersuite 2015 to be deleted..I have been using that program for a few years-thought it worked although I have been suspicious...
 
The best for last--PROBLEM SOLVED ! :bananas:  :bounce:
Thanks again for the cleansing :flamethrower:  !
 


#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:33 PM

Posted 18 May 2015 - 01:26 AM

Lets make sure everything is clean, if you wish please see below. :)

 

Adware Removal Tool.
 
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

Source: http://www.techsupportall.com/adware-removal-tool/

LOr0Gd7.png

Hit Ok.

sYFsqHx.png

Hit next make sure to leave all items checked, for removal.

8NcZjGc.png


The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete,  then OK again to finish up. Post log generated by tool.

 

Step 2: ZHP Cleaner.

 

Download and save ZHP Cleaner to your desktop.

http://www.nicolascoolman.fr/download/zhpcleaner-2/

Right Click and run as administrator.

Click on the Repair button.

At the end of the process you will be asked to reboot your machine.

After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 

Step 3: Security Check.

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document

 

 

 

Step 4: Minitoolbox.

 

Please download [b]MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

Eset Scan

http://www.eset.com/us/online-scanner/
 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

 
 
 esetonlinebtn.png
 

  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.


#5 themaninthejar

themaninthejar
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:12:33 AM

Posted 18 May 2015 - 07:07 PM

Its an anti malware tsunami- I love it.... :guitar:



#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:33 PM

Posted 18 May 2015 - 07:12 PM

Only a couple more scans to make certain you are clean and updated, I know you say original issue is solved but these steps will concrete that for you. :)



#7 themaninthejar

themaninthejar
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:12:33 AM

Posted 22 May 2015 - 09:04 AM

Hi again- all done here are the results:(thanks again for looking at all this data)

 

# AdwCleaner v4.204 - Logfile created 17/05/2015 at 15:58:21
# Updated 12/05/2015 by Xplode
# Database : 2015-05-12.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : victor - VICTOR-HP
# Running from : C:\Users\victor\Downloads\adwcleaner_4.204.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Folder Found : C:\Program Files (x86)\Uniblue
Folder Found : C:\ProgramData\Uniblue
Folder Found : C:\ProgramData\Yahoo! Companion
Folder Found : C:\Users\victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjmflmamggggndanpgfnpelongoepncg
Folder Found : C:\Users\victor\AppData\Local\Zoom_Downloader
Folder Found : C:\Users\victor\AppData\LocalLow\HPAppData
Folder Found : C:\Users\victor\AppData\Roaming\Uniblue

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Found : HKLM\SOFTWARE\Uniblue
Key Found : HKLM\SOFTWARE\Uniblue\DriverScanner
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BC29273D-26E1-4A54-944F-9E02E8FBBE73}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17801

-\\ Google Chrome v42.0.2311.152

[C:\Users\victor\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1Qzu0DyEzzyDyCyE0A0ByEyCzz0ByDyCyDzztN0D0Tzu0CtBtCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=224986638
[C:\Users\victor\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\victor\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\victor\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=retail&geo=US&ver=20&locale=en_US&gct=kwd&qsrc=2869
[C:\Users\victor\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://ws.infospace.com/playsushi_tbar/ws/redir?_iceUrl=true&%20user_id=%userid&tool_id=60231&qkw={searchTerms}
[C:\Users\victor\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.wayfair.com/keyword.php?keyword={searchTerms}&ust=&command=dosearch&new_keyword_search=true
[C:\Users\victor\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : jjmflmamggggndanpgfnpelongoepncg

*************************

AdwCleaner[R0].txt - [14158 bytes] - [01/12/2013 10:43:54]
AdwCleaner[R1].txt - [8409 bytes] - [26/08/2014 20:43:04]
AdwCleaner[R2].txt - [5505 bytes] - [17/05/2015 15:58:21]
AdwCleaner[S0].txt - [6179 bytes] - [01/12/2013 10:48:12]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [5623 bytes] ##########

Adware Removal Tool v3.9
Time: 2015_05_22_01_11_50
OS: Windows 7 - 64 Bit
Account Name: victor
U0L0S12

\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}:dllname
Deleted - RegistryKey - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software:Smartbar
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{98889811-442D-49DD-99D7-DC866BE87DBC}

\\ Finished

 

 

 

 

 ZHPCleaner v2015.5.20.247 by Nicolas Coolman (2015\05\20)
~ Run by victor (Administrator)  (22/05/2015 01:42:35)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : No network file
~ Type : Scan
~ Report : C:\Users\victor\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\victor\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)

---\\  Services (0)
~ No malicious items found.

---\\  Browser internet (0)
~ No malicious items found.

---\\  Hosts file (0)
~ No malicious items found.

---\\  Scheduled automatic tasks. (0)
~ No malicious items found.

---\\  Explorer ( File, Folder) (0)
~ No malicious items found.

---\\  Registry ( Key, Value, Data) (0)
~ No malicious items found.

---\\ Result of repair
~ Any repair made
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)

---\\ Statistics
~ Items scanned : 81425
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 0

End of clean at 01:48:04
===================
ZHPCleaner-[R]-22052015-01_34_15.txt
ZHPCleaner-[R]-22052015-01_41_50.txt
ZHPCleaner-[S]-22052015-01_32_07.txt
ZHPCleaner-[S]-22052015-01_32_52.txt
ZHPCleaner-[S]-22052015-01_33_13.txt
ZHPCleaner-[S]-22052015-01_40_19.txt
ZHPCleaner-[S]-22052015-01_48_04.txt

 

 

Results of screen317's Security Check version 1.002 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Norton 360   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Out of date HijackThis  installed!
 Spybot - Search & Destroy
 Secunia PSI (3.0.0.8013)  
 Zemana AntiMalware   
 HijackThis 2.0.2   
 Java 7 Update 79 
 Java™ 6 Update 29 
 Java version 32-bit out of Date!
 Adobe Flash Player 17.0.0.188 
 Adobe Reader XI 
 Google Chrome (42.0.2311.152)
 Google Chrome (43.0.2357.65)
````````Process Check: objlist.exe by Laurent```````` 
 Norton ccSvcHst.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Spybot Teatimer.exe is disabled!
 Malwarebytes Anti-Exploit Malwarebytes Anti-Exploit mbae.exe 
 Malwarebytes Anti-Exploit Malwarebytes Anti-Exploit mbae-svc.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe  
 Malwarebytes Anti-Exploit Malwarebytes Anti-Exploit mbae64.exe 
 Zemana AntiMalware ZAM.exe  
 Symantec Norton Online Backup NOBuAgent.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

 

 

 

MiniToolBox by Farbar  Version: 11-05-2015 01
Ran by victor (administrator) on 22-05-2015 at 01:58:27
Running from "C:\Users\victor\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: p6616f Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
Hosts file not detected in the default directory
========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)
802.11n Wireless LAN Card = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset

popd
# End of IPv4 configuration

 

ESETS:

 

 

C:\Users\victor\Documents\PITCH PERFECT\ppsetup.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application deleted - quarantined
C:\Users\victor\Downloads\ccsetup418 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\victor\Downloads\ccsetup418 (2).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\victor\Downloads\ccsetup418.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\victor\Downloads\ccsetup419 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\victor\Downloads\ccsetup419.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\victor\Downloads\ccsetup500.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\victor\Downloads\ccsetup501.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\victor\Downloads\ccsetup504.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\victor\Downloads\ccsetup505.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\victor\Downloads\dfsetup215.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\victor\Downloads\dfsetup219.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\victor\Downloads\ninja-setup-3.0.6.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Users\victor\Downloads\spsetup128 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\victor\Downloads\spsetup128.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined

 

I also ran CCleaner registry scan here are the results- should I clean these? I'm on the fence when it come to registry cleaning..

 

Missing Shared DLL c:\ProgramData\Macrovision\FLEXnet Connect\11\ui\images\Thumbs.db HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls
Missing Shared DLL C:\Windows\TEMP\InstallAX_17_0_0_188.exe HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls
Missing Shared DLL C:\Windows\TEMP\InstallPlugin_17_0_0_188.exe HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls
Unused File Extension mk HKCR\mk
Unused File Extension res HKCR\res
Unused File Extension . HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.
Unused File Extension .0 HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.0
Open with Application Issue "C:\Program Files (x86)\Uniblue\Powersuite\powersuite.exe" --serial="%1" HKCR\powersuite\shell\open
ActiveX/COM Issue YTNavAssist.YTNavAssistPlugin - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} HKCR\YTNavAssist.YTNavAssistPlugin
ActiveX/COM Issue YTNavAssist.YTNavAssistPlugin.1 - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} HKCR\YTNavAssist.YTNavAssistPlugin.1
ActiveX/COM Issue YTSingleInstance.SingleInstance - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} HKCR\YTSingleInstance.SingleInstance
ActiveX/COM Issue YTSingleInstance.SingleInstance.1 - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} HKCR\YTSingleInstance.SingleInstance.1
ActiveX/COM Issue InProcServer32\C:\Program Files (x86)\Google\Update\1.3.26.9\psmachine.dll HKCR\CLSID\{5E688170-BDC7-48AA-A339-5F74CFDBDC9C}
ActiveX/COM Issue InProcServer32\C:\Windows\system32\wuaucpl.cpl HKCR\CLSID\{5F327514-6C5E-4d60-8F16-D07FA08A78ED}
Missing TypeLib Reference IBackupLocationsShellFolderImpl - {00020424-0000-0000-C000-000000000046} HKCR\Interface\{F0E3A5D7-80C7-4228-90FE-61DF01C417A5}
Application Paths Issue C:\Users\victor\AppData\Local\Temp\mexe.com HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
Application Paths Issue C:\Users\victor\AppData\Local\Temp\mwavscan.exe HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
Application Paths Issue C:\Users\victor\Downloads\powersuite.exe HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted
Application Paths Issue C:\Users\victor\Downloads\dfsetup215.exe HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted
Application Paths Issue C:\Users\victor\Downloads\ccsetup500.exe HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted
Application Paths Issue C:\Users\victor\Downloads\spsetup128 (1).exe HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted
Application Paths Issue C:\Users\victor\Downloads\ccsetup504.exe HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted
Application Paths Issue C:\Users\victor\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0 HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0 HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\de HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\es HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\fr HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\it HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\ja HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\ko HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\ru HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\zh-Hans HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\zh-Hant HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\ar HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\bg HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\ca HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\cs HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\da HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\el HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\et HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\eu HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\fi HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\he HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\hr HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\hu HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\id HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\lt HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\lv HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\ms HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\nl HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\no HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\pl HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\pt-BR HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\pt HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\ro HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\sk HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\sl HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\sr-Cyrl-CS HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\sr-Latn-CS HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\sv HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\th HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\tr HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\uk HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\vi HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\de HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\es HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\fr HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\it HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\ja HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\ko HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\ru HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\zh-Hans HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\zh-Hant HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\ar HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\bg HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\ca HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\cs HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\da HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\el HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\et HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\eu HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\fi HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\he HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\hr HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\hu HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\id HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\lt HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\lv HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\ms HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\nl HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\no HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\pl HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\pt-BR HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\pt HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\ro HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\sk HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\sl HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\sr-Cyrl-CS HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\sr-Latn-CS HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\sv HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\th HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\tr HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\uk HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Installer Reference Issue c:\Program Files\Microsoft Silverlight\5.1.30514.0\vi HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders
Uninstaller Reference Issue C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\\Setup.exe /repair /x86 /x64 HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033
Invalid firewall rule NetPres-In-TCP-NoScope - %SystemRoot%\system32\netproj.exe HKLM\SYSTEM\ControlSet003\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule NetPres-Out-TCP-NoScope - %SystemRoot%\system32\netproj.exe HKLM\SYSTEM\ControlSet003\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule NetPres-WSD-In-UDP - %SystemRoot%\system32\netproj.exe HKLM\SYSTEM\ControlSet003\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule NetPres-WSD-Out-UDP - %SystemRoot%\system32\netproj.exe HKLM\SYSTEM\ControlSet003\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule NetPres-In-TCP - %SystemRoot%\system32\netproj.exe HKLM\SYSTEM\ControlSet003\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule NetPres-Out-TCP - %SystemRoot%\system32\netproj.exe HKLM\SYSTEM\ControlSet003\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule NetPres-In-TCP-NoScope - %SystemRoot%\system32\netproj.exe HKLM\SYSTEM\ControlSet004\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule NetPres-Out-TCP-NoScope - %SystemRoot%\system32\netproj.exe HKLM\SYSTEM\ControlSet004\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule NetPres-WSD-In-UDP - %SystemRoot%\system32\netproj.exe HKLM\SYSTEM\ControlSet004\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule NetPres-WSD-Out-UDP - %SystemRoot%\system32\netproj.exe HKLM\SYSTEM\ControlSet004\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule NetPres-In-TCP - %SystemRoot%\system32\netproj.exe HKLM\SYSTEM\ControlSet004\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Invalid firewall rule NetPres-Out-TCP - %SystemRoot%\system32\netproj.exe HKLM\SYSTEM\ControlSet004\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Missing MUI Reference C:\Users\victor\Downloads\adwcleaner_4.204.exe HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
Missing MUI Reference C:\Users\victor\AppData\Local\Temp\mwavscan.exe HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache

 



#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:33 PM

Posted 22 May 2015 - 05:23 PM

I would uninstall Spybot, also do not clean any registry entries no need. :)

 

 

 

Update you software.

https://patchmypc.net/freeupdater/PatchMyPC.exe

 

https://patchmypc.net/download

 

 

Qualys BrowserCheck To update plugins.

Safe Browsing Tool Web of trust to keep away from shady sites.

Unchecky  To avoid bundled software.

Adblock Plus  To browse the web ad free.

Malwarebytes Anti-Exploit To block Zero day attacks.

Malwarebytes | StartUpLITE To disable un-needed start ups.

http://www.toolwiz.com/en/products/toolwiz-smart-defrag/ Defrag your machine.

adguard use with adblock for basically zero ads

https://chrome.google.com/webstore/detail/adguard-adblocker/bgnkhhnnamicmpeenaelnjfhikgbkllg?hl=en

https://addons.mozilla.org/en-uS/firefox/addon/adguard-adblocker/

 

 

 

Download DelFix by "Xplode" to your Desktop.
Right Click the tool and Run as Admin ( Xp Users Double Click)
Put a check mark next the items below:


Remove disinfection tools
Create registry backup
Purge System Restore




Now click on "Run" button.
allow the program to complete its work.
all the tools we used will be removed.
Tool will create and open a log report (DelFix.txt)
Note: The report can be located at the following location C:\DelFix.txt



#9 themaninthejar

themaninthejar
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:12:33 AM

Posted 22 May 2015 - 06:34 PM

I'm already seeing the benefits system is running quick.

now for the rest- :thumbup2:



#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:33 PM

Posted 22 May 2015 - 06:48 PM

:)



#11 themaninthejar

themaninthejar
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:12:33 AM

Posted 22 May 2015 - 07:06 PM

Ok; done & done except I couldn't get Patch My PC going-Windows had a problem....

 

Still have System Ninja & Zemana- keep?

 

here is the DelFix report:

 

# DelFix v1.010 - Logfile created 22/05/2015 at 19:54:35
# Updated 26/04/2015 by Xplode
# Username : victor - VICTOR-HP
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : C:\TDSSKiller_Quarantine
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hijackthis
Deleted : C:\Users\victor\Desktop\mbar
Deleted : C:\Users\victor\Desktop\RK_Quarantine
Deleted : C:\TDSSKiller.2.8.15.0_07.05.2015_19.34.04_log.txt
Deleted : C:\TDSSKiller.3.0.0.44_07.05.2015_19.34.33_log.txt
Deleted : C:\Users\victor\Desktop\AdwCleaner[R2].txt
Deleted : C:\Users\victor\Desktop\esetsmartinstaller_enu.exe
Deleted : C:\Users\victor\Desktop\JRT (1).exe - Shortcut.lnk
Deleted : C:\Users\victor\Desktop\JRT.txt
Deleted : C:\Users\victor\Desktop\HijackThis.lnk
Deleted : C:\Users\victor\Desktop\Result.txt
Deleted : C:\Users\victor\Desktop\rkill.exe
Deleted : C:\Users\victor\Desktop\RogueKiller.exe
Deleted : C:\Users\victor\Desktop\TDSSKiller - Shortcut.lnk
Deleted : C:\Users\victor\Desktop\unhide.exe
Deleted : C:\Users\victor\Desktop\ZHPCleaner.lnk
Deleted : C:\Users\victor\Desktop\ZHPCleaner.txt
Deleted : C:\Users\victor\Downloads\JRT (1).exe
Deleted : C:\Users\victor\Downloads\JRT.exe
Deleted : C:\Users\victor\Downloads\MiniToolBox (1).exe
Deleted : C:\Users\victor\Downloads\MiniToolBox (2).exe
Deleted : C:\Users\victor\Downloads\MiniToolBox.exe
Deleted : C:\Users\victor\Downloads\sc-cleaner (1).exe
Deleted : C:\Users\victor\Downloads\sc-cleaner (2).exe
Deleted : C:\Users\victor\Downloads\sc-cleaner.exe
Deleted : C:\Users\victor\Downloads\SecurityCheck.exe
Deleted : C:\Users\victor\Downloads\tdsskiller (1).zip
Deleted : C:\Users\victor\Downloads\tdsskiller (2).zip
Deleted : C:\Users\victor\Downloads\tdsskiller (3).zip
Deleted : C:\Users\victor\Downloads\tdsskiller (4).zip
Deleted : C:\Users\victor\Downloads\tdsskiller (5).zip
Deleted : C:\Users\victor\Downloads\tdsskiller (6).zip
Deleted : C:\Users\victor\Downloads\tdsskiller.zip
Deleted : C:\Users\victor\Downloads\ZHPCleaner.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hijackthis
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\HijackThis.exe
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR
 
~ Creating registry backup ... OK
 
~ Cleaning system restore ...
 
Deleted : RP #1138 [Windows Update | 05/13/2015 00:52:04]
Deleted : RP #1139 [Windows Update | 05/13/2015 23:01:35]
Deleted : RP #1140 [Windows Backup | 05/17/2015 09:42:37]
Deleted : RP #1141 [Windows Update | 05/20/2015 23:17:00]
 
New restore point created !
 
########## - EOF - ##########


#12 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:33 PM

Posted 22 May 2015 - 07:50 PM

Uninstall hijack this and all verisons of java, you can keep system ninja and run it once a week. Zemana is trial software for only 15 days, I hope you do not need it but keep in case.

 

I hope you are happy with everything, update java if you need it,

https://www.java.com/en/



#13 themaninthejar

themaninthejar
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:12:33 AM

Posted 22 May 2015 - 08:13 PM

Uninstall hijack this and all verisons of java, you can keep system ninja and run it once a week. Zemana is trial software for only 15 days, I hope you do not need it but keep in case.

 

I hope you are happy with everything, update java if you need it,

https://www.java.com/en/

 

More than happy-ecstatic is more like it  I can't thank you enough!!  cheers!!



#14 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:33 PM

Posted 22 May 2015 - 08:28 PM

Have a wonderful night, may you be as happy as this lady when she feeds her cats!!!!

 



#15 themaninthejar

themaninthejar
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Local time:12:33 AM

Posted 23 May 2015 - 01:38 AM

Cheshire-Cat-GIF.gif






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users