Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet explorer running on its own to random multiple ad sites (Windows 7)


  • Please log in to reply
21 replies to this topic

#1 lcy

lcy

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:22 PM

Posted 17 May 2015 - 01:15 PM

At seemingly sporadic times, there will be random ads sounding off in the background. I checked task manager and found Internet Explorer running in the 'Applications' tab, but no IE windows were present in my taskbar. In the 'Processes' tab, about 3-4 iexplore.exe would be running, with one that is consuming exceptionally high amounts of memory, from 50 K - 350 K. I am unable to 'end task' the IE application but i can temporarily stop the problem by ending all iexplore.exe process. However, after some time the problem reoccurs.

I believe the cause of this problem is due to a dupe Adobe Acrobat site that I was tricked into clicking to download the update just a day prior. Upon the completion of the download, my avast antivirus immediately notified me of the malware and then proceeded to block the infections by sending them to the virus chest. However, that did not seem to fully nullify the malware. I then restarted my computer as I did not want to click anything from the dubious prompts I was presented with. Afterwhich, I deleted whatever I had downloaded. I checked my control panel for any newly installed programs and found something called 'sursenel' that was installed/modified at the same time the virus was detected. However it was located in AppData which I believe to be essential files for the Windows OS, so I have not done anything to it for fear of data corruption. I used avast antivirus to scan that 'sursenel' folder and no threats were found. I have since then done a full system scan using avast antivirus but the only results I've gotten were that some files could not be scanned due to them being password protected and no threats were found otherwise. I have also gone to Control Panel -> Network and Internet -> Internet Options -> Advanced -> Reset IE settings but have not restarted my computer yet for the reset to take effect (the problem reoccured after I resetted but I have not done a computer restart, not sure if that will solve the problem at all).

Not sure how to proceed from here, would kindly appreciate any help I can get.



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:22 PM

Posted 17 May 2015 - 01:35 PM

Download and run wipe  and system ninja,

 

https://privacyroot.com/software/www/en/wipe.php

https://singularlabs.com/software/system-ninja/

 

Then.....

 

Go ahead and install ccleaner Now that you have the program installed go ahead and run the cleaner function.

https://www.piriform.com/ccleaner/download
kwLN4uv.png


Now that you have cleaned out some temp files, lets go ahead and disable all of the items starting up with your machine except your antivirus. To do this you will need to click on tools then start up select each item then disable.

GjWwvEu.png

Now that you have disabled those un-needed start ups lets go into the settings, we will have Ccleaner run when your machine boots, so that you will never have to worry about cleaning temp files again.

To do this:

  • Hit options.
  • Settings.
  • Place a tick to run Ccleaner when the computer starts.


Lxioao1.png

Now go to the advanced tab, and select close program after cleaning, now run the cleaner again this will close Ccleaner.

SnqZ2JW.png

 

Reboot your machine and then follow the  instructions below.

 

Step 1: eScanAV.

 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

Download the eScanAV Anti-Virus Toolkit (MWAV)
http://www.escanav.com/english/content/products/downloadlink/downloadcounter.asp?pcode=MWAV&src=english_dwn&type=alter

 

Source

http://www.escanav.com/english/content/products/downloadlink/downloadproduct.asp?pcode=MWAV
Save the file to your desktop.
Right click run as administrator.
A new icon will appear on your desktop.
Right click run as administrator on new icon.
Click on the update tab.
ZCDJtZN.png
Once you have updated the program, make sure the settings are the same as the picture below.
7DUFn5c.png
Once you have made sure the settings match the picture, hit the Scan & Clean button.
Upon scan completion, click View Log.
ApSVXsQ.png
Copy and paste entire log into your next reply.
Note: Reboot if needed to remove infections.

 

Step 2: Zemana

 

Run a full scan with Zemana antimalware.

http://www.zemana.us/product/zemana-antimalware/default.aspx

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply.

 

 

Step 3: Junkware Removal Tool.
 
Please download Junkware Removal Tool and save it on your desktop.

Source

http://thisisudax.org/

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Step 4: Adware Cleaner.
 
Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


#3 lcy

lcy
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:22 PM

Posted 18 May 2015 - 04:56 AM

*Edit: Oh dear, it seems I forgot to turn off my antivirus before doing this scan. Should I redo this scan?

 

18 May 2015 16:15:15 [1a08] - **********************************************************
18 May 2015 16:15:15 [1a08] - MWAV - eScanAV AntiVirus Toolkit.
18 May 2015 16:15:15 [1a08] - Copyright © MicroWorld Technologies
18 May 2015 16:15:15 [1a08] - **********************************************************
18 May 2015 16:15:15 [1a08] - Version 14.0.178 (C:\USERS\USER\APPDATA\LOCAL\TEMP\MWAVSCAN.EXE)
18 May 2015 16:15:15 [1a08] - Log File: C:\Users\user\AppData\Local\Temp\LOG\MWAV.LOG
18 May 2015 16:15:15 [1a08] - MWAV Registered: TRUE
18 May 2015 16:15:15 [1a08] - User Account: user (Administrator Mode)
18 May 2015 16:15:15 [1a08] - OS Type: Windows Workstation [InstallType: Client]
18 May 2015 16:15:15 [1a08] - OS: Windows 7 64-Bit [OS Install Date: 23 Aug 2012 21:53:47]
18 May 2015 16:15:15 [1a08] - Ver: Personal Service Pack 1 (Build 7601)
18 May 2015 16:15:15 [1a08] - System Up Time: 13 Minutes, 30 Seconds


18 May 2015 16:15:15 [1a08] - Parent Process Name : c:\Windows\explorer.exe
18 May 2015 16:15:15 [1a08] - Windows Root  Folder: C:\Windows
18 May 2015 16:15:15 [1a08] - Windows Sys32 Folder: C:\Windows\system32
18 May 2015 16:15:15 [1a08] - DHCP NameServer: 192.168.1.254
18 May 2015 16:15:15 [1a08] - Interface0 DHCPNameServer: 192.168.1.254
18 May 2015 16:15:15 [1a08] - Interface1 DHCPNameServer: 192.168.1.254
18 May 2015 16:15:15 [1a08] - ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555
18 May 2015 16:15:15 [1a08] - ProxyOverride: 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>
18 May 2015 16:15:15 [1a08] - Proxy Connection: DISABLED
18 May 2015 16:15:15 [1a08] - Local Fixed Drives: c:\,d:\,q:\
18 May 2015 16:15:15 [1a08] - MWAV Mode(A): Scan and Clean files (for viruses, adware and spyware)
18 May 2015 16:15:15 [1a08] - [CREATED ZIP FILE: C:\Users\user\AppData\Local\Temp\pinfect.zip]
18 May 2015 16:15:15 [1a08] - Latest Date of files inside MWAV: Mon May 18 10:16:13 2015.
18 May 2015 16:15:15 [1a08] - Loading/Creating FileScan Cache Database C:\ProgramData\MicroWorld\MWAV\ESCANDBY.MDB [Log: C:\Users\user\AppData\Local\Temp\LOG\ESCANDB.LOG]
18 May 2015 16:15:15 [1a08] - Loaded/Created FileScan Cache Database...
18 May 2015 16:15:15 [1a08] - Loading AV Library [DB]...
18 May 2015 16:15:18 [1a08] - ArchiveScan: DISABLED
18 May 2015 16:15:18 [1a08] - AV Library Loaded - MultiThreaded - 8 : [DB-DIRECT].
18 May 2015 16:15:18 [1a08] - MWAV doing self scanning...
18 May 2015 16:15:18 [1a08] - MWAV files are clean.
18 May 2015 16:15:18 [1a08] - ArchiveScan: DISABLED
18 May 2015 16:15:18 [1a08] - Virus Database Date: 18 May 2015
18 May 2015 16:15:18 [1a08] - Virus Database Count: 5511678
18 May 2015 16:15:18 [1a08] - Sign Version: 7.59505 [518257]
18 May 2015 16:15:43 [1a08] - Downloading AntiVirus and Anti-Spyware Databases...
18 May 2015 16:18:19 [1a08] - Update Successful...
18 May 2015 16:18:39 [1a08] - Indexed Spyware Databases Successfully Created...
18 May 2015 16:18:39 [1a08] - Old Sign Version: 7.60639    New Sign Version: 7.60639
18 May 2015 16:18:39 [1a08] - Not Reloading the AntiVirus Database, as Signatures are Same...
 
18 May 2015 16:19:16 [1a08] - **********************************************************
18 May 2015 16:19:16 [1a08] - MWAV - eScanAV AntiVirus Toolkit.
18 May 2015 16:19:16 [1a08] - Copyright © MicroWorld Technologies
18 May 2015 16:19:16 [1a08] -
18 May 2015 16:19:16 [1a08] - Support: support@escanav.com
18 May 2015 16:19:16 [1a08] - Web: http://www.escanav.com
18 May 2015 16:19:16 [1a08] - **********************************************************
18 May 2015 16:19:16 [1a08] - Version 14.0.178[DB] (C:\USERS\USER\APPDATA\LOCAL\TEMP\MWAVSCAN.EXE)
18 May 2015 16:19:16 [1a08] - Log File: C:\Users\user\AppData\Local\Temp\LOG\MWAV.LOG
18 May 2015 16:19:16 [1a08] - User Account: user (Administrator Mode)
18 May 2015 16:19:16 [1a08] - Parent Process Name : c:\Windows\explorer.exe
18 May 2015 16:19:16 [1a08] - Windows Root  Folder: C:\Windows
18 May 2015 16:19:16 [1a08] - Windows Sys32 Folder: C:\Windows\system32
18 May 2015 16:19:16 [1a08] - OS: Windows 7 64-Bit [OS Install Date: 23 Aug 2012 21:53:47]
18 May 2015 16:19:16 [1a08] - Ver: Personal Service Pack 1 (Build 7601)
18 May 2015 16:19:16 [1a08] - Latest Date of files inside MWAV: Mon May 18 10:16:13 2015.
 
18 May 2015 16:19:17 [2604] - Options Selected by User:
18 May 2015 16:19:17 [2604] - Memory Check: Enabled
18 May 2015 16:19:17 [2604] - Registry Check: Enabled
18 May 2015 16:19:17 [2604] - StartUp Folder Check: Enabled
18 May 2015 16:19:17 [2604] - System Folder Check: Enabled
18 May 2015 16:19:17 [2604] - Services Check: Enabled
18 May 2015 16:19:17 [2604] - Scan Spyware: Enabled
18 May 2015 16:19:17 [2604] - Scan Archives: Disabled
18 May 2015 16:19:17 [2604] - Drive Check: Enabled
18 May 2015 16:19:17 [2604] - All Drive Check :Disabled
18 May 2015 16:19:17 [2604] - Drive Selected = C:\
18 May 2015 16:19:17 [2604] - Folder Check: Disabled
18 May 2015 16:19:17 [2604] - SCAN: All_Files [ANSI]
18 May 2015 16:19:17 [2604] - MWAV Mode( B): Scan and Clean files (for viruses, adware and spyware)
 
18 May 2015 16:19:17 [2604] - Scanning DNS Records...
18 May 2015 16:19:17 [2604] - Scanning Master Boot Record (User)...
18 May 2015 16:19:17 [2604] - Scanning Logical Boot Records...
18 May 2015 16:19:17 [2604] - ***** Scanning For Hidden Rootkit Processes *****
18 May 2015 16:19:17 [2604] - ***** Scanning For Hidden Rootkit Services *****
 
18 May 2015 16:19:29 [2604] - ***** Scanning Memory Files *****
 
18 May 2015 16:19:41 [2604] - ***** Scanning Registry Files *****
18 May 2015 16:19:42 [2604] - ERROR(3)!!! Invalid Entry  = C:\Users\user\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll (in key HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}). Action Taken: Removing it.
18 May 2015 16:20:20 [2604] - ERROR(3)!!! Invalid Entry  = C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (in key HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}). Action Taken: Removing it.
18 May 2015 16:20:20 [2604] - ERROR(3)!!! Invalid Entry  = C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe64.dll (in key HKLM64\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}). Action Taken: Removing it.
18 May 2015 16:20:21 [2604] - ERROR(3)!!! Invalid Entry  = C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (in key HKLM64\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}). Action Taken: Removing it.
18 May 2015 16:20:22 [2604] - ERROR(3)!!! Invalid Entry CLSID = C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe32.dll (in key HKCR\Protocols\Handler\tmbp). Action Taken: Removing it.
 
18 May 2015 16:20:23 [2604] - ***** Scanning StartUp Folders *****
18 May 2015 16:21:36 [2324] - ScanFile (C:\ProgramData\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE) took 5398 ms
 
18 May 2015 16:21:46 [2604] - ***** Scanning Service Files *****
18 May 2015 16:21:46 [1b34] - Scanning File C:\ProgramData\..\K55VM.BIN
18 May 2015 16:22:01 [2604] - ERROR(2)!!! Invalid Entry \??\C:\Windows\system32\drivers\EagleX64.sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\EagleX64.
18 May 2015 16:22:24 [2604] - ERROR(2)!!! Invalid Entry "%SystemRoot%\System32\Drivers\PTSimBus.sys". Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\PTSimBus.
18 May 2015 16:22:24 [2604] - ERROR(2)!!! Invalid Entry "%SystemRoot%\System32\Drivers\PTSimHid.sys". Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\PTSimHid.
18 May 2015 16:22:30 [2604] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TrkWks].
 
18 May 2015 16:22:39 [2604] - ***** Scanning Registry and File system for Adware/Spyware *****
18 May 2015 16:22:39 [2604] - Loading Spyware Signatures from new External Database [Name: C:\Users\user\AppData\Local\Temp\spydb.avs, Size: 464724]...
18 May 2015 16:22:39 [2604] - Indexed Spyware Databases Successfully Created...
 
18 May 2015 16:22:45 [2604] - Offending file found: C:\Users\user\Documents\Rainmeter\Skins\Enigma\Taskbar\Search\Run\Run.ini
18 May 2015 16:22:45 [2604] - System found infected with SmartAdware Spyware/Adware (Run.ini)! Action taken: File Deleted.
18 May 2015 16:22:45 [2604] - Object "SmartAdware Spyware/Adware" found in File System! Action Taken: File Deleted.

18 May 2015 16:22:46 [2604] - Offending file found: C:\ProgramData\Promote Installer\Starter.exe
18 May 2015 16:22:46 [2604] - System found infected with PrecisionPop Spyware/Adware (Starter.exe)! Action taken: File Deleted.
18 May 2015 16:22:46 [2604] - Object "PrecisionPop Spyware/Adware" found in File System! Action Taken: File Deleted.

 
18 May 2015 16:22:47 [2604] - ***** Scanning Registry Files *****
18 May 2015 16:22:47 [2604] - ERROR(3)!!! Invalid Entry  = C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\TmBpIe64.dll (in key HKLM64\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}). Action Taken: Removing it.
18 May 2015 16:22:47 [2604] - ERROR(3)!!! Invalid Entry  = C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (in key HKLM64\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}). Action Taken: Removing it.
18 May 2015 16:22:47 [2604] - ** Value in HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
18 May 2015 16:22:47 [2604] - ** Deleted Value of "NoActiveDesktop" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer". Its value was DWORD:1.
18 May 2015 16:22:47 [2604] - ** Deleted Value of "ForceActiveDesktopOn" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer". Its value was DWORD:0.
18 May 2015 16:22:47 [2604] - ** Deleted Value of "NoComponents" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop". Its value was DWORD:1.
18 May 2015 16:22:47 [2604] - ** Deleted Value of "NoAddingComponents" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop". Its value was DWORD:1.
18 May 2015 16:22:49 [2604] - ** Value in 64-bit HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
 
18 May 2015 16:22:49 [2604] - ***** Scanning System32 Folders *****
18 May 2015 16:23:12 [0104] - ScanFile (C:\Windows\SysWOW64\igdfcl32.dll) took 9485 ms
 
 
18 May 2015 16:23:41 [2604] - ***** Scanning Drive C:\ *****
18 May 2015 16:24:28 [1b34] - ScanFile (C:\eSupport\eDriver\Software\Display\Intel\HD_Graphics(ChiefRiver)\Win7_64_8.15.10.2653\Graphics\igdfcl32.dll) took 10717 ms
18 May 2015 16:24:32 [0104] - ScanFile (C:\eSupport\eDriver\Software\Display\nVidia\N13X_R295\Win7_64_8.17.12.9616\Display.Driver\nvcompiler.dl_) took 6006 ms
18 May 2015 16:24:37 [1b34] - ScanFile (C:\eSupport\eDriver\Software\Display\nVidia\N13X_R295\Win7_64_8.17.12.9616\Display.Driver\nvoglv32.dl_) took 8003 ms
18 May 2015 16:24:43 [1170] - ScanFile (C:\eSupport\eDriver\Software\Display\nVidia\N13X_R295\Win7_64_8.17.12.9616\Display.Driver\nvoglv64.dl_) took 14009 ms
18 May 2015 16:27:57 [1bc4] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.0\nvd3dumx.dl_) took 5819 ms
18 May 2015 16:27:57 [2304] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.0\nvcompiler.dl_) took 9594 ms
18 May 2015 16:27:59 [1b34] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.0\nvoglv32.dl_) took 6708 ms
18 May 2015 16:28:03 [1bc4] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.1\nvcompiler32.dl_) took 6069 ms
18 May 2015 16:28:06 [1b10] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.1\nvcompiler.dl_) took 8643 ms
18 May 2015 16:28:07 [2324] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.1\nvd3dumx.dl_) took 6802 ms
18 May 2015 16:28:07 [1170] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.0\nvoglv64.dl_) took 14789 ms
18 May 2015 16:28:12 [2304] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.1\nvwgf2um.dl_) took 5553 ms
18 May 2015 16:28:12 [1b34] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.1\nvwgf2umx.dl_) took 5647 ms
18 May 2015 16:28:13 [0104] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.1\nvoglv64.dl_) took 9251 ms
18 May 2015 16:28:14 [1bc4] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.1\nvoglv32.dl_) took 9797 ms
18 May 2015 16:28:23 [2304] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.2\nvoglv64.dl_) took 8751 ms
18 May 2015 16:28:24 [1bc4] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.2\nvoglv32.dl_) took 9766 ms
18 May 2015 16:28:28 [2324] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.2\nvcompiler.dl_) took 19750 ms
18 May 2015 16:28:28 [1b34] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3103B4FE-5BDE-4A4C-9A04-78359451996B}\nvcuda64.dl_) took 5101 ms
18 May 2015 16:28:28 [1170] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3103B4FE-5BDE-4A4C-9A04-78359451996B}\nvcompiler32.dl_) took 6614 ms
18 May 2015 16:28:31 [2304] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3103B4FE-5BDE-4A4C-9A04-78359451996B}\nvd3dum.dl_) took 5258 ms
18 May 2015 16:28:37 [1170] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3103B4FE-5BDE-4A4C-9A04-78359451996B}\nvopencl64.dl_) took 6599 ms
18 May 2015 16:28:37 [1b10] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3103B4FE-5BDE-4A4C-9A04-78359451996B}\nvcompiler.dl_) took 15881 ms
18 May 2015 16:28:39 [2324] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3103B4FE-5BDE-4A4C-9A04-78359451996B}\nvwgf2um.dl_) took 5413 ms
18 May 2015 16:28:43 [0104] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3103B4FE-5BDE-4A4C-9A04-78359451996B}\nvwgf2umx.dl_) took 9251 ms
18 May 2015 16:28:44 [1170] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{57CDA9D8-559D-4EBD-A050-0427E57DDA0C}\nvcompiler32.dl_) took 6115 ms
18 May 2015 16:28:45 [1b34] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{57CDA9D8-559D-4EBD-A050-0427E57DDA0C}\nvcuda32.dl_) took 6021 ms
18 May 2015 16:28:47 [2304] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{57CDA9D8-559D-4EBD-A050-0427E57DDA0C}\nvcuda64.dl_) took 7690 ms
18 May 2015 16:28:51 [1bc4] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3103B4FE-5BDE-4A4C-9A04-78359451996B}\nvoglv32.dl_) took 21279 ms
18 May 2015 16:28:51 [1bc4] - Scanning of C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3103B4FE-5BDE-4A4C-9A04-78359451996B}\nvoglv32.dl_ Timed out!!!
18 May 2015 16:28:52 [1b10] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{57CDA9D8-559D-4EBD-A050-0427E57DDA0C}\nvcompiler.dl_) took 14337 ms
18 May 2015 16:28:53 [1aa8] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3103B4FE-5BDE-4A4C-9A04-78359451996B}\nvoglv64.dl_) took 22994 ms
18 May 2015 16:28:53 [1aa8] - Scanning of C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3103B4FE-5BDE-4A4C-9A04-78359451996B}\nvoglv64.dl_ Timed out!!!
18 May 2015 16:28:53 [2324] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{57CDA9D8-559D-4EBD-A050-0427E57DDA0C}\nvd3dum.dl_) took 8689 ms
18 May 2015 16:28:57 [1b34] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{57CDA9D8-559D-4EBD-A050-0427E57DDA0C}\nvlddmkm.sy_) took 6661 ms
18 May 2015 16:28:59 [1170] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{57CDA9D8-559D-4EBD-A050-0427E57DDA0C}\nvd3dumx.dl_) took 13729 ms
18 May 2015 16:29:04 [1aa8] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{57CDA9D8-559D-4EBD-A050-0427E57DDA0C}\nvwgf2um.dl_) took 8362 ms
18 May 2015 16:29:07 [1170] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{A4F33333-F49D-4B5B-9508-2EDBED654E81}\nvcompiler32.dl_) took 7410 ms
18 May 2015 16:29:12 [0104] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{57CDA9D8-559D-4EBD-A050-0427E57DDA0C}\nvwgf2umx.dl_) took 16100 ms
18 May 2015 16:29:12 [1bc4] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{A4F33333-F49D-4B5B-9508-2EDBED654E81}\nvcompiler.dl_) took 12839 ms
18 May 2015 16:29:12 [1b10] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{57CDA9D8-559D-4EBD-A050-0427E57DDA0C}\nvoglv32.dl_) took 19702 ms
18 May 2015 16:29:17 [1b34] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{A4F33333-F49D-4B5B-9508-2EDBED654E81}\nvd3dumx.dl_) took 10172 ms
18 May 2015 16:29:17 [2324] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{A4F33333-F49D-4B5B-9508-2EDBED654E81}\nvd3dum.dl_) took 10312 ms
18 May 2015 16:29:20 [0104] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{A4F33333-F49D-4B5B-9508-2EDBED654E81}\nvlddmkm.sy_) took 6865 ms
18 May 2015 16:29:25 [2304] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{57CDA9D8-559D-4EBD-A050-0427E57DDA0C}\nvoglv64.dl_) took 32526 ms
18 May 2015 16:29:25 [2304] - Scanning of C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{57CDA9D8-559D-4EBD-A050-0427E57DDA0C}\nvoglv64.dl_ Timed out!!!
18 May 2015 16:29:27 [2324] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{A4F33333-F49D-4B5B-9508-2EDBED654E81}\nvwgf2um.dl_) took 7878 ms
18 May 2015 16:29:30 [1aa8] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{A4F33333-F49D-4B5B-9508-2EDBED654E81}\nvoglv64.dl_) took 13619 ms
18 May 2015 16:29:30 [1bc4] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{A4F33333-F49D-4B5B-9508-2EDBED654E81}\nvoglv32.dl_) took 14836 ms
18 May 2015 16:29:31 [1b10] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{A4F33333-F49D-4B5B-9508-2EDBED654E81}\nvwgf2umx.dl_) took 11310 ms
18 May 2015 16:30:23 [1bc4] - ScanFile (C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroExt\libcef.dll) took 7831 ms
18 May 2015 16:31:29 [1b10] - ScanFile (C:\Program Files (x86)\Common Files\Windows Live\.cache\46ca18d91ccee1002\Silverlight.4.0.exe) took 5632 ms
18 May 2015 16:32:23 [1aa8] - C:\Program Files (x86)\Garena Plus\Room\AutoUpdate\Skin\Skin.ggz not Scanned. Possibly password protected...
18 May 2015 16:33:39 [0104] - ScanFile (C:\Program Files (x86)\GarenaLoL\GameData\Apps\LoL\Air\css\fonts_zh_MY.swf) took 8439 ms
18 May 2015 16:34:33 [1170] - ScanFile (C:\Program Files (x86)\GarenaLoL\im_installer.exe) took 7067 ms
18 May 2015 16:35:59 [0104] - ScanFile (C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0oemBingBarSetup-Partner.EXE) took 6099 ms
18 May 2015 16:36:46 [1bc4] - ScanFile (C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0oemBingBarSetup-Partner.EXE) took 7285 ms
18 May 2015 16:38:02 [1aa8] - ScanFile (C:\Program Files (x86)\osu!\osu!gameplay.dll) took 12262 ms
18 May 2015 16:38:09 [0104] - ScanFile (C:\Program Files (x86)\osu!\osu!ui.dll) took 18782 ms
18 May 2015 16:51:04 [1bc4] - Scanning File C:\Program Files (x86)\osu!\Songs\46671 ZUN - Greenwich in the Sky\ZUN - ôVï=é¦âOâèâjâbâW (JhowM).osb
18 May 2015 16:54:44 [2324] - ScanFile (C:\Program Files (x86)\osu!\_pending\osu!ui.dll) took 10811 ms
18 May 2015 16:55:27 [1b34] - ScanFile (C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Printing.dll) took 5116 ms
18 May 2015 16:55:32 [2304] - ScanFile (C:\Program Files (x86)\Skype\Phone\Skype.exe) took 7207 ms
18 May 2015 16:59:08 [0104] - ScanFile (C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\Torchlight2.exe) took 10328 ms
18 May 2015 16:59:38 [1aa8] - ScanFile (C:\Program Files (x86)\Torchlight 2 Rapid Respec\Uninstall.exe) took 6068 ms
18 May 2015 17:00:24 [1bc4] - ScanFile (C:\Program Files (x86)\Wizet\MapleStorySEA\HShield\ehsvc.dll) took 6895 ms
18 May 2015 17:00:28 [1bc4] - Scanning File C:\System Volume Information\{33fcf139-fbfa-11e4-97d8-dc85de066b50}{3808876b-c176-4e48-b7ae-04046e6cc752}
18 May 2015 17:00:28 [0104] - Scanning File C:\System Volume Information\{bf612bb1-f941-11e4-a6a2-dc85de066b50}{3808876b-c176-4e48-b7ae-04046e6cc752}
18 May 2015 17:00:28 [1170] - Scanning File C:\System Volume Information\{9bad79f6-fbf8-11e4-92ef-dc85de066b50}{3808876b-c176-4e48-b7ae-04046e6cc752}
18 May 2015 17:00:28 [1b10] - Scanning File C:\System Volume Information\{b756664e-fc74-11e4-91ff-dc85de066b50}{3808876b-c176-4e48-b7ae-04046e6cc752}
18 May 2015 17:00:29 [1b34] - Scanning File C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
18 May 2015 17:00:29 [2304] - ScanFile (C:\Program Files (x86)\Wizet\MapleStorySEA\MapleStory.exe) took 10468 ms
18 May 2015 17:00:47 [0104] - ScanFile (C:\Users\user\AppData\Local\Google\Chrome\User Data\PepperFlash\16.0.0.305\pepflashplayer.dll) took 6053 ms
18 May 2015 17:00:51 [1170] - ScanFile (C:\Users\user\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.796\_platform_specific\win_x86\widevinecdm.dll) took 9485 ms
18 May 2015 17:03:20 [1b10] - ScanFile (C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.tmp) took 6068 ms
18 May 2015 17:03:54 [1aa8] - ScanFile (C:\Users\user\AppData\LocalLow\Macromedia\Shockwave Player\xtras\download\MacromediaInc\FlashAsset\Flash Asset.x32) took 5179 ms
18 May 2015 17:03:54 [2304] - ScanFile (C:\Users\user\AppData\LocalLow\Adobe\Shockwave Player 12\xtras\download\AdobeSystemsIncorporated\FlashAsset\Flash Asset.x32) took 6147 ms
18 May 2015 17:05:54 [2324] - ScanFile (C:\Users\user\Downloads\GeoGebra-Windows-Installer-4-2-36-0.exe) took 6879 ms
18 May 2015 17:06:06 [1b34] - ScanFile (C:\Users\user\Downloads\vlc-2.0.5-win32.exe) took 7785 ms
18 May 2015 17:06:09 [1bc4] - ScanFile (C:\Users\user\Downloads\OP.zip) took 15600 ms
18 May 2015 17:14:34 [1b10] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_neutral_5a0ac3be694a5346\igdfcl32.dll) took 9594 ms
18 May 2015 17:14:46 [1aa8] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_neutral_07840e874f9eed4e\nvcompiler32.dll) took 6115 ms
18 May 2015 17:14:54 [1b10] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_neutral_6d8637675f6881b6\nvcompiler32.dll) took 6442 ms
18 May 2015 17:14:58 [0104] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\nvam.inf_amd64_neutral_31e8de35c3ac9242\nvlddmkm.sys) took 12371 ms
18 May 2015 17:15:03 [1bc4] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_neutral_012907d3c8ea9cf5\nvcompiler32.dll) took 6646 ms
18 May 2015 17:15:07 [2324] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_neutral_205a5f270d7272ee\NvCplSetupInt.exe) took 6178 ms
18 May 2015 17:15:11 [2304] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_neutral_6378ab40ed984894\nvcompiler32.dll) took 5444 ms
18 May 2015 17:16:02 [0104] - ScanFile (C:\Windows\System32\igdfcl32.dll) took 6661 ms
18 May 2015 17:16:26 [1b34] - ScanFile (C:\Windows\System32\nvcompiler.dll) took 5241 ms
18 May 2015 17:21:32 [2324] - ScanFile (C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18044_none_ca35d705cadb185a\ntoskrnl.exe) took 5460 ms
18 May 2015 17:22:44 [1170] - ScanFile (C:\Windows\winsxs\amd64_microsoft-windows-shell32_31bf3856ad364e35_6.1.7600.17038_none_c85710852b81d6e2\shell32.dll) took 12262 ms
18 May 2015 17:48:16 [2304] - ScanFile (C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_96780994e42bbfd5\mshtml.dll) took 5725 ms
18 May 2015 17:48:30 [0104] - ScanFile (C:\Windows\winsxs\wow64_microsoft-windows-ieframe_31bf3856ad364e35_10.2.9200.20831_none_d5e39a706cb235e6\ieframe.dll) took 5273 ms
18 May 2015 17:51:36 [1b10] - ScanFile (C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17944_none_6e176360127d73e2\ntoskrnl.exe) took 5678 ms
 
18 May 2015 17:52:48 [2604] - ***** Checking for specific ITW Viruses *****
 
18 May 2015 17:52:48 [2604] - ***** Scanning complete. *****
 
18 May 2015 17:52:48 [2604] - Total Objects Scanned: 369664
18 May 2015 17:52:48 [2604] - Total Critical Objects: 2
18 May 2015 17:52:48 [2604] - Total Disinfected Objects: 0
18 May 2015 17:52:48 [2604] - Total Objects Renamed: 0
18 May 2015 17:52:48 [2604] - Total Deleted Objects: 2
18 May 2015 17:52:48 [2604] - Total Errors: 10
18 May 2015 17:52:48 [2604] - Time Elapsed: 01:16:57
18 May 2015 17:52:48 [2604] - Virus Database Date: 18 May 2015
18 May 2015 17:52:48 [2604] - Virus Database Count: 5511678
18 May 2015 17:52:48 [2604] - Sign Version: 7.59505 [518257]
 
18 May 2015 17:52:48 [2604] - Scan Completed.
 


Edited by lcy, 18 May 2015 - 04:59 AM.


#4 lcy

lcy
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:22 PM

Posted 18 May 2015 - 05:47 AM

I was prompted with a scheduled scan (I presume that to be a smart/quick scan) upon the restart of my computer so I just went ahead with it anyway. Going through with the deep scan at the moment.

*Edit: For some reason I am repeatedly unable to run a deep scan with Zemana, it keeps crashing before the scan can be completed. However in one of the scans that I attempted, encecal.dll located in sursenel was detected to be malicious so i ran a Path scan on sursenel using Zemana and quarantined encecal.dll. Updating this post with the path scan log.

 

Scheduled scan

 

Zemana AntiMalware 2.11.2.514 (Installed)
-------------------------------------------------------
Scan Result           : Completed
Scan Date             : 2015/5/18
Operating System      : Windows 7 64-bit
Processor             : 8X Intel® Core™ i7-3610QM CPU @ 2.30GHz
BIOS Mode             : UEFI
CUID                  : 00BF50C8AFEF23408C7A60
Scan Type             : Scheduled Scan
Duration              : 5m 3s
Scanned Objects       : 18368
Detected Objects      : 2
Excluded Objects      : 0
Read Level            : SCSI
Auto Upload           : Yes
Show All Extensions   : No
Scan Documents        : Yes
Domain Info           : WORKGROUP,1,2


Detected Objects
-------------------------------------------------------
Proxy Server (User)
   Status             : Scanned
   Object             : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detection          : Suspicious Setting
   Cleaning Action    : Delete
   Traces             :
                Registry - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer

ticyver.dll
   Status             : Scanned
   Object             : %appdata%\sursenel\ticyver.dll
   MD5                : 936DF537F21E98B4E3A9EC80D8AE1A00
   Publisher          : -
   Size               : 168960
   Version            : -
   Detection          : Adware:Win64/Blackoat.A!Eclr
   Cleaning Action    : Quarantine
   Traces             :
                File - %appdata%\sursenel\ticyver.dll
                Registry - HKCU\SOFTWARE\Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32\@


Cleaning Result
-------------------------------------------------------
Cleaned               : 2
Reported as safe      : 0
Failed                : 0
 

 

Path scan

 

Zemana AntiMalware 2.11.2.514 (Installed)
-------------------------------------------------------
Scan Result           : Completed
Scan Date             : 2015/5/18
Operating System      : Windows 7 64-bit
Processor             : 8X Intel® Core™ i7-3610QM CPU @ 2.30GHz
BIOS Mode             : UEFI
CUID                  : 00BF50C8AFEF23408C7A60
Scan Type             : Path Scan
Duration              : 0m 6s
Scanned Objects       : 1
Detected Objects      : 1
Excluded Objects      : 0
Read Level            : SCSI
Auto Upload           : Yes
Show All Extensions   : No
Scan Documents        : Yes
Domain Info           : WORKGROUP,1,2


Detected Objects
-------------------------------------------------------
encecal.dll
   Status             : Scanned
   Object             : %appdata%\sursenel\encecal.dll
   MD5                : 78E1C1134DAFF65C33432CB711A9CD0B
   Publisher          : -
   Size               : 140800
   Version            : -
   Detection          : Adware:Win32/Vorniac.A!Aaak
   Cleaning Action    : Quarantine
   Traces             :
                File - %appdata%\sursenel\encecal.dll


Cleaning Result
-------------------------------------------------------
Cleaned               : 1
Reported as safe      : 0
Failed                : 0
 


Edited by lcy, 18 May 2015 - 06:09 AM.


#5 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:22 PM

Posted 18 May 2015 - 06:15 AM

OK, continue with the other scans.



#6 lcy

lcy
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:22 PM

Posted 18 May 2015 - 06:22 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.2 (05.15.2015:1)
OS: Windows 7 Home Premium x64
Ran by user on Mon 18/05/2015 at 19:18:32.02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 18/05/2015 at 19:22:05.24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:22 PM

Posted 18 May 2015 - 06:26 AM

After the Adware Cleaner scan, run these please.

 

Adware Removal Tool.
 
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

Source: http://www.techsupportall.com/adware-removal-tool/

LOr0Gd7.png

Hit Ok.

sYFsqHx.png

Hit next make sure to leave all items checked, for removal.

8NcZjGc.png


The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete,  then OK again to finish up. Post log generated by tool.

 

Step 2: ZHP Cleaner.

 

Download and save ZHP Cleaner to your desktop.

http://www.nicolascoolman.fr/download/zhpcleaner-2/

Right Click and run as administrator.

Click on the Repair button.

At the end of the process you will be asked to reboot your machine.

After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 

Step 3: Security Check.

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document

 

 

 

Step 4: Minitoolbox.

 

Please download [b]MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

Eset Scan

http://www.eset.com/us/online-scanner/
 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

 
 
 esetonlinebtn.png
 

  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.


#8 lcy

lcy
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:22 PM

Posted 18 May 2015 - 06:32 AM

# AdwCleaner v4.204 - Logfile created 18/05/2015 at 19:24:45
# Updated 12/05/2015 by Xplode
# Database : 2015-05-12.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : user - USER-PC
# Running from : C:\Users\user\Downloads\adwcleaner_4.204.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : hshld

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\users\user\AppData\LocalLow\AskToolbar

***** [ Scheduled tasks ] *****

Task Deleted : Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\SpeedBit
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Key Deleted : [x64] HKLM\SOFTWARE\SpeedBit
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;<local>

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Mozilla Firefox v38.0.1 (x86 en-US)


-\\ Google Chrome v42.0.2311.152

[C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : aaaaojmikegpiepcfdkkjaplodkpfmlo
[C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Default_Search_Provider_Data] : hxxps://sg.search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=926458&p={searchTerms}",
         "usage_count": 0
      }
   },
   "extensions": {
      "settings": {
         "aaaaojmikegpiepcfdkkjaplodkpfmlo": {
            "ack_external": true,
            "active_permissions": {
               "api": [ "bookmarks", "contextMenus", "cookies", "geolocation", "history", "idle", "management", "notifications", "plugin", "tabs", "unlimitedStorage" ],
               "explicit_host": [ "chrome://favicon/*", "hxxp://*/*", "hxxps://*/*" ],
               "manifest_permissions": [  ],
               "scriptable_host": [ "*://*.ask.com/

*************************

AdwCleaner[R0].txt - [7498 bytes] - [18/05/2015 19:23:53]
AdwCleaner[S0].txt - [7337 bytes] - [18/05/2015 19:24:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7396  bytes] ##########
 



#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:22 PM

Posted 18 May 2015 - 06:34 AM

Continue on down the list, let me know if the issue is any better as well. :)



#10 lcy

lcy
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:22 PM

Posted 18 May 2015 - 06:47 AM

 
 

Haven't had an outbreak of the problem for a few hours now, will keep you updated. Thanks :)

 

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Adware Removal Tool v3.9
Time: 2015_05_18_19_38_55
OS: Windows 7 - 64 Bit
Account Name: user
U0L0S24

\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

Deleted - File - C:\program files (x86)\osu!\Songs\35992 Glutamine - Babylon\Glutamine - Babylon (CSY the corrupt) [BakaHard].osu
Deleted - File - C:\program files (x86)\osu!\Songs\35992 Glutamine - Babylon\Glutamine - Babylon (CSY the corrupt) [Corruption].osu
Deleted - File - C:\program files (x86)\osu!\Songs\35992 Glutamine - Babylon\Glutamine - Babylon (CSY the corrupt) [Easy].osu
Deleted - File - C:\program files (x86)\osu!\Songs\35992 Glutamine - Babylon\Glutamine - Babylon (CSY the corrupt) [Normal].osu
Deleted - File - C:\program files (x86)\osu!\Songs\35992 Glutamine - Babylon\Glutamine - Babylon (CSY the corrupt).osb
Deleted - File - C:\program files (x86)\osu!\Songs\53438 Troupe Record - Babylonia\Taiko BG[Babylonia].jpg
Deleted - File - C:\program files (x86)\osu!\Songs\53438 Troupe Record - Babylonia\Troupe Record - Babylonia (Strawberry) [Another].osu
Deleted - File - C:\program files (x86)\osu!\Songs\53438 Troupe Record - Babylonia\Troupe Record - Babylonia (Strawberry) [Beginner].osu
Deleted - File - C:\program files (x86)\osu!\Songs\53438 Troupe Record - Babylonia\Troupe Record - Babylonia (Strawberry) [Boss' Normal].osu
Deleted - File - C:\program files (x86)\osu!\Songs\53438 Troupe Record - Babylonia\Troupe Record - Babylonia (Strawberry) [Twice's Hyper].osu
Deleted - File - C:\program files (x86)\osu!\Songs\53438 Troupe Record - Babylonia\Troupe Record - Babylonia (Strawberry) [Wmf's Taiko].osu
Deleted - Folder - C:\program files (x86)\osu!\Songs\35992 Glutamine - Babylon
Deleted - Folder - C:\program files (x86)\osu!\Songs\53438 Troupe Record - Babylonia
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}:dllname
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{98889811-442D-49DD-99D7-DC866BE87DBC}

\\ Finished
 



#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:22 PM

Posted 18 May 2015 - 06:51 AM

Alright, after the eset scan we will go from there. :)



#12 lcy

lcy
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:22 PM

Posted 18 May 2015 - 06:56 AM

 
 

*Edit: I wasn't asked to reboot my machine but I could access the report anyway.

 

~ ZHPCleaner v2015.5.18.244 by Nicolas Coolman (2015\05\18)
~ Run by user (Administrator)  (18/05/2015 19:55:17)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\user\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\user\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)


---\\  Services (0)
~ No malicious items found.


---\\  Browser internet (1)
DELETED data: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyHttp1.1 [Bad : 1]  (Hijacker.Proxy)


---\\  Hosts file (0)
~ No malicious items found.


---\\  Scheduled automatic tasks. (0)
~ No malicious items found.


---\\  Explorer ( File, Folder) (4)
MOVED file: C:\Windows\Installer\c802ba.msi [Ask.com - InstallShield® 2010 - Professional Edition 16] (Toolbar.Ask)
MOVED file: C:\Windows\Installer\c93913.msi [sidecom - Advanced Installer 10.8 build 54215] (PUP.Sidecom)
MOVED folder*: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg (PUP.DigitalMore)
MOVED folder*: C:\Users\user\AppData\Roaming\sursenel (PUP.Sidecom)


---\\  Registry ( Key, Value, Data) (4)
REPLACED data: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope \\\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} (Hijacker.SearchScopes)
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater ["C:\Program Files (x86)\Ask.com\Updater\Updater.exe" (Not File)] (Toolbar.Ask)
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3411812614-1412655666-365180527-1001\Products\244ff0d79ee6bfa447ce10a516cff90d [sursenel] (PUP.Sidecom)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7d0ff442-6ee9-4afb-74ec-015a61fc9fd0} [sidecom] (PUP.Sidecom)


---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 3370
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 9


End of clean at 19:55:27
===================
ZHPCleaner-[R]-18052015-19_55_27.txt
ZHPCleaner-[S]-18052015-19_54_43.txt
 


Edited by lcy, 18 May 2015 - 06:59 AM.


#13 lcy

lcy
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:22 PM

Posted 18 May 2015 - 07:00 AM

Currently unable to access both links to download Security Check, receiving the 'Connection was reset' error message. Should I move on to minitoolbox first?



#14 lcy

lcy
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:22 PM

Posted 18 May 2015 - 07:04 AM

MiniToolBox by Farbar  Version: 11-05-2015 01
Ran by user (administrator) on 18-05-2015 at 20:03:29
Running from "C:\Users\user\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: K55VM Manufacturer: ASUSTeK COMPUTER INC.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================

Atheros AR9485WB-EG Wireless Network Adapter = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
VPN Client Adapter - VPN = VPN - VPN Client (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="VPN - VPN Client" forwarding=disabled advertise=disabled metric=1 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : user-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gateway.2wire.net

Wireless LAN adapter Wireless Network Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : FE-85-DE-04-E4-B0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter VPN - VPN Client:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : VPN Client Adapter - VPN
   Physical Address. . . . . . . . . : 00-AC-69-B4-CE-7F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection* 15:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Anchorfree HSS VPN Adapter #2
   Physical Address. . . . . . . . . : 00-FF-6D-AD-4E-CB
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection* 14:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Anchorfree HSS VPN Adapter
   Physical Address. . . . . . . . . : 00-FF-9A-9D-88-AF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : DC-85-DE-06-6B-50
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Atheros AR9485WB-EG Wireless Network Adapter
   Physical Address. . . . . . . . . : DC-85-DE-04-E4-B0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::7543:f4c:ccd6:4b9c%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.24(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, 18 May, 2015 7:26:15 PM
   Lease Expires . . . . . . . . . . : Monday, 18 May, 2015 11:26:19 PM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 467437022
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-8A-FC-82-30-85-A9-11-67-C9
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 30-85-A9-11-67-C9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6DAD4ECB-D3A6-45FF-BD18-0F3A5930B709}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{9A9D88AF-6AB6-4ED1-AE90-616CD303FD04}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{4D32564D-B3A0-4E70-A1DF-A67F38E0A346}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D5905B72-AD61-4157-AFBA-F410F44CF969}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{54DB9017-1C63-4EDF-9671-7F861F98AC0D}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {34ABEA89-0FB8-4D38-9241-21F1DE7B8C05}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #9
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{249040B2-8690-4602-82C1-57536409632D}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #10
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  gateway.gateway.2wire.net
Address:  192.168.1.254

Name:    google.com
Addresses:  2404:6800:4003:c01::66
      74.125.68.138
      74.125.68.139
      74.125.68.100
      74.125.68.102
      74.125.68.101
      74.125.68.113


Pinging google.com [74.125.68.113] with 32 bytes of data:
Reply from 74.125.68.113: bytes=32 time=6ms TTL=43
Reply from 74.125.68.113: bytes=32 time=18ms TTL=43

Ping statistics for 74.125.68.113:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 6ms, Maximum = 18ms, Average = 12ms
Server:  gateway.gateway.2wire.net
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=270ms TTL=45
Reply from 98.139.183.24: bytes=32 time=269ms TTL=43

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 269ms, Maximum = 270ms, Average = 269ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 24...fe 85 de 04 e4 b0 ......Microsoft Virtual WiFi Miniport Adapter
 23...00 ac 69 b4 ce 7f ......VPN Client Adapter - VPN
 21...00 ff 6d ad 4e cb ......Anchorfree HSS VPN Adapter #2
 20...00 ff 9a 9d 88 af ......Anchorfree HSS VPN Adapter
 14...dc 85 de 06 6b 50 ......Bluetooth Device (Personal Area Network)
 12...dc 85 de 04 e4 b0 ......Atheros AR9485WB-EG Wireless Network Adapter
 11...30 85 a9 11 67 c9 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
 31...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
 56...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
 29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #9
 30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #10
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.24     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.24    281
     192.168.1.24  255.255.255.255         On-link      192.168.1.24    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.24    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.24    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.24    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 12    281 fe80::/64                On-link
 12    281 fe80::7543:f4c:ccd6:4b9c/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/18/2015 07:38:14 PM) (Source: CVHSVC) (User: )
Description: Information only.
Product registration is corrupted for {90140011-0066-0409-0000-0000000FF1CE}

Error: (05/18/2015 07:38:14 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Product {90140011-0066-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

Error: (05/18/2015 07:31:00 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Stream product id=0x0066): Streaming Failed

Error: (05/18/2015 07:30:30 PM) (Source: CVHSVC) (User: )
Description: Information only.
Too many failures while downloading ranges: 2

Error: (05/18/2015 07:20:04 PM) (Source: ESENT) (User: )
Description: DllHost (8528) WebCacheLocal: Error -1811 occurred while opening logfile C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V0101093.log.

Error: (05/18/2015 06:33:06 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Stream product id=0x0066): Streaming Failed

Error: (05/18/2015 06:32:36 PM) (Source: CVHSVC) (User: )
Description: Information only.
Too many failures while downloading ranges: 2

Error: (05/18/2015 04:07:07 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Stream product id=0x0066): Streaming Failed

Error: (05/18/2015 04:06:36 PM) (Source: CVHSVC) (User: )
Description: Information only.
Too many failures while downloading ranges: 2

Error: (05/18/2015 04:05:30 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (05/18/2015 07:46:22 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (05/18/2015 07:45:14 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (05/18/2015 07:36:41 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Software Protection service, but this action failed with the following error:
%%1056

Error: (05/18/2015 07:34:41 PM) (Source: Service Control Manager) (User: )
Description: The Software Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (05/18/2015 07:34:40 PM) (Source: Service Control Manager) (User: )
Description: The Application Virtualization Client service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/18/2015 07:34:40 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (05/18/2015 07:34:40 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (05/18/2015 07:34:40 PM) (Source: Service Control Manager) (User: )
Description: The ZAtheros Bt&Wlan Coex Agent service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/18/2015 07:34:39 PM) (Source: Service Control Manager) (User: )
Description: The Application Virtualization Service Agent service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/18/2015 07:34:39 PM) (Source: Service Control Manager) (User: )
Description: The SoftEther VPN Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (05/18/2015 07:38:14 PM) (Source: CVHSVC)(User: )
Description: Product registration is corrupted for {90140011-0066-0409-0000-0000000FF1CE}

Error: (05/18/2015 07:38:14 PM) (Source: CVHSVC)(User: )
Description: Error: Product {90140011-0066-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping...

Error: (05/18/2015 07:31:00 PM) (Source: CVHSVC)(User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (05/18/2015 07:30:30 PM) (Source: CVHSVC)(User: )
Description: Too many failures while downloading ranges: 2

Error: (05/18/2015 07:20:04 PM) (Source: ESENT)(User: )
Description: DllHost8528WebCacheLocal: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V0101093.log-1811

Error: (05/18/2015 06:33:06 PM) (Source: CVHSVC)(User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (05/18/2015 06:32:36 PM) (Source: CVHSVC)(User: )
Description: Too many failures while downloading ranges: 2

Error: (05/18/2015 04:07:07 PM) (Source: CVHSVC)(User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (05/18/2015 04:06:36 PM) (Source: CVHSVC)(User: )
Description: Too many failures while downloading ranges: 2

Error: (05/18/2015 04:05:30 PM) (Source: Windows Search Service)(User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt


=========================== Installed Programs ============================

µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{BE930E38-7BB3-45B6-85B2-5251F374F844}) (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.23 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0013 - ASUS)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.2 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.29 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0040 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.8 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
ASUS Virtual Touch (HKLM-x32\...\{938CFBD4-0652-49E5-BB8B-153948865941}) (Version: 1.0.11 - ASUS)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
ASUS_Scr_K_multiColor_noSound (HKLM-x32\...\ASUS_Scr_K_multiColor_noSound) (Version: 1.0.0003 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.115 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0015 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DJ_AIO_06_F2400_SW_Min (HKLM-x32\...\{5546F4E9-B0F4-4F54-B949-2AB006C9284F}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dropbox (HKCU\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
ETDWare PS/2-X64 10.5.9.0 (HKLM\...\Elantech) (Version: 10.5.9.0 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
FlashGet3.7 (HKLM-x32\...\FlashGet3.7) (Version: 3.7.0.1218 - http://www.FlashGet.com)
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garena - League of Legends (HKLM-x32\...\LoL) (Version:  - Garena Online Pte Ltd.)
GeoGebra 4.2 (HKLM-x32\...\GeoGebra 4.2) (Version: 4.2.36.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.27.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hotspot Shield 4.15 (HKLM-x32\...\HotspotShield) (Version: 4.15 - AnchorFree Inc.)
HP Deskjet F2400 All-in-One Driver 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.0.52.0 - HTC)
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.3.1 - ASUS)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MapleStorySEA 1.35 (HKLM-x32\...\{EF36D026-6634-4BED-A82F-D1EDCD4BE68C}_is1) (Version: 1.35 - Asiasoft Online Pte. Ltd.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4711.1003 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
myBitCast 1.0.0.3 (HKLM\...\myBitCast) (Version: 1.0.0.3 - ASUS Cloud Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
osu! (HKLM-x32\...\{cb3a123f-fc6a-4a6a-9d2d-41dfec2ce3f6}) (Version: latest - ppy Pty Ltd)
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Qualcomm Atheros)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 r2290 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6586 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27012 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 16.13.42 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.12.9514 - SoftEther VPN Project)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.171.34768 - SteelSeries)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synthesia (HKLM-x32\...\Synthesia) (Version: 8.5 - Synthesia LLC)
System Ninja version 3.0.6 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.0.6 - SingularLabs)
System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
TabletDriver version 9.0 (HKLM\...\{39089688-F09E-4DAD-8C80-647D3DF68630}_is1) (Version: 9.0 - Graphics Tablet manufacturer)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
Torchlight 2 Rapid Respec (HKLM-x32\...\Torchlight 2 Rapid Respec) (Version: 2.04 - Chthon)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Graphics Tablet (WinUsb) USBDevice  (04/10/2014 8.33.30.0) (HKLM\...\142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 - Graphics Tablet)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wipe (HKLM\...\wipe) (Version: 2015.04 - PrivacyRoot.com)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.25 - ASUS)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.11.1.514 - Zemana Ltd.)
用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

========================= Devices: ================================

Name:
Description:
Class Guid:
Manufacturer:
Service:
Device ID: ROOT\SYSTEM\0005
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Device ID: ROOT\SYSTEM\0006
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 8077.81 MB
Available physical RAM: 5742.75 MB
Total Pagefile: 16153.83 MB
Available Pagefile: 13638.14 MB
Total Virtual: 4095.88 MB
Available Virtual: 3976.38 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:109.47 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:393.86 GB) (Free:389.34 GB) NTFS

========================= Users: ========================================

User accounts for \\USER-PC

Administrator            Guest                    user                     


**** End of log ****
 



#15 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:22 PM

Posted 18 May 2015 - 07:10 AM

Currently unable to access both links to download Security Check, receiving the 'Connection was reset' error message. Should I move on to minitoolbox first?

 

 

Skip it if you can not run it, after the ESET reboot the machine and see if you are able to run a full scan with Zemana.

 

Then....

 

Quote

Hosts file not detected in the default directory

 

  • Click here to download  RstHosts v2.0
  • Save the file to your desktop.
  • Right Click and Run as Administrator.

r7b6F8y.png

After you run this tool, make a new scan with minitoolbox and tick only list hosts.  Post that log, in your next reply.

 

 

 

 

 

Download Malwrebytes from the link below.
https://www.malwarebytes.org/
Select update.
jBVKBI0.png
Then Select Scan Now.
js1M2HF.png
Once the scan is completed.
Remove anything found.
Then go to the History tab.
Then go to the application logs.
Then go to scan log.
Export.
Copy to clipboard.
Post it here in your next reply.

 

 

9-Lab Scan
 
Download 9-Lab Removal Tool. from one of the links below.

CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
 

http://9-lab.com/download/

Install the program onto your computer, then right click the icon RRXH2ZG.jpg run as administrator.

Go to the Update tab and update the program.

ZT1y9rP.png

Now go to the scanner tab and select Full Scan.

k68m97f.png

Upon Scan Completion Click Show Results.

FihDIFx.png

Now click the Clean button.

eCCJKcA.png

Once done cleaning you can go to the logs tab double click it and copy paste in your next reply.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users