Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware removed by Vipre Corporate Anti-Virus, but unsure if the system is clean


  • Please log in to reply
20 replies to this topic

#1 cjn007

cjn007

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Louisiana
  • Local time:03:10 AM

Posted 22 May 2015 - 12:00 PM

Yesterday afternoon, I received an email with a word document attached to it that was supposedly someone's resume. As soon as I opened the document, I noticed my corporate anti-virus (Vipre) kicked in and quarantined two trojans. I ran a deep scan using Vipre and rebooted my computer.

 

This morning, when I signed in, I noticed another trojan was quarantined which made me think that the virus did not get completely removed. At this point, I downloaded Malware Bytes, ran a scan and it removed a trojan as well. I rebooted, ran another scan with Malware Bytes and everything has been quiet so far, but I'm still suspicious that I might be infected still.

 

I am using Windows 7 Professional 64-bit.

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:10 AM

Posted 22 May 2015 - 01:52 PM

Ok cjn let's also run these.

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Hold down Control and click on this link to open ESET Online Scanner in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE: Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 cjn007

cjn007
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Louisiana
  • Local time:03:10 AM

Posted 22 May 2015 - 02:24 PM

MiniToolBox by Farbar  Version: 11-05-2015 01
Ran by ClintN (administrator) on 22-05-2015 at 14:00:56
Running from "C:\Users\clintn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6I19BXA8"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Model: HP EliteDesk 800 G1 TWR Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

 

========================= IP Configuration: ================================

Intel® Ethernet Connection I217-LM = Local Area Connection (Connected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled mtu=1428 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : ClintN2014
   Primary Dns Suffix  . . . . . . . : MONROE.TFINS.COM
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : MONROE.TFINS.COM

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : MONROE.TFINS.COM
   Description . . . . . . . . . . . : Intel® Ethernet Connection I217-LM
   Physical Address. . . . . . . . . : A0-48-1C-9F-4E-BD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::e5af:89cf:c5c9:d4c8%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.100.121(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, May 22, 2015 1:57:45 PM
   Lease Expires . . . . . . . . . . : Saturday, May 23, 2015 1:57:45 AM
   Default Gateway . . . . . . . . . : 192.168.100.254
   DHCP Server . . . . . . . . . . . : 192.168.100.8
   DHCPv6 IAID . . . . . . . . . . . : 278939676
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-C1-D5-4E-A0-48-1C-9F-4E-BD
   DNS Servers . . . . . . . . . . . : 192.168.100.8
                                       192.168.100.4
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.MONROE.TFINS.COM:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : MONROE.TFINS.COM
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  ad01.monroe.tfins.com
Address:  192.168.100.8

Name:    google.com
Addresses:  2607:f8b0:4000:804::1004
   74.125.227.164
   74.125.227.163
   74.125.227.168
   74.125.227.161
   74.125.227.169
   74.125.227.166
   74.125.227.162
   74.125.227.174
   74.125.227.165
   74.125.227.160
   74.125.227.167

Pinging google.com [74.125.227.163] with 32 bytes of data:
Reply from 74.125.227.163: bytes=32 time=31ms TTL=53
Reply from 74.125.227.163: bytes=32 time=29ms TTL=53

Ping statistics for 74.125.227.163:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 29ms, Maximum = 31ms, Average = 30ms
Server:  ad01.monroe.tfins.com
Address:  192.168.100.8

Name:    yahoo.com
Addresses:  206.190.36.45
   98.139.183.24
   98.138.253.109

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=70ms TTL=43
Reply from 98.139.183.24: bytes=32 time=70ms TTL=43

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 70ms, Maximum = 70ms, Average = 70ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...a0 48 1c 9f 4e bd ......Intel® Ethernet Connection I217-LM
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 12...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.100.254  192.168.100.121     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
    192.168.100.0    255.255.255.0         On-link   192.168.100.121    276
  192.168.100.121  255.255.255.255         On-link   192.168.100.121    276
  192.168.100.255  255.255.255.255         On-link   192.168.100.121    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link   192.168.100.121    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link   192.168.100.121    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 13    276 fe80::/64                On-link
 13    276 fe80::e5af:89cf:c5c9:d4c8/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/22/2015 01:35:31 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 43.0.2357.65, time stamp: 0x5552c066
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x1001e875
Faulting process id: 0xc64
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (05/22/2015 01:28:31 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 43.0.2357.65, time stamp: 0x5552c066
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x1001e875
Faulting process id: 0x12b8
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (05/22/2015 01:26:55 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 43.0.2357.65, time stamp: 0x5552c066
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x1001e875
Faulting process id: 0x17fc
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (05/22/2015 01:20:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 43.0.2357.65, time stamp: 0x5552c066
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x1001e875
Faulting process id: 0xd10
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (05/22/2015 00:57:57 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 43.0.2357.65, time stamp: 0x5552c066
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0390e875
Faulting process id: 0x1048
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (05/22/2015 09:45:17 AM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 43.0.2357.65, time stamp: 0x5552c066
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x07c81bf2
Faulting process id: 0xd98
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (05/22/2015 09:16:08 AM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 43.0.2357.65, time stamp: 0x5552c066
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x07161bf2
Faulting process id: 0x26c
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (05/22/2015 09:09:49 AM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 43.0.2357.65, time stamp: 0x5552c066
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0cbe1bf2
Faulting process id: 0x1d88
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (05/22/2015 09:09:12 AM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 43.0.2357.65, time stamp: 0x5552c066
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0d151bf2
Faulting process id: 0x1d24
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (05/22/2015 09:03:25 AM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 43.0.2357.65, time stamp: 0x5552c066
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0a1f1bf2
Faulting process id: 0xbe8
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

System errors:
=============
Error: (05/22/2015 01:26:02 PM) (Source: Service Control Manager) (User: )
Description: The Managed Antivirus service terminated unexpectedly.  It has done this 1 time(s).

Error: (05/22/2015 00:52:08 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (05/22/2015 00:52:08 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (05/22/2015 00:50:55 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (05/22/2015 00:50:54 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (05/22/2015 00:49:44 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (05/22/2015 00:49:44 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (05/22/2015 00:48:33 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (05/22/2015 00:48:33 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (05/22/2015 00:47:22 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Microsoft Office Sessions:
=========================
Error: (05/22/2015 01:35:31 PM) (Source: Application Error)(User: )
Description: chrome.exe43.0.2357.655552c066unknown0.0.0.000000000c00000051001e875c6401d094bd717ae88dC:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown5311074f-00b1-11e5-8d57-a0481c9f4ebd

Error: (05/22/2015 01:28:31 PM) (Source: Application Error)(User: )
Description: chrome.exe43.0.2357.655552c066unknown0.0.0.000000000c00000051001e87512b801d094bd1a3a5fc2C:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown58b4c71f-00b0-11e5-be53-a0481c9f4ebd

Error: (05/22/2015 01:26:55 PM) (Source: Application Error)(User: )
Description: chrome.exe43.0.2357.655552c066unknown0.0.0.000000000c00000051001e87517fc01d094bcdfc1e937C:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown1f378b63-00b0-11e5-be53-a0481c9f4ebd

Error: (05/22/2015 01:20:59 PM) (Source: Application Error)(User: )
Description: chrome.exe43.0.2357.655552c066unknown0.0.0.000000000c00000051001e875d1001d094bc0c155d15C:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown4b09c913-00af-11e5-be53-a0481c9f4ebd

Error: (05/22/2015 00:57:57 PM) (Source: Application Error)(User: )
Description: chrome.exe43.0.2357.655552c066unknown0.0.0.000000000c00000050390e875104801d094a6eaaa937fC:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown13595659-00ac-11e5-be53-a0481c9f4ebd

Error: (05/22/2015 09:45:17 AM) (Source: Application Error)(User: )
Description: chrome.exe43.0.2357.655552c066unknown0.0.0.000000000c000000507c81bf2d9801d0949de8171d5aC:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown29192ea9-0091-11e5-9625-a0481c9f4ebd

Error: (05/22/2015 09:16:08 AM) (Source: Application Error)(User: )
Description: chrome.exe43.0.2357.655552c066unknown0.0.0.000000000c000000507161bf226c01d09499d726c84aC:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown16ab4f95-008d-11e5-8299-a0481c9f4ebd

Error: (05/22/2015 09:09:49 AM) (Source: Application Error)(User: )
Description: chrome.exe43.0.2357.655552c066unknown0.0.0.000000000c00000050cbe1bf21d8801d09498f5a3aba0C:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown3496d741-008c-11e5-8299-a0481c9f4ebd

Error: (05/22/2015 09:09:12 AM) (Source: Application Error)(User: )
Description: chrome.exe43.0.2357.655552c066unknown0.0.0.000000000c00000050d151bf21d2401d09498dec24a9dC:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown1eb2e8b4-008c-11e5-8299-a0481c9f4ebd

Error: (05/22/2015 09:03:25 AM) (Source: Application Error)(User: )
Description: chrome.exe43.0.2357.655552c066unknown0.0.0.000000000c00000050a1f1bf2be801d0949811117555C:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown501d09ff-008b-11e5-8299-a0481c9f4ebd

CodeIntegrity Errors:
===================================
  Date: 2015-05-22 01:13:25.686
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-22 00:17:49.495
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-21 23:54:59.077
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-18 10:11:31.033
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-18 09:43:27.384
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-18 09:22:30.230
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-18 09:13:21.255
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-18 09:08:00.865
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-15 11:21:41.432
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-15 10:59:06.761
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Advanced Monitoring Agent GP (HKCU\...\Advanced Monitoring Agent GP) (Version: 1.0.0 - Remote Monitoring Services)
Advanced Monitoring Agent GP (HKLM-x32\...\{22B6DCC1-704A-4763-A475-A13EB499D08E}) (Version: 1.0 - InstallAware Software Corporation) Hidden
Advanced Monitoring Agent GP (HKLM-x32\...\{DB3C5DC4-A7A0-4890-B31C-3220B43B25EC}) (Version: 1.0.0 - Remote Monitoring Services) Hidden
AMD Catalyst Install Manager (HKLM\...\{B417CA1D-A6EC-6871-BBFC-84CA14FBA0AC}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Angry IP Scanner (HKLM-x32\...\Angry IP Scanner) (Version: 3.3.1 - Angry IP Scanner)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{C57F6C71-C365-4AFF-9108-397BBAD6127F}) (Version: 1.0.204 - Citrix)
Citrix XenApp Plugin for Hosted Apps (HKLM-x32\...\{388C130B-0079-46B4-A0D5-DC2DD7A89A7B}) (Version: 11.0.0.5357 - Citrix Systems, Inc.)
ColorPlus Driver VB (HKLM-x32\...\{ACB44CD2-90C2-419F-8E13-39EFF53DE72B}) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6021.5000 - Microsoft Corporation)
CutePDF Writer 2.7 (HKLM\...\CutePDF Writer Installation) (Version:  - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.3207 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3212 - CyberLink Corp.)
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
DYMO Label v.8 (HKLM-x32\...\DYMO Label v.8) (Version: 8.4.2.18 - Sanford, L.P.)
Epic (HKLM\...\Epic) (Version:  - )
fax@vantage (HKLM-x32\...\{8FDEE067-B555-486E-9EA3-3FCDE74FB760}) (Version: 8.1.2 - Applied Systems) Hidden
fax@vantage (HKLM-x32\...\{9A6A8F17-6E83-48EC-B35F-5D8968411AA8}) (Version: 8.1.2 - Applied Systems)
fax@vantage Print Driver (NT64) (HKLM\...\{20DD3477-2F78-4E33-98A6-8795FF96C30B}) (Version: 9.0.0 - Applied Systems, Inc.)
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.27.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 7.1.8.2553 (HKCU\...\GoToMeeting) (Version: 7.1.8.2553 - CitrixOnline)
Hewlett-Packard ACLM.NET v1.2.1.1 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HydraVision (HKLM-x32\...\{19683FD8-6EB5-8519-54F9-D0E6C3D74EB7}) (Version: 4.2.148.0 - ATI Technologies Inc.) Hidden
ID Register3 (HKLM\...\{24EE7F6D-C648-463f-9E71-DC5FD2258D02}) (Version: 3.0.2322.0 - KYOCERA Document Solutions Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel® Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
IPSU (HKLM-x32\...\IPSU) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
KYOCERA Net Viewer (HKLM\...\KYOCERA Net Viewer) (Version: 5.4.0902 - KYOCERA Document Solutions Inc.)
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
Kyocera TWAIN Driver (HKLM-x32\...\{C1C5C0F5-4B4B-48AD-B2F0-90CAB520C989}) (Version: 2.0.2507 - KYOCERA Document Solutions Inc.) Hidden
Kyocera TWAIN Driver (HKLM-x32\...\InstallShield_{C1C5C0F5-4B4B-48AD-B2F0-90CAB520C989}) (Version: 2.0.2507 - KYOCERA Document Solutions Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LG Verizon United Driver (HKLM-x32\...\{A17B9856-40CF-4BEA-BB65-ADB8154A83DC}) (Version: 2.18.0 - LG Electronics)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Managed Antivirus (HKLM-x32\...\{9D544611-F437-4153-913E-91CE036583CC}) (Version: 6.2.5528 - GFI Software) Hidden
Managed Antivirus (HKLM-x32\...\{C1D1FC57-3EB9-4B21-BCA3-F1C927508200}) (Version: 6.2.5528 - GFI Software)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Business 2013 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6506.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.31119 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PaperWise Client Components (HKLM-x32\...\{9814156D-1429-41F5-8415-3B260730E811}) (Version: 1.0.0 - PaperWise)
PaperWise Enterprise Client (HKLM-x32\...\{C9287635-DFBF-43EB-836A-4ED894C35E3A}) (Version: 6.04.0000 - PaperWise, Inc.)
Progressive Downloader Plus (HKCU\...\cf8ca50d45e159d3) (Version: 3.0.0.2 - Progressive Insurance)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roxio Creator Business (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.1 - Roxio)
Setup Tool (HKLM\...\{24EE7F6D-C648-463f-9E71-DC5FD2258D01}) (Version: 3.0.2322.0 - KYOCERA Document Solutions Inc.)
Sonic CinePlayer Decoder Pack (HKLM-x32\...\{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}) (Version: 4.3.0 - Sonic Solutions) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
TeamViewer 8 Host (HKLM-x32\...\TeamViewer 8 Host) (Version: 8.0.19617 - TeamViewer)
Transfer Manager.NET (HKLM-x32\...\{287CDCFB-36A4-44A4-9B49-26A95C85B4AD}) (Version: 3.4.1 - )
TUGZip 3.5 (HKLM-x32\...\TUGZip_is1) (Version:  - Christian Kindahl)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
VC_CRT_x64 (HKLM\...\{54F2237F-018C-483B-8884-9FC0D88840C3}) (Version: 1.02.0000 - Intel Corporation) Hidden
VD64Inst (HKLM\...\{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
Visual FoxPro ODBC Driver (HKLM-x32\...\{31821EFE-1B31-4744-9FB0-208F92BD7168}) (Version: 1.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinZip (HKLM-x32\...\WinZip) (Version:  9.0 SR-1 (6224) - WinZip Computing, Inc.)

========================= Memory info: ===================================

Percentage of memory in use: 12%
Total physical RAM: 16295.55 MB
Available physical RAM: 14205.81 MB
Total Pagefile: 32589.31 MB
Available Pagefile: 30189.85 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.89 MB

========================= Partitions: =====================================

1 Drive c: (Windows ) (Fixed) (Total:453.81 GB) (Free:372.69 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:10.85 GB) (Free:1.2 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
4 Drive f: () (Network) (Total:100 GB) (Free:78.86 GB)
5 Drive g: () (Network) (Total:200 GB) (Free:122.76 GB) NTFS
6 Drive p: () (Network) (Total:394.46 GB) (Free:22.84 GB)
7 Drive t: () (Network) (Total:200 GB) (Free:122.76 GB) NTFS
8 Drive y: () (Network) (Total:200 GB) (Free:122.76 GB) NTFS

========================= Users: ========================================

User accounts for \\CLINTN2014

Administrator            ASPNET                   Guest                   
NTAdmin                 

**** End of log ****



#4 cjn007

cjn007
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Louisiana
  • Local time:03:10 AM

Posted 22 May 2015 - 02:25 PM

TDSS is taking a while to download. I think something may be wrong with Kaspersky's download site. Should I skip TDSS and proceed to ADWcleaner or wait for TDSS to finish downloading? Right now it is projecting 4 hours 30 min to completion.



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:10 AM

Posted 22 May 2015 - 02:56 PM

Skip it
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 cjn007

cjn007
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Louisiana
  • Local time:03:10 AM

Posted 22 May 2015 - 03:15 PM

# AdwCleaner v4.205 - Logfile created 22/05/2015 at 15:07:40
# Updated 21/05/2015 by Xplode
# Database : 2015-05-21.2 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : ClintN - CLINTN2014
# Running from : C:\Users\clintn\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Found : C:\Users\clintn\AppData\Local\PackageAware

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Description

***** [ Web browsers ] *****

-\\ Internet Explorer v10.0.9200.17356

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [818 bytes] - [22/05/2015 15:07:40]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [876 bytes] ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.6 (05.21.2015:1)
OS: Windows 7 Professional x64
Ran by ClintN on Fri 05/22/2015 at 15:12:48.47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Tasks

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] C:\Users\clintn\appdata\local\packageaware

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 05/22/2015 at 15:13:57.34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#7 cjn007

cjn007
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Louisiana
  • Local time:03:10 AM

Posted 26 May 2015 - 08:13 AM

 

C:\Users\clintn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0LUBXC7N\dro[1].exe Win32/TrojanDownloader.Wauchos.AK trojan cleaned by deleting - quarantined
C:\Users\clintn\Documents\Ultraᐅ.exe a variant of Win32/UltraReach potentially unsafe application deleted - quarantined
Operating memory a variant of Win32/Dridex.M trojan 
 



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:10 AM

Posted 28 May 2015 - 12:51 PM

How is it, I could not be back till today.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 cjn007

cjn007
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Louisiana
  • Local time:03:10 AM

Posted 28 May 2015 - 01:27 PM

I decided to delete my user profile and recreate it. I haven't noticed any new quarantines. Should I try running these scans again with the new profile?



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:10 AM

Posted 28 May 2015 - 01:42 PM

Can't hurt!


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 cjn007

cjn007
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Louisiana
  • Local time:03:10 AM

Posted 28 May 2015 - 03:05 PM

MiniToolBox by Farbar  Version: 11-05-2015 01
Ran by ClintN (administrator) on 28-05-2015 at 13:45:02
Running from "C:\Users\clintn\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Model: HP EliteDesk 800 G1 TWR Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Intel® Ethernet Connection I217-LM = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled mtu=1428 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : ClintN2014
   Primary Dns Suffix  . . . . . . . : MONROE.TFINS.COM
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : MONROE.TFINS.COM
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : MONROE.TFINS.COM
   Description . . . . . . . . . . . : Intel® Ethernet Connection I217-LM
   Physical Address. . . . . . . . . : A0-48-1C-9F-4E-BD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::e5af:89cf:c5c9:d4c8%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.100.121(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, May 26, 2015 10:58:20 AM
   Lease Expires . . . . . . . . . . : Thursday, May 28, 2015 10:58:20 PM
   Default Gateway . . . . . . . . . : 192.168.100.254
   DHCP Server . . . . . . . . . . . : 192.168.100.8
   DHCPv6 IAID . . . . . . . . . . . : 278939676
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-C1-D5-4E-A0-48-1C-9F-4E-BD
   DNS Servers . . . . . . . . . . . : 192.168.100.8
                                       192.168.100.4
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.MONROE.TFINS.COM:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : MONROE.TFINS.COM
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 9:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  ad01.monroe.tfins.com
Address:  192.168.100.8
 
Name:    google.com
Addresses:  2607:f8b0:4000:804::1001
 74.125.227.165
 74.125.227.160
 74.125.227.162
 74.125.227.161
 74.125.227.164
 74.125.227.167
 74.125.227.166
 74.125.227.169
 74.125.227.163
 74.125.227.168
 74.125.227.174
 
 
Pinging google.com [74.125.227.160] with 32 bytes of data:
Reply from 74.125.227.160: bytes=32 time=42ms TTL=53
Reply from 74.125.227.160: bytes=32 time=30ms TTL=53
 
Ping statistics for 74.125.227.160:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 30ms, Maximum = 42ms, Average = 36ms
Server:  ad01.monroe.tfins.com
Address:  192.168.100.8
 
Name:    yahoo.com
Addresses:  98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=60ms TTL=47
Reply from 98.138.253.109: bytes=32 time=62ms TTL=47
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 60ms, Maximum = 62ms, Average = 61ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...a0 48 1c 9f 4e bd ......Intel® Ethernet Connection I217-LM
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 12...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.100.254  192.168.100.121     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
    192.168.100.0    255.255.255.0         On-link   192.168.100.121    276
  192.168.100.121  255.255.255.255         On-link   192.168.100.121    276
  192.168.100.255  255.255.255.255         On-link   192.168.100.121    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link   192.168.100.121    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link   192.168.100.121    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 13    276 fe80::/64                On-link
 13    276 fe80::e5af:89cf:c5c9:d4c8/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/28/2015 01:28:57 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
 
Error: (05/27/2015 01:21:38 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.
 
Error: (05/26/2015 10:30:35 AM) (Source: Microsoft-Windows-User Profiles Service) (User: MONROE)
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
 
Error: (05/26/2015 10:30:35 AM) (Source: Microsoft-Windows-User Profiles Service) (User: MONROE)
Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.
 
Error: (05/26/2015 10:13:39 AM) (Source: Microsoft-Windows-User Profiles Service) (User: MONROE)
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
 
Error: (05/26/2015 10:13:39 AM) (Source: Microsoft-Windows-User Profiles Service) (User: MONROE)
Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.
 
Error: (05/26/2015 10:04:31 AM) (Source: Microsoft-Windows-User Profiles Service) (User: MONROE)
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
 
Error: (05/26/2015 10:04:31 AM) (Source: Microsoft-Windows-User Profiles Service) (User: MONROE)
Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.
 
Error: (05/26/2015 09:55:01 AM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 43.0.2357.81, time stamp: 0x555f6160
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x1001e875
Faulting process id: 0x109c
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
Error: (05/26/2015 09:54:12 AM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 43.0.2357.81, time stamp: 0x555f6160
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x1001e875
Faulting process id: 0x4e4
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
 
 
System errors:
=============
Error: (05/28/2015 09:52:27 AM) (Source: UmrdpService) (User: )
Description: Driver RICOH Aficio MP C2550 PCL 6 required for printer RICOH Aficio MP C2550 PCL 6 is unknown. Contact the administrator to install the driver before you log in again.
 
Error: (05/28/2015 09:52:27 AM) (Source: UmrdpService) (User: )
Description: Driver CutePDF Writer required for printer CutePDF Writer is unknown. Contact the administrator to install the driver before you log in again.
 
Error: (05/28/2015 09:52:24 AM) (Source: UmrdpService) (User: )
Description: Driver PaperWise Print Driver required for printer Print To PaperWise is unknown. Contact the administrator to install the driver before you log in again.
 
Error: (05/28/2015 09:52:24 AM) (Source: UmrdpService) (User: )
Description: Driver fax@vantage TIFF Driver required for printer fax@vantage is unknown. Contact the administrator to install the driver before you log in again.
 
Error: (05/28/2015 09:52:22 AM) (Source: UmrdpService) (User: )
Description: Driver Cogniview Virtual Printer required for printer Cogniview Printer is unknown. Contact the administrator to install the driver before you log in again.
 
Error: (05/28/2015 09:52:22 AM) (Source: UmrdpService) (User: )
Description: Driver HP Universal Printing PCL 5 required for printer HP LaserJet P4015x PCL 5 is unknown. Contact the administrator to install the driver before you log in again.
 
Error: (05/26/2015 10:58:15 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:57:44 AM on ‎5/‎26/‎2015 was unexpected.
 
Error: (05/26/2015 10:40:43 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:39:27 AM on ‎5/‎26/‎2015 was unexpected.
 
Error: (05/26/2015 09:37:56 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:37:13 AM on ‎5/‎26/‎2015 was unexpected.
 
Error: (05/22/2015 03:13:10 PM) (Source: Service Control Manager) (User: )
Description: The Managed Antivirus service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (05/28/2015 01:28:57 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (05/27/2015 01:21:38 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
 
Error: (05/26/2015 10:30:35 AM) (Source: Microsoft-Windows-User Profiles Service)(User: MONROE)
Description: 
 
Error: (05/26/2015 10:30:35 AM) (Source: Microsoft-Windows-User Profiles Service)(User: MONROE)
Description: 
 
Error: (05/26/2015 10:13:39 AM) (Source: Microsoft-Windows-User Profiles Service)(User: MONROE)
Description: 
 
Error: (05/26/2015 10:13:39 AM) (Source: Microsoft-Windows-User Profiles Service)(User: MONROE)
Description: 
 
Error: (05/26/2015 10:04:31 AM) (Source: Microsoft-Windows-User Profiles Service)(User: MONROE)
Description: 
 
Error: (05/26/2015 10:04:31 AM) (Source: Microsoft-Windows-User Profiles Service)(User: MONROE)
Description: 
 
Error: (05/26/2015 09:55:01 AM) (Source: Application Error)(User: )
Description: chrome.exe43.0.2357.81555f6160unknown0.0.0.000000000c00000051001e875109c01d097c3f02b67eeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown2efa22b5-03b7-11e5-9f89-a0481c9f4ebd
 
Error: (05/26/2015 09:54:12 AM) (Source: Application Error)(User: )
Description: chrome.exe43.0.2357.81555f6160unknown0.0.0.000000000c00000051001e8754e401d097c3d34dcd8fC:\Program Files (x86)\Google\Chrome\Application\chrome.exeunknown11c8ced5-03b7-11e5-9f89-a0481c9f4ebd
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-05-28 10:55:58.034
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-28 10:47:43.956
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-28 10:33:36.235
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-28 10:10:14.445
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-28 09:52:28.031
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-22 01:13:25.686
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-22 00:17:49.495
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-21 23:54:59.077
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-18 10:11:31.033
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-05-18 09:43:27.384
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Advanced Monitoring Agent GP (HKLM-x32\...\{22B6DCC1-704A-4763-A475-A13EB499D08E}) (Version: 1.0 - InstallAware Software Corporation) Hidden
Advanced Monitoring Agent GP (HKLM-x32\...\{DB3C5DC4-A7A0-4890-B31C-3220B43B25EC}) (Version: 1.0.0 - Remote Monitoring Services) Hidden
AMD Catalyst Install Manager (HKLM\...\{B417CA1D-A6EC-6871-BBFC-84CA14FBA0AC}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Angry IP Scanner (HKLM-x32\...\Angry IP Scanner) (Version: 3.3.1 - Angry IP Scanner)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{C57F6C71-C365-4AFF-9108-397BBAD6127F}) (Version: 1.0.204 - Citrix)
Citrix XenApp Plugin for Hosted Apps (HKLM-x32\...\{388C130B-0079-46B4-A0D5-DC2DD7A89A7B}) (Version: 11.0.0.5357 - Citrix Systems, Inc.)
ColorPlus Driver VB (HKLM-x32\...\{ACB44CD2-90C2-419F-8E13-39EFF53DE72B}) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6021.5000 - Microsoft Corporation)
CutePDF Writer 2.7 (HKLM\...\CutePDF Writer Installation) (Version:  - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.3207 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3212 - CyberLink Corp.)
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
DYMO Label v.8 (HKLM-x32\...\DYMO Label v.8) (Version: 8.4.2.18 - Sanford, L.P.)
Epic (HKLM\...\Epic) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
fax@vantage (HKLM-x32\...\{8FDEE067-B555-486E-9EA3-3FCDE74FB760}) (Version: 8.1.2 - Applied Systems) Hidden
fax@vantage (HKLM-x32\...\{9A6A8F17-6E83-48EC-B35F-5D8968411AA8}) (Version: 8.1.2 - Applied Systems)
fax@vantage Print Driver (NT64) (HKLM\...\{20DD3477-2F78-4E33-98A6-8795FF96C30B}) (Version: 9.0.0 - Applied Systems, Inc.)
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.27.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HydraVision (HKLM-x32\...\{19683FD8-6EB5-8519-54F9-D0E6C3D74EB7}) (Version: 4.2.148.0 - ATI Technologies Inc.) Hidden
ID Register3 (HKLM\...\{24EE7F6D-C648-463f-9E71-DC5FD2258D02}) (Version: 3.0.2322.0 - KYOCERA Document Solutions Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel® Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
IPSU (HKLM-x32\...\IPSU) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
KYOCERA Net Viewer (HKLM\...\KYOCERA Net Viewer) (Version: 5.4.0902 - KYOCERA Document Solutions Inc.)
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
Kyocera TWAIN Driver (HKLM-x32\...\{C1C5C0F5-4B4B-48AD-B2F0-90CAB520C989}) (Version: 2.0.2507 - KYOCERA Document Solutions Inc.) Hidden
Kyocera TWAIN Driver (HKLM-x32\...\InstallShield_{C1C5C0F5-4B4B-48AD-B2F0-90CAB520C989}) (Version: 2.0.2507 - KYOCERA Document Solutions Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LG Verizon United Driver (HKLM-x32\...\{A17B9856-40CF-4BEA-BB65-ADB8154A83DC}) (Version: 2.18.0 - LG Electronics)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Managed Antivirus (HKLM-x32\...\{9D544611-F437-4153-913E-91CE036583CC}) (Version: 6.2.5528 - GFI Software) Hidden
Managed Antivirus (HKLM-x32\...\{C1D1FC57-3EB9-4B21-BCA3-F1C927508200}) (Version: 6.2.5528 - GFI Software)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Business 2013 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6506.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.31119 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PaperWise Client Components (HKLM-x32\...\{9814156D-1429-41F5-8415-3B260730E811}) (Version: 1.0.0 - PaperWise)
PaperWise Enterprise Client (HKLM-x32\...\{C9287635-DFBF-43EB-836A-4ED894C35E3A}) (Version: 6.04.0000 - PaperWise, Inc.)
Progressive Downloader Plus (HKCU\...\cf8ca50d45e159d3) (Version: 3.0.0.2 - Progressive Insurance)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roxio Creator Business (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.1 - Roxio)
Setup Tool (HKLM\...\{24EE7F6D-C648-463f-9E71-DC5FD2258D01}) (Version: 3.0.2322.0 - KYOCERA Document Solutions Inc.)
Sonic CinePlayer Decoder Pack (HKLM-x32\...\{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}) (Version: 4.3.0 - Sonic Solutions) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.42849 - TeamViewer)
TeamViewer 8 Host (HKLM-x32\...\TeamViewer 8 Host) (Version: 8.0.30992 - TeamViewer)
Transfer Manager.NET (HKLM-x32\...\{287CDCFB-36A4-44A4-9B49-26A95C85B4AD}) (Version: 3.4.1 - )
TUGZip 3.5 (HKLM-x32\...\TUGZip_is1) (Version:  - Christian Kindahl)
VC_CRT_x64 (HKLM\...\{54F2237F-018C-483B-8884-9FC0D88840C3}) (Version: 1.02.0000 - Intel Corporation) Hidden
VD64Inst (HKLM\...\{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
Visual FoxPro ODBC Driver (HKLM-x32\...\{31821EFE-1B31-4744-9FB0-208F92BD7168}) (Version: 1.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinZip (HKLM-x32\...\WinZip) (Version:  9.0 SR-1 (6224) - WinZip Computing, Inc.)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 21%
Total physical RAM: 16295.55 MB
Available physical RAM: 12825.91 MB
Total Pagefile: 32589.31 MB
Available Pagefile: 28877.57 MB
Total Virtual: 4095.88 MB
Available Virtual: 3963.07 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows ) (Fixed) (Total:453.81 GB) (Free:383.17 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:10.85 GB) (Free:1.2 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
4 Drive f: () (Network) (Total:100 GB) (Free:78.83 GB) 
5 Drive g: () (Network) (Total:200 GB) (Free:115.87 GB) NTFS
6 Drive p: () (Network) (Total:394.46 GB) (Free:21.55 GB) 
7 Drive t: () (Network) (Total:200 GB) (Free:115.87 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\CLINTN2014
 
Administrator            ASPNET                   Guest                    
NTAdmin                  
 
 
**** End of log ****
 
# AdwCleaner v4.205 - Logfile created 28/05/2015 at 13:46:40
# Updated 21/05/2015 by Xplode
# Database : 2015-05-25.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : ClintN - CLINTN2014
# Running from : C:\Users\clintn\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Found : C:\Users\clintn\AppData\Local\PackageAware
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Description
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v10.0.9200.17356
 
 
-\\ Google Chrome v43.0.2357.81
 
 
*************************
 
AdwCleaner[R0].txt - [954 bytes] - [22/05/2015 15:07:40]
AdwCleaner[R1].txt - [888 bytes] - [28/05/2015 13:46:40]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [946 bytes] ##########
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.3 (05.28.2015:2)
OS: Windows 7 Professional x64
Ran by ClintN on Thu 05/28/2015 at 14:29:49.94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\Users\clintn\appdata\local\packageaware
 
 
 
~~~ Chrome
 
 
[C:\Users\clintn\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\clintn\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\clintn\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\clintn\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 05/28/2015 at 14:31:27.04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:10 AM

Posted 28 May 2015 - 03:15 PM

Remove what ADW found

Double click on AdwCleaner.exe to run the tool again. Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 cjn007

cjn007
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Louisiana
  • Local time:03:10 AM

Posted 28 May 2015 - 03:20 PM

# AdwCleaner v4.205 - Logfile created 28/05/2015 at 15:17:28
# Updated 21/05/2015 by Xplode
# Database : 2015-05-25.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : ClintN - CLINTN2014
# Running from : C:\Users\clintn\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v10.0.9200.17356
 
 
-\\ Google Chrome v43.0.2357.81
 
 
*************************
 
AdwCleaner[R0].txt - [954 bytes] - [22/05/2015 15:07:40]
AdwCleaner[R1].txt - [1024 bytes] - [28/05/2015 13:46:40]
AdwCleaner[R2].txt - [985 bytes] - [28/05/2015 15:16:10]
AdwCleaner[S0].txt - [915 bytes] - [28/05/2015 15:17:28]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [973  bytes] ##########


#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:10 AM

Posted 29 May 2015 - 11:24 AM

Also update and run MBAM again
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 cjn007

cjn007
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Louisiana
  • Local time:03:10 AM

Posted 02 June 2015 - 08:03 AM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 6/1/2015
Scan Time: 8:28:45 AM
Logfile: 
Administrator: Yes
 
Version: 2.01.6.1022
Malware Database: v2015.06.01.02
Rootkit Database: v2015.05.31.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: ClintN
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 489677
Time Elapsed: 17 min, 3 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 1
Hijack.ControlPanelStyle, HKU\S-1-5-21-2017193482-4019031684-3957989790-1616\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ForceClassicControlPanel, 1, Quarantined, [bcca8233028888aebc77940f16ee48b8]
 
Registry Data: 1
PUM.Hijack.Help, HKU\S-1-5-21-2017193482-4019031684-3957989790-1616\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|NoSMHelp, 1, Good: (0), Bad: (1),Replaced,[15719b1a47436acc49b41813bb4b56aa]
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users