Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Searching.com plus other nasties


  • This topic is locked This topic is locked
37 replies to this topic

#1 Twinmum

Twinmum

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:22 PM

Posted 06 June 2015 - 11:13 PM

Hoping someone can help me here. My daughter had her computer at a LAN party on friday night. Yesterday (Saturday) she said there were a few windows popping up but didn't take a lot of notice of what they actually were. This morning, she complained about more problems. I had a look and we removed the following things that had been installed yesterday and today:

 

First Verify (this one seemed quite persistant for a while, but seems to be gone now)

SuperClick

SmartWeb

Shopper-Pro

Search Module

Ge-Force

Search App by Ask

One System Care

 

We thought that we had got everything and I went to run a scan using AVG, but nothing happens when I click the icon to start it. I also tried to run malwarebytes with the same result. I uninstalled AVG and tried to re-install it, but I get the pop up asking if I want to allow it, but even though I say yes, nothing happens after that.

 

Also, her browser has been hyjacked by searching.com and so I did a search to find out about that. Most of what I read said to remove it through add/remove programs, but it doesn't appear in that list. A few suggested that if there were problems doing it this way to run Revo, but again, when I click the file to install it, nothing happens.

 

She is running Windows 7

 

Thanks in advance

Norma

 



BC AdBot (Login to Remove)

 


#2 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:03:22 PM

Posted 07 June 2015 - 03:21 AM

Hi, I think you should open new topic and post your logs. You sure have some kind of adware problem that I think you can't solve by yourself.


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#3 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:02:22 PM

Posted 07 June 2015 - 05:46 AM

Hello there :)

Let's see what we can do.

MiniToolbox by Farbar

Avast users please disable your antivirus before downloading!
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore Points
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

===

Security Check by screen317
  • Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt. Please copy and paste the contents of the log in your next reply.

Regards,
Alex

#4 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:22 PM

Posted 07 June 2015 - 06:23 AM

In the checkbox for list devices, do I select only problems, no driver or all?



#5 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:02:22 PM

Posted 07 June 2015 - 06:27 AM

Only Problems please :)

#6 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:22 PM

Posted 07 June 2015 - 06:46 AM

...

MiniToolBox by Farbar  Version: 11-05-2015 01
Ran by Ashlee (administrator) on 07-06-2015 at 21:32:03
Running from "C:\Users\Ashlee\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: To be filled by O.E.M. Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Connected)
Hamachi Network Interface = Hamachi (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=25.0.0.1 publish=Yes
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Ashlee-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : 94-DE-80-74-12-60
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::923:ee3c:106b:741c%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.2.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, 7 June 2015 8:56:55 PM
   Lease Expires . . . . . . . . . . : Sunday, 14 June 2015 8:56:55 PM
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 244637312
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-77-AB-3A-94-DE-80-74-12-60
   DNS Servers . . . . . . . . . . . : 81.218.119.5
                                       82.163.142.130
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Hamachi:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Hamachi Network Interface
   Physical Address. . . . . . . . . : 7A-79-19-34-70-F1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2620:9b::1934:70f1(Preferred)
   Link-local IPv6 Address . . . . . : fe80::2cc2:e58f:431:ea3c%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 25.52.112.241(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Lease Obtained. . . . . . . . . . : Sunday, 7 June 2015 8:56:44 PM
   Lease Expires . . . . . . . . . . : Monday, 6 June 2016 8:58:51 PM
   Default Gateway . . . . . . . . . : 2620:9b::1900:1
                                       25.0.0.1
   DHCP Server . . . . . . . . . . . : 25.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 242907458
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-77-AB-3A-94-DE-80-74-12-60
   DNS Servers . . . . . . . . . . . : 81.218.119.5
                                       82.163.142.130
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  bzq-218-119-5.red.bezeqint.net
Address:  81.218.119.5

Name:    google.com
Addresses:  2607:f8b0:4009:809::200e
      216.58.216.238


Pinging google.com [173.194.46.39] with 32 bytes of data:
Reply from 173.194.46.39: bytes=32 time=201ms TTL=53
Reply from 173.194.46.39: bytes=32 time=201ms TTL=53

Ping statistics for 173.194.46.39:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 201ms, Maximum = 201ms, Average = 201ms
Server:  bzq-218-119-5.red.bezeqint.net
Address:  81.218.119.5

Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=192ms TTL=48
Reply from 98.138.253.109: bytes=32 time=192ms TTL=48

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 192ms, Maximum = 192ms, Average = 192ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...94 de 80 74 12 60 ......Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
 13...7a 79 19 34 70 f1 ......Hamachi Network Interface
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         25.0.0.1    25.52.112.241   9256
          0.0.0.0          0.0.0.0      192.168.2.1      192.168.2.2     10
         25.0.0.0        255.0.0.0         On-link     25.52.112.241   9256
    25.52.112.241  255.255.255.255         On-link     25.52.112.241   9256
   25.255.255.255  255.255.255.255         On-link     25.52.112.241   9256
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.2.0    255.255.255.0         On-link       192.168.2.2    266
      192.168.2.2  255.255.255.255         On-link       192.168.2.2    266
    192.168.2.255  255.255.255.255         On-link       192.168.2.2    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.2.2    266
        224.0.0.0        240.0.0.0         On-link     25.52.112.241   9256
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.2.2    266
  255.255.255.255  255.255.255.255         On-link     25.52.112.241   9256
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0         25.0.0.1  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13   9020 ::/0                     2620:9b::1900:1
  1    306 ::1/128                  On-link
 13    276 2620:9b::/96             On-link
 13    276 2620:9b::1934:70f1/128   On-link
 11    266 fe80::/64                On-link
 13    276 fe80::/64                On-link
 11    266 fe80::923:ee3c:106b:741c/128
                                    On-link
 13    276 fe80::2cc2:e58f:431:ea3c/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    266 ff00::/8                 On-link
 13    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
 If Metric Network Destination      Gateway
  0 4294967295 2620:9b::/96             On-link
  0   9000 ::/0                     2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================

 

 

 

......................................................................

 

 Results of screen317's Security Check version 1.003  
   x64   
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 45  
 Java version 32-bit out of Date!
 Adobe Flash Player     17.0.0.169  
 Mozilla Firefox (38.0.5)
 Google Chrome (43.0.2357.65)
 Google Chrome (43.0.2357.81)
 Google Chrome (GoogleUpdateHelper.dll..)
````````Process Check: objlist.exe by Laurent````````  
 {ee76c9f7-2d40-9c66-ee76-6c9f72d427dc} Sword Art Online 01 - Aincrad.pdf.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````



#7 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:02:22 PM

Posted 07 June 2015 - 08:14 AM

Hello there,

Your MiniToolbox log is truncated - please post the full log. Thank you :)

Alex

#8 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:22 PM

Posted 07 June 2015 - 04:32 PM

mmm, not sure how that happened. Put it down to it being late last night lol, full log follows

 

MiniToolBox by Farbar  Version: 11-05-2015 01
Ran by Ashlee (administrator) on 07-06-2015 at 21:32:03
Running from "C:\Users\Ashlee\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: To be filled by O.E.M. Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Connected)
Hamachi Network Interface = Hamachi (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=25.0.0.1 publish=Yes
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Ashlee-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : 94-DE-80-74-12-60
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::923:ee3c:106b:741c%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.2.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, 7 June 2015 8:56:55 PM
   Lease Expires . . . . . . . . . . : Sunday, 14 June 2015 8:56:55 PM
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 244637312
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-77-AB-3A-94-DE-80-74-12-60
   DNS Servers . . . . . . . . . . . : 81.218.119.5
                                       82.163.142.130
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Hamachi:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Hamachi Network Interface
   Physical Address. . . . . . . . . : 7A-79-19-34-70-F1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2620:9b::1934:70f1(Preferred)
   Link-local IPv6 Address . . . . . : fe80::2cc2:e58f:431:ea3c%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 25.52.112.241(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Lease Obtained. . . . . . . . . . : Sunday, 7 June 2015 8:56:44 PM
   Lease Expires . . . . . . . . . . : Monday, 6 June 2016 8:58:51 PM
   Default Gateway . . . . . . . . . : 2620:9b::1900:1
                                       25.0.0.1
   DHCP Server . . . . . . . . . . . : 25.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 242907458
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-77-AB-3A-94-DE-80-74-12-60
   DNS Servers . . . . . . . . . . . : 81.218.119.5
                                       82.163.142.130
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  bzq-218-119-5.red.bezeqint.net
Address:  81.218.119.5

Name:    google.com
Addresses:  2607:f8b0:4009:809::200e
      216.58.216.238


Pinging google.com [173.194.46.39] with 32 bytes of data:
Reply from 173.194.46.39: bytes=32 time=201ms TTL=53
Reply from 173.194.46.39: bytes=32 time=201ms TTL=53

Ping statistics for 173.194.46.39:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 201ms, Maximum = 201ms, Average = 201ms
Server:  bzq-218-119-5.red.bezeqint.net
Address:  81.218.119.5

Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=192ms TTL=48
Reply from 98.138.253.109: bytes=32 time=192ms TTL=48

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 192ms, Maximum = 192ms, Average = 192ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...94 de 80 74 12 60 ......Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
 13...7a 79 19 34 70 f1 ......Hamachi Network Interface
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         25.0.0.1    25.52.112.241   9256
          0.0.0.0          0.0.0.0      192.168.2.1      192.168.2.2     10
         25.0.0.0        255.0.0.0         On-link     25.52.112.241   9256
    25.52.112.241  255.255.255.255         On-link     25.52.112.241   9256
   25.255.255.255  255.255.255.255         On-link     25.52.112.241   9256
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.2.0    255.255.255.0         On-link       192.168.2.2    266
      192.168.2.2  255.255.255.255         On-link       192.168.2.2    266
    192.168.2.255  255.255.255.255         On-link       192.168.2.2    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.2.2    266
        224.0.0.0        240.0.0.0         On-link     25.52.112.241   9256
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.2.2    266
  255.255.255.255  255.255.255.255         On-link     25.52.112.241   9256
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0         25.0.0.1  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13   9020 ::/0                     2620:9b::1900:1
  1    306 ::1/128                  On-link
 13    276 2620:9b::/96             On-link
 13    276 2620:9b::1934:70f1/128   On-link
 11    266 fe80::/64                On-link
 13    276 fe80::/64                On-link
 11    266 fe80::923:ee3c:106b:741c/128
                                    On-link
 13    276 fe80::2cc2:e58f:431:ea3c/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    266 ff00::/8                 On-link
 13    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
 If Metric Network Destination      Gateway
  0 4294967295 2620:9b::/96             On-link
  0   9000 ::/0                     2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/07/2015 09:09:55 PM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 38.0.5.5623, time stamp: 0x5563c49a
Faulting module name: mozalloc.dll, version: 38.0.5.5623, time stamp: 0x5563b229
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0xaec
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (06/07/2015 08:59:51 PM) (Source: CoupoonService64) (User: )
Description: CoupoonService64In SvcInstall, CreateService failed (1073)
 failed with 1073

Error: (06/07/2015 08:57:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2015 02:18:28 PM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 38.0.5.5623, time stamp: 0x5563c49a
Faulting module name: mozalloc.dll, version: 38.0.5.5623, time stamp: 0x5563b229
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x3a24
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (06/07/2015 02:07:23 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17801 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 292c

Start Time: 01d0a0d7364695f1

Termination Time: 32

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (06/07/2015 02:05:38 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17801 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 3e78

Start Time: 01d0a0d6ffe27230

Termination Time: 15

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (06/07/2015 02:04:00 PM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 43.0.2357.81 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2df0

Start Time: 01d0a0d6d1adc43d

Termination Time: 9

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Report Id: 337043ab-0cca-11e5-bc1e-94de80741260

Error: (06/07/2015 00:21:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2015 00:13:11 PM) (Source: CoupoonService64) (User: )
Description: CoupoonService64In SvcInstall, CreateService failed (1073)
 failed with 1073

Error: (06/07/2015 00:11:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/07/2015 08:59:53 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (06/07/2015 08:59:53 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (06/07/2015 08:57:44 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cherimoya
innfd_1_10_0_14
scfd_1_10_0_16

Error: (06/07/2015 08:56:58 PM) (Source: Service Control Manager) (User: )
Description: The BrsHelper service failed to start due to the following error:
%%2

Error: (06/07/2015 08:56:58 PM) (Source: Service Control Manager) (User: )
Description: The AVG WatchDog service failed to start due to the following error:
%%2

Error: (06/07/2015 00:24:14 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (06/07/2015 00:24:14 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (06/07/2015 00:21:49 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cherimoya
innfd_1_10_0_14
scfd_1_10_0_16

Error: (06/07/2015 00:21:16 PM) (Source: Service Control Manager) (User: )
Description: The DisplayFusionService service failed to start due to the following error:
%%1053

Error: (06/07/2015 00:21:16 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the DisplayFusionService service to connect.


Microsoft Office Sessions:
=========================
Error: (06/07/2015 09:09:55 PM) (Source: Application Error)(User: )
Description: plugin-container.exe38.0.5.56235563c49amozalloc.dll38.0.5.56235563b2298000000300001aa1aec01d0a1124815ee1cC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb9c1d78e-0d05-11e5-9a92-94de80741260

Error: (06/07/2015 08:59:51 PM) (Source: CoupoonService64)(User: )
Description: CoupoonService64In SvcInstall, CreateService failed (1073)
 failed with 1073

Error: (06/07/2015 08:57:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2015 02:18:28 PM) (Source: Application Error)(User: )
Description: plugin-container.exe38.0.5.56235563c49amozalloc.dll38.0.5.56235563b2298000000300001aa13a2401d0a0d8e08353f1C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll3f0d2f41-0ccc-11e5-bc1e-94de80741260

Error: (06/07/2015 02:07:23 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.17801292c01d0a0d7364695f132C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (06/07/2015 02:05:38 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.178013e7801d0a0d6ffe2723015C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (06/07/2015 02:04:00 PM) (Source: Application Hang)(User: )
Description: chrome.exe43.0.2357.812df001d0a0d6d1adc43d9C:\Program Files (x86)\Google\Chrome\Application\chrome.exe337043ab-0cca-11e5-bc1e-94de80741260

Error: (06/07/2015 00:21:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2015 00:13:11 PM) (Source: CoupoonService64)(User: )
Description: CoupoonService64In SvcInstall, CreateService failed (1073)
 failed with 1073

Error: (06/07/2015 00:11:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.28 - GIGABYTE)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.0.465 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Professional CC 2014 (HKLM-x32\...\{AA704223-E11C-11E3-8A38-C09A633B72AF}) (Version: 14.0.1 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.0.0 - Adobe Systems Incorporated)
Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Adobe SVG Viewer (HKLM-x32\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Productions Ltd.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Armagetron Advanced 0.2.8.2.1.gcc (HKLM-x32\...\Armagetron Advanced) (Version: 0.2.8.2.1.gcc - Armagetron Advanced Team)
Artemis Spaceship Bridge Simulator (HKLM-x32\...\Steam App 247350) (Version:  - )
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AVG 2015 (HKLM\...\{D18996D6-F390-4040-9890-A6DC3E171A15}) (Version: 15.0.4311 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\{E23970BE-3D5D-4B64-A7D6-0B6E108AB609}) (Version: 15.0.5961 - AVG Technologies) Hidden
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - Ronimo Games)
Bamboo Dock (HKLM-x32\...\{90DFD61B-8224-00C6-3D69-A983B60A394E}) (Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (HKLM-x32\...\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1) (Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bamboo Tablets Tutorial (HKLM-x32\...\{6E0C3C3D-CF8A-4AEC-AD6C-B4486A96BE8E}) (Version: 3.0.20 - Wacom) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version:  - The Behemoth)
BeamNG-Techdemo-0.3 (remove only) (HKCU\...\BeamNG-Techdemo-0.3) (Version:  - )
Beasts of Prey (HKLM-x32\...\Steam App 299860) (Version:  - Octagon Interactive)
bestadblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version:  - )
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
BIT.TRIP Presents... Runner2: Future Legend of Rhythm Alien (HKLM-x32\...\Steam App 218060) (Version:  - Gaijin Games)
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version:  - Gaijin Games)
Bleed (HKLM-x32\...\Steam App 239800) (Version:  - Ian Campbell)
Blender (HKLM\...\Blender) (Version: 2.68a - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
Camtasia Studio 8 (HKLM-x32\...\{A0FC961E-DC6D-4144-9277-ECDBB99D0AB9}) (Version: 8.5.1.1962 - TechSmith Corporation)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
Cubemen 2 (HKLM-x32\...\Steam App 228440) (Version:  - 3 Sprockets)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 1.82 - NCH Software)
DisplayFusion 7.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 7.1.0.0 - Binary Fortress Software)
do-search uninstall (HKLM-x32\...\do-search uninstall) (Version:  - do-search)
Easy Tune 6 B12.1121.1 (HKLM-x32\...\{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Hidden
Easy Tune 6 B12.1121.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - AMPLITUDE Studios)
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.115 - Etron Technology) Hidden
Evolve (HKLM-x32\...\Steam App 273350) (Version:  - Turtle Rock Studios)
Express Zip (HKLM-x32\...\ExpressZip) (Version: 2.28 - NCH Software)
Facebook chat ninja (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version:  - )
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
First Verify version 2.0 (HKLM-x32\...\{7AF56C9C-F827-41A9-9998-047116F688A4}_is1) (Version: 2.0 - AF, INC)
Fish Tycoon 1.0 (HKLM-x32\...\Fish Tycoon) (Version: 1.0 - Last Day of Work)
Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version:  - Fistful of Frags Team)
FlatOut (HKLM-x32\...\{A57D86AF-DE8E-4B26-972E-A1A28FFF7742}) (Version: 1.00.0000 - Empire Interactive)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FuuN2iSavE (HKLM-x32\...\{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5}) (Version:  - "")
Gang Beasts (HKLM-x32\...\Steam App 285900) (Version:  - Boneloaf)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
globalupdate Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.0 - globalupdate Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.27.5 - Google Inc.) Hidden
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version:  - Muse Games)
Gyazo 2.0.1 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc. & Toshiyuki Masui)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version:  - JC2-MP Team)
Keysticks (HKLM-x32\...\{017E32B0-23A9-40F0-952B-6B12F0702A15}) (Version: 1.8.1 - Keysticks.net)
League of Legends (HKLM-x32\...\{216B0AF1-3137-4E03-9C02-F5132550A268}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - Tomorrow Corporation)
LogMeIn Hamachi (HKLM-x32\...\{80EE9168-BB59-4F87-BF1A-57C137EAF714}) (Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MapleStory (HKLM-x32\...\Steam App 216150) (Version:  - Nexon)
Media Downloader version 1.5 (HKLM-x32\...\Media Downloader_is1) (Version: 1.5 - Media Downloader)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2000 Professional (HKLM-x32\...\{00010409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minimum (HKLM-x32\...\Steam App 214190) (Version:  - Human Head Studios)
Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero12EssTSST (HKLM-x32\...\{1DEC64C1-7F34-44CD-BC35-8E0A096300CF}) (Version: 12.0.01100 - Nero AG)
Nuclear Dawn (HKLM-x32\...\Steam App 17710) (Version:  - InterWave Studios)
NVIDIA 3D Vision Controller Driver 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.23 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version:  - Silver Dollar Games)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenTTD 1.5.0 (HKLM-x32\...\OpenTTD) (Version: 1.5.0 - OpenTTD)
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )
Peggle Extreme (HKLM-x32\...\Steam App 3483) (Version:  - PopCap Games, Inc.)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Hidden
Plug & Play (HKLM-x32\...\Steam App 353560) (Version:  - Mario von Rickenbach)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.18 - NCH Software)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Sanctum (HKLM-x32\...\Steam App 91600) (Version:  - Coffee Stain Studios)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version:  - Coffee Stain Studios)
Screencheat (HKLM-x32\...\Steam App 301970) (Version:  - Samurai Punk)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version:  - Firaxis Games)
SimCity 4 (HKLM-x32\...\{611BD998-34B9-4DDA-00AE-0CB4632E86FA}) (Version:  - )
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2247.4 - Hi-Rez Studios)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version:  - Sumo Digital)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Spotify (HKCU\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Star Conflict (HKLM-x32\...\Steam App 212070) (Version:  - Star Gem Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Sumo Paint Bamboo 2.2 (HKLM-x32\...\{3F92C742-08BE-9C7A-DF0C-3E1CD06C46C2}) (Version: 2.2 - UNKNOWN) Hidden
Sumo Paint Bamboo 2.2 (HKLM-x32\...\com.sumopaint.bamboo.E63110E28E55D139F7D67D94E57B73BDB07BA618.1) (Version: v2.2 - UNKNOWN)
Sumotori Dreams (HKLM-x32\...\Sumotori Dreams) (Version:  - )
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - Terry Cavanagh)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tales from the Borderlands (HKLM-x32\...\Steam App 330830) (Version:  - Telltale Games)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
TweetDeck (HKLM-x32\...\{C4ADB67B-C908-4D94-B85E-585D2F3F9118}) (Version: 3.3.7 - Twitter)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.14 - NCH Software)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.2-1 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.00 beta 8 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.8 - win.rar GmbH)
WinRAR 5.00 beta 8 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.8 - win.rar GmbH)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E9}) (Version: 19.5.11475 - WinZip Computing, S.L. )

========================= Devices: ================================

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: scfd_1_10_0_16
Description: scfd_1_10_0_16
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: scfd_1_10_0_16
Device ID: ROOT\LEGACY_SCFD_1_10_0_16\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: innfd_1_10_0_14
Description: innfd_1_10_0_14
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: innfd_1_10_0_14
Device ID: ROOT\LEGACY_INNFD_1_10_0_14\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: cherimoya
Description: cherimoya
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: cherimoya
Device ID: ROOT\LEGACY_CHERIMOYA\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 8150.19 MB
Available physical RAM: 5477.44 MB
Total Pagefile: 16300.38 MB
Available Pagefile: 13173.43 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.88 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:103.99 GB) NTFS
3 Drive f: (FO_CD2) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\ASHLEE-PC

Administrator            Ashlee                   Guest                    
UpdatusUser              

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

05-06-2015 13:48:07 Scheduled Checkpoint
06-06-2015 06:02:48 Installed Java™ 6 Update 37
06-06-2015 07:30:06 Removed Bonjour
06-06-2015 07:30:33 Removed Bonjour
06-06-2015 08:55:52 Removed Apple Application Support
06-06-2015 08:56:25 Configured AutoGreen B12.0206.1
06-06-2015 11:27:38 Removed Java™ 6 Update 37
06-06-2015 11:28:18 Removed Java 8 Update 45
06-06-2015 11:28:34 Removed Java 8 Update 45

**** End of log ****
 



#9 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:02:22 PM

Posted 07 June 2015 - 04:39 PM

That's a lot of games... Is someone looking for a fellow Plague Inc. Evolved player? :lol:

Please uninstall the following software from Programs and Features:

bestadblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: - )
do-search uninstall (HKLM-x32\...\do-search uninstall) (Version: - do-search)
FuuN2iSavE (HKLM-x32\...\{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5}) (Version: - "")
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

If you run into any issues, let me know.

Do you recognize this?

First Verify version 2.0 (HKLM-x32\...\{7AF56C9C-F827-41A9-9998-047116F688A4}_is1) (Version: 2.0 - AF, INC)

After that please run this.

AdwCleaner by Xplode

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on I agree button.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • DO NOT CLEAN ANYTHING! Removal will be done after analysis of the log.
  • After the scan has finished, click on the Logfile button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
Regards,
Alex

#10 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:22 PM

Posted 07 June 2015 - 04:47 PM

Thanks so far Alex.

Yes, her computer is mainly a gaming unit lol.

 

It's still early here and she isn't up yet, but when she is and I've finished a few errands, I'll continue with the instructions.

 

Norma



#11 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:22 PM

Posted 07 June 2015 - 05:19 PM


Do you recognize this?

First Verify version 2.0 (HKLM-x32\...\{7AF56C9C-F827-41A9-9998-047116F688A4}_is1) (Version: 2.0 - AF, INC)

 

Arghh it's still there! That one kept popping up but I thought I had got rid of it.. obviously not.

 

 



#12 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:22 PM

Posted 07 June 2015 - 08:59 PM

# AdwCleaner v4.206 - Logfile created 08/06/2015 at 11:52:05
# Updated 01/06/2015 by Xplode
# Database : 2015-06-05.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Ashlee - ASHLEE-PC
# Running from : C:\Users\Ashlee\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : BrsHelper
Service Found : cherimoya
Service Found : globalUpdate
Service Found : globalUpdatem
Service Found : IHProtect Service
Service Found : netfilter64
Service Found : WindowsMangerProtect
Service Found : CoupoonService64
Service Found : lxqvbcbiws32
Service Found : innfd_1_10_0_14

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Program Files (x86)\mozilla firefox\dbghelp.dll
File Found : C:\Program Files (x86)\prefs.js
File Found : C:\Program Files\Common Files\System\SysMenu.dll
File Found : C:\Program Files\Common Files\System\SysMenu64.dll
File Found : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\plcgkgghkdfgfhiidfjkhmainebgmklf
File Found : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lacckjdlmkdhcacjdodpjokfobckjclh_0.localstorage
File Found : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lacckjdlmkdhcacjdodpjokfobckjclh_0.localstorage-journal
File Found : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_plcgkgghkdfgfhiidfjkhmainebgmklf_0.localstorage
File Found : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_plcgkgghkdfgfhiidfjkhmainebgmklf_0.localstorage-journal
File Found : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_searches.vi-view.com_0.localstorage
File Found : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_searches.vi-view.com_0.localstorage-journal
File Found : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
File Found : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal
File Found : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www-searching.com_0.localstorage
File Found : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www-searching.com_0.localstorage-journal
File Found : C:\Users\Ashlee\AppData\Roaming\Ia993LaHFq9G8s7dscKSWao067d
File Found : C:\Users\Ashlee\AppData\Roaming\Ia993LaHFq9G8s7dscKSWao067d.exe
File Found : C:\Users\Ashlee\AppData\Roaming\VEI3AMcydjvcd
File Found : C:\Users\Ashlee\AppData\Roaming\VEI3AMcydjvcd.exe
File Found : C:\Users\Ashlee\Desktop\Continue Live Installation.lnk
File Found : C:\Users\Public\Desktop\Media Downloader.lnk
File Found : C:\Windows\System32\drivers\netfilter64.sys
File Found : C:\Windows\System32\log\iSafeKrnlCall.log
Folder Found : C:\Program Files (x86)\AellCheapPrice
Folder Found : C:\Program Files (x86)\coupoon
Folder Found : C:\Program Files (x86)\coupoon
Folder Found : C:\Program Files (x86)\Fun2Save
Folder Found : C:\Program Files (x86)\FUn2Save
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\Media Downloader
Folder Found : C:\Program Files (x86)\predm
Folder Found : C:\Program Files (x86)\Redirector
Folder Found : C:\Program Files (x86)\SaleePlUsa
Folder Found : C:\Program Files (x86)\SalEoPlus
Folder Found : C:\Program Files (x86)\SalePlus
Folder Found : C:\Program Files (x86)\SalePPleus
Folder Found : C:\Program Files (x86)\ShopperPro
Folder Found : C:\Program Files (x86)\SoftwareHelp
Folder Found : C:\Program Files (x86)\WinZipper
Folder Found : C:\Program Files (x86)\XTab
Folder Found : C:\Program Files\015
Folder Found : C:\Program Files\Common Files\Goobzo
Folder Found : C:\Program Files\coupoon
Folder Found : C:\Program Files\coupoon
Folder Found : C:\Program Files\shopperz
Folder Found : C:\ProgramData\{0c10a449-ec78-0588-0c10-0a449ec79127}
Folder Found : C:\ProgramData\{25e291f2-cb0c-d8a3-25e2-291f2cb047cb}
Folder Found : C:\ProgramData\{94f731b2-5629-116d-94f7-731b2562c6c9}
Folder Found : C:\ProgramData\{b7519684-238b-5ef1-b751-196842385a10}
Folder Found : C:\ProgramData\{de85fefc-dde9-3678-de85-5fefcddefbf3}
Folder Found : C:\ProgramData\{ee76c9f7-2d40-9c66-ee76-6c9f72d427dc}
Folder Found : C:\ProgramData\17b3ef88000037ba
Folder Found : C:\ProgramData\Ads Remover
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\beohgimgbhodienidpocpjekgdmogjil
Folder Found : C:\ProgramData\Browser
Folder Found : C:\ProgramData\cpfgohgelelaiklkebnccnpolcldkmkb
Folder Found : C:\ProgramData\d650343a00004204
Folder Found : C:\ProgramData\dbipndmaegfopnoclighnpngjaaahcol
Folder Found : C:\ProgramData\eagmigneodcmcmpbphnghnmfonegdglh
Folder Found : C:\ProgramData\IHProtectUpDate
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Downloader
Folder Found : C:\ProgramData\SearchModule
Folder Found : C:\ProgramData\WindowsMangerProtect
Folder Found : C:\Users\Ashlee\AppData\Local\03DE0294-1433611048-0574-1206-600700080009
Folder Found : C:\Users\Ashlee\AppData\Local\03DE0294-1433621692-0574-1206-600700080009
Folder Found : C:\Users\Ashlee\AppData\Local\BrowserHelper
Folder Found : C:\Users\Ashlee\AppData\Local\CleanerPro
Folder Found : C:\Users\Ashlee\AppData\Local\globalUpdate
Folder Found : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Extensions\lacckjdlmkdhcacjdodpjokfobckjclh
Folder Found : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Extensions\plcgkgghkdfgfhiidfjkhmainebgmklf
Folder Found : C:\Users\Ashlee\AppData\Local\PriceFountain
Folder Found : C:\Users\Ashlee\AppData\Local\SmartWeb
Folder Found : C:\Users\Ashlee\AppData\Local\Temp\apn
Folder Found : C:\Users\Ashlee\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
Folder Found : C:\Users\Ashlee\AppData\Roaming\AnyProtectEx
Folder Found : C:\Users\Ashlee\AppData\Roaming\EZDownloader
Folder Found : C:\Users\Ashlee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
Folder Found : C:\Users\Ashlee\AppData\Roaming\WinZipper
Folder Found : C:\Users\Ashlee\SupTab
Folder Found : C:\Users\Public\Documents\ShopperPro

***** [ Scheduled tasks ] *****

Task Found : APSnotifierPP1
Task Found : APSnotifierPP2
Task Found : APSnotifierPP3
Task Found : CleanerPro_Popup
Task Found : CleanerPro_Start
Task Found : globalUpdateUpdateTaskMachineCore
Task Found : globalUpdateUpdateTaskMachineUA
Task Found : SmartWeb Upgrade Trigger Task
Task Found : SMupdate1
Task Found : Microsoft\Windows\Multimedia\SMupdate3
Task Found : Microsoft\Windows\Maintenance\SMupdate2
Task Found : Ia993LaHFq9G8s7dscKSWao067d
Task Found : Ia993LaHFq9G8s7dscKSWao067d
Task Found : VEI3AMcydjvcd
Task Found : VEI3AMcydjvcd

***** [ Shortcuts ] *****

Shortcut Infected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Infected : C:\Users\Public\Desktop\Mozilla Firefox.lnk

***** [ Registry ] *****

Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Key Found : HKCU\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
Key Found : HKCU\Software\AnyProtect
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\DynConIE
Key Found : HKCU\Software\ArenaHD
Key Found : HKCU\Software\Avg Secure Update
Key Found : HKCU\Software\CleanerProConfig
Key Found : HKCU\Software\CleanerProLanguage
Key Found : HKCU\Software\Crossbrowse
Key Found : HKCU\Software\GAMESDESKTOP
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\HighDefAction
Key Found : HKCU\Software\HomeTab
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Linkey
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3A4C4ECD-88B6-49F9-8907-89104B91B6F7}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\SearchProtectWS
Key Found : HKCU\Software\simplytech
Key Found : HKCU\Software\TNT2
Key Found : HKCU\Software\V9
Key Found : HKCU\Software\WajIntEnhance
Key Found : HKCU\Software\YorkNewCin
Key Found : [x64] HKCU\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
Key Found : [x64] HKCU\Software\AnyProtect
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\ArenaHD
Key Found : [x64] HKCU\Software\Avg Secure Update
Key Found : [x64] HKCU\Software\CleanerProConfig
Key Found : [x64] HKCU\Software\CleanerProLanguage
Key Found : [x64] HKCU\Software\Crossbrowse
Key Found : [x64] HKCU\Software\GAMESDESKTOP
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\HighDefAction
Key Found : [x64] HKCU\Software\HomeTab
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Linkey
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3A4C4ECD-88B6-49F9-8907-89104B91B6F7}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Key Found : [x64] HKCU\Software\Optimizer Pro
Key Found : [x64] HKCU\Software\SearchProtectWS
Key Found : [x64] HKCU\Software\simplytech
Key Found : [x64] HKCU\Software\TNT2
Key Found : [x64] HKCU\Software\V9
Key Found : [x64] HKCU\Software\WajIntEnhance
Key Found : [x64] HKCU\Software\YorkNewCin
Key Found : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\15d5fb99-46d3-6aec-8be8-f14957b6c0df
Key Found : HKLM\SOFTWARE\AIM Toolbar
Key Found : HKLM\SOFTWARE\ArenaHD
Key Found : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExt
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
Key Found : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
Key Found : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CF50C82-4C4B-43E9-B1B2-15CB1BD0C193}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7D8DAE88-BC05-4578-8C29-E541FFBA5757}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\4270603C7CA6FEB45B61F4B6D10988D7
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\4270603C7CA6FEB45B61F4B6D10988D7
Key Found : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
Key Found : HKLM\SOFTWARE\Classes\SDP
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{14EF423E-3EE8-44AE-9337-07AC3F27B744}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{532ECD0F-E6C9-4ACE-860A-3730B1F6F1DD}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{598DCD74-3F5B-4E16-8749-057F426F232A}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{999A70CB-7657-4A48-A92A-BE29FF9D5443}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A63C49A5-6CC1-4579-A883-AE6B3E91108D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B5C4833B-847B-49CD-8EBE-CDD9B43C882F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4D1C553-99C0-48E5-B0A7-B1E00163715C}
Key Found : HKLM\SOFTWARE\Cleaner Pro
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\coupoon
Key Found : HKLM\SOFTWARE\coupoon
Key Found : HKLM\SOFTWARE\Crossbrowse
Key Found : HKLM\SOFTWARE\delta-homesSoftware
Key Found : HKLM\SOFTWARE\do-searchSoftware
Key Found : HKLM\SOFTWARE\EZ Software Updater
Key Found : HKLM\SOFTWARE\FFPluginHp
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\hdcode
Key Found : HKLM\SOFTWARE\HighDefAction
Key Found : HKLM\SOFTWARE\IHProtect
Key Found : HKLM\SOFTWARE\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{53B21E29-3967-C332-57EB-C02631658584}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5A1D3F9E-73B5-95EC-1233-6646E1358965}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7223EDAC-E091-B3C1-BD91-B66CE557800F}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8E8C2E2D-7F21-2CF5-0ADB-64935121ECF0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B138259A-351E-33FA-2726-8D71704F1DA9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Media Downloader_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Found : HKLM\SOFTWARE\mystartsearchSoftware
Key Found : HKLM\SOFTWARE\SearchProtect
Key Found : HKLM\SOFTWARE\SpeedBit
Key Found : HKLM\SOFTWARE\SupDp
Key Found : HKLM\SOFTWARE\SupTab
Key Found : HKLM\SOFTWARE\Tutorials
Key Found : HKLM\SOFTWARE\V9
Key Found : HKLM\SOFTWARE\WajIntEnhance
Key Found : HKLM\SOFTWARE\winzipersvc
Key Found : HKLM\SOFTWARE\YorkNewCin
Key Found : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
Key Found : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Found : [x64] HKLM\SOFTWARE\ArenaHD
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
Key Found : [x64] HKLM\SOFTWARE\coupoon
Key Found : [x64] HKLM\SOFTWARE\coupoon
Key Found : [x64] HKLM\SOFTWARE\HighDefAction
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4270603C7CA6FEB45B61F4B6D10988D7
Key Found : [x64] HKLM\SOFTWARE\ShopperPro
Key Found : [x64] HKLM\SOFTWARE\YorkNewCin
Key Found : [x64] HKLM\SOFTWARE\YTDownloader
Key Found : HKU\.DEFAULT\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
Key Found : HKU\.DEFAULT\Software\AskPartnerNetwork
Key Found : HKU\.DEFAULT\Software\AVG Secure Search
Key Found : HKU\.DEFAULT\Software\Avg Secure Update
Key Found : HKU\.DEFAULT\Software\IM
Key Found : HKU\.DEFAULT\Software\ImInstaller
Value Found : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [istart_ffnt@gmail.com]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_searchff@gmail.com]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17801

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://do-search.com/web/?type=dspp&ts=1426805741&from=cor&uid=WDCXWD1002FAEX-00Z3A0_WD-WCATRC38461084610&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://do-search.com/web/?type=dspp&ts=1426805741&from=cor&uid=WDCXWD1002FAEX-00Z3A0_WD-WCATRC38461084610&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1428910134&from=wpc&uid=WDCXWD1002FAEX-00Z3A0_WD-WCATRC38461084610&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1428910134&from=wpc&uid=WDCXWD1002FAEX-00Z3A0_WD-WCATRC38461084610&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1428910134&from=wpc&uid=WDCXWD1002FAEX-00Z3A0_WD-WCATRC38461084610&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.mystartsearch.com/web/?type=ds&ts=1428910134&from=wpc&uid=WDCXWD1002FAEX-00Z3A0_WD-WCATRC38461084610&q={searchTerms}

-\\ Mozilla Firefox v38.0.5 (x86 en-US)


-\\ Google Chrome v43.0.2357.81

[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://do-search.com/web/?type=dspp&ts=1426805741&from=cor&uid=WDCXWD1002FAEX-00Z3A0_WD-WCATRC38461084610&q={searchTerms}
[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts=1428910163&from=wpc&uid=WDCXWD1002FAEX-00Z3A0_WD-WCATRC38461084610&q={searchTerms}
[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts=1428910163&from=wpc&uid=WDCXWD1002FAEX-00Z3A0_WD-WCATRC38461084610&q={searchTerms}
[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www-searching.com/search.aspx?site=shyos&pid=s&shr=d&q={searchTerms}&s=F67ztutdksC0000,2bff0d38-7e10-4cf2-b7ab-10569ac6fd53
[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : lacckjdlmkdhcacjdodpjokfobckjclh
[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : plcgkgghkdfgfhiidfjkhmainebgmklf
[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : beohgimgbhodienidpocpjekgdmogjil
[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : cpfgohgelelaiklkebnccnpolcldkmkb
[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : dbipndmaegfopnoclighnpngjaaahcol
[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : eagmigneodcmcmpbphnghnmfonegdglh
[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Homepage] : hxxp://www-searching.com/?pid=s&s=F67ztutdksC0000,2bff0d38-7e10-4cf2-b7ab-10569ac6fd53&vp=ch
[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Startup_URLs] : hxxp://www-searching.com/?pid=s&s=F67ztutdksC0000,2bff0d38-7e10-4cf2-b7ab-10569ac6fd53&vp=ch

*************************

AdwCleaner[R0].txt - [25727 bytes] - [08/06/2015 11:52:05]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [25787 bytes] ##########
 



#13 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:02:22 PM

Posted 08 June 2015 - 03:28 AM

Arghh it's still there! That one kept popping up but I thought I had got rid of it.. obviously not.

Please uninstall it from Programs and Features :)

Re-run AdwCleaner and choose Cleaning for all detections. After that click on Logfile and post the cleaning log here.

Junkware Removal Tool

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
===

Emsisoft Emergency Kit

Please download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).
  • After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
  • The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.
  • When the update process is complete, a new button will appear in the lower-left corner that says Back. Click on this button to return to the Overview screen.
  • Click on Scan to be taken to the scan options. If you are asked if you want the scanner to scan for Potentially Unwanted Programs, then click Yes.
  • Click on the Full Scan button to start the scan.
  • When the scan is completed click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
  • When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
  • Please save the log in Notepad on your desktop, and attach it to your next reply.
  • When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.
Regards,
Alex

#14 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:22 PM

Posted 08 June 2015 - 04:14 AM

OK, have removed First Verify (again) and re run AdwCleaner and chose cleaning. The log for that follows. I try to run JRT ... I get to the black (DOS like) box that says to press any key to continue but when I do, a couple of lines of text pop up so fast I can't read it and then the box disapppears. At this point, the computer seems to be doing nothing. Is there some sort of screen associated with JRT running?

 

Haven't gone onto Emsisoft Emergency Kit yet

 

 

# AdwCleaner v4.206 - Logfile created 08/06/2015 at 18:47:16
# Updated 01/06/2015 by Xplode
# Database : 2015-06-05.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Ashlee - ASHLEE-PC
# Running from : C:\Users\Ashlee\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : BrsHelper
[#] Service Deleted : cherimoya
[#] Service Deleted : IHProtect Service
Service Deleted : netfilter64
[#] Service Deleted : WindowsMangerProtect
[#] Service Deleted : CoupoonService64
[#] Service Deleted : lxqvbcbiws32
[#] Service Deleted : innfd_1_10_0_14
[#] Service Deleted : 3733a40e

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Browser
Folder Deleted : C:\ProgramData\SearchModule
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\IHProtectUpDate
Folder Deleted : C:\ProgramData\Ads Remover
Folder Deleted : C:\ProgramData\17b3ef88000037ba
Folder Deleted : C:\ProgramData\d650343a00004204
Folder Deleted : C:\ProgramData\{0c10a449-ec78-0588-0c10-0a449ec79127}
Folder Deleted : C:\ProgramData\{25e291f2-cb0c-d8a3-25e2-291f2cb047cb}
Folder Deleted : C:\ProgramData\{94f731b2-5629-116d-94f7-731b2562c6c9}
Folder Deleted : C:\ProgramData\{b7519684-238b-5ef1-b751-196842385a10}
Folder Deleted : C:\ProgramData\{de85fefc-dde9-3678-de85-5fefcddefbf3}
Folder Deleted : C:\ProgramData\{edfb5e3e-60fc-1ab3-edfb-b5e3e60f78f9}
Folder Deleted : C:\ProgramData\{ee76c9f7-2d40-9c66-ee76-6c9f72d427dc}
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Downloader
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\ShopperPro
Folder Deleted : C:\Program Files (x86)\WinZipper
Folder Deleted : C:\Program Files (x86)\XTab
Folder Deleted : C:\Program Files (x86)\Fun2Save
Folder Deleted : C:\Program Files (x86)\Media Downloader
Folder Deleted : C:\Program Files (x86)\coupoon
Folder Deleted : C:\Program Files (x86)\SoftwareHelp
Folder Deleted : C:\Program Files (x86)\AellCheapPrice
Folder Deleted : C:\Program Files (x86)\AutoDeAlsAPp
Folder Deleted : C:\Program Files (x86)\Gom VPN  Bypass and unblock
Folder Deleted : C:\Program Files (x86)\Redirector
Folder Deleted : C:\Program Files (x86)\SaleePlUsa
Folder Deleted : C:\Program Files (x86)\SalEoPlus
Folder Deleted : C:\Program Files (x86)\SalePlus
Folder Deleted : C:\Program Files (x86)\SalePPleus
Folder Deleted : C:\Users\Ashlee\AppData\Local\Temp\apn
Folder Deleted : C:\Program Files\shopperz
Folder Deleted : C:\Program Files\coupoon
Folder Deleted : C:\Program Files\015
Folder Deleted : C:\Program Files\Common Files\Goobzo
Folder Deleted : C:\Users\Ashlee\SupTab
Folder Deleted : C:\Users\Ashlee\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Ashlee\AppData\Local\PriceFountain
Folder Deleted : C:\Users\Ashlee\AppData\Local\SmartWeb
Folder Deleted : C:\Users\Ashlee\AppData\Local\CleanerPro
Folder Deleted : C:\Users\Ashlee\AppData\Local\BrowserHelper
Folder Deleted : C:\Users\Ashlee\AppData\Local\03DE0294-1433611048-0574-1206-600700080009
Folder Deleted : C:\Users\Ashlee\AppData\Local\03DE0294-1433621692-0574-1206-600700080009
Folder Deleted : C:\Users\Ashlee\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
Folder Deleted : C:\Users\Ashlee\AppData\Roaming\AnyProtectEx
Folder Deleted : C:\Users\Ashlee\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\Ashlee\AppData\Roaming\WinZipper
Folder Deleted : C:\Users\Ashlee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
Folder Deleted : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgfgdinbhbabjffedapodgchceajbjdc
Folder Deleted : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckiahbcmlmkpfiijecbpflfahoimklke
Folder Deleted : C:\ProgramData\beohgimgbhodienidpocpjekgdmogjil
Folder Deleted : C:\ProgramData\cpfgohgelelaiklkebnccnpolcldkmkb
Folder Deleted : C:\ProgramData\dbipndmaegfopnoclighnpngjaaahcol
Folder Deleted : C:\ProgramData\eagmigneodcmcmpbphnghnmfonegdglh
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\Media Downloader.lnk
File Deleted : C:\Program Files (x86)\mozilla firefox\dbghelp.dll
File Deleted : C:\Program Files (x86)\prefs.js
File Deleted : C:\Program Files\Common Files\System\SysMenu.dll
File Deleted : C:\Program Files\Common Files\System\SysMenu64.dll
File Deleted : C:\Windows\System32\log\iSafeKrnlCall.log
File Deleted : C:\Windows\System32\drivers\netfilter64.sys
File Deleted : C:\Users\Ashlee\AppData\Roaming\Ia993LaHFq9G8s7dscKSWao067d
File Deleted : C:\Users\Ashlee\AppData\Roaming\Ia993LaHFq9G8s7dscKSWao067d.exe
File Deleted : C:\Users\Ashlee\AppData\Roaming\VEI3AMcydjvcd
File Deleted : C:\Users\Ashlee\AppData\Roaming\VEI3AMcydjvcd.exe
File Deleted : C:\Users\Ashlee\Desktop\Continue Live Installation.lnk
File Deleted : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_searches.vi-view.com_0.localstorage
File Deleted : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_searches.vi-view.com_0.localstorage-journal
File Deleted : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www-searching.com_0.localstorage
File Deleted : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www-searching.com_0.localstorage-journal
File Deleted : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage
File Deleted : C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal

***** [ Scheduled tasks ] *****

Task Deleted : APSnotifierPP1
Task Deleted : APSnotifierPP2
Task Deleted : APSnotifierPP3
Task Deleted : CleanerPro_Popup
Task Deleted : CleanerPro_Start
Task Deleted : SmartWeb Upgrade Trigger Task
Task Deleted : SMupdate1
Task Deleted : Microsoft\Windows\Multimedia\SMupdate3
Task Deleted : Microsoft\Windows\Maintenance\SMupdate2
Task Deleted : Ia993LaHFq9G8s7dscKSWao067d
Task Deleted : VEI3AMcydjvcd

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [istart_ffnt@gmail.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_searchff@gmail.com]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Value Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Key Deleted : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExt
Key Deleted : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
Key Deleted : HKLM\SOFTWARE\Classes\SDP
Key Deleted : HKLM\SOFTWARE\15d5fb99-46d3-6aec-8be8-f14957b6c0df
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{3733a40e}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CF50C82-4C4B-43E9-B1B2-15CB1BD0C193}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7D8DAE88-BC05-4578-8C29-E541FFBA5757}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B5C4833B-847B-49CD-8EBE-CDD9B43C882F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{14EF423E-3EE8-44AE-9337-07AC3F27B744}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{532ECD0F-E6C9-4ACE-860A-3730B1F6F1DD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{598DCD74-3F5B-4E16-8749-057F426F232A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{999A70CB-7657-4A48-A92A-BE29FF9D5443}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A63C49A5-6CC1-4579-A883-AE6B3E91108D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4D1C553-99C0-48E5-B0A7-B1E00163715C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3A4C4ECD-88B6-49F9-8907-89104B91B6F7}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\HomeTab
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKCU\Software\V9
Key Deleted : HKCU\Software\GAMESDESKTOP
Key Deleted : HKCU\Software\TNT2
Key Deleted : HKCU\Software\WajIntEnhance
Key Deleted : HKCU\Software\SearchProtectWS
Key Deleted : HKCU\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
Key Deleted : HKCU\Software\Crossbrowse
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\YorkNewCin
Key Deleted : HKCU\Software\HighDefAction
Key Deleted : HKCU\Software\CleanerProConfig
Key Deleted : HKCU\Software\CleanerProLanguage
Key Deleted : HKCU\Software\ArenaHD
Key Deleted : HKCU\Software\Avg Secure Update
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\delta-homesSoftware
Key Deleted : HKLM\SOFTWARE\do-searchSoftware
Key Deleted : HKLM\SOFTWARE\EZ Software Updater
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\hdcode
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\SearchProtect
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\V9
Key Deleted : HKLM\SOFTWARE\winzipersvc
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\IHProtect
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKLM\SOFTWARE\Cleaner Pro
Key Deleted : HKLM\SOFTWARE\WajIntEnhance
Key Deleted : HKLM\SOFTWARE\Crossbrowse
Key Deleted : HKLM\SOFTWARE\SpeedBit
Key Deleted : HKLM\SOFTWARE\coupoon
Key Deleted : HKLM\SOFTWARE\AIM Toolbar
Key Deleted : HKLM\SOFTWARE\YorkNewCin
Key Deleted : HKLM\SOFTWARE\HighDefAction
Key Deleted : HKLM\SOFTWARE\ArenaHD
Key Deleted : HKLM\SOFTWARE\FFPluginHp
Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search
Key Deleted : HKU\.DEFAULT\Software\IM
Key Deleted : HKU\.DEFAULT\Software\ImInstaller
Key Deleted : HKU\.DEFAULT\Software\{4E7638A1-6962-4e44-A6B9-F40E84FD6D09}
Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7223EDAC-E091-B3C1-BD91-B66CE557800F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8E8C2E2D-7F21-2CF5-0ADB-64935121ECF0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5A1D3F9E-73B5-95EC-1233-6646E1358965}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B138259A-351E-33FA-2726-8D71704F1DA9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Media Downloader_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{53B21E29-3967-C332-57EB-C02631658584}
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
Key Deleted : [x64] HKLM\SOFTWARE\coupoon
Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\4270603C7CA6FEB45B61F4B6D10988D7
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\4270603C7CA6FEB45B61F4B6D10988D7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4270603C7CA6FEB45B61F4B6D10988D7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17801

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v38.0.5 (x86 en-US)

[2qj84rt9.default-1433651581028\prefs.js] - Line Deleted : user_pref("extensions.rNgAKzRLbtyOEjiG.scode", "(function(){try{if(window.location.href.indexOf(\"pjnEpdnErTrGqdk6pdw6pdw5qa\")>-1){return;}}catch(e){}try{var d=[[\"cryptogmail.com\",\"bancdebinary.co[...]

-\\ Google Chrome v43.0.2357.81

[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://do-search.com/web/?type=dspp&ts=1426805741&from=cor&uid=WDCXWD1002FAEX-00Z3A0_WD-WCATRC38461084610&q={searchTerms}
[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts=1428910163&from=wpc&uid=WDCXWD1002FAEX-00Z3A0_WD-WCATRC38461084610&q={searchTerms}
[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts=1428910163&from=wpc&uid=WDCXWD1002FAEX-00Z3A0_WD-WCATRC38461084610&q={searchTerms}
[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www-searching.com/search.aspx?site=shyos&pid=s&shr=d&q={searchTerms}&s=F67ztutdksC0000,2bff0d38-7e10-4cf2-b7ab-10569ac6fd53
[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : bgfgdinbhbabjffedapodgchceajbjdc
[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : ckiahbcmlmkpfiijecbpflfahoimklke
[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : beohgimgbhodienidpocpjekgdmogjil
[C:\Users\Ashlee\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : hxxp://www-searching.com/?pid=s&s=F67ztutdksC0000,2bff0d38-7e10-4cf2-b7ab-10569ac6fd53&vp=ch

*************************

AdwCleaner[R0].txt - [26035 bytes] - [08/06/2015 11:52:05]
AdwCleaner[R1].txt - [20537 bytes] - [08/06/2015 18:45:47]
AdwCleaner[S0].txt - [18371 bytes] - [08/06/2015 18:47:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18431  bytes] ##########



#15 Twinmum

Twinmum
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:22 PM

Posted 08 June 2015 - 05:14 AM

I've just gone back to the computer and I'm pretty sure that it didn't run JRT. Should I move onto the Emsisoft Emergency Kit?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users