Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

pop ups


  • Please log in to reply
12 replies to this topic

#1 dwhit24311

dwhit24311

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 27 June 2015 - 06:44 AM

I keep getting popups when I click on links on websites. Please help


Edited by hamluis, 27 June 2015 - 08:08 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


m

#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:41 PM

Posted 27 June 2015 - 07:04 AM

Download and run wipe  and system ninja,

 

https://privacyroot.com/software/www/en/wipe.php

https://singularlabs.com/software/system-ninja/

 

Then.....

 

Go ahead and install ccleaner Now that you have the program installed go ahead and run the cleaner function.

https://www.piriform.com/ccleaner/download
kwLN4uv.png


Now that you have cleaned out some temp files, lets go ahead and disable all of the items starting up with your machine except your antivirus. To do this you will need to click on tools then start up select each item then disable.

GjWwvEu.png

Now that you have disabled those un-needed start ups lets go into the settings, we will have Ccleaner run when your machine boots, so that you will never have to worry about cleaning temp files again.

To do this:

  • Hit options.
  • Settings.
  • Place a tick to run Ccleaner when the computer starts.


Lxioao1.png

Now go to the advanced tab, and select close program after cleaning, now run the cleaner again this will close Ccleaner.

SnqZ2JW.png

 

Reboot your machine and then follow the  instructions below.

 

Step 1: eScanAV.

 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

Download the eScanAV Anti-Virus Toolkit (MWAV)
http://www.escanav.com/english/content/products/downloadlink/downloadcounter.asp?pcode=MWAV&src=english_dwn&type=alter

 

Source

http://www.escanav.com/english/content/products/downloadlink/downloadproduct.asp?pcode=MWAV
Save the file to your desktop.
Right click run as administrator.
A new icon will appear on your desktop.
Right click run as administrator on new icon.
Click on the update tab.
ZCDJtZN.png
Once you have updated the program, make sure the settings are the same as the picture below.
7DUFn5c.png
Once you have made sure the settings match the picture, hit the Scan & Clean button.
Upon scan completion, click View Log.
ApSVXsQ.png
Copy and paste entire log into your next reply.

Note: Reboot after you remove infections.

 

Step 2: Zemana

 

Run a full scan with Zemana antimalware.

http://www.zemana.us/product/zemana-antimalware/default.aspx

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply.

Note: Reboot after you remove infections.

 

 

Step 3: Junkware Removal Tool.
 
Please download Junkware Removal Tool and save it on your desktop.

Source

http://thisisudax.org/

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Step 4: Adware Cleaner.
 
Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


#3 dwhit24311

dwhit24311
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 27 June 2015 - 09:56 AM

27 Jun 2015 09:10:59 [09a4] - **********************************************************
27 Jun 2015 09:10:59 [09a4] - MWAV - eScanAV AntiVirus Toolkit.
27 Jun 2015 09:10:59 [09a4] - Copyright © MicroWorld Technologies
27 Jun 2015 09:10:59 [09a4] - **********************************************************
27 Jun 2015 09:10:59 [09a4] - Version 14.0.189 (C:\USERS\DON\APPDATA\LOCAL\TEMP\MEXETMP.EX~)
27 Jun 2015 09:10:59 [09a4] - Log File: C:\Users\Don\AppData\Local\temp\LOG\MWAV.LOG
27 Jun 2015 09:10:59 [09a4] - MWAV Registered: TRUE
27 Jun 2015 09:10:59 [09a4] - User Account: Don (Administrator Mode)
27 Jun 2015 09:10:59 [09a4] - OS Type: Windows Workstation [InstallType: Client]
27 Jun 2015 09:10:59 [09a4] - OS: Windows 7 [OS Install Date: 20 May 2011 10:07:37]
27 Jun 2015 09:10:59 [09a4] - Ver: Professional Service Pack 1 (Build 7601)
27 Jun 2015 09:10:59 [09a4] - System Up Time: 22 Minutes, 11 Seconds
 
 
27 Jun 2015 09:10:59 [09a4] - Parent Process Name : C:\Users\Don\AppData\Local\Temp\mwavscan.exe
27 Jun 2015 09:10:59 [09a4] - Windows Root  Folder: C:\Windows
27 Jun 2015 09:10:59 [09a4] - Windows Sys32 Folder: C:\Windows\system32
27 Jun 2015 09:10:59 [09a4] - DHCP NameServer: 65.32.5.111 65.32.5.112
27 Jun 2015 09:10:59 [09a4] - Interface0 DHCPNameServer: 65.32.5.111 65.32.5.112
27 Jun 2015 09:10:59 [09a4] - Interface1 DHCPNameServer: 192.168.0.1
27 Jun 2015 09:10:59 [09a4] - Local Fixed Drives: c:\
27 Jun 2015 09:10:59 [09a4] - MWAV Mode(A): Scan and Clean files (for viruses, adware and spyware)
27 Jun 2015 09:10:59 [09a4] - [CREATED ZIP FILE: C:\Users\Don\AppData\Local\Temp\pinfect.zip]
27 Jun 2015 09:10:59 [09a4] - Command Line Options Given: /xsign
27 Jun 2015 09:11:31 [09a4] - Latest Date of files inside MWAV: Sat Jun 27 12:29:01 2015.
27 Jun 2015 09:11:31 [09a4] - Loading/Creating FileScan Cache Database C:\ProgramData\MicroWorld\MWAV\ESCANDBY.MDB [Log: C:\Users\Don\AppData\Local\temp\LOG\ESCANDB.LOG]
27 Jun 2015 09:11:42 [09a4] - Loaded/Created FileScan Cache Database...
27 Jun 2015 09:11:42 [09a4] - Loading AV Library [DB]...
27 Jun 2015 09:11:57 [09a4] - ArchiveScan: DISABLED
27 Jun 2015 09:11:57 [09a4] - AV Library Loaded - MultiThreaded - 6 : [DB-DIRECT].
27 Jun 2015 09:11:57 [09a4] - MWAV doing self scanning...
27 Jun 2015 09:11:58 [09a4] - MWAV files are clean.
27 Jun 2015 09:12:06 [09a4] - ArchiveScan: DISABLED
27 Jun 2015 09:12:06 [09a4] - Virus Database Date: 27 Jun 2015
27 Jun 2015 09:12:06 [09a4] - Virus Database Count: 5698532
27 Jun 2015 09:12:06 [09a4] - Sign Version: 7.61273 [520025]
 
27 Jun 2015 09:13:00 [09a4] - **********************************************************
27 Jun 2015 09:13:00 [09a4] - MWAV - eScanAV AntiVirus Toolkit.
27 Jun 2015 09:13:00 [09a4] - Copyright © MicroWorld Technologies
27 Jun 2015 09:13:00 [09a4] - 
27 Jun 2015 09:13:00 [09a4] - Support: support@escanav.com
27 Jun 2015 09:13:00 [09a4] - Web: http://www.escanav.com
27 Jun 2015 09:13:00 [09a4] - **********************************************************
27 Jun 2015 09:13:00 [09a4] - Version 14.0.189[DB] (C:\USERS\DON\APPDATA\LOCAL\TEMP\MEXETMP.EX~)
27 Jun 2015 09:13:00 [09a4] - Log File: C:\Users\Don\AppData\Local\temp\LOG\MWAV.LOG
27 Jun 2015 09:13:00 [09a4] - User Account: Don (Administrator Mode)
27 Jun 2015 09:13:00 [09a4] - Parent Process Name : C:\Users\Don\AppData\Local\Temp\mwavscan.exe
27 Jun 2015 09:13:00 [09a4] - Windows Root  Folder: C:\Windows
27 Jun 2015 09:13:00 [09a4] - Windows Sys32 Folder: C:\Windows\system32
27 Jun 2015 09:13:00 [09a4] - OS: Windows 7 [OS Install Date: 20 May 2011 10:07:37]
27 Jun 2015 09:13:00 [09a4] - Ver: Professional Service Pack 1 (Build 7601)
27 Jun 2015 09:13:00 [09a4] - Latest Date of files inside MWAV: Sat Jun 27 12:29:01 2015.
27 Jun 2015 09:13:00 [09a4] - Priority: NORMAL
 
27 Jun 2015 09:13:00 [0308] - Options Selected by User:
27 Jun 2015 09:13:00 [0308] - Memory Check: Enabled
27 Jun 2015 09:13:00 [0308] - Registry Check: Enabled
27 Jun 2015 09:13:00 [0308] - StartUp Folder Check: Enabled
27 Jun 2015 09:13:00 [0308] - System Folder Check: Enabled
27 Jun 2015 09:13:00 [0308] - Services Check: Enabled
27 Jun 2015 09:13:00 [0308] - Scan Spyware: Enabled
27 Jun 2015 09:13:00 [0308] - Scan Archives: Disabled
27 Jun 2015 09:13:00 [0308] - Drive Check: Enabled
27 Jun 2015 09:13:00 [0308] - All Drive Check :Disabled
27 Jun 2015 09:13:00 [0308] - Drive Selected = C:\
27 Jun 2015 09:13:00 [0308] - Folder Check: Disabled
27 Jun 2015 09:13:00 [0308] - SCAN: All_Files [ANSI]
27 Jun 2015 09:13:00 [0308] - MWAV Mode(B): Scan and Clean files (for viruses, adware and spyware)
 
27 Jun 2015 09:13:00 [0308] - Scanning DNS Records...
27 Jun 2015 09:13:00 [0308] - Scanning Master Boot Record (Kernel)...
27 Jun 2015 09:13:01 [0308] - Scanning Logical Boot Records...
27 Jun 2015 09:13:06 [0308] - ***** Scanning For Hidden Rootkit Processes *****
27 Jun 2015 09:13:07 [0308] - ***** Scanning For Hidden Rootkit Services *****
27 Jun 2015 09:13:26 [0308] - Walk through registry failed!
 
27 Jun 2015 09:13:26 [0308] - ***** Scanning Memory Files *****
 
27 Jun 2015 09:14:33 [0308] - ***** Scanning Registry Files *****
 
27 Jun 2015 09:14:38 [0308] - ***** Scanning StartUp Folders *****
27 Jun 2015 09:23:28 [11ec] - ScanFile (C:\Users\Don\Desktop\Downloads\Liberkey\Apps\Chromium\App\Chromium\chrome.dll) took 6442 ms
27 Jun 2015 09:24:40 [11ec] - ScanFile (C:\Users\Don\Desktop\Downloads\Liberkey\Apps\Floola_2010-09-06_06-25-31\App\Floola\Floola.exe) took 6568 ms
27 Jun 2015 09:24:41 [1468] - ScanFile (C:\Users\Don\Desktop\Downloads\Liberkey\Apps\Floola_2010-10-30_06-59-24\App\Floola\Floola.exe) took 7207 ms
27 Jun 2015 09:30:12 [11ec] - ScanFile (C:\Users\Don\Desktop\Downloads\Liberkey\Apps\Opera_2010-10-25_08-43-55\App\Opera\opera.dll) took 9438 ms
27 Jun 2015 09:30:20 [1568] - C:\Users\Don\Desktop\Downloads\Liberkey\Apps\PDFXchangeViewer\App\PDFXchangeViewer\Settings.dat not Scanned. Possibly password protected...
27 Jun 2015 09:30:30 [1468] - ScanFile (C:\Users\Don\Desktop\Downloads\Liberkey\Apps\PeaZip\App\PeaZip\res\lpaq\lpaq5.exe) took 6240 ms
27 Jun 2015 09:30:35 [11ec] - ScanFile (C:\Users\Don\Desktop\Downloads\Liberkey\Apps\PicPick\App\PicPick\picpick.exe) took 5304 ms
27 Jun 2015 09:31:14 [1540] - ScanFile (C:\Users\Don\Desktop\Downloads\Liberkey\Apps\PocketDivXEncoder\App\PocketDivXEncoder\PocketDivXEncoder.exe) took 10967 ms
27 Jun 2015 09:31:15 [1748] - ScanFile (C:\Users\Don\Desktop\Downloads\Liberkey\Apps\PokerTH\App\PokerTH\pokerth.exe) took 6193 ms
27 Jun 2015 09:31:26 [1540] - ScanFile (C:\Users\Don\Desktop\Downloads\Liberkey\Apps\PSPad\App\PSPad\PSPad.exe) took 5881 ms
27 Jun 2015 09:31:33 [15f8] - ScanFile (C:\Users\Don\Desktop\Downloads\Liberkey\Apps\PSPad_2010-07-13_06-28-27\App\PSPad\PSPad.exe) took 6271 ms
27 Jun 2015 09:35:22 [1540] - ScanFile (C:\Users\Don\Desktop\Downloads\Liberkey\Apps\xVideoServiceThief\App\xVideoServiceThief\xVideoServiceThief.exe) took 5319 ms
27 Jun 2015 09:35:48 [15f8] - ScanFile (C:\Users\Don\Desktop\Downloads\SeaToolsforWindowsSetup-1208.exe) took 5585 ms
27 Jun 2015 09:35:48 [1468] - ScanFile (C:\Users\Don\Desktop\Downloads\pwsafe-3.30.exe) took 8970 ms
27 Jun 2015 09:36:09 [11ec] - ScanFile (C:\Users\Don\Desktop\Downloads\vlcmediaplayer-setup.exe) took 9298 ms
27 Jun 2015 09:36:11 [1748] - ScanFile (C:\Users\Don\Desktop\Downloads\VLC\vlc-2.0.1-win32.exe) took 10889 ms
27 Jun 2015 09:36:28 [1468] - ScanFile (C:\Users\Don\AppData\Roaming\Dropbox\bin\Dropbox.exe) took 6365 ms
27 Jun 2015 09:36:36 [11ec] - C:\Users\Don\AppData\Roaming\GlarySoft\Glary Utilities\Backups\41970.7162849074 not Scanned. Possibly password protected...
27 Jun 2015 09:36:36 [1568] - ScanFile (C:\Users\Don\AppData\Roaming\Five9\Softphone8.0.1\eyeBeamCOM.jar) took 5554 ms
27 Jun 2015 09:36:40 [1468] - ScanFile (C:\Users\Don\AppData\Roaming\Five9\UAL\softphoneinstaller__V1.0.6.jar) took 5164 ms
27 Jun 2015 09:37:59 [15f8] - ScanFile (C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbam-setup.exe) took 7270 ms
27 Jun 2015 09:39:29 [15f8] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [11ec] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Babylon.Toolbar-0000.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [1540] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0001.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [1748] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0000.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [15f8] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0001.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [1540] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0000.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [1748] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\iCrossRider-0000.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [1540] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\IncrediBar-0001.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [11ec] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Fraud.XPDefender2013-0000.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [15f8] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\IncrediBar-0000.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [1748] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [1540] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0001.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [11ec] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0000.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [15f8] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0001.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [1748] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0002.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [15f8] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0001.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [11ec] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0000.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [1540] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Microsoft.WindowsSecurityCenter_disabled-0000.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [1748] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [11ec] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\SweetIM-0000.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [1748] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\W3i.IQ5.fraud-0001.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [1540] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\W3i.IQ5.fraud-0000.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [11ec] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\W3i.IQ5.fraud-0002.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [1748] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [15f8] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [1540] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0001.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [11ec] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows-0000.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [1568] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Win32.DownTango-0000.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [1748] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows-0001.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [1540] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0001.zip not Scanned. Possibly password protected...
27 Jun 2015 09:39:29 [15f8] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip not Scanned. Possibly password protected...
 
27 Jun 2015 09:39:30 [0308] - ***** Scanning Service Files *****
27 Jun 2015 09:39:42 [0308] - ERROR(2)!!! Invalid Entry \??\C:\Users\Don\AppData\Local\Temp\catchme.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\catchme.
27 Jun 2015 09:40:07 [0308] - ERROR(2)!!! Invalid Entry \??\D:\CDriver.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\MSICDSetup.
27 Jun 2015 09:40:34 [0308] - Giving rights(a) to [HKLM\SYSTEM\CurrentControlSet\Services\TrkWks].
27 Jun 2015 09:40:43 [0308] - ERROR(2)!!! Invalid Entry System32\drivers\rdvgkmd.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\VGPU.
 
27 Jun 2015 09:40:51 [0308] - ***** Scanning Registry and File system for Adware/Spyware *****
27 Jun 2015 09:40:53 [0308] - Loading Spyware Signatures from new External Database [Name: C:\Users\Don\AppData\Local\temp\spydb.avs, Size: 464724]...
27 Jun 2015 09:40:53 [0308] - Indexed Spyware Databases Successfully Created...
 
27 Jun 2015 09:40:58 [0308] - Offending file found: C:\Users\Don\AppData\Local\Android\sdk\docs\reference\com\google\android\gms\games\Player.html
27 Jun 2015 09:40:58 [0308] - System found infected with ClipGenie Spyware/Adware (Player.html)! Action taken: File Deleted.
27 Jun 2015 09:40:58 [0308] - Object "ClipGenie Spyware/Adware" found in File System! Action Taken: File Deleted.
 
27 Jun 2015 09:41:27 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\1y\hx
27 Jun 2015 09:41:27 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\1y\hx...
27 Jun 2015 09:41:27 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:28 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\2o\xt\hx
27 Jun 2015 09:41:28 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\2o\xt\hx...
27 Jun 2015 09:41:28 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:32 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\eg\hx
27 Jun 2015 09:41:32 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\eg\hx...
27 Jun 2015 09:41:32 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:33 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\ew\4o\hx
27 Jun 2015 09:41:33 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\ew\4o\hx...
27 Jun 2015 09:41:33 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:34 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\gi\hx
27 Jun 2015 09:41:34 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\gi\hx...
27 Jun 2015 09:41:34 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:35 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\gy\hx
27 Jun 2015 09:41:35 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\gy\hx...
27 Jun 2015 09:41:35 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:36 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\hx
27 Jun 2015 09:41:36 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\hx...
27 Jun 2015 09:41:36 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:36 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\id\hx
27 Jun 2015 09:41:36 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\id\hx...
27 Jun 2015 09:41:36 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:36 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\il\ba\hx
27 Jun 2015 09:41:36 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\il\ba\hx...
27 Jun 2015 09:41:36 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:38 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\kw\x4\hx
27 Jun 2015 09:41:38 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\kw\x4\hx...
27 Jun 2015 09:41:38 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:39 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\m4\nw\hx
27 Jun 2015 09:41:39 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\m4\nw\hx...
27 Jun 2015 09:41:39 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:39 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\m7\rd\hx
27 Jun 2015 09:41:39 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\m7\rd\hx...
27 Jun 2015 09:41:39 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:40 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\nk\lr\hx
27 Jun 2015 09:41:40 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\nk\lr\hx...
27 Jun 2015 09:41:40 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:40 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\o5\hx
27 Jun 2015 09:41:40 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\o5\hx...
27 Jun 2015 09:41:40 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:41 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\ou\te\hx
27 Jun 2015 09:41:41 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\ou\te\hx...
27 Jun 2015 09:41:41 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:41 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\pm\hx
27 Jun 2015 09:41:41 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\pm\hx...
27 Jun 2015 09:41:41 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:42 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\pw\hx
27 Jun 2015 09:41:42 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\pw\hx...
27 Jun 2015 09:41:42 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:42 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\q5\hx
27 Jun 2015 09:41:42 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\q5\hx...
27 Jun 2015 09:41:42 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:42 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\qc\9q\hx
27 Jun 2015 09:41:42 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\qc\9q\hx...
27 Jun 2015 09:41:42 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:42 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\ql\ba\hx
27 Jun 2015 09:41:42 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\ql\ba\hx...
27 Jun 2015 09:41:42 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:43 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\ra\kv\hx
27 Jun 2015 09:41:43 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\ra\kv\hx...
27 Jun 2015 09:41:43 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:44 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\uf\iw\hx
27 Jun 2015 09:41:44 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\uf\iw\hx...
27 Jun 2015 09:41:44 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:46 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\wq\hx
27 Jun 2015 09:41:46 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\wq\hx...
27 Jun 2015 09:41:46 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:46 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\x5\i4\hx
27 Jun 2015 09:41:46 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\x5\i4\hx...
27 Jun 2015 09:41:46 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:46 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\xl\u_\hx
27 Jun 2015 09:41:46 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\xl\u_\hx...
27 Jun 2015 09:41:46 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:46 [0308] - Offending Folder found: C:\Users\Don\Desktop\.cedata\tn\xs\on\hx
27 Jun 2015 09:41:46 [0308] - Deltree of Folder C:\Users\Don\Desktop\.cedata\tn\xs\on\hx...
27 Jun 2015 09:41:47 [0308] - Object "HelpExpress Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:41:56 [0308] - Offending file found: C:\Users\Don\Desktop\Downloads\Liberkey\Apps\AkelPad\App\AkelPad\AkelFiles\Plugs\Explorer.dll
27 Jun 2015 09:41:56 [0308] - System found infected with Clitor Spyware/Adware (Explorer.dll)! Action taken: File Deleted.
27 Jun 2015 09:41:56 [0308] - Object "Clitor Spyware/Adware" found in File System! Action Taken: File Deleted.
 
27 Jun 2015 09:41:58 [0308] - Offending file found: C:\Users\Don\Desktop\Downloads\Liberkey\Apps\AkelPad_2010-07-13_06-27-05\App\AkelPad\AkelFiles\Plugs\Explorer.dll
27 Jun 2015 09:41:58 [0308] - System found infected with Clitor Spyware/Adware (Explorer.dll)! Action taken: File Deleted.
27 Jun 2015 09:41:58 [0308] - Object "Clitor Spyware/Adware" found in File System! Action Taken: File Deleted.
 
27 Jun 2015 09:42:01 [0308] - Offending file found: C:\Users\Don\Desktop\Downloads\Liberkey\Apps\aMSN\App\aMSN\scripts\skins\default\displaypic\lock.dat
27 Jun 2015 09:42:01 [0308] - System found infected with WinFixer/ErrorSafe Adware (lock.dat)! Action taken: File Deleted.
27 Jun 2015 09:42:01 [0308] - Object "WinFixer/ErrorSafe Adware" found in File System! Action Taken: File Deleted.
 
27 Jun 2015 09:42:12 [0308] - Offending file found: C:\Users\Don\Desktop\Downloads\Liberkey\Apps\Dia\App\Dia\dia\aadl.dll
27 Jun 2015 09:42:12 [0308] - System found infected with AADL.dll Spyware/Adware (aadl.dll)! Action taken: File Deleted.
27 Jun 2015 09:42:12 [0308] - Object "AADL.dll Spyware/Adware" found in File System! Action Taken: File Deleted.
 
27 Jun 2015 09:42:16 [0308] - Offending file found: C:\Users\Don\Desktop\Downloads\Liberkey\Apps\DiskDefrag\App\DiskDefrag\helper.dll
27 Jun 2015 09:42:16 [0308] - System found infected with Banker.d Worm (helper.dll)! Action taken: File Deleted.
27 Jun 2015 09:42:16 [0308] - Object "Banker.d Worm" found in File System! Action Taken: File Deleted.
 
27 Jun 2015 09:42:23 [0308] - Offending file found: C:\Users\Don\Desktop\Downloads\Liberkey\Apps\FoxitReader\App\FoxitReader\Start\ad.html
27 Jun 2015 09:42:23 [0308] - System found infected with Zlob Trojan-Downloader (ad.html)! Action taken: File Deleted.
27 Jun 2015 09:42:23 [0308] - Object "Zlob Trojan-Downloader" found in File System! Action Taken: File Deleted.
 
27 Jun 2015 09:42:30 [0308] - Offending file found: C:\Users\Don\Desktop\Downloads\Liberkey\Apps\GlaryUtilities\App\GlaryUtilities\App\regrepair.exe
27 Jun 2015 09:42:30 [0308] - System found infected with SandBoxer Spyware/Adware (regrepair.exe)! Action taken: File Deleted.
27 Jun 2015 09:42:30 [0308] - Object "SandBoxer Spyware/Adware" found in File System! Action Taken: File Deleted.
 
27 Jun 2015 09:42:40 [0308] - Offending file found: C:\Users\Don\Desktop\Downloads\Liberkey\Apps\Pidgin\App\Pidgin\Pidgin\pixmaps\pidgin\emotes\default\bad.png
27 Jun 2015 09:42:40 [0308] - System found infected with Fix Tool Corrupted Adware/Spyware (bad.png)! Action taken: File Deleted.
27 Jun 2015 09:42:40 [0308] - Object "Fix Tool Corrupted Adware/Spyware" found in File System! Action Taken: File Deleted.
 
27 Jun 2015 09:42:42 [0308] - Offending file found: C:\Users\Don\Desktop\Downloads\Liberkey\Apps\Pidgin\App\Pidgin\Pidgin\plugins\tcl.dll
27 Jun 2015 09:42:42 [0308] - System found infected with SpywareStop Corrupted Adware/Spyware (tcl.dll)! Action taken: File Deleted.
27 Jun 2015 09:42:42 [0308] - Object "SpywareStop Corrupted Adware/Spyware" found in File System! Action Taken: File Deleted.
 
27 Jun 2015 09:42:49 [0308] - Offending file found: C:\Users\Don\Desktop\Downloads\Liberkey\LiberKeyTools\LiberKeyMenu\data\icons\games.ico
27 Jun 2015 09:42:49 [0308] - System found infected with Zlob Trojan-Downloader (games.ico)! Action taken: File Deleted.
27 Jun 2015 09:42:49 [0308] - Object "Zlob Trojan-Downloader" found in File System! Action Taken: File Deleted.
 
27 Jun 2015 09:42:49 [0308] - Offending file found: C:\Users\Don\Desktop\Downloads\Liberkey\MyDocuments\LBK_MIGRATION_BACKUP\Apps\Asuite\icons\games.ico
27 Jun 2015 09:42:49 [0308] - System found infected with Zlob Trojan-Downloader (games.ico)! Action taken: File Deleted.
27 Jun 2015 09:42:49 [0308] - Object "Zlob Trojan-Downloader" found in File System! Action Taken: File Deleted.
 
27 Jun 2015 09:42:49 [0308] - Offending file found: C:\Users\Don\Desktop\Downloads\tsmsetup.exe
27 Jun 2015 09:42:49 [0308] - System found infected with Porn Popups Spyware/Adware (tsmsetup.exe)! Action taken: File Deleted.
27 Jun 2015 09:42:49 [0308] - Object "Porn Popups Spyware/Adware" found in File System! Action Taken: File Deleted.
 
27 Jun 2015 09:42:52 [0308] - Offending file found: C:\Users\Don\Downloads\adt-bundle-windows-x86\adt-bundle-windows-x86\eclipse\plugins\org.eclipse.cdt.core.win32.x86_5.2.0.201202111925\os\win32\x86\starter.exe
27 Jun 2015 09:42:52 [0308] - System found infected with PrecisionPop Spyware/Adware (starter.exe)! Action taken: File Deleted.
27 Jun 2015 09:42:52 [0308] - Object "PrecisionPop Spyware/Adware" found in File System! Action Taken: File Deleted.
 
27 Jun 2015 09:43:11 [0308] - Unable to Open [HKLM\SOFTWARE\Microsoft\Direct3D]! Reason: Access is denied. (0x5)
27 Jun 2015 09:43:11 [0308] - Unable to Open [HKLM\SOFTWARE\Microsoft\Direct3D]! Reason: Access is denied. (0x5)
27 Jun 2015 09:43:11 [0308] - Unable to Open [HKLM\SOFTWARE\Microsoft\Direct3D]! Reason: Access is denied. (0x5)
27 Jun 2015 09:43:11 [0308] - Unable to Open [HKLM\SOFTWARE\Microsoft\Direct3D]! Reason: Access is denied. (0x5)
27 Jun 2015 09:43:11 [0308] - Unable to Open [HKLM\SOFTWARE\Microsoft\Direct3D]! Reason: Access is denied. (0x5)
27 Jun 2015 09:43:11 [0308] - Unable to Open [HKLM\SOFTWARE\Microsoft\Direct3D]! Reason: Access is denied. (0x5)
27 Jun 2015 09:43:11 [0308] - Unable to Open [HKLM\SOFTWARE\Microsoft\Direct3D]! Reason: Access is denied. (0x5)
27 Jun 2015 09:43:11 [0308] - Offending Registry Entry found: HKCU\SOFTWARE\Wget
27 Jun 2015 09:43:11 [0308] - System found infected with Backdoor (IRCBot) Trojans Spyware/Adware (HKCU\SOFTWARE\Wget)! Action taken: Entries Removed.
27 Jun 2015 09:43:11 [0308] - Object "Backdoor (IRCBot) Trojans Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:43:11 [0308] - Offending Registry Entry found: HKCU\Software\Microsoft\OLE
27 Jun 2015 09:43:11 [0308] - System found infected with Backdoor (IRCBot) Trojans Spyware/Adware (HKCU\Software\Microsoft\OLE)! Action taken: Entries Removed.
27 Jun 2015 09:43:11 [0308] - Object "Backdoor (IRCBot) Trojans Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
27 Jun 2015 09:43:11 [0308] - Offending Registry Entry found: HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers
27 Jun 2015 09:43:11 [0308] - System found infected with AntiSpyware Pro XP Corrupted Adware/Spyware (HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers)! Action taken: Entries Removed.
27 Jun 2015 09:43:11 [0308] - Object "AntiSpyware Pro XP Corrupted Adware/Spyware" found in File System! Action Taken: Entries Removed.
 
 
27 Jun 2015 09:43:11 [0308] - ***** Scanning Registry Files *****
27 Jun 2015 09:43:12 [0308] - ** Value in HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
27 Jun 2015 09:43:12 [0308] - ** Value in HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = http://www.google.com/
27 Jun 2015 09:43:12 [0308] - ** Value in HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\main/Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
 
27 Jun 2015 09:43:12 [0308] - ***** Scanning System32 Folders *****
27 Jun 2015 09:44:11 [1568] - ScanFile (C:\Windows\system32\mfc100u.dll) took 6162 ms
 
 
27 Jun 2015 09:46:18 [0308] - ***** Scanning Drive C:\ *****
27 Jun 2015 09:46:32 [1468] - Scanning File C:\AdwCleaner\Quarantine\C\Program Files\Savepass 2.0\7c1f0781-e46a-4214-9ddf-6a05c92de23c.xpi.vir
27 Jun 2015 09:46:32 [1468] - File C:\AdwCleaner\Quarantine\C\Program Files\Savepass 2.0\7c1f0781-e46a-4214-9ddf-6a05c92de23c.xpi.vir infected by "Adware.JS.Crossrider.B[ZP] (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:34 [1748] - Scanning File C:\AdwCleaner\Quarantine\C\Program Files\Savepass 2.0\Savepass 2.0-bho.dll.vir
27 Jun 2015 09:46:34 [11ec] - Scanning File C:\AdwCleaner\Quarantine\C\Program Files\Savepass 2.0\Savepass 2.0-bg.exe.vir
27 Jun 2015 09:46:34 [15f8] - Scanning File C:\AdwCleaner\Quarantine\C\Program Files\Savepass 2.0\8c2039bc-46a8-4ece-8671-0e3732b6ec26.dll.vir
27 Jun 2015 09:46:34 [1540] - Scanning File C:\AdwCleaner\Quarantine\C\Program Files\Savepass 2.0\Savepass 2.0-codedownloader.exe.vir
27 Jun 2015 09:46:34 [15f8] - File C:\AdwCleaner\Quarantine\C\Program Files\Savepass 2.0\8c2039bc-46a8-4ece-8671-0e3732b6ec26.dll.vir infected by "Gen:Variant.Adware.Crossrider.2 (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:34 [1748] - File C:\AdwCleaner\Quarantine\C\Program Files\Savepass 2.0\Savepass 2.0-bho.dll.vir infected by "Gen:Application.Heur.Uy9@mKik@@ii (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:34 [11ec] - File C:\AdwCleaner\Quarantine\C\Program Files\Savepass 2.0\Savepass 2.0-bg.exe.vir infected by "Gen:Application.Heur.Pu1@mSZ0L1li (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:35 [1540] - File C:\AdwCleaner\Quarantine\C\Program Files\Savepass 2.0\Savepass 2.0-codedownloader.exe.vir infected by "Gen:Application.Heur.gv1@mCEw6jaO (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:38 [11ec] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\banjjklfojcdbofbhbgiedekefohoaff\10.31.4.510_0\APISupport\APISupport.dll.vir
27 Jun 2015 09:46:38 [11ec] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\banjjklfojcdbofbhbgiedekefohoaff\10.31.4.510_0\APISupport\APISupport.dll.vir infected by "Application.SearchProtect.AD (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [1540] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\104.js.vir
27 Jun 2015 09:46:58 [1540] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\104.js.vir infected by "Adware.JS.Agent.AN (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [1568] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\102.js.vir
27 Jun 2015 09:46:58 [15f8] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\123.js.vir
27 Jun 2015 09:46:58 [15f8] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\123.js.vir infected by "Adware.JS.Crossrider.B (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [1568] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\102.js.vir infected by "Adware.JS.Agent.AN (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [1748] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\178.js.vir
27 Jun 2015 09:46:58 [1748] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\178.js.vir infected by "Adware.JS.Agent.AN (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [1540] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\180.js.vir
27 Jun 2015 09:46:58 [11ec] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\179.js.vir
27 Jun 2015 09:46:58 [1540] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\180.js.vir infected by "Adware.JS.Crossrider.B (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [11ec] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\179.js.vir infected by "Adware.JS.Agent.AN (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [1568] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\191.js.vir
27 Jun 2015 09:46:58 [1568] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\191.js.vir infected by "Adware.JS.Agent.AB (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [1468] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\184.js.vir
27 Jun 2015 09:46:58 [1468] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\184.js.vir infected by "Adware.JS.Agent.AM (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [1748] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\200.js.vir
27 Jun 2015 09:46:58 [11ec] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\223.js.vir
27 Jun 2015 09:46:58 [11ec] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\223.js.vir infected by "Adware.JS.Agent.AN (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [1748] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\200.js.vir infected by "Adware.JS.Crossrider.B (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [1568] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\231.js.vir
27 Jun 2015 09:46:58 [1568] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\231.js.vir infected by "Adware.JS.Agent.AM (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [1468] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\242.js.vir
27 Jun 2015 09:46:58 [1468] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\242.js.vir infected by "Adware.JS.Agent.AM (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [1540] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\232.js.vir
27 Jun 2015 09:46:58 [1540] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\232.js.vir infected by "Adware.JS.Agent.AM (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [1748] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\262.js.vir
27 Jun 2015 09:46:58 [1748] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\262.js.vir infected by "Adware.JS.Crossrider.B (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [15f8] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\263.js.vir
27 Jun 2015 09:46:58 [1568] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\273.js.vir
27 Jun 2015 09:46:58 [1540] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\288.js.vir
27 Jun 2015 09:46:58 [15f8] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\263.js.vir infected by "Adware.JS.Agent.AN (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [1568] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\273.js.vir infected by "Adware.JS.Agent.AN (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [1468] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\286.js.vir
27 Jun 2015 09:46:58 [1540] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\288.js.vir infected by "Adware.JS.Agent.AN (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [1468] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\286.js.vir infected by "Adware.JS.Agent.AN (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [11ec] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\281.js.vir
27 Jun 2015 09:46:58 [11ec] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\281.js.vir infected by "Adware.JS.Agent.AC (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:58 [15f8] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\301.js.vir
27 Jun 2015 09:46:58 [15f8] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\301.js.vir infected by "Adware.JS.Agent.AM (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:46:59 [1468] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\93.js.vir
27 Jun 2015 09:46:59 [1468] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\eagomcfjiefffhpaejnlpjccikpipdoe\1.26.28_0\extensionData\plugins\93.js.vir infected by "Adware.JS.Agent.AM (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:47:08 [1468] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\hchkdglnjoagfcnikmcebkjlfbcbkhnm\10.31.0.526_0\nativeMessaging\TBMessagingHost.exe.vir
27 Jun 2015 09:47:08 [1468] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\hchkdglnjoagfcnikmcebkjlfbcbkhnm\10.31.0.526_0\nativeMessaging\TBMessagingHost.exe.vir infected by "Adware.Smartbar.U (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:47:19 [1748] - Scanning File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.0.526_0\nativeMessaging\TBMessagingHost.exe.vir
27 Jun 2015 09:47:19 [1748] - File C:\AdwCleaner\Quarantine\C\Users\Don\AppData\Local\torch\User Data\Default\Extensions\nemfjadlboooiffmcelkafilagddogim\10.31.0.526_0\nativeMessaging\TBMessagingHost.exe.vir infected by "Adware.Smartbar.U (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 09:50:31 [11ec] - ScanFile (C:\LiberKey\Apps\Blender\App\Blender\x86\blender.exe) took 15194 ms
27 Jun 2015 09:51:52 [1540] - ScanFile (C:\LiberKey\Apps\FotoSketcher\App\FotoSketcher\FotoSketcher.exe) took 6271 ms
27 Jun 2015 09:56:15 [1568] - C:\LiberKey\Apps\PDFXchangeViewer\App\PDFXChangeViewer\Settings.dat not Scanned. Possibly password protected...
27 Jun 2015 10:08:25 [15f8] - ScanFile (C:\Program Files\Skype\Phone\Skype.exe) took 6115 ms
27 Jun 2015 10:09:30 [1748] - Scanning File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\102.js.vir
27 Jun 2015 10:09:30 [15f8] - Scanning File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\180.js.vir
27 Jun 2015 10:09:30 [1540] - Scanning File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\104.js.vir
27 Jun 2015 10:09:30 [1468] - Scanning File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\184.js.vir
27 Jun 2015 10:09:30 [15f8] - File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\180.js.vir infected by "Adware.JS.Crossrider.B (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 10:09:30 [1540] - File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\104.js.vir infected by "Adware.JS.Agent.AN (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 10:09:30 [1748] - File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\102.js.vir infected by "Adware.JS.Agent.AN (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 10:09:30 [1468] - File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\184.js.vir infected by "Adware.JS.Agent.AM (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 10:09:30 [1540] - Scanning File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\242.js.vir
27 Jun 2015 10:09:30 [1540] - File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\242.js.vir infected by "Adware.JS.Agent.AM (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 10:09:30 [1748] - Scanning File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\223.js.vir
27 Jun 2015 10:09:30 [1748] - File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\223.js.vir infected by "Adware.JS.Agent.AN (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 10:09:30 [1468] - Scanning File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\262.js.vir
27 Jun 2015 10:09:30 [1468] - File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\262.js.vir infected by "Adware.JS.Crossrider.B (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 10:09:30 [1748] - Scanning File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\273.js.vir
27 Jun 2015 10:09:30 [1748] - File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\273.js.vir infected by "Adware.JS.Agent.AN (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 10:09:31 [1540] - Scanning File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\263.js.vir
27 Jun 2015 10:09:31 [1468] - Scanning File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\301.js.vir
27 Jun 2015 10:09:31 [1540] - File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\263.js.vir infected by "Adware.JS.Agent.AN (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 10:09:31 [1468] - File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\301.js.vir infected by "Adware.JS.Agent.AM (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 10:09:31 [1748] - Scanning File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\93.js.vir
27 Jun 2015 10:09:31 [1748] - File C:\Qoobox\Quarantine\C\Users\Don\AppData\Local\Torch\User Data\Default\Extensions\jpkcdolaggmoijdgaglfamlafleibeie\1.26.30_0\extensionData\plugins\93.js.vir infected by "Adware.JS.Agent.AM (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 10:09:31 [11ec] - Scanning File C:\Qoobox\Quarantine\C\Program Files\74f41bbe-a969-4bd2-86a7-0ec7d4920547\d2b2db34-8e54-4c03-a5d0-af5732384e2b.dll.vir
27 Jun 2015 10:09:31 [1568] - Scanning File C:\Qoobox\Quarantine\C\Program Files\74f41bbe-a969-4bd2-86a7-0ec7d4920547\9f0ae498-6eb5-40da-9eec-2438de2daab1.dll.vir
27 Jun 2015 10:09:31 [11ec] - File C:\Qoobox\Quarantine\C\Program Files\74f41bbe-a969-4bd2-86a7-0ec7d4920547\d2b2db34-8e54-4c03-a5d0-af5732384e2b.dll.vir infected by "Gen:Variant.Adware.Crossrider.2 (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 10:09:31 [1568] - File C:\Qoobox\Quarantine\C\Program Files\74f41bbe-a969-4bd2-86a7-0ec7d4920547\9f0ae498-6eb5-40da-9eec-2438de2daab1.dll.vir infected by "Gen:Variant.Adware.Crossrider.2 (DB)" Virus! Action Taken: File Renamed.
 
27 Jun 2015 10:09:32 [1468] - Scanning File C:\System Volume Information\{4d2f1954-1859-11e5-82f8-6c626dcdf508}{3808876b-c176-4e48-b7ae-04046e6cc752}
27 Jun 2015 10:09:32 [1748] - Scanning File C:\System Volume Information\{7c22136f-1a7f-11e5-a33f-6c626dcdf508}{3808876b-c176-4e48-b7ae-04046e6cc752}
27 Jun 2015 10:09:32 [15f8] - Scanning File C:\System Volume Information\{7c221569-1a7f-11e5-a33f-6c626dcdf508}{3808876b-c176-4e48-b7ae-04046e6cc752}
27 Jun 2015 10:09:32 [11ec] - Scanning File C:\System Volume Information\{8ce1990e-179c-11e5-91f2-6c626dcdf508}{3808876b-c176-4e48-b7ae-04046e6cc752}
27 Jun 2015 10:09:32 [1568] - Scanning File C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
27 Jun 2015 10:09:32 [1468] - Scanning File C:\System Volume Information\{bed60922-1762-11e5-b946-6c626dcdf508}{3808876b-c176-4e48-b7ae-04046e6cc752}
27 Jun 2015 10:09:49 [1540] - ScanFile (C:\temp\hdaudiofunc_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1002\Packages\Drivers\Display\W7_INF\B173534\atioglxx.dl_) took 7441 ms
27 Jun 2015 10:09:55 [1568] - ScanFile (C:\temp\hdaudiofunc_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1002\Packages\Drivers\Display\WB6A_INF\B166979\atioglxx.dl_) took 5444 ms
27 Jun 2015 10:09:56 [1540] - ScanFile (C:\temp\hdaudiofunc_01&ven_1002&dev_aa01&subsys_00aa0100&rev_1002\Packages\Drivers\Display\WB6A_INF\B166979\atio6axx.dl_) took 7441 ms
27 Jun 2015 10:10:03 [15f8] - ScanFile (C:\temp\hdaudiofunc_01&ven_1002&dev_aa01&subsys_00aa0100


#4 dwhit24311

dwhit24311
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 27 June 2015 - 10:58 AM

Zemana AntiMalware 2.16.1.198 (Installed)
 
-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2015/6/27
Operating System       : Windows 7 32-bit
Processor              : 3X AMD Phenom™ II X3 700e Processor
BIOS Mode              : Legacy
CUID                   : 00F3E440C2365C4C4F5199
Scan Type              : Scheduled Scan
Duration               : 33m 24s
Scanned Objects        : 102598
Detected Objects       : 23
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : Yes
Include All Extensions : No
Scan Documents         : Yes
Domain Info            : WORKGROUP,1,2
Detected Objects
-------------------------------------------------------
 
Internet Settings (System)
Status             : Scanned
Object             : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Setting
Cleaning Action    : Delete
Traces             :
                Registry Entry - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings = 460000001A0D000001000000000000000B0000003C2D6C6F6F706261636B3E00000000000000000000000000000000000000000000000000000000000000000100000002000000C0A8000F000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
 
Internet Settings (System)
Status             : Scanned
Object             : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Setting
Cleaning Action    : Delete
Traces             :
                Registry Entry - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings = 460000005400000001000000000000000B0000003C2D6C6F6F706261636B3E00000000000000000000000000000000000000000000000000000000000000000100000002000000C0A8000F000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
 
DO_NOT_TRUST_FiddlerRoot
Status             : Scanned
Object             : HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\B7718AD6E35E36427645E7DB460FF1B4387FFA51\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Traces             :
                Registry Entry - HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\B7718AD6E35E36427645E7DB460FF1B4387FFA51\Blob = 190000000100000010000000E0DB35A6700016310D73CC1CAD3B51350F0000000100000020000000695DA3D78B74ACEEB2E6999812FC955FABFF4B42693C2F57F14629045E5AC2C0030000000100000014000000B7718AD6E35E36427645E7DB460FF1B4387FFA5114000000010000001400000001151EEE6397817C0DABC0C36B174B85220ED8082000000001000000910300003082038D308202F6A0030201020210903B3E7C9E4A959041FE9750854659DA300D06092A864886F70D01010B050030818B312B3029060355040B13224372656174656420627920687474703A2F2F7777772E666964646C6572322E636F6D3121301F060355040A1E180044004F005F004E004F0054005F005400520055005300543139303706035504031E300044004F005F004E004F0054005F00540052005500530054005F0046006900640064006C006500720052006F006F0074301E170D3134313230363233323830315A170D3235313230363233323830305A30818B312B3029060355040B13224372656174656420627920687474703A2F2F7777772E666964646C6572322E636F6D3121301F060355040A1E180044004F005F004E004F0054005F005400520055005300543139303706035504031E300044004F005F004E004F0054005F00540052005500530054005F0046006900640064006C006500720052006F006F007430819F300D06092A864886F70D010101050003818D0030818902818100DCCAE6FA7A2B30064F53F6B03C43DF6801C7F22B93DCDFD98B06E296BB8CCDBA5FAD8E7B49C2665AA9CDE52F3B274C2E7E7F01A893992B88E398A5851A387034E877CF2D0196520FB34994C1A365CCEBC377DDCDCDF821A40F7FB0628BCFB732116912D701E79FFC016E05608B1E838574053EA4EFD1588C699351B44D9B94EF0203010001A381EF3081EC30120603551D130101FF040830060101FF02010130130603551D25040C300A06082B060105050703013081C00603551D010481B83081B58010BD4AA862520D715C3C51460A5F6B475DA1818E30818B312B3029060355040B1ة踷p澤uةðDO_NOT_TRUST_FiddlerRoot
Status             : Scanned
Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\6226CD079984ACD7198B59FDC184E1EE456A686E\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Traces             :
                Registry Entry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\6226CD079984ACD7198B59FDC184E1EE456A686E\Blob = 190000000100000010000000E0DB35A6700016310D73CC1CAD3B51350F0000000100000014000000746DDABAB648F7C3A6CDFD7FAD8AE9A383F5208E0300000001000000140000006226CD079984ACD7198B59FDC184E1EE456A686E14000000010000001400000001151EEE6397817C0DABC0C36B174B85220ED80820000000010000008903000030820385308202F2A0030201020210EAB0E8A40E80138D48987F46EC1C099E300906052B0E03021D050030818B312B3029060355040B13224372656174656420627920687474703A2F2F7777772E666964646C6572322E636F6D3121301F060355040A1E180044004F005F004E004F0054005F005400520055005300543139303706035504031E300044004F005F004E004F0054005F00540052005500530054005F0046006900640064006C006500720052006F006F0074301E170D3133303930323135313835365A170D3234303930323135313835355A30818B312B3029060355040B13224372656174656420627920687474703A2F2F7777772E666964646C6572322E636F6D3121301F060355040A1E180044004F005F004E004F0054005F005400520055005300543139303706035504031E300044004F005F004E004F0054005F00540052005500530054005F0046006900640064006C006500720052006F006F007430819F300D06092A864886F70D010101050003818D0030818902818100DCCAE6FA7A2B30064F53F6B03C43DF6801C7F22B93DCDFD98B06E296BB8CCDBA5FAD8E7B49C2665AA9CDE52F3B274C2E7E7F01A893992B88E398A5851A387034E877CF2D0196520FB34994C1A365CCEBC377DDCDCDF821A40F7FB0628BCFB732116912D701E79FFC016E05608B1E838574053EA4EFD1588C699351B44D9B94EF0203010001A381EF3081EC30120603551D130101FF040830060101FF02010130130603551D25040C300A06082B060105050703013081C00603551D010481B83081B58010BD4AA862520D715C3C51460A5F6B475DA1818E30818B312B3029060355040B132243726561746564206279206874747ة踷p澤uةðwpc_demo.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\wpc_demo.exe
MD5                : 1E3A38FF804B504C88FC6F205C1BF5D5
Publisher          : -
Size               : 980373
Version            : 3.0.5.0
Detection          : Malware:Win32/Generic!Emka
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\wpc_demo.exe
 
spybot search amp destroy setup.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\spybot search amp destroy setup.exe
MD5                : C5297B506CC947C4C18077F28B2E2888
Publisher          : I.T.N.T. SRL
Size               : 850688
Version            : 1.0.4817.64360
Detection          : Adware:Win32/Quarand!Rrrt
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\spybot search amp destroy setup.exe
 
vlcmediaplayer-setup.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\vlcmediaplayer-setup.exe
MD5                : 555F67841B9156C1732501D02DCB2D80
Publisher          : Download Admin
Size               : 210944
Version            : 2.5.0.1
Detection          : Win32/Adware.Downloader!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\vlcmediaplayer-setup.exe
 
SmitfraudFix_v2.423.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\smitfraudfix_v2.423.exe
MD5                : 13B1EC5EA6B9CFD157C7D7B6FE747B6F
Publisher          : -
Size               : 1885088
Version            : -
Detection          : PUA:Win32/Generic!Rall
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\smitfraudfix_v2.423.exe
 
restart.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\smitfraudfix\restart.exe
MD5                : 31BE79D660FC1DA409F1C48A46CBD57B
Publisher          : -
Size               : 16384
Version            : 1.0.0.0
Detection          : Malware:Win32/Nicors!Tela
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\smitfraudfix\restart.exe
 
SoftonicDownloader_for_wintoflash.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\softonicdownloader_for_wintoflash.exe
MD5                : B37BC279B4112DBC57D9CF5F5C3D44D0
Publisher          : Softonic International
Size               : 352944
Version            : 1.32.4.0
Detection          : Adware:Win32/SoftonicBundle!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\softonicdownloader_for_wintoflash.exe
 
sardu_x64.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\sardu_2.0.2c\sardu_x64.exe
MD5                : A101581F623E2953CF8F8440A5B461EB
Publisher          : -
Size               : 1165051
Version            : 3.3.6.1
Detection          : Malware:Win64/Blackoat.A!Aacr
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\sardu_2.0.2c\sardu_x64.exe
 
workgrpdomnt4.dll
Status             : Scanned
Object             : %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\workgrpdomnt4.dll
MD5                : C61C351AAD7157294C075F0A1CD1CC94
Publisher          : uvnc bvba
Size               : 143288
Version            : 1.0.90.0
Detection          : Malware:Win32/Quarand!Rkcr
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\workgrpdomnt4.dll
 
winvnc.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\winvnc.exe
MD5                : 50676F61C6A44A3B25FB29A18A7CBA95
Publisher          : uvnc bvba
Size               : 1590216
Version            : 1.0.8.2
Detection          : Malware:Win32/Quarand!Rkcr
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\winvnc.exe
 
logging.dll
Status             : Scanned
Object             : %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\logging.dll
MD5                : 1A40275CBA63F7BEC4E802D4E55843C3
Publisher          : uvnc bvba
Size               : 158648
Version            : 1.0.90.0
Detection          : Malware:Win32/Quarand!Rkcr
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\logging.dll
 
ldapauth.dll
Status             : Scanned
Object             : %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\ldapauth.dll
MD5                : EE595DC770F89021218436E1C3BF430F
Publisher          : uvnc bvba
Size               : 174008
Version            : 1.0.90.0
Detection          : Malware:Win32/Quarand!Rkcr
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\ldapauth.dll
 
authadmin.dll
Status             : Scanned
Object             : %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\authadmin.dll
MD5                : D82287D5B59440AEBBF9CC94B3FF6483
Publisher          : uvnc bvba
Size               : 118712
Version            : 1.0.90.0
Detection          : Malware:Win32/Quarand!Rkcr
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\authadmin.dll
 
smsniff.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\liberkey\apps\smartsniff\app\smartsniff\x86\smsniff.exe
MD5                : CFA70B9F4E26B40355F3AC067C33ED8B
Publisher          : -
Size               : 69632
Version            : 1.7.8.165
Detection          : Adware:Win32/Qardaq.A!Eatt
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\liberkey\apps\smartsniff\app\smartsniff\x86\smsniff.exe
 
MUICacheView.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\liberkey\apps\muicacheview\app\muicacheview\muicacheview.exe
MD5                : E999C811B919C420D5657A484CECDD61
Publisher          : -
Size               : 30208
Version            : 1.0.1.0
Detection          : Malware:Win32/Multi.Generic!Tlet
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\liberkey\apps\muicacheview\app\muicacheview\muicacheview.exe
 
DShutdown.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\liberkey\apps\dshutdown\app\dshutdown\dshutdown.exe
MD5                : 86C07C75834FDB0227CD8893BD2393CE
Publisher          : -
Size               : 151040
Version            : 2.0.0.0
Detection          : Adware:Win32/Generic!Ctrr
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\liberkey\apps\dshutdown\app\dshutdown\dshutdown.exe
 
FreeStudioManager.exe
Status             : Scanned
Object             : %commonprogramfiles%\dvdvideosoft\freestudiomanager.exe
MD5                : F9655A777BCD29BE7DFBFE4EB667A621
Publisher          : DVDVideoSoft Ltd.
Size               : 6426192
Version            : 5.6.2.627
Detection          : Malware:Win32/Zelion!Kmae
Cleaning Action    : Quarantine
Traces             :
                File - %commonprogramfiles%\dvdvideosoft\freestudiomanager.exe
                Reference - C:\Users\Don\Desktop\Downloads\DVDVideoSoft Free Studio.lnk
 
hfs.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\liberkey\apps\hfs\app\hfs\hfs.exe
MD5                : AACAB6E6DA2184EF298084C22309ABCB
Publisher          : -
Size               : 2375168
Version            : -
Detection          : Adware:Win32/Fooster.A!Eeme
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\liberkey\apps\hfs\app\hfs\hfs.exe
 
Translation Tool.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\fab's auto backup 4.0.0.192 tech\translation tool.exe
MD5                : DAF3A26015F091EA2CFA1CCE09431EC2
Publisher          : -
Size               : 615424
Version            : 2.0.0.107
Detection          : Malware:Win32/Generic!Ttaa
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\fab's auto backup 4.0.0.192 tech\translation tool.exe
 
cnet2_CBEFreewaresetup_exe.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\cnet2_cbefreewaresetup_exe.exe
MD5                : 73B878F943DC52A3E2C30293AC03AF58
Publisher          : CBS Interactive
Size               : 463080
Version            : 0.0.2.108
Detection          : Adware:Win32/InstallCore.Variant!Sig
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\cnet2_cbefreewaresetup_exe.exe
 
Cleaning Result
-------------------------------------------------------
Cleaned               : 23
Reported as safe      : 0
Failed                : 0
Zemana AntiMalware 2.16.1.198 (Installed)
 
-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2015/6/27
Operating System       : Windows 7 32-bit
Processor              : 3X AMD Phenom™ II X3 700e Processor
BIOS Mode              : Legacy
CUID                   : 00F3E440C2365C4C4F5199
Scan Type              : Scheduled Scan
Duration               : 33m 24s
Scanned Objects        : 102598
Detected Objects       : 23
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : Yes
Include All Extensions : No
Scan Documents         : Yes
Domain Info            : WORKGROUP,1,2
Detected Objects
-------------------------------------------------------
 
Internet Settings (System)
Status             : Scanned
Object             : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Setting
Cleaning Action    : Delete
Traces             :
                Registry Entry - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings = 460000001A0D000001000000000000000B0000003C2D6C6F6F706261636B3E00000000000000000000000000000000000000000000000000000000000000000100000002000000C0A8000F000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
 
Internet Settings (System)
Status             : Scanned
Object             : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Setting
Cleaning Action    : Delete
Traces             :
                Registry Entry - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings = 460000005400000001000000000000000B0000003C2D6C6F6F706261636B3E00000000000000000000000000000000000000000000000000000000000000000100000002000000C0A8000F000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
 
DO_NOT_TRUST_FiddlerRoot
Status             : Scanned
Object             : HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\B7718AD6E35E36427645E7DB460FF1B4387FFA51\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Traces             :
                Registry Entry - HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\B7718AD6E35E36427645E7DB460FF1B4387FFA51\Blob = 190000000100000010000000E0DB35A6700016310D73CC1CAD3B51350F0000000100000020000000695DA3D78B74ACEEB2E6999812FC955FABFF4B42693C2F57F14629045E5AC2C0030000000100000014000000B7718AD6E35E36427645E7DB460FF1B4387FFA5114000000010000001400000001151EEE6397817C0DABC0C36B174B85220ED8082000000001000000910300003082038D308202F6A0030201020210903B3E7C9E4A959041FE9750854659DA300D06092A864886F70D01010B050030818B312B3029060355040B13224372656174656420627920687474703A2F2F7777772E666964646C6572322E636F6D3121301F060355040A1E180044004F005F004E004F0054005F005400520055005300543139303706035504031E300044004F005F004E004F0054005F00540052005500530054005F0046006900640064006C006500720052006F006F0074301E170D3134313230363233323830315A170D3235313230363233323830305A30818B312B3029060355040B13224372656174656420627920687474703A2F2F7777772E666964646C6572322E636F6D3121301F060355040A1E180044004F005F004E004F0054005F005400520055005300543139303706035504031E300044004F005F004E004F0054005F00540052005500530054005F0046006900640064006C006500720052006F006F007430819F300D06092A864886F70D010101050003818D0030818902818100DCCAE6FA7A2B30064F53F6B03C43DF6801C7F22B93DCDFD98B06E296BB8CCDBA5FAD8E7B49C2665AA9CDE52F3B274C2E7E7F01A893992B88E398A5851A387034E877CF2D0196520FB34994C1A365CCEBC377DDCDCDF821A40F7FB0628BCFB732116912D701E79FFC016E05608B1E838574053EA4EFD1588C699351B44D9B94EF0203010001A381EF3081EC30120603551D130101FF040830060101FF02010130130603551D25040C300A06082B060105050703013081C00603551D010481B83081B58010BD4AA862520D715C3C51460A5F6B475DA1818E30818B312B3029060355040B1ة踷p澤uةðDO_NOT_TRUST_FiddlerRoot
Status             : Scanned
Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\6226CD079984ACD7198B59FDC184E1EE456A686E\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Traces             :
                Registry Entry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\6226CD079984ACD7198B59FDC184E1EE456A686E\Blob = 190000000100000010000000E0DB35A6700016310D73CC1CAD3B51350F0000000100000014000000746DDABAB648F7C3A6CDFD7FAD8AE9A383F5208E0300000001000000140000006226CD079984ACD7198B59FDC184E1EE456A686E14000000010000001400000001151EEE6397817C0DABC0C36B174B85220ED80820000000010000008903000030820385308202F2A0030201020210EAB0E8A40E80138D48987F46EC1C099E300906052B0E03021D050030818B312B3029060355040B13224372656174656420627920687474703A2F2F7777772E666964646C6572322E636F6D3121301F060355040A1E180044004F005F004E004F0054005F005400520055005300543139303706035504031E300044004F005F004E004F0054005F00540052005500530054005F0046006900640064006C006500720052006F006F0074301E170D3133303930323135313835365A170D3234303930323135313835355A30818B312B3029060355040B13224372656174656420627920687474703A2F2F7777772E666964646C6572322E636F6D3121301F060355040A1E180044004F005F004E004F0054005F005400520055005300543139303706035504031E300044004F005F004E004F0054005F00540052005500530054005F0046006900640064006C006500720052006F006F007430819F300D06092A864886F70D010101050003818D0030818902818100DCCAE6FA7A2B30064F53F6B03C43DF6801C7F22B93DCDFD98B06E296BB8CCDBA5FAD8E7B49C2665AA9CDE52F3B274C2E7E7F01A893992B88E398A5851A387034E877CF2D0196520FB34994C1A365CCEBC377DDCDCDF821A40F7FB0628BCFB732116912D701E79FFC016E05608B1E838574053EA4EFD1588C699351B44D9B94EF0203010001A381EF3081EC30120603551D130101FF040830060101FF02010130130603551D25040C300A06082B060105050703013081C00603551D010481B83081B58010BD4AA862520D715C3C51460A5F6B475DA1818E30818B312B3029060355040B132243726561746564206279206874747ة踷p澤uةðwpc_demo.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\wpc_demo.exe
MD5                : 1E3A38FF804B504C88FC6F205C1BF5D5
Publisher          : -
Size               : 980373
Version            : 3.0.5.0
Detection          : Malware:Win32/Generic!Emka
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\wpc_demo.exe
 
spybot search amp destroy setup.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\spybot search amp destroy setup.exe
MD5                : C5297B506CC947C4C18077F28B2E2888
Publisher          : I.T.N.T. SRL
Size               : 850688
Version            : 1.0.4817.64360
Detection          : Adware:Win32/Quarand!Rrrt
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\spybot search amp destroy setup.exe
 
vlcmediaplayer-setup.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\vlcmediaplayer-setup.exe
MD5                : 555F67841B9156C1732501D02DCB2D80
Publisher          : Download Admin
Size               : 210944
Version            : 2.5.0.1
Detection          : Win32/Adware.Downloader!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\vlcmediaplayer-setup.exe
 
SmitfraudFix_v2.423.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\smitfraudfix_v2.423.exe
MD5                : 13B1EC5EA6B9CFD157C7D7B6FE747B6F
Publisher          : -
Size               : 1885088
Version            : -
Detection          : PUA:Win32/Generic!Rall
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\smitfraudfix_v2.423.exe
 
restart.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\smitfraudfix\restart.exe
MD5                : 31BE79D660FC1DA409F1C48A46CBD57B
Publisher          : -
Size               : 16384
Version            : 1.0.0.0
Detection          : Malware:Win32/Nicors!Tela
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\smitfraudfix\restart.exe
 
SoftonicDownloader_for_wintoflash.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\softonicdownloader_for_wintoflash.exe
MD5                : B37BC279B4112DBC57D9CF5F5C3D44D0
Publisher          : Softonic International
Size               : 352944
Version            : 1.32.4.0
Detection          : Adware:Win32/SoftonicBundle!Ep
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\softonicdownloader_for_wintoflash.exe
 
sardu_x64.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\sardu_2.0.2c\sardu_x64.exe
MD5                : A101581F623E2953CF8F8440A5B461EB
Publisher          : -
Size               : 1165051
Version            : 3.3.6.1
Detection          : Malware:Win64/Blackoat.A!Aacr
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\sardu_2.0.2c\sardu_x64.exe
 
workgrpdomnt4.dll
Status             : Scanned
Object             : %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\workgrpdomnt4.dll
MD5                : C61C351AAD7157294C075F0A1CD1CC94
Publisher          : uvnc bvba
Size               : 143288
Version            : 1.0.90.0
Detection          : Malware:Win32/Quarand!Rkcr
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\workgrpdomnt4.dll
 
winvnc.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\winvnc.exe
MD5                : 50676F61C6A44A3B25FB29A18A7CBA95
Publisher          : uvnc bvba
Size               : 1590216
Version            : 1.0.8.2
Detection          : Malware:Win32/Quarand!Rkcr
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\winvnc.exe
 
logging.dll
Status             : Scanned
Object             : %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\logging.dll
MD5                : 1A40275CBA63F7BEC4E802D4E55843C3
Publisher          : uvnc bvba
Size               : 158648
Version            : 1.0.90.0
Detection          : Malware:Win32/Quarand!Rkcr
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\logging.dll
 
ldapauth.dll
Status             : Scanned
Object             : %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\ldapauth.dll
MD5                : EE595DC770F89021218436E1C3BF430F
Publisher          : uvnc bvba
Size               : 174008
Version            : 1.0.90.0
Detection          : Malware:Win32/Quarand!Rkcr
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\ldapauth.dll
 
authadmin.dll
Status             : Scanned
Object             : %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\authadmin.dll
MD5                : D82287D5B59440AEBBF9CC94B3FF6483
Publisher          : uvnc bvba
Size               : 118712
Version            : 1.0.90.0
Detection          : Malware:Win32/Quarand!Rkcr
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\liberkey\apps\ultravncserver\app\ultravncserver\authadmin.dll
 
smsniff.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\liberkey\apps\smartsniff\app\smartsniff\x86\smsniff.exe
MD5                : CFA70B9F4E26B40355F3AC067C33ED8B
Publisher          : -
Size               : 69632
Version            : 1.7.8.165
Detection          : Adware:Win32/Qardaq.A!Eatt
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\liberkey\apps\smartsniff\app\smartsniff\x86\smsniff.exe
 
MUICacheView.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\liberkey\apps\muicacheview\app\muicacheview\muicacheview.exe
MD5                : E999C811B919C420D5657A484CECDD61
Publisher          : -
Size               : 30208
Version            : 1.0.1.0
Detection          : Malware:Win32/Multi.Generic!Tlet
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\liberkey\apps\muicacheview\app\muicacheview\muicacheview.exe
 
DShutdown.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\liberkey\apps\dshutdown\app\dshutdown\dshutdown.exe
MD5                : 86C07C75834FDB0227CD8893BD2393CE
Publisher          : -
Size               : 151040
Version            : 2.0.0.0
Detection          : Adware:Win32/Generic!Ctrr
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\liberkey\apps\dshutdown\app\dshutdown\dshutdown.exe
 
FreeStudioManager.exe
Status             : Scanned
Object             : %commonprogramfiles%\dvdvideosoft\freestudiomanager.exe
MD5                : F9655A777BCD29BE7DFBFE4EB667A621
Publisher          : DVDVideoSoft Ltd.
Size               : 6426192
Version            : 5.6.2.627
Detection          : Malware:Win32/Zelion!Kmae
Cleaning Action    : Quarantine
Traces             :
                File - %commonprogramfiles%\dvdvideosoft\freestudiomanager.exe
                Reference - C:\Users\Don\Desktop\Downloads\DVDVideoSoft Free Studio.lnk
 
hfs.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\liberkey\apps\hfs\app\hfs\hfs.exe
MD5                : AACAB6E6DA2184EF298084C22309ABCB
Publisher          : -
Size               : 2375168
Version            : -
Detection          : Adware:Win32/Fooster.A!Eeme
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\liberkey\apps\hfs\app\hfs\hfs.exe
 
Translation Tool.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\fab's auto backup 4.0.0.192 tech\translation tool.exe
MD5                : DAF3A26015F091EA2CFA1CCE09431EC2
Publisher          : -
Size               : 615424
Version            : 2.0.0.107
Detection          : Malware:Win32/Generic!Ttaa
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\fab's auto backup 4.0.0.192 tech\translation tool.exe
 
cnet2_CBEFreewaresetup_exe.exe
Status             : Scanned
Object             : %userprofile%\desktop\downloads\cnet2_cbefreewaresetup_exe.exe
MD5                : 73B878F943DC52A3E2C30293AC03AF58
Publisher          : CBS Interactive
Size               : 463080
Version            : 0.0.2.108
Detection          : Adware:Win32/InstallCore.Variant!Sig
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\desktop\downloads\cnet2_cbefreewaresetup_exe.exe
 
Cleaning Result
-------------------------------------------------------
Cleaned               : 23
Reported as safe      : 0
Failed                : 0
 


#5 dwhit24311

dwhit24311
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 27 June 2015 - 11:23 AM

Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.1.9 (06.27.2015:2)
OS: Windows 7 Ultimate x86
Ran by Don on Sat 06/27/2015 at 12:16:40.13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Clients\StartMenuInternet\Torch
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\ai_recyclebin
Successfully deleted: [Folder] C:\Users\Don\local settings\application data\cre
Successfully deleted: [Folder] C:\Users\Don\local settings\application data\slimware utilities inc
Successfully deleted: [Folder] C:\users\public\documents\downloaded installers
Successfully deleted: [Folder] C:\Windows\System32\ai_recyclebin
 
 
 
~~~ Chrome
 
 
[C:\Users\Don\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Don\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
didlppefmhmoiaeemeffjchbieeghlan
 
[C:\Users\Don\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Don\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  didlppefmhmoiaeemeffjchbieeghlan
]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 06/27/2015 at 12:20:31.20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:41 PM

Posted 27 June 2015 - 07:44 PM

Adware Removal Tool.
 
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

Source: http://www.techsupportall.com/adware-removal-tool/

LOr0Gd7.png

Hit Ok.

sYFsqHx.png

Hit next make sure to leave all items checked, for removal.

8NcZjGc.png


The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete,  then OK again to finish up. Post log generated by tool.

 

Step 2: ZHP Cleaner.

 

Download and save ZHP Cleaner to your desktop.

http://www.nicolascoolman.fr/download/zhpcleaner-2/

Right Click and run as administrator.

Click on the Repair button.

At the end of the process you will be asked to reboot your machine.

After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 

Step 3: Security Check.

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document

 

 

 

Step 4: Minitoolbox.

 

Please download [b]MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

Eset Scan

http://www.eset.com/us/online-scanner/
 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

 
 
 esetonlinebtn.png
 

  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.


#7 dwhit24311

dwhit24311
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 28 June 2015 - 07:13 AM

 AdwCleaner v4.207 - Logfile created 27/06/2015 at 12:26:10
# Updated 21/06/2015 by Xplode
# Database : 2015-06-23.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x86)
# Username : Don - DON-PC
# Running from : C:\Users\Don\Downloads\adwcleaner_4.207.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Vittalia
Key Deleted : HKLM\SOFTWARE\W3I
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - 
Data Deleted : HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings [ProxySettingsPerUser] - 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Mozilla Firefox v
 
 
-\\ Google Chrome v43.0.2357.130
 
[C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://us.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_vit_15_24&param1=1&param2=f%3D4%26b%3DChrome%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyC0CyCtByC0D0C0D0FyDtDzz0F0B0FtAtN0D0Tzu0StCtByCtDtN1L2XzutAtFtCtDtFtCtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StByD0CtB0FzztDyDtGtD0EtByDtGzyyByByCtGtCtAyCyBtGtBtA0D0AtDyCyDzzzy0FyEyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0A0FzytA0DyE0DtG0AtC0DzytGyEyC0C0AtG0A0E0BtCtGzyyCtDzzyBtByE0CtAzz0B0E2QtN0A0LzutBtN1B2Z1V1T1S1NzuyBzyyD%26cr%3D840224430%26a%3Dwncy_vit_15_24%26os%3DWindows 7 Ultimate&p={searchTerms}
[C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : hxxp://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_vit_15_24&param1=1&param2=f%3D1%26b%3DChrome%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyC0CyCtByC0D0C0D0FyDtDzz0F0B0FtAtN0D0Tzu0StCtByCtDtN1L2XzutAtFtCtDtFtCtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StByD0CtB0FzztDyDtGtD0EtByDtGzyyByByCtGtCtAyCyBtGtBtA0D0AtDyCyDzzzy0FyEyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0A0FzytA0DyE0DtG0AtC0DzytGyEyC0C0AtG0A0E0BtCtGzyyCtDzzyBtByE0CtAzz0B0E2QtN0A0LzutBtN1B2Z1V1T1S1NzuyBzyyD%26cr%3D840224430%26a%3Dwncy_vit_15_24%26os%3DWindows 7 Ultimate
 
*************************
 
AdwCleaner[R0].txt - [15656 bytes] - [11/04/2015 11:45:05]
AdwCleaner[R1].txt - [369 bytes] - [11/04/2015 19:31:54]
AdwCleaner[R2].txt - [2374 bytes] - [30/05/2015 11:52:17]
AdwCleaner[R3].txt - [2964 bytes] - [27/06/2015 12:24:29]
AdwCleaner[S0].txt - [15596 bytes] - [11/04/2015 11:47:57]
AdwCleaner[S1].txt - [2470 bytes] - [30/05/2015 11:56:27]
AdwCleaner[S2].txt - [2905 bytes] - [27/06/2015 12:26:10]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2964  bytes] ##########


#8 dwhit24311

dwhit24311
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 28 June 2015 - 07:33 AM

 ZHPCleaner v2015.6.27.283 by Nicolas Coolman (2015\06\27)
~ Run by Don (Administrator)  (28/06/2015 08:30:31)
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Don\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Don\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 32-bit Service Pack 1 (Build 7601)
 
 
---\\  Services (0)
~ No malicious items found.
 
 
---\\  Browser internet (0)
~ No malicious items found.
 
 
---\\  Hosts file (1)
~ The hosts file is legitimate (1)
 
 
---\\  Scheduled automatic tasks. (0)
~ No malicious items found.
 
 
---\\  Explorer ( File, Folder) (9)
MOVED file: C:\Users\Don\Desktop\VideoPerformer.url   (PUP.VideoPerformer)
MOVED file: C:\Users\Don\Downloads\wzro18.exe [WinZip International LLC - Registry Optimizer] (Crapware.WinZipRegistry)
MOVED folder: C:\Program Files\74f41bbe-a969-4bd2-86a7-0ec7d4920547 (Adware.CrossRider)
MOVED folder: C:\ProgramData\Microsoft Toolkit (HackTool.AutoKMS)
MOVED folder: C:\Users\Don\AppData\Roaming\com.w3i.FlipToast (Adware.Agent)
MOVED folder: C:\Users\Don\AppData\Roaming\Marine Aquarium Lite (PUP.MindSpark)
MOVED folder: C:\Users\Don\AppData\Roaming\WhiteSmoke (PUP.WhiteSmoke)
MOVED folder: C:\Users\Don\Music\BearShare (PUP.BearShare)
MOVED folder: C:\Users\Don\AppData\Local\HQ-Video-Pro-2.1cV04.12-BrowserExtensionUninstall (Adware.CrossRider)
 
 
---\\  Registry ( Key, Value, Data) (20)
DELETED key*: HKEY_USERS\S-1-5-21-3748365030-1657524865-1914025039-1000\Software\BearShare [] (PUP.BearShare)
DELETED key*: HKEY_USERS\S-1-5-21-3748365030-1657524865-1914025039-1000\Software\SearchProtectP [] (PUP.SearchProtect)
DELETED key*: HKEY_USERS\S-1-5-21-3748365030-1657524865-1914025039-1000\Software\WhiteSmoke [] (PUP.WhiteSmoke)
DELETED key*: HKEY_USERS\S-1-5-21-3748365030-1657524865-1914025039-1000\Software\Classes\Torch.torrent [] (PUP.Torch)
DELETED key: HKCU\Software\BearShare [] (PUP.BearShare)
DELETED key: HKCU\Software\SearchProtectP [] (PUP.SearchProtect)
DELETED key: HKCU\Software\WhiteSmoke [] (PUP.WhiteSmoke)
DELETED key*: HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] (Toolbar.Ask)
DELETED key*: HKLM\SOFTWARE\Classes\BearShare [] (PUP.BearShare)
DELETED key*: HKLM\SOFTWARE\Classes\Torch.torrent [] (PUP.Torch)
DELETED key*: HKLM\SOFTWARE\Classes\CLSID\[:] [IspAssistant-Mp3Tube] (Adware.Mp3Tube)
DELETED key*: HKLM\SOFTWARE\Classes\Applications\BearShareSetup-r1239-w-bc.exe [] (PUP.BearShare)
DELETED key*: HKLM\SOFTWARE\Classes\Applications\HiDefMedia.exe [] (PUP.HiDefMedia)
DELETED key*: HKLM\SOFTWARE\Classes\Applications\iLividSetup-r420-n-bc (1).exe [] (Adware.Bandoo)
DELETED key*: HKLM\SOFTWARE\Classes\Applications\iLividSetup-r420-n-bc.exe [] (Adware.Bandoo)
DELETED key*: HKLM\SOFTWARE\Classes\Applications\TorchSetup.exe [] (PUP.Torch)
DELETED key*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WebCakeUpdaterService [] (Adware.WebCake)
DELETED key*: HKLM\SOFTWARE\HiDefMedia [] (PUP.HiDefMedia)
DELETED key*: HKLM\SOFTWARE\WhiteSmoke [] (PUP.WhiteSmoke)
DELETED key*: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F03D5010-611C-4764-A69E-0A019F8400CB} [C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar (Not File)] (PUP.Datamngr)
 
 
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
 
 
---\\ Statistics
~ Items scanned : 678
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 29
 
 
End of clean at 08:31:07
===================
ZHPCleaner-[R]-28062015-08_31_07.txt
ZHPCleaner-[S]-28062015-08_30_09.txt


#9 dwhit24311

dwhit24311
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 28 June 2015 - 07:39 AM

 Results of screen317's Security Check version 1.004  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Disabled!  
Microsoft Security Essentials Prerelease   
  (On Access scanning disabled!) 
 Error obtaining update status for antivirus!  
`````````Anti-malware/Other Utilities Check:````````` 
 Zemana AntiMalware    
 CCleaner     
 Java 7 Update 75  
 Java 8 Update 31  
 Java SE Development Kit 7 Update 75 
 Java version 32-bit out of Date! 
  Adobe Flash Player 17.0.0.190 Flash Player out of Date!  
 Adobe Reader XI  
 Google Chrome (43.0.2357.124) 
 Google Chrome (43.0.2357.130) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 Zemana AntiMalware ZAM.exe   
 PC Tools Firewall Plus FWService.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 


#10 dwhit24311

dwhit24311
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 28 June 2015 - 07:44 AM

MiniToolBox by Farbar  Version: 22-06-2015
Ran by Don (administrator) on 28-06-2015 at 08:41:38
Running from "C:\Users\Don\Downloads"
Microsoft Windows 7 Ultimate  Service Pack 1 (X86)
Model: MS-7597 Manufacturer: MICRO-STAR INTERNATIONAL CO.,LTD
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Realtek PCIe FE Family Controller = Local Area Connection (Connected)
TeamViewer VPN Adapter = Local Area Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Don-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 6C-62-6D-CD-F5-08
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5f:8da6:2e07:cf81%14(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.15(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, June 27, 2015 12:27:46 PM
   Lease Expires . . . . . . . . . . : Sunday, June 28, 2015 9:28:26 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 460087917
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-68-DE-B3-1C-BD-B9-3F-16-99
   DNS Servers . . . . . . . . . . . : 65.32.5.111
                                       65.32.5.112
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : TeamViewer VPN Adapter
   Physical Address. . . . . . . . . : 00-FF-AC-A2-30-DA
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Server:  dns-redir-lb-01.tampabay.rr.com
Address:  65.32.5.111
 
Name:    google.com
Addresses:  2607:f8b0:4008:80a::200e
 216.58.192.78
 
 
Pinging google.com [216.58.219.78] with 32 bytes of data:
Reply from 216.58.219.78: bytes=32 time=30ms TTL=47
Reply from 216.58.219.78: bytes=32 time=30ms TTL=47
 
Ping statistics for 216.58.219.78:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 30ms, Maximum = 30ms, Average = 30ms
Server:  dns-redir-lb-01.tampabay.rr.com
Address:  65.32.5.111
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=62ms TTL=45
Reply from 98.138.253.109: bytes=32 time=61ms TTL=45
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 61ms, Maximum = 62ms, Average = 61ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...6c 62 6d cd f5 08 ......Realtek PCIe FE Family Controller
 13...00 ff ac a2 30 da ......TeamViewer VPN Adapter
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.15     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.15    276
     192.168.0.15  255.255.255.255         On-link      192.168.0.15    276
    192.168.0.255  255.255.255.255         On-link      192.168.0.15    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.15    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.15    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 14    276 fe80::/64                On-link
 14    276 fe80::5f:8da6:2e07:cf81/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (06/27/2015 00:29:17 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/27/2015 00:01:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/27/2015 11:00:35 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/27/2015 08:51:56 AM) (Source: Windows Search Service) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "mapi15://{S-1-5-21-3748365030-1657524865-1914025039-1000}/">.
 
Error: (06/27/2015 08:50:48 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/27/2015 08:50:22 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/27/2015 08:50:22 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/27/2015 08:50:22 AM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/27/2015 08:50:22 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (06/27/2015 08:50:17 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
 
System errors:
=============
Error: (06/27/2015 00:26:40 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service failed to start due to the following error: 
%%1069
 
Error: (06/27/2015 00:26:40 PM) (Source: Service Control Manager) (User: )
Description: The WMPNetworkSvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error: 
%%50
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (06/27/2015 00:26:40 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%1069
 
Error: (06/27/2015 00:26:40 PM) (Source: Service Control Manager) (User: )
Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: 
%%50
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (06/27/2015 00:26:10 PM) (Source: Service Control Manager) (User: )
Description: The Garmin Core Update Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (06/27/2015 00:26:10 PM) (Source: Service Control Manager) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (06/27/2015 00:26:10 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (06/27/2015 00:26:10 PM) (Source: Service Control Manager) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (06/27/2015 00:26:10 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (06/27/2015 00:18:05 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (06/27/2015 00:29:17 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/27/2015 00:01:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/27/2015 11:00:35 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/27/2015 08:51:56 AM) (Source: Windows Search Service)(User: )
Description: 300x80040d07mapi15://{S-1-5-21-3748365030-1657524865-1914025039-1000}/
 
Error: (06/27/2015 08:50:48 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/27/2015 08:50:22 AM) (Source: Windows Search Service)(User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/27/2015 08:50:22 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/27/2015 08:50:22 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/27/2015 08:50:22 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
 
Error: (06/27/2015 08:50:17 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
 
 
=========================== Installed Programs ============================
 
32 Bit HP CIO Components Installer (HKLM\...\{A80FA752-C491-4ED9-ABF0-4278563160B2}) (Version: 7.1.8 - Hewlett-Packard) Hidden
7art Crystal Clock © 7art-screensavers.com (HKLM\...\7art Crystal Clock Screensaver_is1) (Version: 3.1 - 7art-screensavers.com)
7-Zip 9.20 (HKLM\...\7-Zip 9.20) (Version:  - )
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
ABBYY FineReader 9.0 Sprint (HKLM\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.01.513.58212 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
Adobe AIR (HKLM\...\{7B77622E-DE90-48EA-B2C7-227B1DE58A01}) (Version: 16.0.0.273 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-001824144531}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version:  - )
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Amazon Send to Kindle (HKLM\...\SendToKindle) (Version: 1.0.0.192 - Amazon)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avery Wizard 4.0 (HKLM\...\{7196E6BD-4B65-43F9-9D30-73A8E58D0E84}) (Version: 4.0.103 - Avery)
Belarc Advisor 8.2 (HKLM\...\Belarc Advisor) (Version: 8.2.7.17 - Belarc Inc.)
Belkin F6D4050 Enhanced Wireless USB Adapter (HKLM\...\{B97A0C89-29C0-4682-902C-364109A9857C}) (Version: 2.0.0.05 - Belkin) Hidden
Belkin F6D4050 Enhanced Wireless USB Adapter (HKLM\...\InstallShield_{B97A0C89-29C0-4682-902C-364109A9857C}) (Version: 2.0.0.05 - Belkin)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (HKLM\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4852 - CDBurnerXP)
Combined Community Codec Pack 2010-10-10 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2010.10.10.0 - CCCP Project)
ConvertXtoDVD 4.1.20.0 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.20.0 - )
CrystalDiskInfo 4.0.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 4.0.1 - Crystal Dew World)
D110 (HKLM\...\{91D3AD6F-09CD-4695-9FA3-8FB15429BE97}) (Version: 140.0.283.000 - Hewlett-Packard) Hidden
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.14 - Piriform)
Dell Webcam Central (HKLM\...\Dell Webcam Central) (Version:  - )
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
D-Link DWA-125 (HKLM\...\{E45CACFE-0576-4375-A84F-C34B99A7B652}) (Version:  - D-Link)
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version:  - )
DomaIQ (HKLM-x32\...\DomaIQ Uninstaller) (Version:  - Tuguu SLU)
Download Navigator (HKLM\...\{3A3A3B34-6EA2-4031-8580-D66D29533E89}) (Version: 3.4.0 - SEIKO EPSON CORPORATION)
Dropbox (HKCU\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
EASEUS Todo Backup Server 2.0 (HKLM\...\EASEUS Todo Backup Server 2.0_is1) (Version: 2.0.0.1 - CHENGDU YIWO Tech Development Co., Ltd)
Elevated Installer (HKLM\...\{18FEC022-D8CE-48DF-A57A-1085D4F58F6E}) (Version: 2.3.18.0 - Garmin Ltd or its subsidiaries) Hidden
EPSON Connect version 1.0 (HKLM\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation)
Epson FAX Utility (HKLM\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.31.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WF-3530 Series Printer Uninstall (HKLM\...\EPSON WF-3530 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Eraser 6.0.8.2273 (HKLM\...\{392A74D0-4DFE-49F7-87C3-8A61708F8856}) (Version: 6.0.2273 - The Eraser Project)
Firebird 2.5.0.26074 (Win32) (HKLM\...\FBDBServer_2_5_is1) (Version: 2.5.0.26074 - Firebird Project)
Five9 Agent (HKCU\...\Five9 Agent) (Version:  - Five9)
Free Video to DVD Converter version 5.0.14.627 (HKLM\...\Free Video to DVD Converter_is1) (Version: 5.0.14.627 - DVDVideoSoft Ltd.)
Garmin Express (HKLM\...\{0904cc72-1b29-426a-b0f0-228d2744a4f6}) (Version: 2.3.18.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{9608B011-02E9-4A66-A0FC-3264A79F808A}) (Version: 2.3.18.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM\...\{CB47925A-50F0-493A-B3B0-3F6C632FCE8D}) (Version: 2.3.18.0 - Garmin Ltd or its subsidiaries) Hidden
Glary Utilities 2.56.0.1822 (HKLM\...\Glary Utilities_is1) (Version: 2.56.0.1822 - Glarysoft Ltd)
Glary Utilities 5.3 (HKLM\...\Glary Utilities 5) (Version: 5.3.0.8 - Glarysoft Ltd)
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.27.5 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPBaseService2 (HKLM\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
GSview 4.9 (HKLM\...\GSview 4.9) (Version:  - )
Haali Media Splitter (HKLM\...\HaaliMkx) (Version:  - FreeCodecPack)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.242 - SurfRight B.V.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{DBC1DE57-B55A-4D57-9769-1DB9BE506AF7}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPAppStudio (HKLM\...\{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}) (Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPDiagnosticAlert (HKLM\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (HKLM\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Java 7 Update 75 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217075FF}) (Version: 7.0.750 - Oracle)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.8.31.13 - Oracle Corporation) Hidden
Java SE Development Kit 7 Update 75 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle)
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LibreOffice 3.4 (HKLM\...\{528882DF-7239-436F-811B-F48F4179D017}) (Version: 3.4.103 - LibreOffice)
Live! Cam Avatar Creator (HKLM\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.1419.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MarketResearch (HKLM\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office on Demand Browser Add-ons (HKCU\...\Microsoft Office on Demand Browser Add-ons) (Version:  - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Essentials Prerelease (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{94317163-C5D1-4FCE-A0D9-F48FE06A7D7D}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{5B161932-9D42-4D5E-858D-29BF4C670944}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - ENU (HKLM\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mikogo (HKLM\...\Mikogo) (Version:  - )
Monitor Webcam Driver (1.01.02.0804)   (HKLM\...\Creative OA002) (Version:  - )
MSI to redistribute MS VS2005 CRT libraries (HKLM\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Network (HKLM\...\{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}) (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Nuance OmniPage 17 (HKLM\...\{74B68E74-908B-48C4-8562-580CF2741BBA}) (Version: 17.1.0000 - Nuance Communications, Inc.)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
office Convert Pdf to Jpg Jpeg Tiff Free 6.4 (HKLM\...\office Convert Pdf to Jpg Jpeg Tiff Free_is1) (Version:  - Officeconvert Software, Inc.)
OmniForm 5.0 (HKLM\...\{89DD6626-F35B-4989-9703-699E75129D0E}) (Version: 5.00.034 - ScanSoft, Inc.)
PC Tools Firewall Plus 7.0 (HKLM\...\PC Tools Firewall Plus) (Version: 7.0 - PC Tools)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PS_AIO_07_D110_SW_Min (HKLM\...\{42BBA4CC-EFB6-4653-A2CC-F305D4B399C3}) (Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTransfer (HKLM\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0033 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7272 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (HKLM\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden
SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.7 - Seagate Technology)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{945F1D43-451D-4383-9BBE-241F37950B15}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for SQL Server 2008 (KB2285068) (HKLM\...\KB2285068) (Version: 10.2.4000.0 - Microsoft Corporation)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 5.1 (HKLM\...\{9C538746-C2DC-40FC-B1FB-D4EA7966ABEB}) (Version: 5.1.112 - Skype Technologies S.A.)
SlimComputer (HKLM\...\{574BF026-4487-4051-BCE5-83C4E40AAF6D}) (Version: 1.3.30878 - SlimWare Utilities, Inc.)
SmartWebPrinting (HKLM\...\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}) (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.214.000 - Hewlett-Packard) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{C965F01C-76EA-4BD7-973E-46236AE312D7}) (Version: 10.2.4000.0 - Microsoft Corporation) Hidden
Status (HKLM\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.256.000 - Hewlett-Packard) Hidden
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
Toolbox (HKLM\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
Torrent2Exe (HKCU\...\Torrent2Exe) (Version: 2.0.120 - www.torrent2exe.com)
TrayApp (HKLM\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WebReg (HKLM\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Microsoft USB  (06/01/2001 5.1.2600.0) (HKLM\...\749FDAE5D78E463E5D9326875E03EA178EB2DAD7) (Version: 06/01/2001 5.1.2600.0 - Microsoft)
Windows Driver Package - NVIDIA (nv) Display  (05/02/2003 4.4.0.3) (HKLM\...\A9B582E671B90711D17F35D0AA79C38F8D151A93) (Version: 05/02/2003 4.4.0.3 - NVIDIA)
Windows Driver Package - Nvidia (NVENET) Net  (11/27/2002 3.1.3) (HKLM\...\5637241FAACFE52919212AAFF42BE1EC0ED78C18) (Version: 11/27/2002 3.1.3 - Nvidia)
Windows Driver Package - Nvidia (NVENET) Net  (11/27/2002 3.1.3) (HKLM\...\683037A27BA2033FB40F443BCFD36248081AA671) (Version: 11/27/2002 3.1.3 - Nvidia)
Windows Driver Package - NVIDIA Corporation (nv_agp) System  (03/19/2003 3.3.4) (HKLM\...\871B411BC41E821066250DA9341BB8003AD45C3F) (Version: 03/19/2003 3.3.4 - NVIDIA Corporation)
Windows Driver Package - NVIDIA Corporation (nvax) Media  (06/17/2003 6.14.0348.0) (HKLM\...\1FC59B37B13B5AF17BD30C6A928161311B8D2E5B) (Version: 06/17/2003 6.14.0348.0 - NVIDIA Corporation)
Windows Driver Package - NVIDIA hdc  (05/13/2002 6.1.2600.0) (HKLM\...\9C07F664AA7CB454C8896758AFA24898B0FDBAEC) (Version: 05/13/2002 6.1.2600.0 - NVIDIA)
Windows Driver Package - NVIDIA System  (04/09/2003 3.3.8) (HKLM\...\6245CA1E0F1A1AB935A8A4CB2534D77C99288241) (Version: 04/09/2003 3.3.8 - NVIDIA)
Windows Driver Package - NVIDIA System  (04/09/2003 3.3.8) (HKLM\...\809074AF41E5037EBEDFCCB0165F7EE99A2A80A3) (Version: 04/09/2003 3.3.8 - NVIDIA)
Windows Driver Package - System  (HKLM\...\E0BF4B1449062E60763E82ECB336FF72B1A98131) (Version:  - )
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Windows Password Cracker 3.05 Demo (HKLM\...\Windows Password Cracker_is1) (Version:  - FDRLab, Inc.)
WinZip System Utilities Suite (HKLM\...\{73370408-B80E-4509-B9AF-957E2E0F512F}_is1) (Version: 2.5.1000.15714 - WinZip Computing, S.L. (WinZip Computing))
Wipe (HKLM\...\wipe) (Version: 2015.06 - PrivacyRoot.com)
XVID Player 1.0.1 (HKLM\...\XVID Player_is1) (Version:  - vsevensoft.com)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.1) (Version: 1.3.2 - Xvid Team)
Zemana AntiMalware (HKLM\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.16.198 - Zemana Ltd.)
 
========================= Devices: ================================
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 59%
Total physical RAM: 3071.24 MB
Available physical RAM: 1259.04 MB
Total Pagefile: 6140.8 MB
Available Pagefile: 4082.78 MB
Total Virtual: 2047.88 MB
Available Virtual: 1931.28 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:931.41 GB) (Free:565.37 GB) NTFS
3 Drive f: (TOSHIBA EXT) (Fixed) (Total:2794.51 GB) (Free:2159.5 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\DON-PC
 
Administrator            Don                      Guest                    
GuestUser                UpdatusUser              
 
 
**** End of log ****


#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:41 PM

Posted 28 June 2015 - 04:40 PM

The Eset log? Also how is your machine running?



#12 dwhit24311

dwhit24311
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 28 June 2015 - 06:33 PM

I didn't get a log for Eset. My machine seems to be running better Thank you. I guess the Walgreens website is loaded with popups.   Thank you for all your help.



#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:41 PM

Posted 28 June 2015 - 07:08 PM

Make sure and update these, with the programs below.

 

 Java version 32-bit out of Date!
  Adobe Flash Player 17.0.0.190 Flash Player out of Date! 

 

Some Suggested Software To Keep You Safe On The Internet.

 

Click Me To Update Software. Update Software.

Qualys BrowserCheck To update plugins.

Web Of Trust  To Avoid  Shady Websites.

Unchecky To Avoid Bundled Software.

AdBlock Plus To Browse The Web Ad Free.

Malwarebytes Anti Exploit To Block Zero Day Attacks.

 Malwarebytes Startup Lite To Disable Useless Items Starting With Your Computer.

 FanBoys Ultimate list.  Add The Ultimate List.

ToolWhiz Smart Defrag  Defrag Your Machine With Speed.

For Chrome Adguard

For FireFox Adguard

 

Now Lets Clean up the tools we used and remove old restore points.

 

Download DelFix by "Xplode" to your Desktop.
Right Click the tool and Run as Admin ( Xp Users Double Click)
Put a check mark next the items below:


Remove disinfection tools
Create registry backup
Purge System Restore




Now click on "Run" button.
allow the program to complete its work.
all the tools we used will be removed.
Tool will create and open a log report (DelFix.txt)
Note: The report can be located at the following location C:\DelFix.txt






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users