Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Slowing Down


  • Please log in to reply
11 replies to this topic

#1 Onesouthernirish

Onesouthernirish

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Estill Springs, Tennessee
  • Local time:06:19 PM

Posted 29 June 2015 - 12:30 PM

Hello ~

 

I have been on this website in the past & y'all have helped me out a tremendously. I now have another issue: My computer is slowing down quite a bit & I'm hearing the fan or something inside the CPU running quite a bit. This started a few weeks ago. I have been running a full scan twice a week using MSE as well as Malwarebytes. MSE has picked up nothing but Malwarebytes has picked up a few "PUP" entries. An interesting thing happened this a.m. after running MSE I restarted my computer & Malwerbytes came up that is was just installed. That was confusing because I have had it since 2013. In the last couple months I have been updating a couple of my Garmin Escort radar detectors which downloads window driver packages from Escort as well as Silicon Labs & Dynastream Innovations. This probably has nothing to do with my issues but I thought it worth mentioning. I know VERY, VERY little about computers, At times when I type I have to wait for the letters to catch up. I'm a slow typist. I would appreciate it if you could help me... Thank You  CJ


Edited by hamluis, 29 June 2015 - 01:02 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 29 June 2015 - 03:00 PM

Download and run wipe.

 

https://privacyroot.com/software/www/en/wipe.php

 

Under details make sure the highlighted button is ticked prior to cleaning.

v9cPNDN.jpg?1

 

Then System ninja

https://singularlabs.com/software/system-ninja/

 

Scan for junk then delete.

 

r5APpdC.jpg

 

Then.....

 

Go ahead and install ccleaner Now that you have the program installed go ahead and run the cleaner function.

https://www.piriform.com/ccleaner/download
kwLN4uv.png


Now that you have cleaned out some temp files, lets go ahead and disable all of the items starting up with your machine except your antivirus. To do this you will need to click on tools then start up select each item then disable.

GjWwvEu.png

Now that you have disabled those un-needed start ups lets go into the settings, we will have Ccleaner run when your machine boots, so that you will never have to worry about cleaning temp files again.

To do this:

  • Hit options.
  • Settings.
  • Place a tick to run Ccleaner when the computer starts.


Lxioao1.png

Now go to the advanced tab, and select close program after cleaning, now run the cleaner again this will close Ccleaner.

SnqZ2JW.png

 

Reboot your machine and then follow the  instructions below.

 

Step 1: eScanAV.

 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

Download the eScanAV Anti-Virus Toolkit (MWAV)
http://www.escanav.com/english/content/products/downloadlink/downloadcounter.asp?pcode=MWAV&src=english_dwn&type=alter

 

Source

http://www.escanav.com/english/content/products/downloadlink/downloadproduct.asp?pcode=MWAV
Save the file to your desktop.
Right click run as administrator.
A new icon will appear on your desktop.
Right click run as administrator on new icon.
Click on the update tab.
ZCDJtZN.png
Once you have updated the program, make sure the settings are the same as the picture below.
7DUFn5c.png
Once you have made sure the settings match the picture, hit the Scan & Clean button.
Upon scan completion, click View Log.
ApSVXsQ.png
Copy and paste entire log into your next reply.

Note: Reboot after you remove infections.

 

Step 2: Zemana

 

Run a full scan with Zemana antimalware.

http://www.zemana.us/product/zemana-antimalware/default.aspx

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply.

Note: Reboot after you remove infections.

 

 

Step 3: Junkware Removal Tool.
 
Please download Junkware Removal Tool and save it on your desktop.

Source

http://thisisudax.org/

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Step 4: Adware Cleaner.
 
Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


#3 gigawert

gigawert

  • Members
  • 1,304 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:19 PM

Posted 29 June 2015 - 06:15 PM

Another great cleaner for Windows is BleachBit.


John 3:16

 "God loved the world so much that He gave His uniquely-sired Son, with the result that anyone who believes in Him would never perish but have eternal life."


#4 Onesouthernirish

Onesouthernirish
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Estill Springs, Tennessee
  • Local time:06:19 PM

Posted 30 June 2015 - 04:33 PM

 

 

 

Hello ~

 

Thank you for your response. It took me awhile to get through the tasks, but I completed most. The link to the Zemana was broke. I have 3 logs for you that I am posting. Thank you for your time & expertise:

 

 

30 Jun 2015 11:27:24 [16f8] - **********************************************************

30 Jun 2015 11:27:24 [16f8] - MWAV - eScanAV AntiVirus Toolkit.

30 Jun 2015 11:27:24 [16f8] - Copyright © MicroWorld Technologies

30 Jun 2015 11:27:24 [16f8] - **********************************************************

30 Jun 2015 11:27:24 [16f8] - Source: C:\Users\PISSED~1\Desktop\mwav.exe

30 Jun 2015 11:27:24 [16f8] - Version 14.0.189 (C:\USERS\PISSED OFF\APPDATA\LOCAL\TEMP\MEXETMP.EX~)

30 Jun 2015 11:27:24 [16f8] - Log File: C:\Users\pissed off\AppData\Local\Temp\LOG\MWAV.LOG

30 Jun 2015 11:27:24 [16f8] - MWAV Registered: TRUE

30 Jun 2015 11:27:24 [16f8] - User Account: pissed off (Administrator Mode)

30 Jun 2015 11:27:24 [16f8] - OS Type: Windows Workstation [InstallType: Client]

30 Jun 2015 11:27:24 [16f8] - OS: Windows XP 64-Bit [OS Install Date: 29 Jan 2013 15:17:04]

30 Jun 2015 11:27:24 [16f8] - Ver: Personal Service Pack 2 (Build 2600)

30 Jun 2015 11:27:24 [16f8] - System Up Time: 1 Day, 0 Hour, 7 Minutes, 46 Seconds

 

 

30 Jun 2015 11:27:24 [16f8] - Parent Process Name : C:\Users\pissed off\AppData\Local\Temp\mexe.com

30 Jun 2015 11:27:24 [16f8] - Windows Root  Folder: C:\Windows

30 Jun 2015 11:27:24 [16f8] - Windows Sys32 Folder: C:\Windows\system32

30 Jun 2015 11:27:24 [16f8] - DHCP NameServer: 192.168.1.1

30 Jun 2015 11:27:24 [16f8] - Interface0 DHCPNameServer: 192.168.1.1

30 Jun 2015 11:27:24 [16f8] - Local Fixed Drives: c:\

30 Jun 2015 11:27:24 [16f8] - MWAV Mode(A): Scan and Clean files (for viruses, adware and spyware)

30 Jun 2015 11:27:24 [16f8] - [CREATED ZIP FILE: C:\Users\pissed off\AppData\Local\Temp\pinfect.zip]

30 Jun 2015 11:27:24 [16f8] - Command Line Options Given: /xsign

30 Jun 2015 11:27:25 [16f8] - Latest Date of files inside MWAV: Mon Mar  2 17:13:53 2015.

30 Jun 2015 11:27:25 [16f8] - Loading/Creating FileScan Cache Database C:\ProgramData\MicroWorld\MWAV\ESCANDBY.MDB [Log: C:\Users\pissed off\AppData\Local\Temp\LOG\ESCANDB.LOG]

30 Jun 2015 11:27:25 [16f8] - Loaded/Created FileScan Cache Database...

30 Jun 2015 11:27:25 [16f8] - Loading AV Library [DB]...

30 Jun 2015 11:29:14 [16f8] - ArchiveScan: DISABLED

30 Jun 2015 11:29:16 [16f8] - AV Library Loaded - MultiThreaded - 2 : [DB-DIRECT].

30 Jun 2015 11:29:16 [16f8] - MWAV doing self scanning...

30 Jun 2015 11:29:16 [16f8] - MWAV files are clean.

30 Jun 2015 11:29:22 [16f8] - ArchiveScan: DISABLED

30 Jun 2015 11:29:22 [16f8] - Virus Database Date: 02 Mar 2015

30 Jun 2015 11:29:22 [16f8] - Virus Database Count: 6701505

30 Jun 2015 11:29:22 [16f8] - Sign Version: 7.59505 [518257]

 

30 Jun 2015 11:30:31 [16f8] - **********************************************************

30 Jun 2015 11:30:31 [16f8] - MWAV - eScanAV AntiVirus Toolkit.

30 Jun 2015 11:30:31 [16f8] - Copyright © MicroWorld Technologies

30 Jun 2015 11:30:31 [16f8] -

30 Jun 2015 11:30:32 [16f8] - Support: support@escanav.com

30 Jun 2015 11:30:32 [16f8] - Web: http://www.escanav.com

30 Jun 2015 11:30:32 [16f8] - **********************************************************

30 Jun 2015 11:30:32 [16f8] - Version 14.0.189[DB] (C:\USERS\PISSED OFF\APPDATA\LOCAL\TEMP\MEXETMP.EX~)

30 Jun 2015 11:30:32 [16f8] - Log File: C:\Users\pissed off\AppData\Local\Temp\LOG\MWAV.LOG

30 Jun 2015 11:30:32 [16f8] - User Account: pissed off (Administrator Mode)

30 Jun 2015 11:30:32 [16f8] - Parent Process Name : C:\Users\pissed off\AppData\Local\Temp\mexe.com

30 Jun 2015 11:30:32 [16f8] - Windows Root  Folder: C:\Windows

30 Jun 2015 11:30:32 [16f8] - Windows Sys32 Folder: C:\Windows\system32

30 Jun 2015 11:30:32 [16f8] - OS: Windows XP 64-Bit [OS Install Date: 29 Jan 2013 15:17:04]

30 Jun 2015 11:30:32 [16f8] - Ver: Personal Service Pack 2 (Build 2600)

30 Jun 2015 11:30:32 [16f8] - Latest Date of files inside MWAV: Mon Mar  2 17:13:53 2015.

30 Jun 2015 11:30:32 [16f8] - Priority: NORMAL

 

30 Jun 2015 11:30:33 [040c] - Options Selected by User:

30 Jun 2015 11:30:33 [040c] - Memory Check: Enabled

30 Jun 2015 11:30:33 [040c] - Registry Check: Enabled

30 Jun 2015 11:30:33 [040c] - StartUp Folder Check: Enabled

30 Jun 2015 11:30:33 [040c] - System Folder Check: Enabled

30 Jun 2015 11:30:33 [040c] - Services Check: Enabled

30 Jun 2015 11:30:33 [040c] - Scan Spyware: Enabled

30 Jun 2015 11:30:33 [040c] - Scan Archives: Disabled

30 Jun 2015 11:30:33 [040c] - Drive Check: Enabled

30 Jun 2015 11:30:33 [040c] - All Drive Check :Disabled

30 Jun 2015 11:30:33 [040c] - Drive Selected = C:\

30 Jun 2015 11:30:33 [040c] - Folder Check: Disabled

30 Jun 2015 11:30:33 [040c] - SCAN: All_Files [ANSI]

30 Jun 2015 11:30:33 [040c] - MWAV Mode(B): Scan and Clean files (for viruses, adware and spyware)

 

30 Jun 2015 11:30:33 [040c] - Scanning DNS Records...

30 Jun 2015 11:30:33 [040c] - Scanning Master Boot Record (User)...

30 Jun 2015 11:31:41 [040c] - ScanFile (C:\Users\pissed off\AppData\Local\Temp\mbr.bin) took 65427 ms

30 Jun 2015 11:31:41 [040c] - Scanning of C:\Users\pissed off\AppData\Local\Temp\mbr.bin Timed out!!!

30 Jun 2015 11:31:41 [040c] - Scanning Logical Boot Records...

30 Jun 2015 11:31:49 [040c] - ScanFile (:BOOT:C) took 8003 ms

30 Jun 2015 11:31:52 [040c] - ***** Scanning For Hidden Rootkit Processes *****

30 Jun 2015 11:31:53 [040c] - ***** Scanning For Hidden Rootkit Services *****

 

30 Jun 2015 11:31:59 [040c] - ***** Scanning Memory Files *****

30 Jun 2015 11:32:29 [040c] - ScanFile (C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe) took 15445 ms

 

30 Jun 2015 11:33:17 [040c] - ***** Scanning Registry Files *****

30 Jun 2015 11:33:20 [040c] - ERROR(3)!!! Invalid Entry  = C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (in key HKLM\Software\Microsoft\Code Store Database\Distribution Units\{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}). Action Taken: Removing it.

30 Jun 2015 11:35:09 [040c] - ERROR(3)!!! Invalid Entry cmdline = %SystemRoot%\system32\ntvdm.exe (in key HKLM64\SYSTEM\CurrentControlSet\Control\WOW). Action Taken: Removing it.

30 Jun 2015 11:35:14 [040c] - ERROR(3)!!! Invalid Entry vidc.iv50 = ir50_32.dll (in key HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32). Action Taken: Removing it.

30 Jun 2015 11:35:14 [040c] - ERROR(3)!!! Invalid Entry vidc.iv41 = ir41_32.ax (in key HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32). Action Taken: Removing it.

30 Jun 2015 11:35:14 [040c] - ERROR(3)!!! Invalid Entry vidc.iv32 = ir32_32.dll (in key HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32). Action Taken: Removing it.

30 Jun 2015 11:35:14 [040c] - ERROR(3)!!! Invalid Entry vidc.iv31 = ir32_32.dll (in key HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32). Action Taken: Removing it.

30 Jun 2015 11:35:14 [040c] - ERROR(3)!!! Invalid Entry msacm.iac2 = C:\Windows\system32\iac25_32.ax (in key HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32). Action Taken: Removing it.

30 Jun 2015 11:35:14 [040c] - ERROR(3)!!! Invalid Entry GarminExpressTrayApp = "C:\Program Files (x86)\Garmin\Express Tray\tray.exe" (in key HKU64\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). Action Taken: Removing it.

 

30 Jun 2015 11:35:15 [040c] - ***** Scanning StartUp Folders *****

30 Jun 2015 11:35:53 [153c] - ScanFile (C:\Users\pissed off\Desktop\SkypeSetup.exe) took 21091 ms

30 Jun 2015 11:35:53 [153c] - Scanning of C:\Users\pissed off\Desktop\SkypeSetup.exe Timed out!!!

30 Jun 2015 11:50:43 [040c] - INVALID ATTRIBUTES FOR FOLDER [C:\Users\pissed off\AppData\Roaming\Microsoft\Credentials]: LastErr: 5. IGNORING.

30 Jun 2015 11:53:39 [0658] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0001.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [0658] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0002.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [153c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0001.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [0658] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0002.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [0658] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Gen - Variant.Application.Downloader.164-0001.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [153c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Gen - Variant.Application.Downloader.164-0000.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [0658] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0001.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [153c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0002.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [0658] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0001.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [153c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0002.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [0658] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0001.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [153c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0002.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [0658] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0001.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [153c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0002.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [0658] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0001.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\AdGiantSavings.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\AdGiantSavings2.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\AdGiantSavings1.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\AdGiantSavings4.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:39 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\AdGiantSavings3.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\AdGiantSavings6.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\AdGiantSavings5.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\AdGiantSavings7.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\AdGiantSavings8.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\AskMyGlobalSearch.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar1.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar3.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar2.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar5.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BabylonToolbar4.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave1.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave10.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave12.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave11.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave14.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave13.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave16.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave17.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave15.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave18.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave2.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave20.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave19.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave22.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave21.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave23.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave25.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave26.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave24.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave28.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave27.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave29.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave30.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave3.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave31.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave33.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave34.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave32.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave36.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave35.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave38.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave37.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave4.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave39.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave41.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave40.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave42.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave44.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave43.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave45.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave46.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave48.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave49.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave47.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:40 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave50.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave5.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave51.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave52.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave54.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave53.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave55.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave57.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave58.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave56.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave59.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave6.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave60.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave62.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave61.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave63.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave7.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave9.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\Complitly.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave8.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore11.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore12.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore13.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore15.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:41 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore17.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:42 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore18.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:42 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore19.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:42 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore2.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:42 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore21.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:42 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore23.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:42 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore24.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:42 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore25.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:42 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore27.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:42 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore29.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:42 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore30.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:42 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore31.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:43 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore33.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:43 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore35.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:43 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore37.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:43 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore36.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:43 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore39.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:43 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore4.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:43 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore41.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:43 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore42.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:43 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore43.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:43 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore45.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore47.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore48.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore49.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore5.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore6.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore7.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CoolPDFReaderInCore9.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar10.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar1.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar100.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar101.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar102.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar103.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar104.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar105.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar106.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar107.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar108.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar109.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar11.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar110.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar111.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar112.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar114.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar113.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar116.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:44 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar115.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar117.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar118.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar12.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar119.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar120.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar121.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar122.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar123.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar124.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar125.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar127.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar126.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar128.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar129.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar14.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar15.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar13.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar17.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar18.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar16.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar19.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar2.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar20.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar22.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar21.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar23.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar24.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar25.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar26.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar27.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar28.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar29.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar3.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar30.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar31.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar32.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar33.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar34.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar35.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar36.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar37.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar38.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar39.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar4.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar40.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar42.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:45 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar41.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar43.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar44.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar45.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar46.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar47.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar48.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar5.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar49.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar50.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar51.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar52.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar53.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar55.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar54.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar56.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar57.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar58.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar6.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar59.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar60.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar61.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar62.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar63.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar64.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar65.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar67.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar66.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar68.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar69.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar7.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar71.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar70.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar72.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar73.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar74.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar75.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar77.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar76.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar78.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar8.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar80.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar79.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar81.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar82.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:46 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar84.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar83.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar85.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar86.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar87.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar88.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar89.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar9.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar90.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar92.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar91.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar93.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar94.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar95.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar96.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar97.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar98.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\CouponBar99.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\DeltaToolbar.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\iCrossRider.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\FraudFedexWord.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\iCrossRider1.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\iCrossRider2.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\iCrossRider3.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\iCrossRider4.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\iCrossRider5.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityInternetExplorer.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityInternetExplorer1.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityInternetExplorer2.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\myPCBackup1.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\myPCBackup2.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:47 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\myPCBackup3.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\myPCBackup4.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\OtShot.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\OtShot1.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\OtShot2.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\OtShot3.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\OtShot4.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\OtShot5.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\OtShot6.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\OtShot7.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\OtShot8.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\OtShot9.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\PornoAssist.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\SafeSaverBHO.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\SafeSaverBHO1.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\SafeSaverBHO2.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\SafeSaverBHO3.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\SafeSaverBHO4.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\SafeSaverBHO5.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\SafeSaverBHO6.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\SafeSaverBHO7.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\Searchdwebs.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\Searchdwebs1.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\Searchdwebs10.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\Searchdwebs11.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\Searchdwebs12.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\Searchdwebs13.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\Searchdwebs14.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\Searchdwebs2.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\Searchdwebs3.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\Searchdwebs4.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\Searchdwebs5.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\Searchdwebs6.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\Searchdwebs7.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\Searchdwebs8.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:48 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\Searchdwebs9.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\myPCBackup.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WiIQfraud.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WiIQfraud1.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WiIQfraud2.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WiIQfraud3.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WiIQfraud4.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WinAgenthuut.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen1.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen10.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen11.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen12.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen13.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen14.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen15.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen16.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen17.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen18.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen2.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen3.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen6.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:49 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen8.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:50 [153c] - C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen9.zip not Scanned. Possibly password protected...

30 Jun 2015 11:53:50 [0658] - C:\ProgramData\Spybot - Search & Destroy\Recovery\VuuPC.zip not Scanned. Possibly password protected...

 

30 Jun 2015 11:53:54 [040c] - ***** Scanning Service Files *****

30 Jun 2015 11:54:03 [040c] - ERROR(2)!!! Invalid Entry %SystemRoot%\System32\appmgmts.dll. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\AppMgmt.

30 Jun 2015 11:54:08 [040c] - ERROR(2)!!! Invalid Entry \??\C:\ComboFix\catchme.sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\catchme.

30 Jun 2015 11:54:14 [040c] - ERROR(2)!!! Invalid Entry \??\C:\Users\PISSED~1\AppData\Local\Temp\cpuz138\cpuz138_x64.sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\cpuz138.

 

30 Jun 2015 11:55:22 [040c] - ***** Scanning Registry and File system for Adware/Spyware *****

30 Jun 2015 11:55:24 [040c] - Loading Spyware Signatures from new External Database [Name: C:\Users\PISSED~1\AppData\Local\Temp\spydb.avs, Size: 464724]...

30 Jun 2015 11:55:24 [040c] - Indexed Spyware Databases Successfully Created...

 

30 Jun 2015 11:55:34 [040c] - Offending Registry Entry found: HKCU\SOFTWARE\Wget

30 Jun 2015 11:55:34 [040c] - System found infected with Backdoor (IRCBot) Trojans Spyware/Adware (HKCU\SOFTWARE\Wget)! Action taken: Entries Removed.

30 Jun 2015 11:55:34 [040c] - Object "Backdoor (IRCBot) Trojans Spyware/Adware" found in File System! Action Taken: Entries Removed.

 

30 Jun 2015 11:55:34 [040c] - Offending Registry Entry found: HKCU\Software\Microsoft\OLE

30 Jun 2015 11:55:34 [040c] - System found infected with Backdoor (IRCBot) Trojans Spyware/Adware (HKCU\Software\Microsoft\OLE)! Action taken: Entries Removed.

30 Jun 2015 11:55:34 [040c] - Object "Backdoor (IRCBot) Trojans Spyware/Adware" found in File System! Action Taken: Entries Removed.

 

30 Jun 2015 11:55:34 [040c] - Offending Registry Entry found: HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers

30 Jun 2015 11:55:34 [040c] - System found infected with AntiSpyware Pro XP Corrupted Adware/Spyware (HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers)! Action taken: Entries Removed.

30 Jun 2015 11:55:34 [040c] - Object "AntiSpyware Pro XP Corrupted Adware/Spyware" found in File System! Action Taken: Entries Removed.

 

30 Jun 2015 11:55:35 [040c] - Offending Registry Entry found: HKCR\wvfile

30 Jun 2015 11:55:35 [040c] - System found infected with Winvestigator Commercial KeyLogger (HKCR\wvfile)! Action taken: Entries Removed.

30 Jun 2015 11:55:35 [040c] - Object "Winvestigator Commercial KeyLogger" found in File System! Action Taken: Entries Removed.

 

 

30 Jun 2015 11:55:35 [040c] - ***** Scanning Registry Files *****

30 Jun 2015 11:55:36 [040c] - ERROR(3)!!! Invalid Entry vidc.iv50 = ir50_32.dll (in key HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32). Action Taken: Removing it.

30 Jun 2015 11:55:36 [040c] - ERROR(3)!!! Invalid Entry vidc.iv41 = ir41_32.ax (in key HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32). Action Taken: Removing it.

30 Jun 2015 11:55:36 [040c] - ERROR(3)!!! Invalid Entry vidc.iv32 = ir32_32.dll (in key HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32). Action Taken: Removing it.

30 Jun 2015 11:55:36 [040c] - ERROR(3)!!! Invalid Entry vidc.iv31 = ir32_32.dll (in key HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32). Action Taken: Removing it.

30 Jun 2015 11:55:36 [040c] - ERROR(3)!!! Invalid Entry msacm.iac2 = C:\Windows\system32\iac25_32.ax (in key HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32). Action Taken: Removing it.

30 Jun 2015 11:55:36 [040c] - ** Possible invalid line [127.0.0.1  download-mcafee.com] in HOSTS file!

30 Jun 2015 11:55:37 [040c] - ** Value in HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = about:blank

30 Jun 2015 11:55:37 [040c] - ** Deleted Value of "NoComponents" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop". Its value was DWORD:1.

30 Jun 2015 11:55:37 [040c] - ** Deleted Value of "NoAddingComponents" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop". Its value was DWORD:1.

30 Jun 2015 11:55:37 [040c] - ** Value in 64-bit HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

30 Jun 2015 11:55:37 [040c] - ** Value in HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = http://www.google.com/

30 Jun 2015 11:55:38 [040c] - ** Value in 64-bit HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = http://www.google.com/

30 Jun 2015 11:55:38 [040c] - ** Value in HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\main/Start Page = about:blank

30 Jun 2015 11:55:38 [040c] - ** Value in 64-bit HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\main/Start Page = about:blank

 

30 Jun 2015 11:55:38 [040c] - ***** Scanning System32 Folders *****

30 Jun 2015 11:56:44 [0658] - ScanFile (C:\Windows\SysWOW64\FlashPlayerApp.exe) took 7863 ms

30 Jun 2015 11:57:55 [153c] - ScanFile (C:\Windows\SysWOW64\ntoskrnl.exe) took 5834 ms

30 Jun 2015 11:58:01 [0658] - ScanFile (C:\Windows\SysWOW64\nvapi.dll) took 6880 ms

30 Jun 2015 11:58:04 [153c] - ScanFile (C:\Windows\SysWOW64\nvcompiler.dll) took 6131 ms

 

 

30 Jun 2015 12:01:59 [040c] - ***** Scanning Drive C:\ *****

30 Jun 2015 12:17:07 [0658] - ScanFile (C:\$WINDOWS.~Q\DATA\Windows\System32\usbaaplrc.dll) took 32448 ms

30 Jun 2015 12:17:07 [0658] - Scanning of C:\$WINDOWS.~Q\DATA\Windows\System32\usbaaplrc.dll Timed out!!!

30 Jun 2015 12:18:53 [153c] - ScanFile (C:\$WINDOWS.~Q\DATA\Windows\SysWOW64\nvapi.dll) took 6100 ms

30 Jun 2015 12:18:53 [0658] - ScanFile (C:\$WINDOWS.~Q\DATA\Windows\SysWOW64\nvcompiler.dll) took 6021 ms

30 Jun 2015 12:23:17 [0658] - ScanFile (C:\N360_BACKUP\{913789F6-567B-4605-86AD-E2FFD67A5D99}\{5\B393056-65C0-42B9-A4DF-19C659CD28AA}) took 5553 ms

30 Jun 2015 12:29:02 [0658] - ScanFile (C:\N360_BACKUP\{913789F6-567B-4605-86AD-E2FFD67A5D99}\{F\B5475DF-E141-4980-89F8-B783E52D0AE3}) took 5320 ms

30 Jun 2015 12:30:07 [0658] - ScanFile (C:\OEM\Preload\Autorun\DRV\AMD VGA Generic Driver\Bin\ATILog.dll) took 9375 ms

30 Jun 2015 12:30:07 [153c] - ScanFile (C:\OEM\Preload\Autorun\DRV\AMD VGA Generic Driver\Bin\ATIManifestDLMExt.dll) took 8752 ms

30 Jun 2015 12:30:40 [153c] - ScanFile (C:\OEM\Preload\Autorun\DRV\AMD VGA Generic Driver\Packages\Drivers\Display\W76A_INF\B_83920\atioglxx.dl_) took 5398 ms

30 Jun 2015 12:30:49 [153c] - ScanFile (C:\OEM\Preload\Autorun\DRV\AMD VGA Generic Driver\Packages\Drivers\Display\W7_INF\B_83920\atioglxx.dl_) took 5429 ms

30 Jun 2015 12:30:49 [0658] - ScanFile (C:\OEM\Preload\Autorun\DRV\AMD VGA Generic Driver\Packages\Drivers\Display\W7_INF\B_83920\atiumdva.dl_) took 5008 ms

30 Jun 2015 12:38:00 [153c] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{8F94CE5C-5850-4C6D-8D21-7F2107B2646D}\nvd3dumx.dl_) took 5414 ms

30 Jun 2015 12:43:39 [153c] - ScanFile (C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll) took 5039 ms

30 Jun 2015 12:44:32 [153c] - ScanFile (C:\Program Files (x86)\Google\Picasa3\cdautorun\PicasaCD.exe) took 6801 ms

30 Jun 2015 12:44:32 [0658] - ScanFile (C:\Program Files (x86)\Google\Picasa3\cdautorun\PicasaRestore.exe) took 7192 ms

30 Jun 2015 12:44:52 [153c] - ScanFile (C:\Program Files (x86)\Google\Picasa3\GPAutoBackup.msi) took 18985 ms

30 Jun 2015 12:51:14 [0658] - Scanning File C:\System Volume Information\{09c4328b-1207-11e5-9631-002511574088}{3808876b-c176-4e48-b7ae-04046e6cc752}

30 Jun 2015 12:51:14 [0658] - Scanning File C:\System Volume Information\{09c43299-1207-11e5-9631-002511574088}{3808876b-c176-4e48-b7ae-04046e6cc752}

30 Jun 2015 12:51:14 [0658] - Scanning File C:\System Volume Information\{0cc3f884-1d26-11e5-9d4b-002511574088}{3808876b-c176-4e48-b7ae-04046e6cc752}

30 Jun 2015 12:51:14 [0658] - Scanning File C:\System Volume Information\{0cc3f88a-1d26-11e5-9d4b-002511574088}{3808876b-c176-4e48-b7ae-04046e6cc752}

30 Jun 2015 12:51:15 [153c] - Scanning File C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}

30 Jun 2015 12:51:15 [0658] - Scanning File C:\System Volume Information\{49588465-1757-11e5-962b-002511574088}{3808876b-c176-4e48-b7ae-04046e6cc752}

30 Jun 2015 12:51:15 [153c] - Scanning File C:\System Volume Information\{49588491-1757-11e5-962b-002511574088}{3808876b-c176-4e48-b7ae-04046e6cc752}

30 Jun 2015 12:51:15 [0658] - Scanning File C:\System Volume Information\{49589742-1757-11e5-962b-002511574088}{3808876b-c176-4e48-b7ae-04046e6cc752}

30 Jun 2015 12:51:15 [153c] - Scanning File C:\System Volume Information\{4a1db82d-1a9f-11e5-971a-002511574088}{3808876b-c176-4e48-b7ae-04046e6cc752}

30 Jun 2015 12:51:15 [0658] - Scanning File C:\System Volume Information\{efd6e28b-1850-11e5-971a-002511574088}{3808876b-c176-4e48-b7ae-04046e6cc752}

30 Jun 2015 12:51:15 [153c] - Scanning File C:\System Volume Information\{f9222ed1-1570-11e5-8091-002511574088}{3808876b-c176-4e48-b7ae-04046e6cc752}

30 Jun 2015 12:52:04 [153c] - ScanFile (C:\Users\pissed off\AppData\Local\Amazon Music\libcef.dll) took 5195 ms

30 Jun 2015 12:52:13 [040c] - INVALID ATTRIBUTES FOR FOLDER [C:\Users\pissed off\AppData\Local\Microsoft\Credentials]: LastErr: 5. IGNORING.

30 Jun 2015 12:52:24 [040c] - INVALID ATTRIBUTES FOR FOLDER [C:\Users\pissed off\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D4BWIK95]: LastErr: 5. IGNORING.

30 Jun 2015 12:52:56 [040c] - INVALID ATTRIBUTES FOR FOLDER [C:\Users\pissed off\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData]: LastErr: 5. IGNORING.

30 Jun 2015 12:53:12 [040c] - INVALID ATTRIBUTES FOR FOLDER [C:\Users\pissed off\AppData\Roaming\Microsoft\Credentials]: LastErr: 5. IGNORING.

30 Jun 2015 13:07:23 [153c] - ScanFile (C:\Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\PPCORE.DLL) took 5772 ms

30 Jun 2015 13:07:58 [0658] - ScanFile (C:\Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.7015\WWLIB.DLL) took 7893 ms

30 Jun 2015 13:09:38 [0658] - ScanFile (C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe) took 6817 ms

30 Jun 2015 13:48:46 [0658] - ScanFile (C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-xstate-l1-1-0.dll) took 5600 ms

30 Jun 2015 13:48:46 [153c] - ScanFile (C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-util-l1-1-0.dll) took 5741 ms

30 Jun 2015 13:56:58 [153c] - ScanFile (C:\Windows\winsxs\amd64_narrator-nonmsil_31bf3856ad364e35_6.1.7600.16385_none_8932b218de997a4e\Narrator.exe) took 5975 ms

30 Jun 2015 13:56:58 [0658] - ScanFile (C:\Windows\winsxs\amd64_narrator-nonmsil_31bf3856ad364e35_6.1.7601.17514_none_8b63c5e0db87fde8\Narrator.exe) took 5819 ms

 

30 Jun 2015 14:39:18 [040c] - ***** Checking for specific ITW Viruses *****

30 Jun 2015 14:39:18 [040c] - [ZeroAccess] Found Reg Value CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32/default as %SystemRoot%\system32\shell32.dll. Changing it to %SystemRoot%\syswow64\shdocvw.dll...

30 Jun 2015 14:39:18 [040c] - Object "ZeroAccess" found in File System! Action Taken: Entries Removed.

 

 

30 Jun 2015 14:39:18 [040c] - ***** Scanning complete. *****

 

30 Jun 2015 14:39:18 [040c] - Total Objects Scanned: 278866

30 Jun 2015 14:39:18 [040c] - Total Critical Objects: 5

30 Jun 2015 14:39:18 [040c] - Total Disinfected Objects: 1

30 Jun 2015 14:39:18 [040c] - Total Objects Renamed: 0

30 Jun 2015 14:39:19 [040c] - Total Deleted Objects: 4

30 Jun 2015 14:39:19 [040c] - Total Errors: 16

30 Jun 2015 14:39:19 [040c] - Time Elapsed: 03:05:58

30 Jun 2015 14:39:19 [040c] - Virus Database Date: 02 Mar 2015

30 Jun 2015 14:39:19 [040c] - Virus Database Count: 6701505

30 Jun 2015 14:39:19 [040c] - Sign Version: 7.59505 [518257]

 

30 Jun 2015 14:39:19 [040c] - Scan Completed.

 

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.2.3 (06.30.2015:1)
OS: Windows 7 Home Premium x64
Ran by pissed off on Tue 06/30/2015 at 15:57:15.46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

Successfully deleted: [Service] swdumon

 

~~~ Tasks

 

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant

 

~~~ Registry Keys

 

~~~ Files

Successfully deleted: [File] C:\Windows\system32\drivers\swdumon.sys

 

~~~ Folders

Failed to delete: [Folder] C:\users\public\documents\downloaded installers
Successfully deleted: [Folder] C:\Program Files (x86)\driverupdate
Successfully deleted: [Folder] C:\Program Files\005
Successfully deleted: [Folder] C:\ProgramData\saafEE. save [BHO.Multiplug]

 

~~~ Chrome

[C:\Users\pissed off\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\pissed off\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\pissed off\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\pissed off\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 06/30/2015 at 16:04:58.25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

# AdwCleaner v4.207 - Logfile created 30/06/2015 at 16:15:53
# Updated 21/06/2015 by Xplode
# Database : 2015-06-29.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : pissed off - PISSEDOFF-PC
# Running from : C:\Users\pissed off\Desktop\adwcleaner_4.207.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : swdumon

***** [ Files / Folders ] *****

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\SevereWeatherAlerts

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17840

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [878 bytes] - [30/06/2015 16:14:37]
AdwCleaner[S0].txt - [759 bytes] - [30/06/2015 16:15:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [817  bytes] ##########



#5 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 30 June 2015 - 09:21 PM

Here is the link for Zemana.

https://zemana.com/ThankYou/Download?ProductID=2

 

Adware Removal Tool.
 
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

Source: http://www.techsupportall.com/adware-removal-tool/

LOr0Gd7.png

Hit Ok.

sYFsqHx.png

Hit next make sure to leave all items checked, for removal.

8NcZjGc.png


The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete,  then OK again to finish up. Post log generated by tool.

 

Step 2: ZHP Cleaner.

 

Download and save ZHP Cleaner to your desktop.

http://www.nicolascoolman.fr/download/zhpcleaner-2/

Right Click and run as administrator.

Click on the Repair button.

At the end of the process you will be asked to reboot your machine.

After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 

Step 3: Security Check.

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document

 

 

 

Step 4: Minitoolbox.

 

Please download [b]MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

Eset Scan

http://www.eset.com/us/online-scanner/
 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

 
 
 esetonlinebtn.png
 

  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.


#6 Onesouthernirish

Onesouthernirish
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Estill Springs, Tennessee
  • Local time:06:19 PM

Posted 03 July 2015 - 10:20 AM

Hello ~

 

Here is a list of the latest task logs that I ran:

 

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

 

Adware Removal Tool v3.9

Time: 2015_07_02_10_58_32

OS: Windows 7 - 64 Bit

Account Name: pissed off

U0L0S20

 

\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

 

Deleted - File - C:\Users\pissed off\Appdata\LocalLow\ActivePath\provider_icons\babylon.ico

Deleted - File - C:\Users\pissed off\Appdata\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.ico

Deleted - File - C:\Users\pissed off\Appdata\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.xml

Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\Smartbar\CR:revertdata.ct3286042.pagenotfoundurl

Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\Smartbar\CR:revertdata.ct3286042.newtaburl

Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\Smartbar\CR:revertdata.ct3289663.pagenotfoundurl

Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\Smartbar\CR:revertdata.ct3289663.newtaburl

Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:dllname

Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid

Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}:dllname

Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}:dllname

Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}:dllname

Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}:dllname

Deleted - RegistryKey - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software:Smartbar

Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}

Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2EECD738-5844-4A99-B4B6-146BF802613B}

Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}

Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{98889811-442D-49DD-99D7-DC866BE87DBC}

 

\\ Finished

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

 

Adware Removal Tool v3.9

Time: 2015_07_02_10_58_32

OS: Windows 7 - 64 Bit

Account Name: pissed off

U0L0S20

 

\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

 

Deleted - File - C:\Users\pissed off\Appdata\LocalLow\ActivePath\provider_icons\babylon.ico

Deleted - File - C:\Users\pissed off\Appdata\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.ico

Deleted - File - C:\Users\pissed off\Appdata\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.xml

Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\Smartbar\CR:revertdata.ct3286042.pagenotfoundurl

Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\Smartbar\CR:revertdata.ct3286042.newtaburl

Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\Smartbar\CR:revertdata.ct3289663.pagenotfoundurl

Deleted - RegistryValueData - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software\Smartbar\CR:revertdata.ct3289663.newtaburl

Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:dllname

Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid

Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}:dllname

Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}:dllname

Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}:dllname

Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}:dllname

Deleted - RegistryKey - HKEY_CURRENT_USER\SOFTWARE\AppDataLow\Software:Smartbar

Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}

Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2EECD738-5844-4A99-B4B6-146BF802613B}

Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}

Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{98889811-442D-49DD-99D7-DC866BE87DBC}

 

\\ Finished

 

---------------------------------------------------------------------------------------------------------------------------------------------

 

~ ZHPCleaner v2015.7.1.286 by Nicolas Coolman (2015\07\01)
~ Run by pissed off (Administrator)  (02/07/2015 11:17:51)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\pissed off\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\pissed off\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)

---\\  Services (0)
~ No malicious items found.

---\\  Browser internet (0)
~ No malicious items found.

---\\  Hosts file (0)
~ No malicious items found.

---\\  Scheduled automatic tasks. (0)
~ No malicious items found.

---\\  Explorer ( File, Folder) (5)
MOVED folder: C:\ProgramData\InstallMate (PUP.Tarma)
MOVED folder: C:\Users\pissed off\AppData\LocalLow\BBroowsee2save (Adware.Multiplug)
MOVED folder: C:\Users\pissed off\AppData\LocalLow\BrouwsEe2save (Adware.Multiplug)
MOVED folder: C:\Users\pissed off\AppData\LocalLow\Browosse2save (Adware.Multiplug)
MOVED folder: C:\Users\pissed off\AppData\LocalLow\saafEE. save (Adware.Multiplug)

---\\  Registry ( Key, Value, Data) (1)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] (Toolbar.Ask)

---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Google Chrome)
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)

---\\ Statistics
~ Items scanned : 653
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 6

End of clean at 11:18:05
===================
ZHPCleaner-[R]-02072015-11_18_05.txt
ZHPCleaner-[S]-02072015-11_16_58.txt

 

--------------------------------------------------------------------------------------------------------------------------------

 Results of screen317's Security Check version 1.004 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````

 Windows Firewall Enabled! 
Microsoft Security Essentials  
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Zemana AntiMalware   
 Adobe Reader XI 
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 mbamscheduler.exe   
 Zemana AntiMalware ZAM.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

 

---------------------------------------------------------------------------------------------------------------------------------

 

MiniToolBox by Farbar  Version: 01-07-2015
Ran by pissed off (administrator) on 02-07-2015 at 11:34:17
Running from "C:\Users\pissed off\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: ET1331G Manufacturer: eMachines
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
Hosts file not detected in the default directory
========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet  = Local Area Connection (Connected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=enabled

popd
# End of IPv4 configuration

 

----------------------------------------------------------------------------------------------------------------------------------

 

C:\Users\All Users\Spybot - Search & Destroy\Recovery\myPCBackup.zip Win32/Bagle.gen.zip worm 
C:\Users\All Users\Spybot - Search & Destroy\Recovery\VuuPC.zip Win32/Bagle.gen.zip worm 
C:\N360_BACKUP\{913789F6-567B-4605-86AD-E2FFD67A5D99}\{3\120CE1B-C881-4540-B0B5-96CF03276D28} Win32/PriceGong.B potentially unwanted application cleaned by deleting - quarantined
C:\N360_BACKUP\{913789F6-567B-4605-86AD-E2FFD67A5D99}\{3\5A227C4-9B17-4A11-A947-79271AE33E3E} Win32/PriceGong.B potentially unwanted application cleaned by deleting - quarantined
C:\N360_BACKUP\{913789F6-567B-4605-86AD-E2FFD67A5D99}\{7\F98D80F-71D1-4DA4-852F-CE837B0337C8} Win32/PriceGong.B potentially unwanted application cleaned by deleting - quarantined
C:\Program Files\Adware-Removal-Tool\ARTP3.exe MSIL/FakeTool.PS trojan cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\myPCBackup.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\VuuPC.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\14sknlcr.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application cleaned by deleting - quarantined
C:\Users\pissed off\Desktop\C Cleaner.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\pissed off\Desktop\Speccy.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\pissed off\Downloads\ripsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
C:\Users\pissed off\Downloads\SetupImgBurn_2.5.7.0.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
C:\Users\pissed off\Pictures\winzip18-home.exe a variant of Win32/InstallCore.PP potentially unwanted application cleaned by deleting - quarantined

----------------------------------------------------------------------------------------------------------------------------------

Again, thank you for your time. Have a good day!!    CJ

 

 



#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 03 July 2015 - 10:44 AM

Download Malwrebytes from the link below.
https://www.malwarebytes.org/
Select update.
jBVKBI0.png
Then Select Scan Now.
js1M2HF.png
Once the scan is completed.
Remove anything found.
Then go to the History tab.
Then go to the application logs.
Then go to scan log.
Export.
Copy to clipboard.
Post it here in your next reply.

 

 

9-Lab Scan
 
Download 9-Lab Removal Tool. from one of the links below.

CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
 

http://9-lab.com/download/

Install the program onto your computer, then right click the icon RRXH2ZG.jpg run as administrator.

Go to the Update tab and update the program.

 

 

7RdkPsQ.png



Now go to the scanner tab and select Full Scan.

Upon Scan Completion Click Show Results.

FihDIFx.png

Now click the Clean button.

eCCJKcA.png

Once done cleaning you can go to the logs tab double click it and copy paste in your next reply.

 

 

Download Malwarebytes Anti-Rootkit to your desktop.

  • Double-click the icon to start the tool.
  • It will ask you where to extract make sure it is on the desktop.
  • Malwarebytes Anti-Rootkit needs to be run from an account with admin rights.
  • Click next to continue.
  • Then Click Update
  • Once the update is Finished select Next then Scan.
  • If no malware has been found, at the end of scan select Exit
  • If an infection was found, make sure to select all items and click Cleanup.
  • Reboot your machine.
  • Open the MBAR folder and paste the content of the following into your next reply:
  • mbar-log-{date} (xx-xx-xx).txt
  • system-log.txt


#8 Onesouthernirish

Onesouthernirish
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Estill Springs, Tennessee
  • Local time:06:19 PM

Posted 23 July 2015 - 01:10 PM

Hello ~

I apologize for the delay in my response. My husband & I were out of state and away from our computer due to work. I received a text from a friend I rarely communicate with and he said he received an email which he thought was from me, but the address was slightly different. It was Onesouthernirish2@meantome.com. He said he clicked the link on his phone & it took him to a "forbidden" Apache server website. I thought I would mention this to you because I don't understand it. I have included my logs for the last tasks you had me complete. Thank you for your time... CJ

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 7/23/2015

Scan Time: 2:21 AM

Logfile:

Administrator: Yes

 

Version: 2.1.8.1057

Malware Database: v2015.07.22.07

Rootkit Database: v2015.07.22.01

License: Premium

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: pissed off

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 403815

Time Elapsed: 17 min, 20 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

------------------------------------------------------------------------------------------------------------------------------------------

9-lab Removal Tool 1.0.0.36 BETA
9-lab.com

Database version: 110.32838

Windows 7 Service Pack 1 (Version 6.1, Build 7601, 64-bit Edition)
Internet Explorer 9.11.9600.17914
pissed off :: PISSEDOFF-PC

7/23/2015 10:54:55 AM
9lab-log-2015-07-23 (10-54-55).txt

Scan type: Full
Objects scanned: 48632
Time Elapsed: 45 m 8 s

Registry Keys detected: 5
Adware.RPL.Gen.bot [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mirarsearch.com]
Adware.RPL.Gen.bot [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mirarsearch.com]
Adware.RPL.Gen.bot [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\getmirar.com]
Adware.RPL.Gen.bot [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\getmirar.com]
Adware.RPL.Gen.vb [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}]

Registry Values detected: 1
Risk.IEPath [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command (Default)]

Files detected: 44
[E5DF9EF56A33D08F1B8B44D30FB87E7A] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\BBroowsee2save\BBroowsee2save.dat]
[1B1E822F328CB0A7A167ECE219256CFA] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\BrouwsEe2save\BrouwsEe2save.dat]
[E78F370AC79D99429AA01B3B8990C8ED] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\Browosse2save\Browosse2save.dat]
[4F049DF04459A20C3645EC6D27034350] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\saafEE. save\saafEE. save.dat]
[4613887821AEA43D2F20D7EA612A4326] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{2C73C6DF-A862-4A53-A8B8-E040F790E429}\20130406111520.log]
[3098560D697E6C9F26C6CC8A71ECE7D4] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{2C73C6DF-A862-4A53-A8B8-E040F790E429}\Readme.txt]
[53A56CB7D11F8C8C2F193CCFAB149D0A] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{2C73C6DF-A862-4A53-A8B8-E040F790E429}\Setup.dat]
[882856E78F7E4D88F710939489D9F2BF] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{2C73C6DF-A862-4A53-A8B8-E040F790E429}\Setup.ico]
[81498547760C62A7A3EC59AE25BC6656] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{2C73C6DF-A862-4A53-A8B8-E040F790E429}\_Setup.dll]
[04C4F9BC6F79541BEAD9E38F651E728B] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{38001164-DB36-42FB-A010-9314E3E33392}\20130406111844.log]
[3098560D697E6C9F26C6CC8A71ECE7D4] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{38001164-DB36-42FB-A010-9314E3E33392}\Readme.txt]
[731CF79EAE03010AB19ED605B646F491] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{38001164-DB36-42FB-A010-9314E3E33392}\Setup.dat]
[882856E78F7E4D88F710939489D9F2BF] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{38001164-DB36-42FB-A010-9314E3E33392}\Setup.ico]
[81498547760C62A7A3EC59AE25BC6656] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{38001164-DB36-42FB-A010-9314E3E33392}\_Setup.dll]
[2C09D8D575849D863E5F23415EB02FB4] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{6F66F32B-4188-4379-A192-09AAB485D1DD}\20130407080454.log]
[3098560D697E6C9F26C6CC8A71ECE7D4] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{6F66F32B-4188-4379-A192-09AAB485D1DD}\Readme.txt]
[8D5A68C64F79E619A6574C92EC8D54E4] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{6F66F32B-4188-4379-A192-09AAB485D1DD}\Setup.dat]
[882856E78F7E4D88F710939489D9F2BF] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{6F66F32B-4188-4379-A192-09AAB485D1DD}\Setup.ico]
[81498547760C62A7A3EC59AE25BC6656] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{6F66F32B-4188-4379-A192-09AAB485D1DD}\_Setup.dll]
[3518D210FC74DEDCE5E8290AA82BE610] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{AD1C2FC0-088D-40B1-A25A-40AF76FF0D36}\20130709155614.log]
[261F1F9D78F59EC9030C7BA1619768DE] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{AD1C2FC0-088D-40B1-A25A-40AF76FF0D36}\Readme.txt]
[C3B55C69D37F0A7657D87119C31B5EAA] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{AD1C2FC0-088D-40B1-A25A-40AF76FF0D36}\Setup.dat]
[FD7FFD6A90536AF8391733E3695E3740] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{AD1C2FC0-088D-40B1-A25A-40AF76FF0D36}\Setup.ico]
[52CBCB3241324AA782432AD280B402C7] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{AD1C2FC0-088D-40B1-A25A-40AF76FF0D36}\_Setup.dll]
[6B02CF94954EE2F925664F978188EC4B] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{CD1350BD-851B-4585-A76E-CD3916F0724B}\20130406101142.log]
[3098560D697E6C9F26C6CC8A71ECE7D4] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{CD1350BD-851B-4585-A76E-CD3916F0724B}\Readme.txt]
[E3F16383B8FC02F9844D823C6983ACCF] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{CD1350BD-851B-4585-A76E-CD3916F0724B}\Setup.dat]
[882856E78F7E4D88F710939489D9F2BF] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{CD1350BD-851B-4585-A76E-CD3916F0724B}\Setup.ico]
[81498547760C62A7A3EC59AE25BC6656] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{CD1350BD-851B-4585-A76E-CD3916F0724B}\_Setup.dll]
[311137174CAF9556C1E4654F0027DB69] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{F2F80482-4B5D-4EDB-AC30-037F291B2674}\20130405171326.log]
[3098560D697E6C9F26C6CC8A71ECE7D4] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{F2F80482-4B5D-4EDB-AC30-037F291B2674}\Readme.txt]
[452844DE76B86300A9E2B0673541E3BA] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{F2F80482-4B5D-4EDB-AC30-037F291B2674}\Setup.dat]
[882856E78F7E4D88F710939489D9F2BF] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{F2F80482-4B5D-4EDB-AC30-037F291B2674}\Setup.ico]
[81498547760C62A7A3EC59AE25BC6656] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Quarantine\{F2F80482-4B5D-4EDB-AC30-037F291B2674}\_Setup.dll]
[962CEA5062C27736E5D1BB6063C19317] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Tempo.txt]
[0B091B530C73E72044CE53DAA940F8AF] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\Trace.txt]
[072121E5C2C8BD461BC0D245B85F01A3] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\ZHPCleaner-[R]-02072015-11_18_05.txt]
[ACF8F0E06A7E88097FDCE7DC5A414662] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\ZHPCleaner-[S]-02072015-11_16_58.txt]
[BBE62B8E75AFFBEB1C88ECD41EEE6E16] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\ZHPCleaner.exe]
[CF8774C26248E420BC3344852B2C4C95] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\ZHPCleaner.txt]
[7B5E1D30E89E0EF1C86FECB977131673] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\ZHPCleaner_Quarantine.txt]
[720A138D3CBD4B40DC8FF0B697E6E1A9] Trojan.FPL.Rotbrow.vb [c:\users\pissed off\appdata\roaming\ZHP\ZHPQ_Files.txt]
[8D8B1F1C67453894F8D612CAA18EFC7A] Adware.PL.VGen.vb [c:\user.js]
[2B3AB1684C4F23722375F749C4583D13] Malware.Win32.Gen.sm [C:\Users\pissed off\Documents\JRT_NEW.exe]

-----------------------------------------------------------------------------------------------------------------------------------------
Malwarebytes anti root kit = CLEAN

 



#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:19 PM

Posted 25 July 2015 - 03:20 PM

Sorry for the delay, how are things now? Also the minitoolbox log is incomplete.



#10 Onesouthernirish

Onesouthernirish
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Estill Springs, Tennessee
  • Local time:06:19 PM

Posted 25 July 2015 - 06:09 PM

Hi ~ I was happy to see your post as I was out of state for awhile. My computer still seems like it's bogging down at times. Not quite as bad. I ran the mini tool box & here is the log for that:

 

MiniToolBox by Farbar  Version: 01-07-2015
Ran by pissed off (administrator) on 25-07-2015 at 18:02:09
Running from "C:\Users\pissed off\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: ET1331G Manufacturer: eMachines
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
Hosts file not detected in the default directory
========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet  = Local Area Connection (Connected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=enabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : pissedoff-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
   Physical Address. . . . . . . . . : 00-25-11-57-40-88
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8960:41e5:bb44:cac0%9(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.5(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, July 24, 2015 10:35:23 AM
   Lease Expires . . . . . . . . . . : Sunday, July 26, 2015 10:35:23 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 241193024
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-28-C1-0B-00-25-11-57-40-88
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{8AAE4FCF-7C23-44D3-B348-DB9594E7CDEB}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4000:80b::200e
   173.194.115.8
   173.194.115.4
   173.194.115.3
   173.194.115.6
   173.194.115.9
   173.194.115.2
   173.194.115.5
   173.194.115.7
   173.194.115.0
   173.194.115.1
   173.194.115.14

Pinging google.com [216.58.218.206] with 32 bytes of data:
Reply from 216.58.218.206: bytes=32 time=44ms TTL=53
Reply from 216.58.218.206: bytes=32 time=42ms TTL=53

Ping statistics for 216.58.218.206:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 42ms, Maximum = 44ms, Average = 43ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
   2001:4998:58:c02::a9
   2001:4998:c:a06::2:4008
   98.138.253.109
   206.190.36.45
   98.139.183.24

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=83ms TTL=53
Reply from 206.190.36.45: bytes=32 time=82ms TTL=53

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 82ms, Maximum = 83ms, Average = 82ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  9...00 25 11 57 40 88 ......NVIDIA nForce 10/100 Mbps Ethernet
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 10...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.5     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.5    276
      192.168.1.5  255.255.255.255         On-link       192.168.1.5    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.5    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.5    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.5    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  9    276 fe80::/64                On-link
  9    276 fe80::8960:41e5:bb44:cac0/128
                                    On-link
  1    306 ff00::/8                 On-link
  9    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/25/2015 05:20:34 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x8002801D

Error: (07/25/2015 04:20:34 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x8002801D

Error: (07/25/2015 03:20:33 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x8002801D

Error: (07/25/2015 02:20:33 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x8002801D

Error: (07/25/2015 01:20:33 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x8002801D

Error: (07/25/2015 00:20:34 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x8002801D

Error: (07/25/2015 11:20:33 AM) (Source: Software Protection Platform Service) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x8002801D

Error: (07/25/2015 10:53:41 AM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17909 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ef8

Start Time: 01d0c6267bf46700

Termination Time: 838

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (07/25/2015 10:20:34 AM) (Source: Software Protection Platform Service) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x8002801D

Error: (07/25/2015 09:20:37 AM) (Source: Software Protection Platform Service) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x8002801D

System errors:
=============
Error: (07/25/2015 11:26:01 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 42. The internal error state is 250.

Error: (07/25/2015 10:35:24 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/25/2015 01:10:26 AM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.

Error: (07/24/2015 10:35:25 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/24/2015 09:03:05 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.

Error: (07/24/2015 10:35:26 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/24/2015 10:35:23 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/24/2015 10:35:20 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/24/2015 00:29:14 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (07/23/2015 00:29:01 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Microsoft Office Sessions:
=========================
Error: (07/25/2015 05:20:34 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x8002801D

Error: (07/25/2015 04:20:34 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x8002801D

Error: (07/25/2015 03:20:33 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x8002801D

Error: (07/25/2015 02:20:33 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x8002801D

Error: (07/25/2015 01:20:33 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x8002801D

Error: (07/25/2015 00:20:34 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x8002801D

Error: (07/25/2015 11:20:33 AM) (Source: Software Protection Platform Service)(User: )
Description: 0x8002801D

Error: (07/25/2015 10:53:41 AM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.17909ef801d0c6267bf46700838C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (07/25/2015 10:20:34 AM) (Source: Software Protection Platform Service)(User: )
Description: 0x8002801D

Error: (07/25/2015 09:20:37 AM) (Source: Software Protection Platform Service)(User: )
Description: 0x8002801D

CodeIntegrity Errors:
===================================
  Date: 2015-05-19 17:15:40.841
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-19 13:51:09.827
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-19 12:21:20.426
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-19 12:06:08.545
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-19 11:30:55.798
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-19 11:09:04.088
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-19 11:02:10.292
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-18 20:38:08.298
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-18 16:33:33.475
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-05-18 16:26:35.175
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

=========================== Installed Programs ============================

9-lab Removal Tool (HKLM-x32\...\9-lab Removal Tool) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon MP3 Downloader 1.0.18 (HKCU\...\Amazon MP3 Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
Amazon Music Importer (HKLM-x32\...\{3BAF1C25-33AA-AB09-0D89-1BAB227E5FB8}) (Version: 3.1.0 - Amazon Services LLC) Hidden
Amazon Music Importer (HKLM-x32\...\com.amazon.music.uploader) (Version: 3.1.0 - Amazon Services LLC)
ANT Drivers Installer x64 (HKLM\...\{D51F5621-37A3-4B72-A761-2A9E2BBEA76D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.12005.2 - Cisco Consumer Products LLC)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DetectorTools (HKLM-x32\...\{30673869-977C-45B1-9D00-D6C1F630C5C9}) (Version: 1.11.0 - Escort)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.28 - DivX, LLC)
Elevated Installer (HKLM-x32\...\{206BC484-44FD-45D5-89E3-D2506E92DBFE}) (Version: 4.0.23.0 - Garmin Ltd or its subsidiaries) Hidden
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3002 - Acer Incorporated)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fine Cooking Archive (HKLM-x32\...\{08BCE0B4-8085-4BA8-8516-0CCE101AD9FE}) (Version: 13.2.1.1 - Taunton)
Garmin Communicator Plugin (HKLM-x32\...\{17079027-EB8A-42C6-9BF8-825B78889F6A}) (Version: 4.0.1 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{EB418DDD-5365-4381-87F6-D8BBB21CC1CA}) (Version: 4.0.1 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{6f56bdd5-41e5-4ad6-a03a-76bd4debc2d4}) (Version: 4.0.23.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{92905ECE-A646-49F9-886D-B0873DAC47D8}) (Version: 4.0.23.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{05B47505-F03F-45DD-83D5-CFE7A941F4EA}) (Version: 4.0.23.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.1 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version:  - )
LSI PCI-SV92PP Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 and SOAP Toolkit 3.0 (HKLM-x32\...\{32343DB6-9A52-40C9-87E4-5E7C79791C87}) (Version: 1.0.0.0 - Webroot Software, Inc.) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version:  - )
NVIDIA Graphics Driver 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PVSonyDll (HKLM\...\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}) (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.3.11079 - Skype Technologies S.A.)
Smart DVD Creator 4.4.1.248 (HKLM-x32\...\Smart DVD Creator_is1) (Version: 4.4.1.248 - SmartSoft)
SYNC My Phone version 1.3 (HKLM-x32\...\{B368A8A5-B532-4728-9E50-DC3B2C983CBF}_is1) (Version: 1.3 - Ford Motor Company)
System Ninja version 3.0.7 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.0.7 - SingularLabs)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - ESCORT Inc. (WinUSB) MyDeviceClass  (05/21/2013 ) (HKLM\...\339B7A8F3F3C10AA41030B876159242270CF93F9) (Version: 05/21/2013  - ESCORT Inc.)
Windows Driver Package - ESCORT, Inc. (usbser) Ports  (01/15/2013 1.0.0.0) (HKLM\...\C3A68AE56C189121787C8B61800B0DB5521FC891) (Version: 01/15/2013 1.0.0.0 - ESCORT, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Wipe (HKLM\...\wipe) (Version: 2015.06 - PrivacyRoot.com)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.16.633 - Zemana Ltd.)

========================= Devices: ================================

Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AntiLog32
Device ID: ROOT\LEGACY_ANTILOG32\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

========================= Memory info: ===================================

Percentage of memory in use: 68%
Total physical RAM: 5887.37 MB
Available physical RAM: 1834.73 MB
Total Virtual: 11772.94 MB
Available Virtual: 6814.3 MB

========================= Partitions: =====================================

1 Drive c: (eMachines) (Fixed) (Total:683.54 GB) (Free:568.38 GB) NTFS
2 Drive d: (Fine Cooking Arc) (CDROM) (Total:2.51 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\PISSEDOFF-PC

Administrator            Guest                    pissed off              
UpdatusUser             

**** End of log ****



#11 Onesouthernirish

Onesouthernirish
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Estill Springs, Tennessee
  • Local time:06:19 PM

Posted 09 August 2015 - 03:16 PM

Hello. My computer is still running slow & bogging down. Do you have any other instructions for me??

#12 Onesouthernirish

Onesouthernirish
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Estill Springs, Tennessee
  • Local time:06:19 PM

Posted 20 August 2015 - 10:59 AM

  1. Hello Again. Do you have anymore tasks for me to complete on my computer? It is still running very slowly and the fan in the CPU runs a lot. Thank You... CJ





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users