Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browsers pop up "ads by adfreeapp". Plugins & control panel look clean.


  • Please log in to reply
5 replies to this topic

#1 paan_singh_tomar

paan_singh_tomar

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 01 July 2015 - 03:50 PM

I have tried Windows Defender, Adwcleaner, Registry Recycler and Hitman Pro. Even the control panel and the processes in the task manager look clean. But the "ads by adfreeapp" keep on popping up and pestering me, in the google seardch results as well as when I open a new website. A simple google search shows in the status bar "Waiting for istatic.eshopcomp.com", "Waiting for pstatic.eshopcomp.com" and other suspicious statuses.

 

There are no extensions installed in chrome. Initially there used to be and by disabling them, chrome used to return to normal but now the adware doesn't seem to be prevalent as an extension there.

 

Occasionally firefox shows an add-on installed by some other name (when it gets infected) and starts working fine when I disable the add on. But chrome is stuck with the adware, it seems.

 

I'm running windows 8.1.



BC AdBot (Login to Remove)

 


#2 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:06:25 AM

Posted 01 July 2015 - 04:05 PM

Hello and welcome,

 

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:

§  Flush DNS

§  Report IE Proxy Settings

§  Reset IE Proxy Settings

§  Report FF Proxy Settings

§  Reset FF Proxy Settings

§  List content of Hosts

§  List IP configuration

§  List Winsock Entries

§  List last 10 Event Viewer log

§  List Installed Programs

§  List Devices

§  List Users, Partitions and Memory size.

§  List Minidump Files

§  List Restore Points

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

 

-----

 

ESET Online Scanner

§  Click here to download the installer for ESET Online Scanner and save it to your Desktop.

§  Disable all your antivirus and antimalware software - see how to do that here.

§  Right click on esetsmartinstaller_enu.exe and select Run as Administrator.

§  Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.

§  Select Enable detection of potentially unwanted applications.

§  Click Advanced Settings, then place a checkmark in the following:

o    Remove found threats

o    Scan archives

o    Scan for potentially unsafe applications

o    Enable Anti-Stealth technology

§  Click Start to begin scanning.

§  ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.

§  When the scan is done, click List threats (only available if ESET Online Scanner found something).

§  Click Export, then save the file to your desktop.

§  Click Back, then Finish to exit ESET Online Scanner.

 

----

 

Please download Malwarebytes Anti-Malware (MBAM) to your desktop.

NOTE. If you already have MBAM 2.0 installed scroll down.

 

§  Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.

§  At the end, be sure a checkmark is placed next to the following:
 

o    Launch Malwarebytes Anti-Malware

o    A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

 

§  Click Finish.

§  On the Dashboard, click the 'Update Now >>' link

§  After the update completes, on Settings tab, set under Detection and Protection next options: 

1. 'Scan for rootkits'

2. Non-Malware Protection, for 'PUP detections', check, 'Threat detections as malware' option.

§  Return to Dashboard, click the 'Scan Now >>' button.

§  A Threat Scan will begin.

§  When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

§  In most cases, a restart will be required.

§  Wait for the prompt to restart the computer to appear, than click on Yes.



If you already have MBAM 2.0 installed:

 

§  On the Dashboard, click the 'Update Now >>' link.

§  After the update completes, on Settings tab, set under Detection and Protection next options: 

1. 'Scan for rootkits'

2. Non-Malware Protection, for 'PUP detections', check, 'Threat detections as malware' option.

§  Return to Dashboard, click the Scan Now >> button.

§  A Threat Scan will begin.

§  When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

§  In most cases, a restart will be required.

§  Wait for the prompt to restart the computer to appear, than click on Yes.

 

§  After the restart once you are back at your desktop, open MBAM once more.

§  Click on the History tab > Application Logs.

§  Double click on the Scan Log which shows the Date and time of the scan just performed.

§  Click 'Export'.

§  Click 'Copy to Clipboard'

§  Paste the contents of the clipboard into your reply.

-------

 

Run again AdwCleaner:

§  Close all open programs and internet browsers.

§  Double click on adwcleaner.exe to run the tool.

§  Click on Scan button.

§  When the scan has finished click on Clean button.

§  Your computer will be rebooted automatically. A text file will open after the restart.

§  Please post the contents of that logfile with your next reply.

§  You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

 

-----

Please download Junkware Removal Tool to your desktop.

§  Shut down your protection software now to avoid potential conflicts.

§  Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

§  The tool will open and start scanning your system.

§  Please be patient as this can take a while to complete depending on your system's specifications.

§  On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

§  Post the contents of JRT.txt into your next message.


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#3 paan_singh_tomar

paan_singh_tomar
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 02 July 2015 - 03:37 AM

The problem seems to have gone away after the last restart (after the JRT tool. The adware was still prevalent after all the previous searches.). Probably JRT did the trick :D

I will post again if the adware reappears.
 

Thanks. :)

 

Anyway, here are the scan reports  you asked for:

 

 

 

 

 

MiniToolBox by Farbar  Version: 01-07-2015

Ran by Tarang (administrator) on 02-07-2015 at 02:45:20
Running from "C:\Users\Tarang Goyal\Downloads"
Microsoft Windows 8.1 Pro  (X64)
Model: HP ENVY 4 Notebook PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.backup.ftp", ""
"network.proxy.backup.ftp_port", 0
"network.proxy.backup.socks", "localhost"
"network.proxy.backup.socks_port", 9999
"network.proxy.backup.ssl", ""
"network.proxy.backup.ssl_port", 0
"network.proxy.ftp", "proxy.iiit.ac.in"
"network.proxy.ftp_port", 8080
"network.proxy.http", "proxy.iiit.ac.in"
"network.proxy.http_port", 8080
"network.proxy.no_proxies_on", " localhost, 127.0.0.1, iiit.ac.in, .iiit.ac.in, iiit.net, .iiit.net, 172.16.0.0/12, 192.168.0.0/16, 10.0.0.0/8"
"network.proxy.share_proxy_settings", true
"network.proxy.socks", "proxy.iiit.ac.in"
"network.proxy.socks_port", 8080
"network.proxy.socks_remote_dns", true
"network.proxy.ssl", "proxy.iiit.ac.in"
"network.proxy.ssl_port", 8080
"network.proxy.type", 0
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Broadcom 4313GN 802.11b/g/n 1x1 Wi-Fi Adapter = WiFi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
PdaNet Broadband Adapter = Local Area Connection (Media disconnected)
TAP-Win32 Adapter V9 = Local Area Connection 2 (Media disconnected)
Hyper-V Virtual Ethernet Adapter = vEthernet (TAP-Win32 Adapter V9 Virtual Switch) (Media disconnected)
Hyper-V Virtual Ethernet Adapter = vEthernet (Realtek PCIe GBE Family Controller Virtual Switch) (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 14" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="wireless_11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="vEthernet (TAP-Win32 Adapter V9 Virtual Switch)" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="vEthernet (Realtek PCIe GBE Family Controller Virtual Switch)" forwarding=enabled advertise=enabled metric=31 nud=enabled ignoredefaultroutes=disabled
set interface interface="WiFi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Tarang-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Mixed
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : PdaNet Broadband Adapter
   Physical Address. . . . . . . . . : 00-26-37-BD-39-42
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter vEthernet (Realtek PCIe GBE Family Controller Virtual Switch):
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter #3
   Physical Address. . . . . . . . . : 28-92-4A-19-89-66
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter vEthernet (TAP-Win32 Adapter V9 Virtual Switch):
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter #2
   Physical Address. . . . . . . . . : 00-FF-E8-BE-1C-EC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 86-4B-F5-39-C0-85
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 14:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
   Physical Address. . . . . . . . . : 84-4B-F5-39-C0-85
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 08-ED-B9-EA-9B-1F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter WiFi:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Broadcom 4313GN 802.11b/g/n 1x1 Wi-Fi Adapter
   Physical Address. . . . . . . . . : 84-4B-F5-39-C0-85
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::e9c9:7fe5:592:2a42%4(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.4(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, July 2, 2015 12:56:19 AM
   Lease Expires . . . . . . . . . . : Friday, July 3, 2015 12:56:29 AM
   Default Gateway . . . . . . . . . : 10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 327437301
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-A9-A6-DB-28-92-4A-19-89-66
   DNS Servers . . . . . . . . . . . : 10.0.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{4373937F-56C7-4A70-9213-92950FE561F0}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 13:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:18c4:d729:8a38:e8cb(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::18c4:d729:8a38:e8cb%7(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 184549376
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-A9-A6-DB-28-92-4A-19-89-66
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  10.0.0.1
 
Name:    google.com
Addresses:  2404:6800:4009:805::200e
 216.58.196.14
 
 
Pinging google.com [216.58.196.14] with 32 bytes of data:
Reply from 216.58.196.14: bytes=32 time=106ms TTL=55
Reply from 216.58.196.14: bytes=32 time=109ms TTL=55
 
Ping statistics for 216.58.196.14:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 106ms, Maximum = 109ms, Average = 107ms
Server:  UnKnown
Address:  10.0.0.1
 
Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
 2001:4998:c:a06::2:4008
 2001:4998:44:204::a7
 98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=355ms TTL=48
Reply from 98.138.253.109: bytes=32 time=355ms TTL=48
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 355ms, Maximum = 355ms, Average = 355ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 25...00 26 37 bd 39 42 ......PdaNet Broadband Adapter
 24...28 92 4a 19 89 66 ......Hyper-V Virtual Ethernet Adapter #3
 22...00 ff e8 be 1c ec ......Hyper-V Virtual Ethernet Adapter #2
  9...86 4b f5 39 c0 85 ......Microsoft Wi-Fi Direct Virtual Adapter
  8...84 4b f5 39 c0 85 ......Microsoft Hosted Network Virtual Adapter
  6...08 ed b9 ea 9b 1f ......Bluetooth Device (Personal Area Network)
  4...84 4b f5 39 c0 85 ......Broadcom 4313GN 802.11b/g/n 1x1 Wi-Fi Adapter
  1...........................Software Loopback Interface 1
 27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
  7...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1         10.0.0.4     30
         10.0.0.0    255.255.255.0         On-link          10.0.0.4    286
         10.0.0.4  255.255.255.255         On-link          10.0.0.4    286
       10.0.0.255  255.255.255.255         On-link          10.0.0.4    286
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.0.0.4    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link          10.0.0.4    286
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  7    306 ::/0                     On-link
  1    306 ::1/128                  On-link
  7    306 2001::/32                On-link
  7    306 2001:0:9d38:90d7:18c4:d729:8a38:e8cb/128
                                    On-link
  4    286 fe80::/64                On-link
  7    306 fe80::/64                On-link
  7    306 fe80::18c4:d729:8a38:e8cb/128
                                    On-link
  4    286 fe80::e9c9:7fe5:592:2a42/128
                                    On-link
  1    306 ff00::/8                 On-link
  4    286 ff00::/8                 On-link
  7    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\WINDOWS\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/02/2015 02:41:23 AM) (Source: Application Error) (User: )
Description: Faulting application name: hotfix.exe, version: 1.4.1572.0, time stamp: 0x4919b4d5
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc0000005
Fault offset: 0x00040feb
Faulting process ID: 0x1ec
Faulting application start time: 0xhotfix.exe0
Faulting application path: hotfix.exe1
Faulting module path: hotfix.exe2
Report ID: hotfix.exe3
Faulting package full name: hotfix.exe4
Faulting package-relative application ID: hotfix.exe5
 
Error: (07/02/2015 02:41:21 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft SQL Server 2005 Tools Express Edition - Update 'GDR 3077 for SQL Server Tools and Workstation Components 2005 ENU (KB960089)' could not be installed. Error code 1603. Additional information is available in the log file C:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\LOG\Hotfix\SQLTools9_Hotfix_KB960089_sqlrun_tools.msp.log.
 
Error: (07/02/2015 02:41:21 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft SQL Server 2005 Tools Express Edition -- Error 29527. The setup has encountered an unexpected error in datastore. The action is SetInstanceProperty. The error is :  Source File Name: datastore\cachedpropertycollection.cpp
Compiler Timestamp: Thu Dec  4 08:07:40 2008
     Function Name: CachedPropertyCollection::findProperty
Source Line Number: 138
----------------------------------------------------------
Failed to read property "InstallIds" {"MachineConfiguration", "", "TARANG-PC"} from cache
 Source File Name: datastore\cachedpropertycollection.cpp
Compiler Timestamp: Thu Dec  4 08:07:40 2008
    Function Name: CachedPropertyCollection::setProperty
Source Line Number: 164
----------------------------------------------------------
Unable to write property into cache: IsClustered
 Source File Name: datastore\datastorecacheschema.cpp
Compiler Timestamp: Thu Dec  4 08:07:40 2008
    Function Name: DataStoreCacheSchema::writeProperty
Source Line Number: 115
----------------------------------------------------------
Unable to write property into cache: "IsClustered"
 Source File Name: datastore\datastorecachexmlschema.cpp
Compiler Timestamp: Thu Dec  4 08:07:40 2008
    Function Name: DataStoreCacheXMLSchema::initScopeRecord
Source Line Number: 81
----------------------------------------------------------
XmlRW Error: Failure loading xmlrw.dll
 Source File Name: datastore\datastorecachexmlschema.cpp
Compiler Timestamp: Thu Dec  4 08:07:40 2008
    Function Name: DataStoreCacheXMLSchema::initScopeRecord
Source Line Number: 80
----------------------------------------------------------
CheckAllProcedures() returned: 2
 
Error: (07/02/2015 01:09:38 AM) (Source: Application Error) (User: )
Description: Faulting application name: SystemSettings.exe, version: 6.3.9600.17489, time stamp: 0x5465bbd5
Faulting module name: Windows.UI.Xaml.dll, version: 6.3.9600.17477, time stamp: 0x5452dca5
Exception code: 0xc0000005
Fault offset: 0x0000000000609704
Faulting process ID: 0x16c0
Faulting application start time: 0xSystemSettings.exe0
Faulting application path: SystemSettings.exe1
Faulting module path: SystemSettings.exe2
Report ID: SystemSettings.exe3
Faulting package full name: SystemSettings.exe4
Faulting package-relative application ID: SystemSettings.exe5
 
Error: (07/02/2015 00:56:34 AM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - Unspecified error
 
Error: (07/02/2015 00:56:28 AM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - Unspecified error
 
Error: (07/02/2015 00:46:14 AM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - Unspecified error
 
Error: (07/02/2015 00:46:07 AM) (Source: Microsoft-Windows-User Profiles Service) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
 DETAIL - Unspecified error
 
Error: (07/02/2015 00:45:19 AM) (Source: Application Error) (User: )
Description: Faulting application name: hotfix.exe, version: 1.4.1572.0, time stamp: 0x4919b4d5
Faulting module name: hotfix.exe, version: 1.4.1572.0, time stamp: 0x4919b4d5
Exception code: 0xc0000005
Fault offset: 0x00090e9a
Faulting process ID: 0x1740
Faulting application start time: 0xhotfix.exe0
Faulting application path: hotfix.exe1
Faulting module path: hotfix.exe2
Report ID: hotfix.exe3
Faulting package full name: hotfix.exe4
Faulting package-relative application ID: hotfix.exe5
 
Error: (07/02/2015 00:45:17 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft SQL Server 2005 Tools Express Edition - Update 'GDR 3077 for SQL Server Tools and Workstation Components 2005 ENU (KB960089)' could not be installed. Error code 1603. Additional information is available in the log file C:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\LOG\Hotfix\SQLTools9_Hotfix_KB960089_sqlrun_tools.msp.log.
 
 
System errors:
=============
Error: (07/02/2015 02:41:29 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for SQL Server 2005 Service Pack 2 (KB960089).
 
Error: (07/02/2015 00:55:46 AM) (Source: DCOM) (User: TARANG-PC)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (07/02/2015 00:55:32 AM) (Source: DCOM) (User: TARANG-PC)
Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}
 
Error: (07/02/2015 00:55:32 AM) (Source: DCOM) (User: TARANG-PC)
Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}
 
Error: (07/02/2015 00:55:31 AM) (Source: DCOM) (User: TARANG-PC)
Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}
 
Error: (07/02/2015 00:55:31 AM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: 
%%1068
 
Error: (07/02/2015 00:55:31 AM) (Source: DCOM) (User: TARANG-PC)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (07/02/2015 00:55:22 AM) (Source: DCOM) (User: TARANG-PC)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (07/02/2015 00:55:03 AM) (Source: DCOM) (User: TARANG-PC)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (07/02/2015 00:54:58 AM) (Source: DCOM) (User: TARANG-PC)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
 
Microsoft Office Sessions:
=========================
Error: (07/02/2015 02:41:23 AM) (Source: Application Error)(User: )
Description: hotfix.exe1.4.1572.04919b4d5ntdll.dll6.3.9600.17736550f42c2c000000500040feb1ec01d0b441af46a975d:\670c3064bd75c3846c283c928a295616\hotfix.exeC:\WINDOWS\SYSTEM32\ntdll.dllb9d56111-2035-11e5-800b-08edb9ea9b1f
 
Error: (07/02/2015 02:41:21 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft SQL Server 2005 Tools Express EditionGDR 3077 for SQL Server Tools and Workstation Components 2005 ENU (KB960089)1603C:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\LOG\Hotfix\SQLTools9_Hotfix_KB960089_sqlrun_tools.msp.log(NULL)(NULL)
 
Error: (07/02/2015 02:41:21 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: Microsoft SQL Server 2005 Tools Express Edition -- Error 29527. The setup has encountered an unexpected error in datastore. The action is SetInstanceProperty. The error is :  Source File Name: datastore\cachedpropertycollection.cpp
Compiler Timestamp: Thu Dec  4 08:07:40 2008
     Function Name: CachedPropertyCollection::findProperty
Source Line Number: 138
----------------------------------------------------------
Failed to read property "InstallIds" {"MachineConfiguration", "", "TARANG-PC"} from cache
 Source File Name: datastore\cachedpropertycollection.cpp
Compiler Timestamp: Thu Dec  4 08:07:40 2008
    Function Name: CachedPropertyCollection::setProperty
Source Line Number: 164
----------------------------------------------------------
Unable to write property into cache: IsClustered
 Source File Name: datastore\datastorecacheschema.cpp
Compiler Timestamp: Thu Dec  4 08:07:40 2008
    Function Name: DataStoreCacheSchema::writeProperty
Source Line Number: 115
----------------------------------------------------------
Unable to write property into cache: "IsClustered"
 Source File Name: datastore\datastorecachexmlschema.cpp
Compiler Timestamp: Thu Dec  4 08:07:40 2008
    Function Name: DataStoreCacheXMLSchema::initScopeRecord
Source Line Number: 81
----------------------------------------------------------
XmlRW Error: Failure loading xmlrw.dll
 Source File Name: datastore\datastorecachexmlschema.cpp
Compiler Timestamp: Thu Dec  4 08:07:40 2008
    Function Name: DataStoreCacheXMLSchema::initScopeRecord
Source Line Number: 80
----------------------------------------------------------
CheckAllProcedures() returned: 2
(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (07/02/2015 01:09:38 AM) (Source: Application Error)(User: )
Description: SystemSettings.exe6.3.9600.174895465bbd5Windows.UI.Xaml.dll6.3.9600.174775452dca5c0000005000000000060970416c001d0b435aac5c35aC:\Windows\ImmersiveControlPanel\SystemSettings.exeC:\Windows\System32\Windows.UI.Xaml.dlle8a8a058-2028-11e5-800b-08edb9ea9b1f
 
Error: (07/02/2015 00:56:34 AM) (Source: Microsoft-Windows-User Profiles Service)(User: NT AUTHORITY)
Description: Unspecified error
 
Error: (07/02/2015 00:56:28 AM) (Source: Microsoft-Windows-User Profiles Service)(User: NT AUTHORITY)
Description: Unspecified error
 
Error: (07/02/2015 00:46:14 AM) (Source: Microsoft-Windows-User Profiles Service)(User: NT AUTHORITY)
Description: Unspecified error
 
Error: (07/02/2015 00:46:07 AM) (Source: Microsoft-Windows-User Profiles Service)(User: NT AUTHORITY)
Description: Unspecified error
 
Error: (07/02/2015 00:45:19 AM) (Source: Application Error)(User: )
Description: hotfix.exe1.4.1572.04919b4d5hotfix.exe1.4.1572.04919b4d5c000000500090e9a174001d0b4317b38d817d:\96eea7892fa1cfea82dd08a137585e\hotfix.exed:\96eea7892fa1cfea82dd08a137585e\hotfix.exe82a56960-2025-11e5-8008-08edb9ea9b1f
 
Error: (07/02/2015 00:45:17 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Microsoft SQL Server 2005 Tools Express EditionGDR 3077 for SQL Server Tools and Workstation Components 2005 ENU (KB960089)1603C:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\LOG\Hotfix\SQLTools9_Hotfix_KB960089_sqlrun_tools.msp.log(NULL)(NULL)
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-07-02 02:35:40.023
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-07-02 01:37:14.111
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-07-02 01:37:13.388
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-07-02 01:37:12.728
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-07-02 01:37:05.189
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-07-02 01:37:04.486
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-07-02 01:37:03.705
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-07-02 01:37:03.002
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-07-02 01:37:02.111
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-07-02 01:37:01.298
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
=========================== Installed Programs ============================
 
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.0 - )
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{7BABFA2A-D3AB-DC68-2A69-A8E8C1C43BCB}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVS Audio Editor 7.1 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 7.1.6.484 - Online Media Technologies Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 6.30.59.49 - Broadcom Corporation)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.5.5811 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Delete Doctor 2.3 (HKLM-x32\...\Delete Doctor) (Version: 2.3 - )
DisplayLink Core Software (HKLM\...\{61A641A9-9CC7-421F-85CD-A8CDDEE4E3F2}) (Version: 7.4.51572.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{C790E802-DB1C-402A-92FB-858AB2925BF6}) (Version: 7.4.51587.0 - DisplayLink Corp.)
Dropbox (HKCU\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
Edraw Max 7 (HKLM-x32\...\Edraw Max_is1) (Version:  - EdrawSoft)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Evernote v. 5.7.2 (HKLM-x32\...\{FB57263E-706F-11E4-A65F-00163E98E7D6}) (Version: 5.7.2.5753 - Evernote Corp.)
f.lux (HKCU\...\Flux) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Flash Loader Demonstrator V2.6.0 (HKLM-x32\...\{232BE5F9-6BFA-4915-AB15-A872B64FD507}) (Version: 2.6.0 - STMicroelectronics) Hidden
Flash Loader Demonstrator V2.6.0 (HKLM-x32\...\InstallShield_{232BE5F9-6BFA-4915-AB15-A872B64FD507}) (Version: 2.6.0 - STMicroelectronics)
FreeFixer (HKLM-x32\...\FreeFixer1.12) (Version: 1.12 - Kephyr)
Freemake Video Converter version 4.0.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.3 - Ellora Assets Corporation)
GitHub (HKCU\...\5f7eb300e2ea4ebf) (Version: 1.2.11.0 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Drive (HKLM-x32\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.27.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{0D3A6808-82B8-4BB1-BE5A-AED75B3F6C02}) (Version: 2.20.11 - Hewlett-Packard Company)
HP Port Replicator Software Installer (HKLM-x32\...\{6313BCDF-1109-4682-A19D-413189817787}) (Version: 1.3.19 - HP)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6417.0 - IDT)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.6.0.1002 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
MATLAB R2013a (HKLM\...\Matlab R2013a) (Version: 8.1 - The MathWorks, Inc.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Netbeans with TMC 0.8.8 (HKLM\...\nbi-tmcbeans-1.0.0.0.0) (Version:  - )
Open XML SDK 2.5 for Microsoft Office (HKLM-x32\...\{3EA16E23-14D2-466A-8268-D7CD40DC46B6}) (Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenVPN 2.2.2 (HKLM-x32\...\OpenVPN) (Version: 2.2.2 - )
PdaNet+ for Android 4.15 (HKLM-x32\...\PdaNet_is1) (Version:  - June Fabrics Technology Inc)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
PrtScr 1.5 (HKLM-x32\...\PrtScr_is1) (Version:  - FireStarter)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2 r2384 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27029 - Realtek Semiconductor Corp.)
Registry Recycler (HKLM-x32\...\Registry Recycler_is1) (Version: 0.9.2.8 - Developer Tribe (Pvt) Ltd.)
Reliance Netconnect - Broadband+ (HKLM\...\ZTEWireless-101_is1) (Version:  - )
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
SharePoint Client Components (HKLM\...\{95150001-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 16.5.3.3 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 4.00 - NCH Software)
Virtual COM Port Driver (HKLM-x32\...\{9853299F-7AD8-4560-9896-60650BD8ACBF}) (Version: 1.3.1 - STMicroelectronics) Hidden
Virtual COM Port Driver (HKLM-x32\...\InstallShield_{9853299F-7AD8-4560-9896-60650BD8ACBF}) (Version: 1.3.1 - STMicroelectronics)
VISA Shared Components 64-Bit (HKLM\...\{F71335BF-CF6B-4ACC-ABCE-BA9DF2031DB8}) (Version: 1.3.1 - IVI Foundation Inc.) Hidden
VISA Shared Components 64-Bit (HKLM-x32\...\VISASharedComponents) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - 3D Robotics (usbser) Ports  (04/11/2013 2.0.0.4) (HKLM\...\434608CF2B6E31F0DDBA5C511053F957B55F098E) (Version: 04/11/2013 2.0.0.4 - 3D Robotics)
Windows Driver Package - 3D Robotics (usbser) Ports  (04/11/2013 2.0.0.4) (HKLM\...\FCBC924691E2F2C40A755779AA1E64588ED634A6) (Version: 04/11/2013 2.0.0.4 - 3D Robotics)
Windows Driver Package - Arduino LLC (www.arduino.cc) (usbser) Ports  (11/15/2012 5.1.2600.1) (HKLM\...\4D5C83CB44CE9278C27458316B8CCA4571BA7B39) (Version: 11/15/2012 5.1.2600.1 - Arduino LLC (www.arduino.cc))
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xming 6.9.0.31 (HKLM-x32\...\Xming_is1) (Version: 6.9.0.31 - Colin Harrison)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 69%
Total physical RAM: 3992.28 MB
Available physical RAM: 1215.46 MB
Total Virtual: 8088.28 MB
Available Virtual: 4279.87 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Crucio) (Fixed) (Total:99.66 GB) (Free:23.39 GB) NTFS
2 Drive d: (Defodio) (Fixed) (Total:265.54 GB) (Free:78.65 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\TARANG-PC
 
Administrator            Guest                    Tarang                   
Temp                     
 
========================= Minidump Files ==================================
 
C:\WINDOWS\Minidump\070115-12031-01.dmp
========================= Restore Points ==================================
 
28-06-2015 17:36:56 Checkpoint by HitmanPro
01-07-2015 18:59:55 IIF_MSI
01-07-2015 19:55:42 WinThruster Thu, Jul 02, 15  01:25
 
**** End of log ****
 
 
 
 
 
 
 
C:\AdwCleaner\Quarantine\C\Program Files (x86)\mozilla firefox\dbghelp.dll.vir a variant of Win32/Adware.MultiPlug.IX application cleaned by deleting - quarantined
C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application cleaned by deleting - quarantined
C:\Program Files (x86)\NCH Software\VideoPad\videopadsetup_v4.00.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application deleted - quarantined
C:\Windows\System32\roboot64.exe a variant of Win64/Systweak.A potentially unwanted application cleaned by deleting - quarantined
D:\Softwares\coretemp_1236.exe a variant of Win32/InstallIQ.A potentially unwanted application cleaned by deleting - quarantined
D:\Softwares\FreemakeVideoConverterSetup.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
D:\Softwares\vpsetup.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application deleted - quarantined
D:\Softwares\SPICE\Tanner-13\Tanner13.rar multiple threats deleted - quarantined
D:\Softwares\SPICE\Tanner-13\Tanner13\TannerTools_13_Corrector.exe a variant of Win32/HackTool.Crack.BP potentially unsafe application cleaned by deleting - quarantined
D:\TARANG\Rooting the phone\motochopper\pwn Android/Exploit.Lotoor.EP trojan cleaned by deleting - quarantined
 
 
 
 
 
 
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 02-Jul-15
Scan Time: 12:49 PM
Logfile: 
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.07.02.01
Rootkit Database: v2015.07.01.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Tarang
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 443512
Time Elapsed: 37 min, 19 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 2
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, Quarantined, [6c8df4e884068aac1c83593ddb2a48b8], 
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, Quarantined, [1bdec11b2f5b36009a056036fe078c74], 
 
Registry Values: 2
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Quarantined, [6c8df4e884068aac1c83593ddb2a48b8]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Quarantined, [1bdec11b2f5b36009a056036fe078c74]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 3
PUP.Optional.AppDataFR.A, C:\Users\Tarang Goyal\AppData\Roaming\appdataFr25.bin, Quarantined, [25d40eceaddd79bd68e08e6c80837c84], 
PUP.Optional.AppDataFR.A, C:\Users\Temp\AppData\Roaming\appdataFr25.bin, Quarantined, [ca2fb12bec9e8ea887c198620bf86799], 
PUP.Optional.BitGuard.A, C:\Windows\System32\Tasks\BitGuard, Quarantined, [7d7cd00c583211255ed2959707fdc739], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
 
 
 
 
 
 
 
 
 
 
# AdwCleaner v4.207 - Logfile created 02/07/2015 at 13:39:01
# Updated 21/06/2015 by Xplode
# Database : 2015-07-02.1 [Server]
# Operating system : Windows 8.1 Pro  (x64)
# Username : Tarang - TARANG-PC
# Running from : C:\Users\Tarang Goyal\Downloads\adwcleaner_4.207.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files\FreeFixer
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - 
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Mozilla Firefox v35.0.1 (x86 en-US)
 
 
-\\ Google Chrome v43.0.2357.130
 
 
*************************
 
AdwCleaner[R0].txt - [4627 bytes] - [01/07/2015 23:32:58]
AdwCleaner[R1].txt - [1342 bytes] - [01/07/2015 23:38:00]
AdwCleaner[R2].txt - [1461 bytes] - [01/07/2015 23:57:42]
AdwCleaner[R3].txt - [1563 bytes] - [02/07/2015 13:37:16]
AdwCleaner[S0].txt - [4292 bytes] - [01/07/2015 23:34:48]
AdwCleaner[S1].txt - [1184 bytes] - [01/07/2015 23:39:21]
AdwCleaner[S2].txt - [1268 bytes] - [02/07/2015 13:39:01]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1327  bytes] ##########
 
 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.2.6 (07.02.2015:1)
OS: Windows 8.1 Pro x64
Ran by Tarang on 02-Jul-15 at 13:43:50.64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_D7EDF2638858634A7DD7F98D994D2163
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Users\Tarang Goyal\AppData\Roaming\appdataFr25.bin
Successfully deleted: [File] C:\Users\Tarang Goyal\appdata\local\google\chrome\user data\default\local storage\chrome-extension_klbibkeccnjlkjkiokjodocebajanakg_0.localstorage
Successfully deleted: [File] C:\Users\Tarang Goyal\appdata\local\google\chrome\user data\default\local storage\chrome-extension_klbibkeccnjlkjkiokjodocebajanakg_0.localstorage-journal
Successfully deleted: [File] C:\Users\Tarang Goyal\appdata\local\google\chrome\user data\default\local storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
Successfully deleted: [File] C:\Users\Tarang Goyal\appdata\local\google\chrome\user data\default\local storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage-journal
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\Users\Tarang Goyal\AppData\Roaming\solvusoft
 
 
 
~~~ FireFox
 
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\Tarang Goyal\appdata\local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh
 
[C:\Users\Tarang Goyal\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Tarang Goyal\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
klbibkeccnjlkjkiokjodocebajanakg
 
[C:\Users\Tarang Goyal\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Tarang Goyal\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  klbibkeccnjlkjkiokjodocebajanakg,
  ogminpmldncgcmokldnmmapddoccmhfl
]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02-Jul-15 at 13:53:06.97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#4 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:06:25 AM

Posted 02 July 2015 - 03:46 AM

Hello, I also think it should be OK now. :thumbup2:

 

You need to do this:

 

Empty your temp folders using TFC (Temporary File Cleaner)

§  Please download TFC by Old Timer and save it to your desktop.
alternate download link

§  Save any unsaved work. (TFC will close ALL open programs including your browser!)

§  Double-click on TFC.exe to run it. (If you are using Vista or above, right-click on the file and choose "Run As Administrator".)

§  Click the Start button to begin the cleaning process and let it run uninterrupted to completion.

§  Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

 

------

 

This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download  DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

§  Activate UAC (optional; some users prefer to keep it off)

§  Remove disinfection tools

§  Create registry backup

§  Purge System Restore

Now click "Run" and wait patiently.
Once finished, a logfile will be created. You don't have to attach it to your next reply.


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#5 paan_singh_tomar

paan_singh_tomar
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:55 AM

Posted 02 July 2015 - 04:32 AM

Hi Severac,

 

All set and done! Thanks a lot! :)



#6 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:06:25 AM

Posted 02 July 2015 - 04:59 AM

Great.  :thumbup2:

 

Please, read this topic for Best Practices for Safe Computing.

 

 


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users