Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I have 3 issues


  • Please log in to reply
10 replies to this topic

#1 Antionerex

Antionerex

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:17 PM

Posted 13 October 2015 - 04:04 PM

Hey everybody . how are you doing today? I have just 3 issues or concerns.

Im looking look at the proscesses in the task manager window and alot of my programs are ending with   *32. I have a 64 bit system on my computer(home priemium) A couple of examples;  natspeak.exe*32, Dropbox.exe*32.

my guist account has top adminastrative power. I cant switch, deleat, nothing.

I have noticed while trying to figure this out, another user, in the security tab , in properties ,of a couple of users . I have no  idea whhat itcome from


Edited by Chris Cosgrove, 13 October 2015 - 05:02 PM.
Moved from Win 7 to 'Am I infected?'


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:17 PM

Posted 13 October 2015 - 08:34 PM

Hello, lets start with these two scans.

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.


  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
  • Step 1
    logo.png
    Please download Powelikscleaner (by ESET) and save it to your Desktop.
  • Double-click ESETPoweliksCleaner.exe to start the tool.
  • Read the terms of the End-user license agreement and click Agree if you agree to them.
  • The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.
  • If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.
  • The tool will produce a log in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.
  • 1.png
    2.png

Edited by boopme, 13 October 2015 - 08:35 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Antionerex

Antionerex
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:17 PM

Posted 28 October 2015 - 06:14 PM

Thank you for your speedy reply.

 

MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by Chris (administrator) on 28-10-2015 at 12:48:09
Running from "C:\Users\Chris\Downloads"
Microsoft Windows 7 Home Premium   (X64)
Model: MS-7673 Manufacturer: MSI
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
ProxyServer: http=127.0.0.1:49200;https=127.0.0.1:49200
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
 
 
 
 
 
 
 
 
 
0.0.0.1 mssplus.mcafee.com
 
127.0.0.1 1.ofsnetwork.com
127.0.0.1 100smsfree.de
127.0.0.1 112.2o7.net
127.0.0.1 11track.de
127.0.0.1 123.kurz.to
127.0.0.1 123simsen.com
127.0.0.1 150freesms.de
127.0.0.1 1sms.ch
127.0.0.1 1sms.de
127.0.0.1 4players.ivwbox.de
127.0.0.1 71i.nuggad.net
127.0.0.1 a.ads.t-online.de
127.0.0.1 a.ads2.msads.net
127.0.0.1 a.as-eu.falkag.net
127.0.0.1 a.as-us.falkag.net
127.0.0.1 a.banner.t-online.de
127.0.0.1 a.collective-media.net
127.0.0.1 a.ligatus.de
127.0.0.1 a.tfag.de
 
There are 1142 more lines starting with "127.0.0.1"
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled taskoffload=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Chris-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 8C-89-A5-11-81-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:5b0:2b52:6740:55fc:632c:6b0a:9f1b(Preferred) 
   IPv6 Address. . . . . . . . . . . : fd0d:edc3:e12a:0:55fc:632c:6b0a:9f1b(Preferred) 
   Temporary IPv6 Address. . . . . . : 2001:5b0:2b52:6740:1d31:e2a5:abc0:dd22(Preferred) 
   Temporary IPv6 Address. . . . . . : fd0d:edc3:e12a:0:a95f:a86a:322d:aab9(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::55fc:632c:6b0a:9f1b%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 100.122.243.162(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.248
   Lease Obtained. . . . . . . . . . : Wednesday, October 28, 2015 11:49:26 AM
   Lease Expires . . . . . . . . . . : Wednesday, October 28, 2015 12:49:27 PM
   Default Gateway . . . . . . . . . : fe80::280:aeff:fe0d:29ef%11
                                       100.122.243.161
   DHCP Server . . . . . . . . . . . : 100.122.243.161
   DHCPv6 IAID . . . . . . . . . . . : 244091301
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-87-50-97-8C-89-A5-11-81-F9
   DNS Servers . . . . . . . . . . . : fd0d:edc3:e12a::1
                                       192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{DE01E4AA-F4DB-4031-83C2-6150857D1FF3}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  fd0d:edc3:e12a::1
 
Name:    google.com
Addresses:  2607:f8b0:4007:804::1002
 74.125.224.105
 74.125.224.110
 74.125.224.96
 74.125.224.97
 74.125.224.98
 74.125.224.99
 74.125.224.100
 74.125.224.101
 74.125.224.102
 74.125.224.103
 74.125.224.104
 
 
Pinging google.com [2607:f8b0:4007:804::1002] with 32 bytes of data:
Reply from 2607:f8b0:4007:804::1002: time=651ms 
Reply from 2607:f8b0:4007:804::1002: time=989ms 
 
Ping statistics for 2607:f8b0:4007:804::1002:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 651ms, Maximum = 989ms, Average = 820ms
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  fd0d:edc3:e12a::1
 
Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
 2001:4998:58:c02::a9
 2001:4998:44:204::a7
 98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [2001:4998:58:c02::a9] with 32 bytes of data:
Reply from 2001:4998:58:c02::a9: time=689ms 
Reply from 2001:4998:58:c02::a9: time=743ms 
 
Ping statistics for 2001:4998:58:c02::a9:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 689ms, Maximum = 743ms, Average = 716ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...8c 89 a5 11 81 f9 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  100.122.243.161  100.122.243.162     10
  100.122.243.160  255.255.255.248         On-link   100.122.243.162    266
  100.122.243.162  255.255.255.255         On-link   100.122.243.162    266
  100.122.243.167  255.255.255.255         On-link   100.122.243.162    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link   100.122.243.162    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link   100.122.243.162    266
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11    266 ::/0                     fe80::280:aeff:fe0d:29ef
  1    306 ::1/128                  On-link
 11     18 2001:5b0:2b52:6740::/64  On-link
 11    266 2001:5b0:2b52:6740:1d31:e2a5:abc0:dd22/128
                                    On-link
 11    266 2001:5b0:2b52:6740:55fc:632c:6b0a:9f1b/128
                                    On-link
 11     18 fd0d:edc3:e12a::/64      On-link
 11    266 fd0d:edc3:e12a:0:55fc:632c:6b0a:9f1b/128
                                    On-link
 11    266 fd0d:edc3:e12a:0:a95f:a86a:322d:aab9/128
                                    On-link
 11    266 fe80::/64                On-link
 11    266 fe80::55fc:632c:6b0a:9f1b/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/28/2015 12:34:11 PM) (Source: Microsoft-Windows-User Profiles Service) (User: IIS APPPOOL)
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
 
Error: (10/28/2015 12:34:11 PM) (Source: Microsoft-Windows-User Profiles Service) (User: IIS APPPOOL)
Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.
 
Error: (10/28/2015 11:57:29 AM) (Source: Microsoft-Windows-User Profiles Service) (User: IIS APPPOOL)
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
 
Error: (10/28/2015 11:57:29 AM) (Source: Microsoft-Windows-User Profiles Service) (User: IIS APPPOOL)
Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.
 
Error: (10/28/2015 11:19:54 AM) (Source: Microsoft-Windows-User Profiles Service) (User: IIS APPPOOL)
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
 
Error: (10/28/2015 11:19:54 AM) (Source: Microsoft-Windows-User Profiles Service) (User: IIS APPPOOL)
Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.
 
Error: (10/28/2015 10:05:27 AM) (Source: Microsoft-Windows-User Profiles Service) (User: IIS APPPOOL)
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
 
Error: (10/28/2015 10:05:27 AM) (Source: Microsoft-Windows-User Profiles Service) (User: IIS APPPOOL)
Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.
 
Error: (10/28/2015 06:43:45 AM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073418225
 
Error: (10/28/2015 01:07:51 AM) (Source: Microsoft-Windows-User Profiles Service) (User: IIS APPPOOL)
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
 
 
System errors:
=============
Error: (10/28/2015 11:49:29 AM) (Source: ipnathlp) (User: )
Description: 100.122.243.162192.168.137.0255.255.255.0
 
Error: (10/28/2015 05:24:10 AM) (Source: ipnathlp) (User: )
Description: 0
 
 
Microsoft Office Sessions:
=========================
Error: (10/28/2015 12:34:11 PM) (Source: Microsoft-Windows-User Profiles Service)(User: IIS APPPOOL)
Description: 
 
Error: (10/28/2015 12:34:11 PM) (Source: Microsoft-Windows-User Profiles Service)(User: IIS APPPOOL)
Description: 
 
Error: (10/28/2015 11:57:29 AM) (Source: Microsoft-Windows-User Profiles Service)(User: IIS APPPOOL)
Description: 
 
Error: (10/28/2015 11:57:29 AM) (Source: Microsoft-Windows-User Profiles Service)(User: IIS APPPOOL)
Description: 
 
Error: (10/28/2015 11:19:54 AM) (Source: Microsoft-Windows-User Profiles Service)(User: IIS APPPOOL)
Description: 
 
Error: (10/28/2015 11:19:54 AM) (Source: Microsoft-Windows-User Profiles Service)(User: IIS APPPOOL)
Description: 
 
Error: (10/28/2015 10:05:27 AM) (Source: Microsoft-Windows-User Profiles Service)(User: IIS APPPOOL)
Description: 
 
Error: (10/28/2015 10:05:27 AM) (Source: Microsoft-Windows-User Profiles Service)(User: IIS APPPOOL)
Description: 
 
Error: (10/28/2015 06:43:45 AM) (Source: Office 2013 Licensing Service)(User: )
Description: Subscription licensing service failed: -1073418225
 
Error: (10/28/2015 01:07:51 AM) (Source: Microsoft-Windows-User Profiles Service)(User: IIS APPPOOL)
Description: 
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-09-17 01:52:59.950
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-09-17 01:52:59.924
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-09-17 01:52:59.871
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-09-16 04:51:02.411
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-09-16 04:51:02.383
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-09-16 04:51:02.325
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-09-08 07:18:57.967
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-09-08 07:18:57.934
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-09-08 07:18:57.845
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-09-08 07:18:57.786
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
AVG 2015 (HKLM\...\{1EC467B2-3C09-4697-8731-3D9655CE5C41}) (Version: 15.0.4455 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\{E414817A-A5B7-4A4E-A282-C01240B6042E}) (Version: 15.0.6173 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6173 - AVG Technologies)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.7.598 - AVG Technologies)
BitComet 1.37 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.37 - CometNetwork)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
Dragon 14 (HKLM-x32\...\{FEAB6184-0560-4EBF-A26B-C3F2B11FE9E1}) (Version: 14.00.000 - Nuance Communications Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version:  - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FLVPlayer (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - FLVPlayer)
Font_Setup (HKLM-x32\...\{4AEA646F-270A-4ADA-97A5-0B31FDDAD67F}) (Version: 1.0.1 - Cengage)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.15 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 7.2.4.3277 (HKCU\...\GoToMeeting) (Version: 7.2.4.3277 - CitrixOnline)
HughesNet Status Meter (HKLM-x32\...\{67939A60-3C84-4556-8427-97793155AEF6}) (Version: 6.2.0 - None provided)
iCloud (HKLM\...\{B33C558F-772F-4308-A059-390FBF9BAAAE}) (Version: 5.0.2.61 - Apple Inc.)
iLivid (HKLM-x32\...\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}) (Version: 1.92.0.122194 - Bandoo Media Inc.) Hidden
InstallVC90Support (HKLM-x32\...\{9E384B32-59C8-46EF-BEA6-4DC8F27CDB8E}) (Version: 1.01.0000 - Novatel Wireless) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Logitech iTouch Software (HKLM-x32\...\{036AA4D4-6D32-11D4-9875-00105ACE7734}) (Version:  - )
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malware Protection Live (HKLM-x32\...\MalwareProtectionLive) (Version:  - )
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 41.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 en-US)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nuance PDF Reader (HKLM-x32\...\{5F6C549F-78DA-4E0E-AE70-0BD981936D99}) (Version: 7.00.0000 - Nuance Communications, Inc.)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0015-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{1F7000D3-A917-4AD2-BA55-59E6FDAF062A}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{4BF13B26-3A95-4E42-900A-DEB16FDA75A0}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-002C-0409-1000-0000000FF1CE}_Office15.PROPLUS_{C5D14A1B-6E3E-491A-96C6-ABDEEEC4E97D}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0044-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D7E879E6-B505-4DA2-BFEE-53A55E7C8E38}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1931508C-C004-4983-81E3-70BE6252904B}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E4F470B2-3601-4E1C-B291-D6B580F53136}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E1-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E2-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0115-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D7E879E6-B505-4DA2-BFEE-53A55E7C8E38}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0117-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6227D1A8-9E29-463F-8DE6-1CFA1FFF8ECE}) (Version:  - Microsoft) Hidden
Shareaza 2.7.8.0 (HKLM-x32\...\Shareaza_is1) (Version: 2.7.8.0 - Shareaza Development Team)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SOAP Toolkit (HKLM-x32\...\{83B7C36F-6521-41A7-A8FD-AE147EFAC014}) (Version: 1.0.1 - Cengage)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.0.110 - MSI)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3085581) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{6BCC80EE-3B68-4110-8D47-23E04FB6D08D}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.6.0.0 - Azureus Software, Inc.)
WD Drive Utilities (HKLM-x32\...\{E61CFDDA-40DD-4400-95CA-12819C50B5C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{5B1CF5E0-D321-4766-AEF1-1E9D1C535A10}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{919ADA61-13BF-43C4-A2DD-8BA49A244FC8}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.0.5.7 - Western Digital) Hidden
WD SmartWare (HKLM\...\{02FD1EAD-43B8-4D63-AC31-8921005AF2E2}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{979a4332-3eb0-4561-9f74-a4fb871cf2bd}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.114 - MSI)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
YTD Video Downloader 4.9.2 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.9.2 - GreenTree Applications SRL)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 42%
Total physical RAM: 8163.33 MB
Available physical RAM: 4680.31 MB
Total Virtual: 16324.87 MB
Available Virtual: 11499.06 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:931.41 GB) (Free:767.95 GB) NTFS
3 Drive e: (WD Unlocker) (CDROM) (Total:0.01 GB) (Free:0 GB) UDF
 
========================= Users: ========================================
 
User accounts for \\CHRIS-PC
 
Administrator            Chris                    chris 2                  
Guest                    
 
 
**** End of log ****


#4 Antionerex

Antionerex
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:17 PM

Posted 28 October 2015 - 06:52 PM

I ran the powelikscleaner. No win 32/poweliks



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:17 PM

Posted 29 October 2015 - 07:00 PM

Next reset your Hosts file.

Go HERE and click on FIX-IT
 
 
Next run these

zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Antionerex

Antionerex
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:17 PM

Posted 31 October 2015 - 06:30 PM

I have Malwarebyts anti-malware installed as well as Avg. Malwares folder is empty in the x86 files . when I try to delete,it comes back that it is being used. does this mean AVG has it. Im at step 3 ESET, do I disable all of AVG, before I open ESET. would this be the only protection I need to shut down?



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:17 PM

Posted 31 October 2015 - 06:35 PM

YEs only AVG. we'll fix MBAM after ESET. If you cannot stop AVG run ESET anyway.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Antionerex

Antionerex
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:17 PM

Posted 01 November 2015 - 01:08 AM

Im not sure i got all I could have with ESET. It froze when I was in the export and save window. I couldnt save and finish or go back.I did a restart. And looking for the file if there is one.

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Home Premium x64
Ran by Chris on Sat 10/31/2015 at 15:00:48.69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
Successfully deleted: [Task] C:\Windows\system32\tasks\OneTimeRun
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{447CCF23-3319-4481-B1F6-0B13E40B0639}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7C931BB9-451D-4F50-854C-4D87B872098D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C931BB9-451D-4F50-854C-4D87B872098D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{7C931BB9-451D-4F50-854C-4D87B872098D}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0015624F-835F-4DFA-991A-186B0B3DE262}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{057B504B-C146-418D-8DA1-C221992EE697}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{065455A7-26C8-4894-8244-17AF99F20FA2}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{06B2BF57-3492-4315-9EAA-88006B06C787}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0C10B833-7D11-4AE5-B509-0932C15CC869}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{0E4E1D31-2B5E-4A69-8B09-A495C18D8890}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{11219D22-2730-4C67-9656-256406D02DB0}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{12E5BC38-8F00-4A85-BA2D-771CF915AB6F}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{17848985-276A-46FC-BBDF-B78F4FAF13BC}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{198501F8-FAD4-41D3-AA39-1AD04FF6EFC6}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{262A41D1-9691-405D-8A82-588BB2D26E54}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{26C2C838-87C8-489B-A34D-8B083862630B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{29626342-0395-4969-8CE2-25C5C161255A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{2FE6EC5C-5942-4345-9B51-A833F14684CE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{36501E8C-AF40-4DCF-BF23-CEADD1776633}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{47793AFE-2193-4845-BD83-E4BB9BB034C3}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{5CEEB66F-8086-4F29-9A1E-DA578B8E5E12}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{64F3B7EB-B58F-4095-9800-D05B84A24E4C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{71EC34B4-D3C0-4275-B0AE-B1F1D8614925}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{72D74D32-07AD-4350-BC74-F2240197362D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{739DC178-CF4D-4BE0-A916-82D3920C2A16}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{825D9157-5722-4BF6-A758-944F460652AA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{8E78122B-E6F3-42D3-A14F-E207E42BC322}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{8F60C39D-BAA3-4A9D-A6BA-F49FDDF29AEB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{95ACDDDA-7662-443C-BF1C-FC79BF7677FA}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{9813DB8D-631E-4996-B4AB-8753106BCC71}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A00C02BC-5C44-4D33-A8C8-64B3AC4D069B}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A32E80F7-BD25-4EFA-8541-963E6A78F270}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{A80DC847-EE4C-4776-AFE9-92B46FC7F8EB}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AA4B8F4D-9425-472B-8418-CBB5EC07AB27}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{AB8E04ED-6511-4BA5-BDF1-F53900F67322}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{ACBC2F8B-90FE-4E68-9FA2-6E290F91C678}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B1E1462E-E6B4-474D-A61D-B74EE2902000}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B469C549-7B1D-4998-AC2B-3BEB05A8089A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{B855A4E2-7B24-4AB7-87F0-9C63E09AD33C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{BA9AD789-4364-46EA-B840-38046889F1F7}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{CEA13A6A-DE66-47BB-BE0B-C2D0FCD75616}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D1C89944-0620-47FB-9DFD-0196491218BE}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D507F2D5-73BE-4070-B391-0839B4583B25}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{D7927470-FE40-4E87-978E-B6574F3F77C2}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DAF0F338-DEF3-45EE-9B0B-54CFBFB3670A}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{DC8B0F13-E52C-435B-9CD9-811075E23AA9}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E1AC8A11-9F56-4C6D-9F3B-25D7F70A5E66}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E2993CB1-D9E9-431D-891D-AFAC6AE67DDD}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{E7FE64B9-48A2-4250-9F04-278AF852E991}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EA3ECC1E-9F9D-4BA2-9BD6-6400C0A8F5E1}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EC44CA68-5649-4159-993C-C4681218E841}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{EE2A8595-FDF5-43FF-9239-F6E6DD05978D}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F1C8197A-AAD5-4860-8CCB-FFD2A66BCC25}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F1CCD16C-2D1E-4A7F-9E71-2AAFBAF18700}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F2663001-C120-4C0B-9A3C-CFA8927F855C}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F2F283E2-E36B-4870-9568-D631D9B19F60}
Successfully deleted: [Empty Folder] C:\Users\Chris\Appdata\Local\{F5771FCB-269D-4208-9DB6-9C6919AF9E60}
Successfully deleted: [Folder] C:\ProgramData\pc1data
Successfully deleted: [Folder] C:\Users\Chris\Appdata\Local\avg safeguard toolbar
Successfully deleted: [Folder] C:\Users\Chris\Appdata\Local\com
Successfully deleted: [Folder] C:\Users\Chris\Appdata\Local\installer
Successfully deleted: [Folder] C:\Users\Chris\AppData\Roaming\nico mak computing
Successfully deleted: [Folder] C:\Users\Chris\AppData\Roaming\opensoftwareupdater
Successfully deleted: [Folder] C:\Users\Chris\AppData\Roaming\pcpro
Successfully deleted: [Folder] C:\users\Public\Documents\downloaded installers
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\hlqtbioq.default\prefs.js
 
user_pref(avg.install.extHomepage, hxxp://mysearch.avg.com?pid=safeguard&sg=&cid=%7Baa08ebfb-7a3e-4ab3-9ab6-e9e510f28578%7D&mid=88a001f6cc0147d2ace15dc0e3f5680a-0a0731dc778
user_pref(browser.search.searchengine.alias, v9);
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.iconURL, hxxp://search.v9.com/favicon.ico);
user_pref(browser.search.searchengine.name, v9);
user_pref(browser.search.searchengine.ptid, sfpsnew4);
user_pref(browser.search.searchengine.uid, ST31000524AS_5VP960X8XXXX5VP960X8);
user_pref(browser.search.searchengine.url, hxxp://search.v9.com/web/?type=ds&ts=1420723042&from=sfpsnew4&uid=ST31000524AS_5VP960X8XXXX5VP960X8&i=psd&t=34ed121d9&q={searchTe
user_pref(browser.startup.homepage, hxxp://mysearch.avg.com?pid=safeguard&sg=&cid=%7Baa08ebfb-7a3e-4ab3-9ab6-e9e510f28578%7D&mid=88a001f6cc0147d2ace15dc0e3f5680a-0a0731dc77
Emptied folder: C:\Users\Chris\AppData\Roaming\mozilla\firefox\profiles\hlqtbioq.default\minidumps [2 files]
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
 
[C:\Users\Chris\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Chris\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\Chris\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Chris\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 10/31/2015 at 15:07:27.68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
# AdwCleaner v5.015 - Logfile created 31/10/2015 at 14:24:26
# Updated 26/10/2015 by Xplode
# Database : 2015-10-29.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Chris - CHRIS-PC
# Running from : C:\Users\Chris\Downloads\adwcleaner_5.015.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[-] Service Deleted : YahooAUService
[-] Service Deleted : swdumon
[-] Service Deleted : vToolbarUpdater18.1.7
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Program Files\Babylon
[-] Folder Deleted : C:\Program Files\pcreg
[-] Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Program Files (x86)\Babylon
[-] Folder Deleted : C:\Program Files (x86)\FlvPlayer
[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\GreenTree Applications
[-] Folder Deleted : C:\Program Files (x86)\HiDefMedia
[-] Folder Deleted : C:\Program Files (x86)\iLivid
[-] Folder Deleted : C:\Program Files (x86)\iMesh Applications
[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\~0
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\Ask
[-] Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\ProgramData\Goobzo
[-] Folder Deleted : C:\ProgramData\iMesh
[-] Folder Deleted : C:\ProgramData\Online
[-] Folder Deleted : C:\ProgramData\UpdateCommon
[-] Folder Deleted : C:\ProgramData\ytd video downloader
[-] Folder Deleted : C:\ProgramData\Fighters
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
[!] Folder Not Deleted : C:\ProgramData\Online\Documents\BitLord
[!] Folder Not Deleted : C:\ProgramData\Online\Documents\BitLord
[!] Folder Not Deleted : C:\ProgramData\Online\Documents\BitLord
[-] Folder Deleted : C:\Users\chris 2\AppData\Local\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Users\chris 2\AppData\Local\Babylon
[-] Folder Deleted : C:\Users\chris 2\AppData\LocalLow\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Users\chris 2\AppData\LocalLow\Simple Adblock
[-] Folder Deleted : C:\Users\chris 2\AppData\Roaming\Babylon
[-] Folder Deleted : C:\Users\chris 2\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\Chris\AppData\Local\apn
[#] Folder Deleted : C:\Users\Chris\AppData\Local\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Users\Chris\AppData\Local\BlitzMediaPlayer
[-] Folder Deleted : C:\Users\Chris\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Chris\AppData\Local\Ilivid Player
[-] Folder Deleted : C:\Users\Chris\AppData\Local\iLivid
[-] Folder Deleted : C:\Users\Chris\AppData\Local\PackageAware
[-] Folder Deleted : C:\Users\Chris\AppData\Local\StormFall
[-] Folder Deleted : C:\Users\Chris\AppData\Local\slimware utilities inc
[-] Folder Deleted : C:\Users\Chris\AppData\Local\MalwareProtectionLive
[-] Folder Deleted : C:\Users\Chris\AppData\LocalLow\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Users\Chris\AppData\LocalLow\Conduit
[-] Folder Deleted : C:\Users\Chris\AppData\LocalLow\wincorebsband
[-] Folder Deleted : C:\Users\Chris\AppData\LocalLow\wincoreimband
[-] Folder Deleted : C:\Users\Chris\AppData\LocalLow\YahooCouponAddOn
[-] Folder Deleted : C:\Users\Chris\AppData\LocalLow\Simple Adblock
[-] Folder Deleted : C:\Users\Chris\AppData\Roaming\serv
[-] Folder Deleted : C:\Users\Chris\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\Chris\AppData\Roaming\YourFileDownloader
[-] Folder Deleted : C:\Users\Chris\AppData\Roaming\PC Cleaners
[-] Folder Deleted : C:\Users\Chris\AppData\Roaming\BitLord
[-] Folder Deleted : C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlvPlayer
[-] Folder Deleted : C:\Users\Public\Documents\Goobzo
 
***** [ Files ] *****
 
[-] File Deleted : C:\END
[-] File Deleted : C:\Users\Chris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\YTD Video Downloader.lnk
[-] File Deleted : C:\Users\Chris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YTD Video Downloader.lnk
[-] File Deleted : C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malware Protection Live.lnk
[-] File Deleted : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hlqtbioq.default\invalidprefs.js
[-] File Deleted : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hlqtbioq.default\searchplugins\Askcom.xml
[-] File Deleted : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hlqtbioq.default\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hlqtbioq.default\searchplugins\bingp.xml
[-] File Deleted : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hlqtbioq.default\searchplugins\yahoo_ff.xml
[-] File Deleted : C:\Users\Public\Desktop\YTD Video Downloader.lnk
[-] File Deleted : C:\Windows\Reimage.ini
[-] File Deleted : C:\Windows\SysNative\drivers\swdumon.sys
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : LaunchApp
[-] Task Deleted : pcreg
[-] Task Deleted : RocketTab
[-] Task Deleted : RocketTab Update Task
[-] Task Deleted : YourFile DownloaderUpdate
[-] Task Deleted : Installer_shopperpro
 
***** [ Registry ] *****
 
[-] Key Deleted : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[-] Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ilivid
[-] Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MalwareProtectionLive]
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [C:\Program Files (x86)\Plus-HD-9.6\Plus-HD-9.6-nova.exe]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCE1662E-06F1-413D-80CB-33D456D1CFCB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F8A4FC32-DDA3-4DD9-8C62-49F778FF630B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EEDB912-C5FA-486F-8334-57288578C627}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0626A63-410B-45E2-99A1-3F2475B2D695}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0EEDB912-C5FA-486F-8334-57288578C627}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F0626A63-410B-45E2-99A1-3F2475B2D695}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{393e7a1b-437e-401a-ad7d-53dee3962557}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52b95997-bfa5-4fef-b0c1-ed16bf6dd161}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{822fac85-f134-46c3-81ec-b414b5af2e31}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{09CFDB88-F9F0-40BA-885E-F47A957D12E6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2B1B440F-A9DB-46E3-ADCF-AA6E08143FB8}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{363F46BE-27B4-4C8D-99E7-B1E049B84376}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{90A9B7D2-3794-45EA-9E23-140E3938D2D9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A753A1EC-973E-4718-AF8E-A3F554D45C44}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{02AFA80F-4BEE-41FD-8572-214B58A9EF90}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{393e7a1b-437e-401a-ad7d-53dee3962557}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52b95997-bfa5-4fef-b0c1-ed16bf6dd161}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{822fac85-f134-46c3-81ec-b414b5af2e31}
[-] Key Deleted : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKU\.DEFAULT\Software\Yahoo\Companion
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\allday savings
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\AVG SafeGuard toolbar
[-] Key Deleted : HKCU\Software\Blabbers
[-] Key Deleted : HKCU\Software\BrowserCompanion
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\Goobzo
[-] Key Deleted : HKCU\Software\ilivid
[-] Key Deleted : HKCU\Software\powerpack
[-] Key Deleted : HKCU\Software\systweak
[-] Key Deleted : HKCU\Software\Reimage
[-] Key Deleted : HKCU\Software\StormWatch
[-] Key Deleted : HKCU\Software\CoinisRS
[-] Key Deleted : HKCU\Software\rttasks
[-] Key Deleted : HKCU\Software\reimagerepair
[-] Key Deleted : HKCU\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\RapidMediaConverterApp
[-] Key Deleted : HKCU\Software\SlimWare Utilities Inc
[-] Key Deleted : HKCU\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Yahoo\YFriendsBar
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\CompeteInc
[-] Key Deleted : HKLM\SOFTWARE\FlvPlayer
[-] Key Deleted : HKLM\SOFTWARE\Goobzo
[-] Key Deleted : HKLM\SOFTWARE\ilivid
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\YourFileDownloader
[-] Key Deleted : HKLM\SOFTWARE\LookSafe
[-] Key Deleted : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key Deleted : HKLM\SOFTWARE\Yahoo\Companion
[-] Key Deleted : HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MalwareProtectionLive
[!] Key Not Deleted : [x64] HKCU\Software\AVG SafeGuard toolbar
[!] Key Not Deleted : [x64] HKCU\Software\Blabbers
[!] Key Not Deleted : [x64] HKCU\Software\BrowserCompanion
[!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
[!] Key Not Deleted : [x64] HKCU\Software\Goobzo
[!] Key Not Deleted : [x64] HKCU\Software\ilivid
[!] Key Not Deleted : [x64] HKCU\Software\powerpack
[!] Key Not Deleted : [x64] HKCU\Software\systweak
[!] Key Not Deleted : [x64] HKCU\Software\Reimage
[!] Key Not Deleted : [x64] HKCU\Software\StormWatch
[!] Key Not Deleted : [x64] HKCU\Software\CoinisRS
[!] Key Not Deleted : [x64] HKCU\Software\rttasks
[!] Key Not Deleted : [x64] HKCU\Software\reimagerepair
[!] Key Not Deleted : [x64] HKCU\Software\Avg Secure Update
[!] Key Not Deleted : [x64] HKCU\Software\RapidMediaConverterApp
[!] Key Not Deleted : [x64] HKCU\Software\SlimWare Utilities Inc
[!] Key Not Deleted : [x64] HKCU\Software\Yahoo\Companion
[!] Key Not Deleted : [x64] HKCU\Software\Yahoo\YFriendsBar
[-] Key Deleted : [x64] HKLM\SOFTWARE\AllDaySavings 
[-] Key Deleted : [x64] HKLM\SOFTWARE\Reimage
[-] Key Deleted : [x64] HKLM\SOFTWARE\System Optimizer Pro
[-] Key Deleted : [x64] HKLM\SOFTWARE\SearchModule
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\allday savings
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Yahoo\Companion
[!] Key Not Deleted : HKU\S-1-5-21-1766455901-1718875387-4080994009-1000\Software\AppDataLow\Software\Yahoo\Companion
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\allday savings
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\Yahoo\Companion
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BF21D17-227D-43A6-8D70-6753D47AF6A5}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKU\S-1-5-21-1766455901-1718875387-4080994009-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BF21D17-227D-43A6-8D70-6753D47AF6A5}
[-] Data Restored : HKU\S-1-5-21-1766455901-1718875387-4080994009-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hlqtbioq.default\prefs.js] [Preference] Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.comgoogle\\.\\w+yahoo\\.\\w+gmail\\.\\w+hotmail\\.\\w+live\\.\\w+isearch\\.avg\\.commysearch\\.avg\\.com");
[-] [C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hlqtbioq.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
[-] [C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\hlqtbioq.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultenginename.US", "AVG Secure Search");
[-] [C:\Users\chris 2\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\chris 2\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\chris 2\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : start.mysearchdial.com
[-] [C:\Users\chris 2\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : mysearchdial.com
[-] [C:\Users\chris 2\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : bakijjialdiiboeaknfpmflphhmljfkd
[-] [C:\Users\chris 2\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : pflphaooapbgpeakohlggbpidpppgdff
 
*************************
 
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [23782 bytes] ##########
 


#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:17 PM

Posted 01 November 2015 - 01:10 PM


OK. run ESET again.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Antionerex

Antionerex
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:12:17 PM

Posted 02 November 2015 - 03:45 PM

T

That last time pretty much wiped out my documents. I had my school files I would like to recover.



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:17 PM

Posted 03 November 2015 - 02:49 PM

How to restore a quarantined file after running the ESET Online Scanner​

http://support.eset.com/kb2915/
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users