Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't install updates, Windows Defender and Norton won't run


  • Please log in to reply
8 replies to this topic

#1 bkhiatt

bkhiatt

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 23 December 2015 - 05:06 PM

Hi,

 

Looking for some help with my mother in law's computer.

 

There's something wrong that I just can't narrow down and solve on my own.

 

Windows updates won't install, Adobe updates won't install, Windows Defender and Norton 360 won't even start.

 

I've run Malware Bytes AntiMalware, Junkware Removal Tool, and even tried AVAST Free AntiVirus, but they haven't found anything that I can tell as being the problem.

 

Any ideas on where I can start next?

 

Thanks in Advance!



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:39 PM

Posted 23 December 2015 - 07:03 PM

Uninstall Norton, then run the Norton Removal tool.  Then Download Security Check to your desktop, right click it run as administrator. When the program completes, the tool will automatically open a log file, please post that log here in your next post.

 

Adware Cleaner Scan.

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

 

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.
  •  

Adware Removal Tool Scan.

 

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

 

 

LOr0Gd7.png

 

Hit Ok.

 

sYFsqHx.png

 

Hit next make sure to leave all items checked, for removal.

 

8NcZjGc.png

 

 

The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

 

ZHP Scan.

Please download Zhp Cleaner  to your desktop.  Right Click the icon and select run as administrator.

 http://nicolascoolman.com/download/zhpcleaner

 

 

2. Once you have started the program, you will need to click the scanner button.

EgsT69u.png

The program will close all open browsers!

3. Once the scan is completed, the you will want to click the Repair button.

6QJjV50.png

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 Zemana Scan

 

 

Run a full scan with Zemana AntiMalware!

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply.


Edited by InadequateInfirmity, 23 December 2015 - 07:04 PM.


#3 bkhiatt

bkhiatt
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 23 December 2015 - 09:43 PM

Hi InadequateInfirmity,

 

Thanks for looking at this for me.  I appreciate the help.

 

Here's my results:

Uninstalled live update via control pannel
Norton 360 would not uninstall via control pannel or CCleaner.
Used Norton Removal Tool to uninstall and rebooted.

Followed your other steps and have included the log files below.

 

Thanks again!

 

 

Security Check:

SecurityCheck by glax24 v.1.4.0.32 [01.11.15]
WebSite: www.safezone.cc
DateLog: 23.12.2015 17:39:53
Path starting: C:\Users\Soriano\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Soriano
VersionXML: 2.20is-21.12.2015
___________________________________________________________________________

Windows 7(6.1.7601) Service Pack 1 (x64) HomePremium Lang: English(0409)
Installation date OS: 06.02.2010 22:22:28
LicenseStatus: Windows® 7, HomePremium edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
SystemDrive: C: FS: [NTFS] Capacity: [920.8 Gb] Used: [185.5 Gb] Free: [735.3 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.18097 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Automatic download and scheduled installation
Date install updates: 2015-12-23 11:10:27
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
System Restore Disable
---------------------------- [ Antivirus_WMI ] ----------------------------
avast! Antivirus (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (disabled and up to date)
avast! Antivirus (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avast Free Antivirus v.11.1.2245
ESET Online Scanner v3
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.0.1024 v.2.2.0.1024
SpywareBlaster 5.4 v.5.4.0
Spybot - Search & Destroy v.2.4.40
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft Silverlight v.5.1.41105.0
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.17 v.7.17.105
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 66 v.8.0.660.18
--------------------------- [ AppleProduction ] ---------------------------
Bonjour v.3.1.0.1
iTunes v.12.3.2.35
QuickTime 7 v.7.78.80.95
Bonjour Service (Bonjour Service) - The service is running
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.1.5.3.9130 Warning! Download Update
Adobe Flash Player 20 ActiveX v.20.0.0.228
Adobe Flash Player 20 NPAPI v.20.0.0.235
Adobe Shockwave Player 12.2 v.12.2.2.172
Adobe Reader XI (11.0.11) v.11.0.11 Warning! Download Update
Uninstall old version and install new one.
------------------------------- [ Browser ] -------------------------------
Google Chrome v.47.0.2526.106
Mozilla Firefox 43.0.2 (x86 en-US) v.43.0.2 [+]
----------------------------- [ EmailClient ] -----------------------------
Windows Live Mail v.15.4.3502.0922
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Mozilla Firefox\firefox.exe v.43.0.2.5833
C:\Program Files\AVAST Software\Avast\AvastSvc.exe v.11.1.2245.1540
C:\Program Files\AVAST Software\Avast\AvastUI.exe v.11.1.2245.1540
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe v.2.4.40.77
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe v.2.4.40.129
----------------------------- [ End of Log ] ------------------------------
 

 

AdwCleaner:

SecurityCheck by glax24 v.1.4.0.32 [01.11.15]
WebSite: www.safezone.cc
DateLog: 23.12.2015 17:39:53
Path starting: C:\Users\Soriano\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Soriano
VersionXML: 2.20is-21.12.2015
___________________________________________________________________________

Windows 7(6.1.7601) Service Pack 1 (x64) HomePremium Lang: English(0409)
Installation date OS: 06.02.2010 22:22:28
LicenseStatus: Windows® 7, HomePremium edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
SystemDrive: C: FS: [NTFS] Capacity: [920.8 Gb] Used: [185.5 Gb] Free: [735.3 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.18097 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Automatic download and scheduled installation
Date install updates: 2015-12-23 11:10:27
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
System Restore Disable
---------------------------- [ Antivirus_WMI ] ----------------------------
avast! Antivirus (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (disabled and up to date)
avast! Antivirus (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avast Free Antivirus v.11.1.2245
ESET Online Scanner v3
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.0.1024 v.2.2.0.1024
SpywareBlaster 5.4 v.5.4.0
Spybot - Search & Destroy v.2.4.40
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft Silverlight v.5.1.41105.0
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.17 v.7.17.105
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 66 v.8.0.660.18
--------------------------- [ AppleProduction ] ---------------------------
Bonjour v.3.1.0.1
iTunes v.12.3.2.35
QuickTime 7 v.7.78.80.95
Bonjour Service (Bonjour Service) - The service is running
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.1.5.3.9130 Warning! Download Update
Adobe Flash Player 20 ActiveX v.20.0.0.228
Adobe Flash Player 20 NPAPI v.20.0.0.235
Adobe Shockwave Player 12.2 v.12.2.2.172
Adobe Reader XI (11.0.11) v.11.0.11 Warning! Download Update
Uninstall old version and install new one.
------------------------------- [ Browser ] -------------------------------
Google Chrome v.47.0.2526.106
Mozilla Firefox 43.0.2 (x86 en-US) v.43.0.2 [+]
----------------------------- [ EmailClient ] -----------------------------
Windows Live Mail v.15.4.3502.0922
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Mozilla Firefox\firefox.exe v.43.0.2.5833
C:\Program Files\AVAST Software\Avast\AvastSvc.exe v.11.1.2245.1540
C:\Program Files\AVAST Software\Avast\AvastUI.exe v.11.1.2245.1540
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe v.2.4.40.77
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe v.2.4.40.129
----------------------------- [ End of Log ] ------------------------------
 

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Home Premium x64
Ran by Soriano (Administrator) on Wed 12/23/2015 at 17:55:39.80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0


Deleted the following from C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\prefs.js
user_pref(sweetim.toolbar.scripts.0.domain-whitelist, hxxp://(www.|apps.)?facebook\\.com.*);
user_pref(sweetim.toolbar.scripts.1.domain-whitelist, hxxps://(www.|apps.)?facebook\\.com.*);
user_pref(sweetim.toolbar.search.external, <?xml version=\1.0\?><TOOLBAR><EXTERNAL_SEARCH engine=\hxxp://*google.*\ param=\q=\ /><EXTERNAL_SEARCH engine=\hxxp://sear



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 12/23/2015 at 17:58:40.95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

Adware Removal Tool:

Deleted ->> Registry Value Data ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2891611942-2851109532-2480967013-1001\Software\Updater By SweetPacks\script_storage\ ->> product_name : Updater By SweetPacks
Deleted ->> Registry Value Data ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2891611942-2851109532-2480967013-1001\Software\Updater By SweetPacks\script_storage\ ->> WSG_whiteList : {"search.babylon.com":"q","search.imesh.net":"q","www.search-results.com":"q","home.mywebsearch.com":"searchfor","search.mywebsearch.com":"searchfor","search.mindspark.com":"searchfor","search.conduit.com":"q","search.zugo.com":"p","www2.mystart.com":"q","www.mystart.com":"q","www.bigseekpro.com":"q","bigseekpro.com":"q","bigspeedpro.com":"q","search.esnips.com":"searchQuery","search.foxtab.com":"q","search.brothersoft.com":"keyword","search.softonic.com":"q","www.dogpile.com":"q","search.infospace.com":"q","search.iobit.com":"q","search.iminent.com":"","search.facemoods.com":"s","www.plusnetwork.com":"q","www.alothome.com":"q","alothome.com":"q","search.alothome.com":"q","search.chatvibes.com":"q","search.blekko.com":"","www.searchnu.com":"q","searchnu.com":"q","search.icq.com":"q","search.etype.com":"query","isearch.babylon.com":"q","search.utorrent.com":"","search.bittorrent.com":"","search.bearshare.com":"q","search.bearshare.net":"q","searchya.com":"q","int.search-results.com":"q","search.searchcompletion.com":"q","www.adoresearch.com":"q","www.searchcore.net":"q","googosearch.info":"terms","bar.searchqu.com":"q","search.speedbit.com":"q","search.toggle.com":"q","click.searchnation.net":"query","isearch.whitesmoke.com":"q","search.handycafe.com":"q","searchassist.babylon.com":"q","searchnation.net":"query","video.searchcompletion.com":"q","www.searchbrowsing.com":"q","search.anchorfree.net":"q","search.hotspotshield.com":"q","dts.search-results.com":"q","uk.search-results.com":"q","search.chatzum.com":"q","search.phpnuke.org":"q","www.i-mysearch.com":"q","search.smartaddressbar.com":"q","www.search-guru.com":"q","searchgby.com":"","thespecialsearch.com":"q","search.bpath.com":"q","start.funmoods.com":"s","fr.search-results.com":"q","de.search-results.com":"q","it.search-results.com":"q","es.search-results.com":"q","search.imesh.com":"q","search.swagbucks.com":"q","isearch.avg.com":"q","search.avg.com":"q","search.yippy.com":"query","cludr.com":"q","search.vmn.net":"q","www.gigablast.com":"q","www.metacrawler.com":"q","www.webcrawler.com":"q","www.ixquick.com":"","www.search.com":"q","www.excite.com":"q","duckduckgo.com":"q","search.lycos.com":"q","webfetch.com":"q","monstercrawler.com":"q","go.com":"p","hotbot.com":"keyword","home.myplaycity.com":"s","www.findamo.com":"q","search.gboxapp.com":"q","start.iplay.com":"q","home.speedbit.com":"q","search.alot.com":"q","search.searchplusnetwork.com":"q","www.searchqu.net":"","us.yhs4.search.yahoo.com":"p","search.insiteapp.com":"q","somoto.com":"q","blekko.com":"","uk.yhs4.search.yahoo.com":"p","fr.yhs4.search.yahoo.com":"p","suggestor.netliker.com":"","search.netliker.com":"","insta-search.com":"q","www.fast-search.biz":"q","start.facemoods.com":"s","search.coolnovo.com":"","chromeplus.info":"q","in.yhs4.search.yahoo.com":"p","in.yhs.search.yahoo.com":"p","www.searchble.com":"keyword","home.allgameshome.com":"s","forsearch.net":"q","allssearch.com":"q","search.snap.do":"q","us.yhs.search.yahoo.com":"p","uk.yhs.search.yahoo.com":"p","fr.yhs.search.yahoo.com":"p","search.smartsearchbox.net":"","search.seznam.cz":"q","search.funmoods.com":"s","search.avira.com":"q","search.jzip.com":"q","search.findeer.com":"","search-faster.com":"","dnssearch.rr.com":"search","search.rr.com":"q","search.kalloutsearch4.com":"q","kalloutsearch4.com":"Keywords","search.rapidns.net":"SearchQuery","websearch.4shared.com":"q","images.search.conduit.com":"q","search.cpchero.biz":"q","search.kikin.com":"q","www.engine-search.biz":"q","www.mysearchresults.com":"q","search.vdc.com.vn":"SearchQuery","search.charter.net":"search","search-vbc.com":"keywords","search.pch.com":"q","search.pantip.com":"","www.startsearcher.com":"q","search.icafemanager.com":"q","aolsearcht10.search.aol.com":"q","search.free.fr":"","www.similarsitesearch.com":"URL","qoqole.com":"q","www.claro-search.com":"q","isearch.claro-search.com":"q","www.uncoverthenet.com/search":"q","www.searchcanvas.com":"q","search.etoolkit.com":"q","www.searchalgo.com":"q","bestsearchall.com":"q","bestorganicsearch.com":"q","mysearchproperties.com":"q","search.treasuretrooper.com":"q","btsearch.name":"q","optu.search-help.net":"search","search.clinck.in":"q","search.shareazaweb.net":"q","search.solarmash.com":"q","search.surfcanyon.com":"q","search.tedata.net":"SearchQuery","www.gooofullsearch.com":"keywords","www.alnaddy.com":"q","searchsafer.com":"q","www.searchqu.com":"q","searchfunmoods.com":"s","www.searchfunmoods.com":"s","www.searchya.com":"q","search.lphant.net":"","searchremagnified.com":"","www.pagequeryresults.com":"","www.searchqueryresults.com":"","domainhelp.search.com":"q","search.b1.org":"q","search.pontofrio.com.br":"q","search.maxonline.com.sg":"q","search.us.com":"k","www.picsearch.com":"q","www.search-document.com":"q","www.searchsafer.com":"q","www.website-unavailable.com":"q","fantastigames.metacrawler.com":"q","search.appsarefun.info":"","www.searchamong.com":"query","www.savevalet.com":"q","www.navegaki.com.br":"q","my.rally.io":"","isearch.glarysoft.com":"q","websearch.mocaflix.com":"s","search.fastaddressbar.com":"s","search.certified-toolbar.com":"q","www.delta-search.com":"q","mysearch.avg.com":"q","www1.search-results.com":"q","search.searchya.com":"q","websearch.just-browse.info":"s","search.fbdownloader.com":"q","search.startnow.com":"q","search.protectedsearch.com":"q","start.iminent.com":"q","websearch.pu-results.info":"s","22find.com":"","search.comcast.net":"q","rss2search.com":"q","www.searchinq.com":"q","search.22find.com":"","search.genieo.com":"q","www.safesearch.net":"q","isearch.fantastigames.com":"q","nortonsafe.search.ask.com":"q","search.nation.com":"q","www.dnsrsearch.com":"search","yourstartsearch.com":"q","mixidj.delta-search.com":"q","searchiu.com":"q","www1.dlinksearch.com":"q","search.eazel.com":"q","en.eazel.com":"q","search.smartsuggestor.net":"s","mixidj.claro-search.com":"q","search.buzzdock.com":"q","search.oracle.com":"q","visualbee.delta-search.com":"q","filesearch.setun.net":"q","search.smartsuggestor.com":"s","go.findrsearch.com":"q","search.earthlink.net":"q","search.netzero.net":"query","www.holasearch.com":"q","searchengines.com":"query","www.31searchengines.com":"query","www.99searchengines.com":"query","www.28searchengines.com":"query","www.29searchengines.com":"query","www.38searchengines.com":"query","www.39searchengines.com":"query","www.50searchengines.com":"query","www.100searchengines.com":"query","www.20searchengines.com":"query","www.24searchengines.com":"query","www.45searchengines.com":"query","www.55searchengines.com":"query","www.60searchengines.com":"query","www.70searchengines.com":"query","www.88searchengines.com":"query","www.47searchengines.com":"query","www.32searchengines.com":"query","www.48searchengines.com":"query","www.53searchengines.com":"query","www.40searchengines.com":"query","www.66searchengines.com":"query","www.34searchengines.com":"query","www.49searchengines.com":"query","www.30searchengines.com":"query","www.41searchengines.com":"query","www.36searchengines.com":"query","www.52searchengines.com":"query","www.25searchengines.com":"query","home.maxwebsearch.com":"query","polysearch.org":"srch","search.bnpmedia.com":"q","start.search.us.com":"k","www.searchnfind.org":"","searching-gambling.com":"","search.easylifeapp.com":"s","www.goodsearch.com":"keywords","search.adlux.com":"","websearch.good-results.info":"s","search.beesq.net":"k","www1.delta-search.com":"q","www.search.delta-search.com":"q","www.yhs.delta-search.com":"q","info.delta-search.com":"q","www.yd.delta-search.com":"q","www2.delta-search.com":"q","www3.delta-search.com":"q","websearch.helpmefindyour.info":"s","tuvaro.com":"q","amazon.smart-search.com":"query","butterflysearch.net":"search","g9search.com":"q","images.searchcompletion.com":"q","lab.search.conduit.com":"q","search.autocompletepro.com":"q","search.creativetoolbars.com":"q","search.dudu.com":"q","search.filebulldog.com":"p","search.findwide.com":"k","search.focalprice.com":"","search.juno.com":"query","search.peoplepc.com":"q","search.piccshare.com":"q","search.starburnsoftware.com":"q","search.zonealarm.com":"q","search27.info.com":"qkw","search42.info.com":"qkw","search45.info.com":"qkw","search49.info.com":"qkw","securesearch.lavasoft.com":"q","shieldedsearch.com":"q","us.aolsearch.com":"q","websearch.brandthunder.com":"q","websearch.youwillfind.info":"s","websearchsimple.com":"q","wind.search-help.net":"search","www.21searchengines.com":"","www.22searchengines.com":"","www.42searchengines.com":"","www.46searchengines.com":"","www.85searchengines.com":"","www.goonsearch.com":"q","www.isearch-123.com":"q","www.maxwebsearch.com":"query","www.searchgby.com":"","www.tlbsearch.com":"q","avira.search.ask.com":"q","search.coupons.com":"","smartsearchfacts.com":"search","www.27searchengines.com":"","www.90searchengines.com":"","www.searchgol.com":"q","www.searchpage.com":"","www.toastsearch.com":"q","search.zum.com":"query","searchzone.com":"query"}|||8641373991051990
Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2891611942-2851109532-2480967013-1001\Software\Updater By SweetPacks
Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mysearchdialcdn.com
Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sweetpacks.com
Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mysearchdialcdn.com
Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\sweetpacks.com
Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mysearchdialcdn.com
Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sweetpacks.com
Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\mysearchdialcdn.com
Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\sweetpacks.com
Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2891611942-2851109532-2480967013-1001\Software\SweetIM
Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\imesh
Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\imesh
Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\click-new-download.com\imesh
Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\click-new-download.com\imesh
 

ZHP Cleaner:

~ ZHPCleaner v2015.12.23.405 by Nicolas Coolman (2015/12/23)
~ Run by Soriano (Administrator)  (23/12/2015 18:23:06)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Soriano\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Soriano\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (2)
DELETED: [e1ty4f6k.default] - user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]  =>PUP.Optional.SweetIM
DELETED data: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : <local>]  =>Hijacker.Proxy


---\\  Hosts file (0)
~ No malicious or unnecessary items found.


---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\  Explorer ( File, Folder) (28)
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorRetakeoverDialog\main.html    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.css    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.js    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.jpg    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.png    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorRetakeoverDialog\Images\info.png    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorRetakeoverDialog\Images\ok-on.png    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorRetakeoverDialog\Images\ok.png    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorDialog\main.html    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorDialog\SearchProtector.css    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorDialog\SearchProtector.js    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorDialog\Images\info.png    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorDialog\Images\ok-on.png    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorDialog\Images\ok.png    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorBubbleDialog\bubble.css    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorBubbleDialog\bubble.js    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorBubbleDialog\main.html    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorBubbleDialog\images\information.png    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorBubbleDialog\images\x-default-LTR.png    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorBubbleDialog\images\x-default-RTL.png    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-LTR.png    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-RTL.png    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\NewSearchProtectorDialog\main.html    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\NewSearchProtectorDialog\SearchProtector.css    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\NewSearchProtectorDialog\SearchProtector.js    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\NewSearchProtectorDialog\images\ok-button.png    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\NewSearchProtectorDialog\images\separation-line.png    =>PUP.Optional.SearchProtect
MOVED file: C:\Users\Soriano\AppData\Roaming\Mozilla\Firefox\Profiles\e1ty4f6k.default\CT3008668\Dialogs\NewSearchProtectorDialog\images\warning.png    =>PUP.Optional.SearchProtect


---\\  Registry ( Key, Value, Data) (2)
DELETED key: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75A173AC-EBC0-4BC6-A8AF-03EBC2A94E26} [http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd] [Ask.com]  =>Toolbar.Ask
DELETED key: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75A173AC-EBC0-4BC6-A8AF-03EBC2A94E26} [http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd]  =>Toolbar.Ask


---\\  Summary of the elements found (4)






---\\  Other deletions. (27)
~ Registry Keys Tracing deleted (27)
~ Remove the old reports ZHPCleaner. (0)


---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 1029
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 32


~ End of clean in 00h00mn34s
===================
ZHPCleaner-[R]-23122015-18_23_40.txt
ZHPCleaner-[S]-23122015-18_19_53.txt
 

 

Zemana Scan:

Zemana AntiMalware 2.19.2.737 (Installed)

-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2015/12/23
Operating System       : Windows 7 64-bit
Processor              : 4X Intel® Core™2 Quad CPU  Q8300 @ 2.50GHz
BIOS Mode              : Legacy
CUID                   : 00DF7D927C0D2B40EB7AD9
Scan Type              : Deep Scan
Duration               : 56m 1s
Scanned Objects        : 281729
Detected Objects       : 2
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : Yes
Include All Extensions : No
Scan Documents         : No
Domain Info            : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Chrome Homepage
Status             : Scanned
Object             : http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={9A9AC83A-B02D-11E2-B745-E0CB4E1D7FE1}
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Traces             :
                Browser Setting - Chrome Homepage

frostwire-5.3.6.windows.exe
Status             : Scanned
Object             : %userprofile%\.frostwire5\updates\frostwire-5.3.6.windows.exe
MD5                : DACF59537BB191D181DD38E31547CCC6
Publisher          : Frostwire, LLC
Size               : 10466912
Version            : 5.3.6.0
Detection          : Adware:Win32/OpenCandy
Cleaning Action    : Quarantine
Traces             :
                File - %userprofile%\.frostwire5\updates\frostwire-5.3.6.windows.exe


Cleaning Result
-------------------------------------------------------
Cleaned               : 2
Reported as safe      : 0
Failed                : 0
 


Edited by bkhiatt, 24 December 2015 - 12:32 AM.


#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:39 PM

Posted 23 December 2015 - 09:49 PM

Looks like you are missing a couple of logs....

 

Uninstall  Spybot - Search & Destroy, it is useless.

 

Make sure and update these programs.

 

Adobe AIR v.1.5.3.9130 Warning! Download Update

Adobe Reader XI (11.0.11) v.11.0.11 Warning! Download Update
Uninstall old version and install new one.

 

 

 

Malwarebytes Scan.

 

We need you to run MalwareBytes to get a log, please download the free version of MalwareBytes HERE

http://data-cdn.mbamupdates.com/web/mbam-setup-2.2.0.1024.exe  Alternate Link.

Save the file to somewhere you can easily find it. Double click the saved file to start the install, accept any security warnings that may appear, and after the install click the new desktop icon to start the program. We need to modify a couple of things with MalwareBytes before we use it so please follow the steps below.

  1. If the dashboard is not already displayed select it.
  2. Then select "Update Now" to get the latest database.

VSKiiIc.jpg

  1. Next we need to change a scanning option, select "Settings" on the main menu, then "Detection and Protection" on the left.
  2. Then select "Scan for rootkits" in the detection options, as well as the other two options already checked.

ZU4W2g2.jpg

  • Now return to Dashboard on the main menu and select "Scan Now" at the bottom of the screen.

nF8dOcq.jpg

  • Allow MalwareBytes to scan your system, it may take some time depending on what you have loaded onto your hard drive.

L8lsasM.jpg

When the scan is finished

  1. Click "Save Results"
  2. Then click on "Text file"

5x4JOvA.jpg

  • A window will then open allowing you to choose a name for the logfile and also allowing you to choose where to save it, save it to the desktop.
  • Please copy and paste the contents of this file in your next post.

 

 

Eset Online Scanner.

 

Eset Scan

Click Me To Download Eset Scan

Disable your antivirus prior to this scan.
 
 esetonlinebtn.png
 

  •  Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

 

9-Lab Scan.

 

  • Download 9-Lab Removal Tool.
  • CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
  • Install the program onto your computer, then right click the icon  run as administrator.
  • Update the program and then run a full scan!
  • Make sure the program updates, might be better to install it update reboot and check for updates again.
  • You need to make sure the database updates!!!
  • Upon Scan Completion Click on Show Results.
  • Then Click On Clean 
  • Then Click on Save Log.
  • Save it to your desktop, copy and paste the contents of the log here in your next reply.

 

 

Minitoolbox scan.

 

 

Please download MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.



#5 bkhiatt

bkhiatt
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 24 December 2015 - 01:27 PM

Merry Christmas and Thanks Again!

 

We appear to be making progress as I was able to update the adobe apps as suggested (previously that failed as well) and overnight Windows Update did it thing and automatically installed a whole bunch of updates.

 

I also uninstalled Spybot as directed and I added the missing log from Zemana above.

 

For this go around:

 

Malware Bytes Log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/23/2015
Scan Time: 10:21 PM
Logfile: Malware Bytes Anti-Malware Log.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2015.12.24.02
Rootkit Database: v2015.12.18.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Soriano

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 448225
Time Elapsed: 46 min, 1 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

ESET Online Scanner: (note, I left this running and went to bed, windows update did its thing overnight and rebooted.  I found a log file in C:\Program Files (Nx86)\ESET\ESET OnlineScanner\log.txt and attached it here, I hope this is good enough)

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=15aa3250ba8857409d7b4ff9ca485799
# end=init
# utc_time=2015-12-23 06:14:29
# local_time=2015-12-23 10:14:29 (-0800, Pacific Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27336
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=15aa3250ba8857409d7b4ff9ca485799
# end=updated
# utc_time=2015-12-23 06:16:13
# local_time=2015-12-23 10:16:13 (-0800, Pacific Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=15aa3250ba8857409d7b4ff9ca485799
# engine=27336
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-23 07:45:11
# local_time=2015-12-23 11:45:11 (-0800, Pacific Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton 360'
# compatibility_mode=3598 16777213 100 93 64984615 90038189 0 0
# scanned=300827
# found=2
# cleaned=2
# scan_time=5337
sh=F7B58A3B35BB872D9EE18499D92E465ECF1B3F83 ft=1 fh=4658244f9732d57c vn="a variant of Win64/Toolbar.Perion.D potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\update[1]"
sh=84EF2E619397368AF5B8BA3C4FAB4BB775BE9021 ft=1 fh=dd07fe4fdce68f9d vn="a variant of Win32/Toolbar.Perion.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\update[2]"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=15aa3250ba8857409d7b4ff9ca485799
# end=init
# utc_time=2015-12-24 07:09:02
# local_time=2015-12-23 11:09:02 (-0800, Pacific Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
DLL:pipe not connected. attempts=120
Update Init
Update Download
Update Finalize
Updated modules version: 27342
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=15aa3250ba8857409d7b4ff9ca485799
# end=updated
# utc_time=2015-12-24 07:12:38
# local_time=2015-12-23 11:12:38 (-0800, Pacific Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=15aa3250ba8857409d7b4ff9ca485799
# engine=27342
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-12-24 09:08:07
# local_time=2015-12-24 01:08:07 (-0800, Pacific Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 88 0 1049241 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 108484662 202491537 0 0
# scanned=298567
# found=2
# cleaned=2
# scan_time=6928
sh=18D0182E5D99EAC059E3DF4FDBF347AA78975C45 ft=1 fh=b8e97069d102a0ab vn="a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Soriano\AppData\LocalLow\Sun\Java\jre1.8.0_40\java_sp.dll"
sh=D3E8A057EAD1A21B636BBCAE646BF9026D184454 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Soriano\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\14.00\agent\stub_data\askrt_en.cab"
DLL:pipe not connected. attempts=120
 

9-Labs Scan:

9-lab Removal Tool 1.0.0.38 BETA
9-lab.com

Database version: 0.0

Windows 7 Service Pack 1 (Version 6.1, Build 7601, 64-bit Edition)
Internet Explorer 9.11.9600.18124
Soriano :: SORIANO-PC

12/24/2015 9:24:53 AM
9lab-log-2015-12-24 (09-24-53).txt

Scan type: Full
Objects scanned: 58858
Time Elapsed: 37 m 38 s

Registry Values detected: 1
Risk.IEPath [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command (Default)]


Files detected: 64
[81FFE558C93C70CCBAE2D10F0B628257] Malware.Win32.Gen.cs2 [C:\Program Files (x86)\Cyberlink\PowerDirector\PDHanumanSvr.exe]
[1FC96C56E8D9A3B659575E546FEE9E87] Malware.Win32.Gen.cs0 [C:\Program Files (x86)\Hewlett-Packard\Media\DVD\zlib1.dll]
[6A05110733966830F85BC2FE957C79EB] Malware.Win32.Gen.cld [C:\Users\Soriano\AppData\Roaming\Real\Update\temp\~Upg1\rnupgagent.exe]
[16EAB3FEBD96CED6C12B47FEC7423CD8] Malware.Win32.Gen.cs0 [C:\Users\Soriano\AppData\Roaming\ZHP\ZHPCleaner.exe]
[16EAB3FEBD96CED6C12B47FEC7423CD8] Malware.Win32.Gen.cs0 [C:\Users\Soriano\Desktop\ZHPCleaner.exe]
[2BD27DC2EF69D920D990133FB8DB18B8] Malware.Win32.Gen.cs0 [C:\Users\Soriano\Desktop\ZHPCleaner.lnk]
[2723697065B733FCAE91765B70CEBA8C] Malware.Win32.Gen.cs0 [C:\Users\Soriano\Desktop\MiniToolBox.exe]
[F92C7457C2FA19DE1E4F1DBAD885FAAA] Malware.Win32.Gen.cld [C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\logtransport2.exe]
[00B0ACE97EAA8A8F1CC1867E49B1FE74] Malware.Win32.Gen.cs1 [C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe]
[00B0ACE97EAA8A8F1CC1867E49B1FE74] Malware.Win32.Gen.cs1 [C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe]
[00B0ACE97EAA8A8F1CC1867E49B1FE74] Malware.Win32.Gen.cs1 [C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe]
[00B0ACE97EAA8A8F1CC1867E49B1FE74] Malware.Win32.Gen.cs1 [C:\Windows\Installer\{EA17F4FC-FDBF-4CF8-A529-2D983132D053}\SkypeIcon.exe]
[00B0ACE97EAA8A8F1CC1867E49B1FE74] Malware.Win32.Gen.cs1 [C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe]
[3C809EFE1AA6C9355FA3D2CEA29821C0] Malware.Win32.Gen.cs0 [C:\Windows\System32\DriverStore\FileRepository\atiilhag.inf_amd64_neutral_0a660e899f5038a2\amdpcom32.dll]
[A87261EF1546325B559374F5689CF5BC] Malware.Win64.Gen.cs0 [C:\Windows\System32\DriverStore\FileRepository\igdlh.inf_amd64_neutral_54a12b57f547d08e\igdkmd64.sys]
[D45BE8BAED0B82F6BBC9D9421FA8FA1C] Malware.Win64.Gen.cs0 [C:\Windows\System32\Ribbons.scr]
[29C1D5B330B802EFA1A8357373BC97FE] Malware.Win64.Gen.cs0 [C:\Windows\System32\spinstall.exe]
[BDFABEDACD6F18B5EFB14B7529F3ED3E] Malware.Win32.Gen.cs2 [C:\Windows\SysWOW64\AdapterTroubleshooter.exe]
[02AF9857838C25EC98BBE492271F3E27] Malware.Win32.Gen.cs0 [C:\Windows\SysWOW64\aecache.dll]
[DBB45A0839719312F248351E3FB9A0AE] Malware.Win32.Gen.cs0 [C:\Windows\SysWOW64\cmdl32.exe]
[B4834F08230A2EB7F498DE4E5B6AB814] Malware.Win32.Gen.cs0 [C:\Windows\SysWOW64\fsutil.exe]
[536020876C0980D49094E7EBB94A00AA] Malware.Win32.Gen.cs2 [C:\Windows\SysWOW64\hdwwiz.exe]
[F67A64C46DE10425045AF682802F5BA6] Malware.Win32.Gen.cs2 [C:\Windows\SysWOW64\msdt.exe]
[0842FB9AC27460E2B0107F6B3A872FD5] Malware.Win32.Gen.cs0 [C:\Windows\SysWOW64\raserver.exe]
[3C809EFE1AA6C9355FA3D2CEA29821C0] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\amd64_atiilhag.inf_31bf3856ad364e35_6.1.7600.16385_none_019357585ef99a63\amdpcom32.dll]
[3C809EFE1AA6C9355FA3D2CEA29821C0] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\amd64_atiilhag.inf_31bf3856ad364e35_6.1.7601.17514_none_03c46b205be81dfd\amdpcom32.dll]
[F6FD7F8147A591317E57D9008C8C7541] Malware.Win32.Gen.cld [C:\Windows\SysWOW64\wimserv.exe]
[A87261EF1546325B559374F5689CF5BC] Malware.Win64.Gen.cs0 [C:\Windows\winsxs\amd64_igdlh.inf_31bf3856ad364e35_6.1.7600.16385_none_f3e7064ea3c09a9a\igdkmd64.sys]
[7CA00998C1AAF913AC089E29DB746037] Malware.Win32.Gen.cs0 [C:\Windows\SysWOW64\unregmp2.exe]
[90499F3163A9F815CF196A205EA3CD5D] Malware.Win64.Gen.cs0 [C:\Windows\winsxs\amd64_microsoft-windows-a..ence-infrastructure_31bf3856ad364e35_6.1.7601.17514_none_3337092d63596104\apphelp.dll]
[784FA3DF338E2E8F5F0389D6FAC428AF] Malware.Win64.Gen.cs0 [C:\Windows\winsxs\amd64_microsoft-windows-cryptbase_31bf3856ad364e35_6.1.7600.16385_none_c15ac71fc7aafddc\cryptbase.dll]
[D45BE8BAED0B82F6BBC9D9421FA8FA1C] Malware.Win64.Gen.cs0 [C:\Windows\winsxs\amd64_microsoft-windows-ribbons_31bf3856ad364e35_6.1.7601.17514_none_e6dae9713e9b7588\Ribbons.scr]
[29C1D5B330B802EFA1A8357373BC97FE] Malware.Win64.Gen.cs0 [C:\Windows\winsxs\amd64_microsoft-windows-servicepackcoordinator_31bf3856ad364e35_6.1.7601.17514_none_92e727843e307e1b\spinstall.exe]
[28F53390A15648FFD403CC4C65A90B27] Malware.Win32.Gen.cld [C:\Windows\winsxs\wow64_microsoft-windows-a..olicy-snapin-native_31bf3856ad364e35_6.1.7600.16385_none_a5b522837df19ae3\auditpolmsg.dll]
[98C66B8010CD7B6865F308ABD87C8E86] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\wow64_microsoft-windows-cdosys_31bf3856ad364e35_6.1.7601.17514_none_86c0afe17064a99d\cdosys.dll]
[59DF156711A76BCB993253EC6C9BBF41] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4a5d2c9ecd59afa7\dnsapi.dll]
[CC23295DA8F7B5C53F93804D2F5D30EB] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18177_none_120fcb2fa5b4c238\lpk.dll]
[B59E370277EDB6643083B62297175628] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\wow64_microsoft-windows-ieframe_31bf3856ad364e35_11.2.9600.17501_none_5141faddf7972fed\ieframe.dll]
[76161B9D78A275F8F28DD67436013110] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18409_none_fc484db2a13f5426\kernel32.dll]
[F67A64C46DE10425045AF682802F5BA6] Malware.Win32.Gen.cs2 [C:\Windows\winsxs\wow64_microsoft-windows-msdt_31bf3856ad364e35_6.1.7600.16385_none_0bcbfdec6b984220\msdt.exe]
[A3D9528E228DDD9A404E5EF4295AE35F] Malware.Win32.Gen.cs2 [C:\Windows\winsxs\wow64_microsoft-windows-msinfo32-exe_31bf3856ad364e35_6.1.7600.16385_none_122602d047c011da\msinfo32.exe]
[0842FB9AC27460E2B0107F6B3A872FD5] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\wow64_microsoft-windows-r..sistance-dcomserver_31bf3856ad364e35_6.1.7600.16385_none_963d3becc3a475f1\raserver.exe]
[DBB45A0839719312F248351E3FB9A0AE] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\wow64_microsoft-windows-rasconnectionmanager_31bf3856ad364e35_6.1.7600.16385_none_c569db6aae975591\cmdl32.exe]
[DBB45A0839719312F248351E3FB9A0AE] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\wow64_microsoft-windows-rasconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_c79aef32ab85d92b\cmdl32.exe]
[4C61EA0D3BE4623EC040C4BE3E05AB26] Malware.Win32.Gen.cld [C:\Windows\winsxs\wow64_microsoft-windows-w..for-management-core_31bf3856ad364e35_6.1.7600.16385_none_30af1158fb1994f7\WSManHTTPConfig.exe]
[4C61EA0D3BE4623EC040C4BE3E05AB26] Malware.Win32.Gen.cld [C:\Windows\winsxs\wow64_microsoft-windows-w..for-management-core_31bf3856ad364e35_6.1.7601.17514_none_32e02520f8081891\WSManHTTPConfig.exe]
[68B4A549D0B56A4DD9A488751037CF09] Malware.Win32.Gen.cs2 [C:\Windows\winsxs\wow64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.1.7601.17514_none_b656fd566c17dc3a\mstsc.exe]
[BDFABEDACD6F18B5EFB14B7529F3ED3E] Malware.Win32.Gen.cs2 [C:\Windows\winsxs\x86_microsoft-windows-adaptertroubleshooter_31bf3856ad364e35_6.1.7600.16385_none_d1d79dd7e49a786f\AdapterTroubleshooter.exe]
[622D95520182F6D3D05310D5810CA8B3] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7600.16385_none_d9a3beb1698738d8\SearchIndexer.exe]
[622D95520182F6D3D05310D5810CA8B3] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\wow64_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_dbd4d2796675bc72\SearchIndexer.exe]
[B4834F08230A2EB7F498DE4E5B6AB814] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\x86_microsoft-windows-fsutil_31bf3856ad364e35_6.1.7601.17577_none_ce2d9fba4e5ca8e7\fsutil.exe]
[76B39554938CABCC219C7471ADAF3135] Malware.Win32.Gen.cld [C:\Windows\winsxs\x86_microsoft-windows-ie-impexp-extexport_31bf3856ad364e35_8.0.7601.17514_none_4abf71c398c9a7d6\ExtExport.exe]
[536020876C0980D49094E7EBB94A00AA] Malware.Win32.Gen.cs2 [C:\Windows\winsxs\x86_microsoft-windows-legacyhwui_31bf3856ad364e35_6.1.7600.16385_none_e24a7886a9947ebf\hdwwiz.exe]
[7CA00998C1AAF913AC089E29DB746037] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.1.7600.16385_none_adca1fa537de6f5e\unregmp2.exe]
[7CA00998C1AAF913AC089E29DB746037] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.1.7601.17514_none_affb336d34ccf2f8\unregmp2.exe]
[670205944B0F9D4FE47B86D7F6CC0A16] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\x86_microsoft-windows-msauditevtlog_31bf3856ad364e35_6.1.7600.16385_none_c718d071d9c10a2d\auditpol.exe]
[670205944B0F9D4FE47B86D7F6CC0A16] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\x86_microsoft-windows-msauditevtlog_31bf3856ad364e35_6.1.7601.18637_none_c937305dd6bd2876\auditpol.exe]
[A3D9528E228DDD9A404E5EF4295AE35F] Malware.Win32.Gen.cs2 [C:\Windows\winsxs\x86_microsoft-windows-msinfo32-exe-common_31bf3856ad364e35_6.1.7600.16385_none_861b553e4c3473c1\msinfo32.exe]
[02AF9857838C25EC98BBE492271F3E27] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\x86_microsoft-windows-sysprep-aecache_31bf3856ad364e35_6.1.7600.16385_none_f4906b14fa5f4e62\aecache.dll]
[0729A9A1026BEBD625E9F1FAF5113C34] Malware.Win32.Gen.cs2 [C:\Windows\winsxs\x86_microsoft-windows-sethc_31bf3856ad364e35_6.1.7600.16385_none_6296951cd66ee3c2\sethc.exe]
[E777BD47354F76CACF62FA193E510812] Malware.Win32.Gen.cs2 [C:\Windows\winsxs\x86_microsoft-windows-systemcpl_31bf3856ad364e35_6.1.7600.16385_none_e0abcaa7bf6258b5\systemcpl.dll]
[6DE80F60D7DE9CE6B8C2DDFDF79EF175] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe]
[F6FD7F8147A591317E57D9008C8C7541] Malware.Win32.Gen.cld [C:\Windows\winsxs\x86_microsoft-windows-wimgapi_31bf3856ad364e35_6.1.7601.17514_none_8b030c557320a2c1\wimserv.exe]
[2540B048D09C391B18E1EDB68EF9460C] Malware.Win32.Gen.cs0 [C:\Windows\winsxs\x86_regsvcs_b03f5f7f11d50a3a_6.1.7600.16385_none_beb69dae2443e398\RegSvcs.exe]


MiniToolBox Scan:

MiniToolBox by Farbar  Version: 02-11-2015
Ran by Soriano (administrator) on 24-12-2015 at 10:24:11
Running from "C:\Users\Soriano\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: AY691AA-ABA p6367c Manufacturer: HP-Pavilion
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: localhost:8080

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    10sek.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    123fporn.info
127.0.0.1    www.123fporn.info
127.0.0.1    123haustiereundmehr.com
127.0.0.1    www.123haustiereundmehr.com
127.0.0.1    123moviedownload.com
127.0.0.1    www.123moviedownload.com

There are 15463 entries.

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Soriano-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : E0-CB-4E-1D-7F-E1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.64(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, December 24, 2015 3:21:43 AM
   Lease Expires . . . . . . . . . . : Sunday, January 30, 2152 4:52:34 PM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DNS Servers . . . . . . . . . . . : 75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{0D6F904B-FF9A-475A-A5E2-DB3A8ACD50D6}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cdns01.comcast.net
Address:  75.75.75.75

Name:    google.com
Addresses:  2607:f8b0:4005:802::1006
      74.125.239.100
      74.125.239.97
      74.125.239.103
      74.125.239.98
      74.125.239.104
      74.125.239.105
      74.125.239.96
      74.125.239.99
      74.125.239.101
      74.125.239.102
      74.125.239.110


Pinging google.com [74.125.239.132] with 32 bytes of data:
Reply from 74.125.239.132: bytes=32 time=10ms TTL=55
Reply from 74.125.239.132: bytes=32 time=10ms TTL=55

Ping statistics for 74.125.239.132:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 10ms, Maximum = 10ms, Average = 10ms
Server:  cdns01.comcast.net
Address:  75.75.75.75

Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
      2001:4998:c:a06::2:4008
      2001:4998:44:204::a7
      98.138.253.109
      206.190.36.45
      98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=85ms TTL=49
Reply from 98.139.183.24: bytes=32 time=85ms TTL=49

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 85ms, Maximum = 85ms, Average = 85ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...e0 cb 4e 1d 7f e1 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.64     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.64    276
     192.168.1.64  255.255.255.255         On-link      192.168.1.64    276
    192.168.1.255  255.255.255.255         On-link      192.168.1.64    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.64    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.64    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/24/2015 09:26:52 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/23/2015 11:08:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/23/2015 11:08:44 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/23/2015 11:08:44 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/23/2015 10:52:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/23/2015 06:11:35 PM) (Source: Application Error) (User: )
Description: Windows cannot access the file C:\Windows\Fonts\msyi.ttf for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Google Chrome because of this error.

Program: Google Chrome
File: C:\Windows\Fonts\msyi.ttf

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
    - It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
    - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C000009C
Disk type: 3

Error: (12/23/2015 06:11:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 47.0.2526.106, time stamp: 0x566a3406
Faulting module name: dwrite.dll, version: 6.2.9200.17461, time stamp: 0x55b8d535
Exception code: 0xc0000006
Fault offset: 0x00075234
Faulting process id: 0x12f4
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (12/23/2015 05:20:07 PM) (Source: Automatic LiveUpdate Scheduler) (User: Soriano-PC)
Description: errorFailed unregistering service.

Error: (12/23/2015 02:35:18 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/23/2015 02:35:18 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (12/24/2015 03:23:15 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (12/24/2015 03:22:33 AM) (Source: Service Control Manager) (User: )
Description: The MSCamSvc service failed to start due to the following error:
%%2

Error: (12/24/2015 03:21:41 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (12/24/2015 03:21:38 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (12/24/2015 03:21:36 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (12/24/2015 03:21:33 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (12/24/2015 03:21:31 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (12/24/2015 03:21:28 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (12/24/2015 03:21:26 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (12/24/2015 03:21:23 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.


Microsoft Office Sessions:
=========================
Error: (12/24/2015 09:26:52 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (12/23/2015 11:08:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Soriano\Desktop\esetsmartinstaller_enu.exe

Error: (12/23/2015 11:08:44 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Soriano\Desktop\esetsmartinstaller_enu.exe

Error: (12/23/2015 11:08:44 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Soriano\Desktop\esetsmartinstaller_enu.exe

Error: (12/23/2015 10:52:52 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Soriano\Desktop\esetsmartinstaller_enu.exe

Error: (12/23/2015 06:11:35 PM) (Source: Application Error)(User: )
Description: C:\Windows\Fonts\msyi.ttfGoogle ChromeC000009C3

Error: (12/23/2015 06:11:35 PM) (Source: Application Error)(User: )
Description: chrome.exe47.0.2526.106566a3406dwrite.dll6.2.9200.1746155b8d535c00000060007523412f401d13df0641e7076C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\dwrite.dlla7f7ca94-a9e3-11e5-8dac-e0cb4e1d7fe1

Error: (12/23/2015 05:20:07 PM) (Source: Automatic LiveUpdate Scheduler)(User: Soriano-PC)
Description: errorFailed unregistering service.

Error: (12/23/2015 02:35:18 PM) (Source: Windows Search Service)(User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/23/2015 02:35:18 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)


CodeIntegrity Errors:
===================================
  Date: 2015-12-23 19:23:16.088
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-12-23 19:23:16.073
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-12-23 19:23:15.995
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-12-23 19:23:15.963
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-12-23 19:23:13.311
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-12-23 19:23:13.296
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-12-23 19:23:13.171
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2015-12-23 19:23:13.171
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2013-02-24 20:26:42.240
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-02-24 20:26:42.096
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
9-lab Removal Tool (HKLM-x32\...\9-lab Removal Tool) (Version:  - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20069 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.204 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
Amazon MP3 Downloader 1.0.12 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.12 - Amazon Services LLC)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft PhotoImpression 6 (HKLM-x32\...\{D03E7B00-CA85-4684-9321-1888873C34BD}) (Version: 6 - ArcSoft)
ArcSoft Print Creations - Photo Calendar (HKLM-x32\...\{CA9ED5E4-1548-485B-A293-417840060158}) (Version:  - ArcSoft)
ArcSoft Print Creations (HKLM-x32\...\{0D6D96F4-0CAF-4522-B05F-70A88EDECDFD}) (Version:  - ArcSoft)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
Disneys Villains Revenge (HKLM-x32\...\Villains Revenge) (Version:  - )
DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 1.0.1.4 - DivX, Inc. )
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version:  - )
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FrostWire 5.1.4 (HKLM-x32\...\FrostWire 5) (Version: 5.1.4.0 - FrostWire Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.1 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP FWUpdateEDO3 (HKLM-x32\...\{A82D0C46-EBDF-4B27-A731-D06EF2056E81}) (Version: 1.0.0.0 - Hewlett-Packard Company)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP LaserJet Professional M1530 MFP Series (HKLM-x32\...\{74280B5D-A0AF-46c5-9C85-D9EA078262F1}) (Version:  - Hewlett-Packard)
HP LJ M1530 MFP Series HP Scan (HKLM-x32\...\{C05002F1-06F8-4A15-B6F8-E4DC655C28AA}) (Version: 1.0.302.0 - Hewlett-Packard Co.)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3601 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.11.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPLaserJetHelp_LearnCenter (HKLM-x32\...\{B2AA0F22-E167-4C4A-BAE2-E0025028E61B}) (Version: 1.02.0000 - Hewlett-Packard)
HPLJUT (HKLM-x32\...\{229D6185-BD7E-494B-A73B-C5215BE0690E}) (Version: 1.00.0012 - HP) Hidden
hppFaxDrvM1530 (HKLM-x32\...\{FD575F8B-6141-455A-8AE5-F2D2E08520FC}) (Version: 003.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityM1530 (HKLM-x32\...\{C462F75B-9A35-4A84-AE52-E8C9112AAE87}) (Version: 000.002.00001 - Hewlett-Packard) Hidden
hppLaserJetService (HKLM-x32\...\{4006E354-3D24-49BA-A36F-7EB75D50D575}) (Version: 002.015.00599 - Hewlett-Packard) Hidden
hppM1530LaserJetService (HKLM-x32\...\{A1D53426-D6F3-4886-A72B-E1A8C82259E9}) (Version: 001.008.00477 - Hewlett-Packard) Hidden
hppSendFaxM1530 (HKLM-x32\...\{865E1902-B6FE-4AF0-B61D-A82EBC53569E}) (Version: 003.000.00001 - Hewlett-Packard) Hidden
hppTLBXFXM1530 (HKLM-x32\...\{9112FEA9-0F64-453C-BEA5-9A782F87EDAA}) (Version: 001.012.00948 - Hewlett-Packard) Hidden
hpzTLBXFX (HKLM-x32\...\{A3A18593-62BE-4AE1-AF3F-E35179CF042E}) (Version: 006.015.01163 - Hewlett-Packard) Hidden
Hulu Desktop (HKCU\...\HuluDesktop) (Version: 0.9.9 - Hulu LLC)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2226 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version:  - )
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM-x32\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Mozilla Firefox 43.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 en-US)) (Version: 43.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3405 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3405 - CyberLink Corp.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version:  - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2216 - CyberLink Corp.) Hidden
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
SpywareBlaster 5.4 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.4.0 - BrightFort LLC)
VC80CRTRedist - 8.0.50727.4053 (HKLM-x32\...\{5EE7D259-D137-4438-9A5F-42F432EC0421}) (Version: 1.1.0 - DivX, Inc) Hidden
Videora iPod touch Converter 5.04 (HKLM-x32\...\Videora iPod touch Converter) (Version: 5.04 - Red Kawa)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.19.737 - Zemana Ltd.)

========================= Devices: ================================

Name: I:\
Description: Compact Flash  
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#058F63626476&1#
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: K:\
Description: MS/MS-Pro      
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_MS#MS-PRO&REV_1.03#058F63626476&3#
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: H:\
Description: SD/MMC         
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_SD#MMC&REV_1.00#058F63626476&0#
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: J:\
Description: SM/xD-Picture  
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_SM#XD-PICTURE&REV_1.02#058F63626476&2#
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 8157.18 MB
Available physical RAM: 6015.43 MB
Total Virtual: 16312.57 MB
Available Virtual: 14200.24 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:920.81 GB) (Free:734.56 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.61 GB) (Free:1.52 GB) NTFS

========================= Users: ========================================

User accounts for \\SORIANO-PC

Administrator            Guest                    Soriano                 


**** End of log ****
 



#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:39 PM

Posted 24 December 2015 - 01:37 PM

Any more issues? I would also like you to install u-Block Origin, install it for all of your browsers. Also install Ghostery for all of your browsers, set it to block all trackers and cookies.

 

 

Reset Host File.

 

 

  • Click here to download RstHosts v2.0
  • Save the file to your desktop.
  • Right Click and Run as Administrator.
  • Click on Restaurer, then click OK at the prompt.
  • This will restore the default host file.
  • Next Click on Creer Un Rapport.
  • This will open a logfile, post that in your next reply.

 

 

4h9FxUX.png

 

 

Install Ccleaner - Clean up temp files.

 

 

Go ahead and install ccleaner Now that you have the program installed go ahead and run the cleaner function.

https://www.piriform.com/ccleaner/download
kwLN4uv.png

Now that you have cleaned out some temp files, lets go ahead and disable all of the items starting up with your machine except your antivirus. To do this you will need to click on tools then start up then under the Windows Tab select each item then disable. Also under the scheduled task tab, you are safe to disable all task. Only disable items under the windows tab and scheduled task tab!

GjWwvEu.png

Now that you have disabled those un-needed start ups lets go into the settings, we will have Ccleaner run when your machine boots, so that you will never have to worry about cleaning temp files again.

To do this:
 

  • Hit options.
  • Settings.
  • Place a tick to run Ccleaner when the computer starts.

Lxioao1.png

Now go to the advanced tab, and select close program after cleaning, now run the cleaner again this will close Ccleaner.

SnqZ2JW.png

 

 

Clean up more useless temp files and defrag your machine.

 

 

Also run a deep clean up with PrivaZer Then Defrag with TooWiz Smart Defrag (Do Not Defrag If SSD) Now reboot your machine and tell me how things are.



#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:39 PM

Posted 24 December 2015 - 02:13 PM

Error: (12/24/2015 03:21:23 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

 

 

You are also gonna want to run a check disk. The Hard Drive,  MAY be failing.

 

 

Run Check Disk

 

 

Run a check disk with the following command.

 

 chkdsk /f /r
See this youtube video for instructions on running checkdisk.
Use the command in the code box above to run checkdisk


https://www.youtube.com/embed/4feZG3LebOg

 

 

Download HD Tune and save the file. Install HD Tune and restart it after installation. Then go to the tab Error Scan , select the hard drive you want to check and press Start . The check can be quite time consuming take depends on the size of the hard drive check. Take a screen shot of the result and save it. Upload it to IMGUR for us. Post the link here.

 

Do Not tick the quick scan!!

 



#8 bkhiatt

bkhiatt
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:39 PM

Posted 26 December 2015 - 01:08 AM

Things look pretty good now.  Thanks for all your help!

 

I ran chkdsk and in stage 4 it found some damaged True Type Fonts in the c:\windows directory.  I didn't see what it did in stage 5 checking the blocks.  I then ran it again and it ran clean but again I didn't see what it did in stage 5 with the block check.

 

Here's the HD Tune Screenshot, it found 2 bad blocks.

http://imgur.com/mkXi3nI
 

Restore Hosts Log:

-|x| RstHosts v2.0 - Rapport créé le 24/12/2015 à 14:05:27
-|x| Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
-|x| Nom d'utilisateur : Soriano - SORIANO-PC (Administrateur)

-|x|- Informations -|x|-

Emplacement : C:\Windows\System32\drivers\etc\hosts
Attribut(s) : RASH
Propriétaire : Administrators - BUILTIN
Taille : 89 bytes
Date de création : 13/07/2009 - 18:34:48
Date de modification : 24/12/2015 - 14:05:20
Date de dernier accès : 24/12/2015 - 14:05:20

-|x|- Contenu du fichier -|x|-

# Fichier Hosts créé par RstHosts

127.0.0.1       localhost
::1             localhost

-|x|- E.O.F - C:\RstHosts.txt - 628 bytes -|x|-
 



#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:39 PM

Posted 26 December 2015 - 10:42 AM

I would suggest putting yourself in full control of what is running on your machine with VooDoo Shield.

 

Qualys BrowserCheck To update plugins.

 

Web Of Trust  To Avoid  Shady Websites.

 

Unchecky To Avoid Bundled Software.

 

 

 

 

Now Lets Clean up the tools we used and remove old restore points.

 

Download DelFix by "Xplode" to your Desktop.
Right Click the tool and Run as Admin ( Xp Users Double Click)
Put a check mark next the items below:


Remove disinfection tools
Create registry backup
Purge System Restore




Now click on "Run" button.
allow the program to complete its work.
all the tools we used will be removed.
Tool will create and open a log report (DelFix.txt)
Note: The report can be located at the following location C:\DelFix.txt

 

 

Have a great day. :guitar:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users