Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

POP UP ADS ALL OVER


  • Please log in to reply
23 replies to this topic

#1 adse

adse

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 23 February 2016 - 10:34 AM

Hello, ive gotten alot of ads when i click on a simple youtube link. sometimes a add comes up insted fo the link. Even if i click on netflix it happends all the time. so am i infected or something? i want this to go away



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,103 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:58 AM

Posted 23 February 2016 - 11:05 AM

Welcome to BC...

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
  • Click the Remove Selected button.
  • MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR  REVIEW.

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 adse

adse
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 23 February 2016 - 11:36 AM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 23.02.2016
Scan Time: 17:11
Logfile: LOOG.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2016.02.23.04
Rootkit Database: v2016.02.17.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: Adrian
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 434774
Time Elapsed: 8 min, 0 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 2
PUP.Optional.BrowseFox, C:\Program Files (x86)\albrechto\updatealbrechto.exe, 3980, Delete-on-Reboot, [ec34253fd1c81c1a622ffaae23de18e8]
PUP.Optional.BrowseFox, C:\Program Files (x86)\albrechto\bin\utilalbrechto.exe, 3992, Delete-on-Reboot, [d34d174d5841a88efb962b7df60b4eb2]
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 66
PUP.Optional.BrowseFox, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update albrechto, Quarantined, [ec34253fd1c81c1a622ffaae23de18e8], 
PUP.Optional.BrowseFox, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util albrechto, Quarantined, [d34d174d5841a88efb962b7df60b4eb2], 
PUP.Optional.BrowseFox, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{9e8f3dfc-4537-4391-a682-16d2636a7838}w64, Quarantined, [8997dc882c6d91a54a3c70a4e421f808], 
PUP.Optional.DefaultTab, HKLM\SOFTWARE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, Quarantined, [59c7a8bca0f95cda0e1c3d66946e629e], 
PUP.Optional.DefaultTab, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, Quarantined, [59c7a8bca0f95cda0e1c3d66946e629e], 
PUP.Optional.DefaultTab, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, Quarantined, [59c7a8bca0f95cda0e1c3d66946e629e], 
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [b66aea7af9a08ea86fec5e4112f0c23e], 
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [b66aea7af9a08ea86fec5e4112f0c23e], 
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, Quarantined, [b66aea7af9a08ea86fec5e4112f0c23e], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, Quarantined, [3de372f272270f2716664c3779892bd5], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, Quarantined, [3de372f272270f2716664c3779892bd5], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, Quarantined, [3de372f272270f2716664c3779892bd5], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, Quarantined, [3de372f272270f2716664c3779892bd5], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, Quarantined, [3de372f272270f2716664c3779892bd5], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, Quarantined, [3de372f272270f2716664c3779892bd5], 
PUP.Optional.Babylon, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, Quarantined, [7aa64123a4f56ccab32c475a9e64a957], 
PUP.Optional.Babylon, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}, Quarantined, [7aa64123a4f56ccab32c475a9e64a957], 
PUP.Optional.SnapDo, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, Quarantined, [cd53eb79b3e625114e1c059cf111ff01], 
PUP.Optional.SnapDo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, Quarantined, [cd53eb79b3e625114e1c059cf111ff01], 
PUP.Optional.LyricsAd, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{463B0ED4-8AFA-404B-90E7-4063A0708050}, Quarantined, [7aa65e060e8b5dd996fe2b59fc0614ec], 
PUP.Optional.DefaultTab, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}, Quarantined, [ca56095b7f1afe3834f8c1e26d9540c0], 
PUP.Optional.WebCake, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AF6B0594-6008-4327-93E5-608AD710A6FA}, Quarantined, [34ec3d271188a0965187e4c5db2727d9], 
PUP.Optional.LuckyTab, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, Quarantined, [e040e77d039613231b96455f43bf1be5], 
PUP.Optional.Vosteran, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\Vosteran.FTGHNVBMZ3E5QVQ4MX4MGKSGRY, Quarantined, [5ac6422291086dc9ebee8293cc3852ae], 
PUP.Optional.Vosteran, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\oilkkkefbalmbfppgjmgjoefbclebkce, Quarantined, [0c1498cc32676ccadcfe3cd90301e51b], 
PUP.Optional.Omniboxes.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [c060fc6804952f07c2e5646ab64dc63a], 
PUP.Optional.DefaultTab, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DTReg, Delete-on-Reboot, [0c1400640d8cbd79886323e1669d8080], 
PUP.Optional.Albrechto, HKLM\SOFTWARE\WOW6432NODE\albrechto, Quarantined, [a67a91d31287e056aaf52bae8b78f40c], 
PUP.Optional.Awesomehp.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\awesomehpSoftware, Quarantined, [3ce4e97bf7a276c06fa9f02ec83bc43c], 
PUP.Optional.ClickCaption, HKLM\SOFTWARE\WOW6432NODE\ClickCaption_1.10.0.5, Quarantined, [59c7352f63361e18f5935190d23113ed], 
PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\DataMngr, Quarantined, [cd538bd97e1b1323fb0ee57145bfb14f], 
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\delta-homesSoftware, Quarantined, [a37d145044555bdb17fdfa1a828151af], 
PUP.Optional.Omniboxes.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\omniboxesSoftware, Quarantined, [b76994d047528caa98d23ace887b58a8], 
PUP.Optional.Qvo6, HKLM\SOFTWARE\WOW6432NODE\qvo6Software, Quarantined, [120ee4803960d95d6908c3420df725db], 
PUP.Optional.SuperOptimizer, HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}, Quarantined, [3be5d1932c6de650437223ec25df57a9], 
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\Vosteran.FTGHNVBMZ3E5QVQ4MX4MGKSGRY, Quarantined, [4cd42d378c0d7cba6b6e1302fe0615eb], 
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ifohbjbgfchkkfhphahclmkpgejiplfo, Quarantined, [f828e4804554f4422232a64536cd8977], 
PUP.Optional.Albrecto, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nkopijddpkmggacdghppacglggodkcod, Quarantined, [2ff1c2a2bfdaee48c7dae1f82bd828d8], 
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\oilkkkefbalmbfppgjmgjoefbclebkce, Quarantined, [ed33451f772286b024b63dd8758fbd43], 
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\vosteran.exe, Quarantined, [8f912c382772b6800cd00c09a85c46ba], 
PUP.Optional.IEPluginServices, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginService, Quarantined, [2000451fcbce6cca87da8271739057a9], 
PUP.Optional.IEPluginServices, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, Quarantined, [c8585e0668310531b1b1e90aaa592bd5], 
PUP.Optional.WindowsMangerProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, Quarantined, [28f83e265a3f8caadc701602e2223bc5], 
PUP.Optional.DefaultTab, HKU\S-1-5-18\SOFTWARE\DefaultTab, Quarantined, [859b095ba8f151e5be0bd90fbc4720e0], 
PUP.Optional.SuperOptimizer, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, Quarantined, [5ec28cd8465360d63e7253bcfc0805fb], 
PUP.Optional.DefaultTab, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\DefaultTab, Quarantined, [c45c8cd8f3a6d95d3b8cc52351b2c040], 
PUP.Optional.MySearchResults, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BA3105F3-855B-45CB-BFF2-64FA9CC78E09}, Quarantined, [fd23f56f0594d264c7e71be37b888f71], 
PUP.Optional.Albrechto, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\albrechto, Quarantined, [fd23333171280a2c227ce4f5f3108878], 
PUP.Optional.DataMngr.AppFlsh, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\DataMngr, Quarantined, [39e796ceaaefd066d82ffd59ea1aba46], 
PUP.Optional.FileScout, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\FileScout, Quarantined, [c957bba93b5e2c0ae631925b5aa9ef11], 
PUP.Optional.InstallCore, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\InstallCore, Quarantined, [c35d97cd1386d75f10d805efb44f12ee], 
PUP.Optional.SearchProtect.AppFlsh, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\SearchProtectWS, Quarantined, [51cfec783564d561c965fc5ac53f0af6], 
PUP.Optional.TNT, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\TNT2, Quarantined, [5cc463018f0a10262d50dc36ea1a4ab6], 
PUP.Optional.Vosteran, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\Vosteran Browser, Quarantined, [cd53e77d51480b2b1eb544d1cf352cd4], 
PUP.Optional.SuperOptimizer, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, Quarantined, [8c948cd8cacf45f1af01f916b2526d93], 
PUP.Optional.Babylon, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\BABSOLUTION\Redir, Quarantined, [52cefd67d9c03006d34ed3086e95946c], 
PUP.Optional.Babylon, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\BABSOLUTION\Updater, Quarantined, [50d0e87c7e1b9d9952d05a81da294eb2], 
PUP.Optional.Vosteran, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\oilkkkefbalmbfppgjmgjoefbclebkce, Quarantined, [d848481c76235dd98351b0653cc87c84], 
PUP.Optional.Trovi, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Quarantined, [9789065e455441f5e46537dce024e818], 
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [041c590bb1e8f046a62b29ddee154ab6], 
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1E9B899B-0842-4F1F-BEB0-45DB32437350}, Quarantined, [56cad490bddcb77f9a37a5619073827e], 
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{632F07F3-19A1-4D16-A23F-E6CE9486BAB5}, Quarantined, [aa765d07aeebf4428f42a85e020132ce], 
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}, Quarantined, [bc64461e5f3ab87e9041ee1858abfd03], 
PUP.Optional.OutBrowse, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\OB, Quarantined, [78a82e3684156fc75b992ad645bfc33d], 
PUP.Optional.SearchProtect.AppFlsh, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\SEARCHPROTECTINT, Quarantined, [57c9055f04952016dc50094da55fce32], 
PUP.Optional.SnapDo, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\SMARTBAR, Quarantined, [44dca9bbf3a6ae88603c44c864a0c739], 
 
Registry Values: 27
PUP.Optional.Omniboxes.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.omniboxes.com/web/?type=ds&ts=1428708432&from=amt&uid=SamsungXSSDX840XSeries_S14CNSAD229023A&q={searchTerms}, Quarantined, [c060fc6804952f07c2e5646ab64dc63a]
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, Quarantined, [7ea2046049502d094c5815fcc43ff10f]
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Vosteran\\, Quarantined, [ab7586de386173c33f39824a857e35cb]
PUP.Optional.SnapDo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, http://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=NO&userid=b22a85c6-5d98-4dce-b8ad-0461bd9fe243&searchtype=ds&q={searchTerms}&installDate=04/07/2013, Quarantined, [74ac471de6b37db9306eba529d67e818]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, Quarantined, [051b5f05c0d9171f495b1af75aa9b947]
PUP.Optional.MBot, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mbot_no_156, Quarantined, [38e8abb94b4ecb6bcf4eb841ee15e917], 
PUP.Optional.MySearchResults, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BA3105F3-855B-45CB-BFF2-64FA9CC78E09}|URL, http://www.mysearchresults.com/search?c=2402&t=15&q={searchTerms}, Quarantined, [fd23f56f0594d264c7e71be37b888f71]
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, Quarantined, [2ef2541016831d19c60b12f49a69f20e]
PUP.Optional.SnapDo, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|TopResultURL, http://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=NO&userid=b22a85c6-5d98-4dce-b8ad-0461bd9fe243&searchtype=ds&q={searchTerms}&installDate=04/07/2013, Quarantined, [e33dfb69574285b17921729a9e662bd5]
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, Quarantined, [53cdd3913a5fe74f0ac7877f02014bb5]
PUP.Optional.Conduit, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|SuggestionsURL_JSON, http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}, Quarantined, [d749f470e0b981b5e7222fb4f90a24dc]
PUP.Optional.Trovi, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|DisplayName, Trovi, Quarantined, [77a9154f8415a690f355aa692fd50af6]
PUP.Optional.Trovi, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|TopResultURL, http://www.trovi.com/Results.aspx?gd=&ctid=CT3334334&octid=EB_ORIGINAL_CTID&ISID=M2DEF0B6C-F39F-4B75-AC3E-2C176255262B&SearchSource=58&CUI=&UM=8&UP=SP66296687-BFC4-4827-9BBE-FBB24D1955C2&q={searchTerms}&D=041115&SSPV=, Quarantined, [75ab9ec65742300635134ac9fd07629e]
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, Quarantined, [041c590bb1e8f046a62b29ddee154ab6]
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, Quarantined, [021e0d57d0c984b2953c2cda62a1d12f]
PUP.Optional.Babylon, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|FaviconURL, search.babylon.com/favicon.ico, Quarantined, [44dcec78e5b40630d3516774f40fc33d]
PUP.Optional.Delta.ShrtCln, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|TopResultURL, http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CA5360A44C82C075&affID=119357&tsp=4995, Quarantined, [4dd341238f0ac57116b1319d21e2d729]
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1E9B899B-0842-4F1F-BEB0-45DB32437350}|URL, http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, Quarantined, [56cad490bddcb77f9a37a5619073827e]
PUP.Optional.MySearchResults, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1E9B899B-0842-4F1F-BEB0-45DB32437350}|TopResultURL, http://www.mysearchresults.com/search?c=2402&t=15&q={searchTerms}, Quarantined, [d848d78dfc9d1a1ca905de20020146ba]
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}|URL, http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, Quarantined, [aa765d07aeebf4428f42a85e020132ce]
PUP.Optional.DoSearch.ShrtCln, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}|URL, http://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, Quarantined, [bc64461e5f3ab87e9041ee1858abfd03]
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, http://stop-block.org/wpad.dat?998206b59362a9ce0cc15c093b6094936215992, Quarantined, [68b877ed6c2d7cbad7c2cd99c83c7b85]
PUP.Optional.OutBrowse, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\OB|monitype2, 3/24/14 21:55:37, Quarantined, [78a82e3684156fc75b992ad645bfc33d]
PUP.Optional.OutBrowse, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\OB|monitype3, 3/24/14 21:55:37, Quarantined, [68b82e36782137ff18dcc040c63e8779]
PUP.Optional.OutBrowse, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\OB|monitype6, 3/24/14 21:56:4, Quarantined, [839d0c582376c2747d77f90752b21ce4]
PUP.Optional.SearchProtect.AppFlsh, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\SEARCHPROTECTINT|Install, 1, Quarantined, [57c9055f04952016dc50094da55fce32]
PUP.Optional.SnapDo, HKU\S-1-5-21-167295221-2484954193-1166676352-1002\SOFTWARE\SMARTBAR|publisher, SnapdoGOblidooYB, Quarantined, [44dca9bbf3a6ae88603c44c864a0c739]
 
Registry Data: 6
PUP.Optional.Omniboxes.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.omniboxes.com/web/?type=ds&ts=1428708432&from=amt&uid=SamsungXSSDX840XSeries_S14CNSAD229023A&q={searchTerms}, Good: (www.google.com), Bad: (http://www.omniboxes.com/web/?type=ds&ts=1428708432&from=amt&uid=SamsungXSSDX840XSeries_S14CNSAD229023A&q={searchTerms}),Replaced,[9b85da8af8a16ec884b06092e2226a96]
PUP.Optional.Omniboxes.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.omniboxes.com/web/?type=ds&ts=1428708432&from=amt&uid=SamsungXSSDX840XSeries_S14CNSAD229023A&q={searchTerms}, Good: (www.google.com), Bad: (http://www.omniboxes.com/web/?type=ds&ts=1428708432&from=amt&uid=SamsungXSSDX840XSeries_S14CNSAD229023A&q={searchTerms}),Replaced,[22febaaa663337ffab897b7729db0bf5]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[a080d193a0f92e088f01a64ba85c60a0]
PUP.Optional.MySearchResults, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.mysearchresults.com/?c=2402&t=15, Good: (www.google.com), Bad: (http://www.mysearchresults.com/?c=2402&t=15),Replaced,[34ec4321aeebf640119b3cb5cc388a76]
 
Folders: 16
PUP.Optional.Awesomehp.ShrtCln, C:\Users\Adrian\AppData\Roaming\awesomehp, Quarantined, [8997c79dbcdd7cbaa06cde4013f044bc], 
PUP.Optional.Awesomehp.ShrtCln, C:\Users\Adrian\AppData\Roaming\awesomehp\log, Quarantined, [8997c79dbcdd7cbaa06cde4013f044bc], 
PUP.Optional.ConvertAd.Gen, C:\Users\Adrian\AppData\Roaming\00000000-1428708409-0000-0000-D43D7E35E5D1, Quarantined, [6cb4ed77b0e9cd69df6ecd02bf4412ee], 
PUP.Optional.OptimizerPro, C:\Users\Adrian\Documents\Optimizer Pro, Quarantined, [70b0a2c27f1a043286441ee2cd3754ac], 
PUP.Optional.Delta.ShrtCln, C:\Users\Adrian\AppData\LocalLow\Delta\delta, Quarantined, [f7297aea35643bfba40960688c7614ec], 
PUP.Optional.Betcat, C:\Users\Adrian\AppData\Roaming\Betcat, Quarantined, [9d83a1c37a1fec4abc5e9339c53dff01], 
PUP.Optional.Betcat, C:\Users\Adrian\AppData\Roaming\Betcat\dat, Quarantined, [9d83a1c37a1fec4abc5e9339c53dff01], 
PUP.Optional.Betcat, C:\Users\Adrian\AppData\Roaming\Betcat\dat\update, Quarantined, [9d83a1c37a1fec4abc5e9339c53dff01], 
PUP.Optional.IEPluginService, C:\ProgramData\IePluginService, Quarantined, [c957f96bd9c043f3acce736b8d75d12f], 
PUP.Optional.IEPluginService, C:\ProgramData\IePluginService\update, Quarantined, [c957f96bd9c043f3acce736b8d75d12f], 
PUP.Optional.IEPluginServices, C:\ProgramData\IePluginServices, Quarantined, [9f81e87c287193a30a7118c6877bfb05], 
PUP.Optional.IEPluginServices, C:\ProgramData\IePluginServices\update, Quarantined, [9f81e87c287193a30a7118c6877bfb05], 
PUP.Optional.Albrechto, C:\Program Files (x86)\albrechto, Delete-on-Reboot, [0818362e3366d75f7e75d41e26dc629e], 
PUP.Optional.Albrechto, C:\Program Files (x86)\albrechto\bin, Delete-on-Reboot, [0818362e3366d75f7e75d41e26dc629e], 
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer, Quarantined, [f927d88cf9a01125633b3fb82ed4fa06], 
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}, Quarantined, [f927d88cf9a01125633b3fb82ed4fa06], 
 
Files: 32
PUP.Optional.BrowseFox, C:\Program Files (x86)\albrechto\updatealbrechto.exe, Delete-on-Reboot, [ec34253fd1c81c1a622ffaae23de18e8], 
PUP.Optional.BrowseFox, C:\Program Files (x86)\albrechto\bin\utilalbrechto.exe, Delete-on-Reboot, [d34d174d5841a88efb962b7df60b4eb2], 
PUP.Optional.BrowseFox, C:\WINDOWS\System32\drivers\{9e8f3dfc-4537-4391-a682-16d2636a7838}w64.sys, Delete-on-Reboot, [8997dc882c6d91a54a3c70a4e421f808], 
PUP.Optional.APNToolBar, C:\Users\Adrian\Documents\APNSetup.exe, Quarantined, [2cf49cc832675bdbefd14fe96a979e62], 
RiskWare.FilePatcher, C:\Users\Adrian\Downloads\vegas.pro.13.0.(64-bit)-patch.rar, Quarantined, [e23e521278210333085c88f4a55cfe02], 
PUP.Optional.MoboGenie, C:\Users\Adrian\Downloads\mobogeniemini_1002_10006.exe, Quarantined, [9d836ff5cbce80b63a2abe227b86b54b], 
PUP.Optional.SofTonic, C:\Users\Adrian\Downloads\SoftonicDownloader_for_macromaker.exe, Quarantined, [849c253ff7a283b30f090f1c2fd156aa], 
Exploit.Aluigi, C:\Users\Adrian\Downloads\tspeakfp.zip, Quarantined, [b26e88dcb0e9a3939f3ab3e6a55b7c84], 
RiskWare.Injector.DC, C:\Users\Adrian\Downloads\lick hack 2.0.rar, Quarantined, [c06073f17b1ed3634fb86dc1ee13f50b], 
RiskWare.Injector.DC, C:\Users\Adrian\Downloads\Lick Hack v1.8 (1).rar, Quarantined, [968a68fc40590c2a21e6e24c2ed3b947], 
RiskWare.Injector.DC, C:\Users\Adrian\Downloads\Lick Hack v1.8.rar, Quarantined, [35eb1b49f1a8270fbf485ad414ed6a96], 
PUP.Optional.Malavida, C:\Users\Adrian\Downloads\download-microsoft-word.exe, Quarantined, [44dce3811a7f0135076c7f4ab44ce41c], 
RiskWare.Injector.DC, C:\Users\Adrian\Downloads\Extreme-Injector.rar, Quarantined, [dc44b9abafeade58b45352dc15ecdd23], 
PUP.Optional.DefaultTab, C:\WINDOWS\System32\Tasks\DTReg, Quarantined, [bc64343070298fa741a52ada45bef808], 
PUP.Optional.Salus.PrxySvrRST, C:\WINDOWS\System32\drivers\salus.sys, Quarantined, [57c9e08440591026fc4fdf33b1526898], 
PUP.Optional.Awesomehp.ShrtCln, C:\Users\Adrian\AppData\Roaming\awesomehp\33.json, Quarantined, [8997c79dbcdd7cbaa06cde4013f044bc], 
PUP.Optional.Awesomehp.ShrtCln, C:\Users\Adrian\AppData\Roaming\awesomehp\awesomehp.exe, Quarantined, [8997c79dbcdd7cbaa06cde4013f044bc], 
PUP.Optional.Awesomehp.ShrtCln, C:\Users\Adrian\AppData\Roaming\awesomehp\DataBase, Quarantined, [8997c79dbcdd7cbaa06cde4013f044bc], 
PUP.Optional.Awesomehp.ShrtCln, C:\Users\Adrian\AppData\Roaming\awesomehp\log\awesomehp.LOG, Quarantined, [8997c79dbcdd7cbaa06cde4013f044bc], 
PUP.Optional.ConvertAd.Gen, C:\Users\Adrian\AppData\Roaming\00000000-1428708409-0000-0000-D43D7E35E5D1\vnsnDB2.tmp, Quarantined, [6cb4ed77b0e9cd69df6ecd02bf4412ee], 
PUP.Optional.ConvertAd.Gen, C:\Users\Adrian\AppData\Roaming\00000000-1428708409-0000-0000-D43D7E35E5D1\Uninstall.exe, Quarantined, [6cb4ed77b0e9cd69df6ecd02bf4412ee], 
PUP.Optional.BProtector, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data, Quarantined, [a37dbba9d2c7da5c0146548903005ca4], 
PUP.Optional.NewTab, C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx, Quarantined, [0e12194be3b667cf8bd9d926d62d7888], 
PUP.Optional.OptimizerPro, C:\Users\Adrian\Documents\Optimizer Pro\CookiesException.txt, Quarantined, [70b0a2c27f1a043286441ee2cd3754ac], 
PUP.Optional.Betcat, C:\Users\Adrian\AppData\Roaming\Betcat\PlugIns.cache, Quarantined, [9d83a1c37a1fec4abc5e9339c53dff01], 
PUP.Optional.IEPluginService, C:\ProgramData\IePluginService\update\conf, Quarantined, [c957f96bd9c043f3acce736b8d75d12f], 
PUP.Optional.IEPluginServices, C:\ProgramData\IePluginServices\update\conf, Quarantined, [9f81e87c287193a30a7118c6877bfb05], 
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat, Quarantined, [f927d88cf9a01125633b3fb82ed4fa06], 
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe, Quarantined, [f927d88cf9a01125633b3fb82ed4fa06], 
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico, Quarantined, [f927d88cf9a01125633b3fb82ed4fa06], 
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll, Quarantined, [f927d88cf9a01125633b3fb82ed4fa06], 
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll, Quarantined, [f927d88cf9a01125633b3fb82ed4fa06], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 

# Updated 22/02/2016 by Xplode
# Database : 2016-02-22.2 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : Adrian - ADRIAN
# Running from : C:\Users\Adrian\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\ProgramData\Allmyapps
[-] Folder Deleted : C:\ProgramData\Babylon
[-] Folder Deleted : C:\ProgramData\WPM
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
[-] Folder Deleted : C:\Users\Adrian\mobogenieP2sp
[-] Folder Deleted : C:\Users\Adrian\AppData\Local\genienext
[-] Folder Deleted : C:\Users\Adrian\AppData\Local\Mobogenie
[-] Folder Deleted : C:\Users\Adrian\AppData\Roaming\WinZipper
[-] Folder Deleted : C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allmyapps
[-] Folder Deleted : C:\Users\Adrian\Documents\Mobogenie
 
***** [ Files ] *****
 
[-] File Deleted : C:\END
[-] File Deleted : C:\Users\Adrian\daemonprocess.txt
[-] File Deleted : C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogfjmhfnldnajmfaofeiaepghjenbgjo_0.localstorage
[-] File Deleted : C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pkndmigholgfjlniaohblojbhgjbkakn_0.localstorage
[-] File Deleted : C:\WINDOWS\SysNative\roboot64.exe
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
[-] Key Deleted : HKCU\Software\857dbdab36fe549
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\feocblgcojafilfbgoineopkngchgaei
[-] Key Deleted : HKCU\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{463B0ED4-8AFA-404B-90E7-4063A0708050}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\BABSOLUTION
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\FlvPlayer
[-] Key Deleted : HKLM\SOFTWARE\hdcode
[-] Key Deleted : HKLM\SOFTWARE\IePlugin
[-] Key Deleted : HKLM\SOFTWARE\winzipersvc
[-] Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [URL]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [SuggestionsURL_JSON]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DisplayName]
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : conduit.search
[-] [C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : vosteran.com
[-] [C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : adobe-photoshop-cs6-update.en.softonic.com
[-] [C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : omniboxes.com
[-] [C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : omniboxes
[-] [C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : windows-live-messenger.en.softonic.com
[-] [C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://www.omniboxes.com/webfavicon.ico
[-] [C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : feocblgcojafilfbgoineopkngchgaei
[-] [C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ifohbjbgfchkkfhphahclmkpgejiplfo
[-] [C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.delta-homes.com/?type=hp&ts=1432133368&z=ecef3029dc93fd7fa6e1630gaz5cfofgdc5cac9qem&from=wpm05203&uid=SamsungXSSDX840XSeries_S14CNSAD229023A
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [7126 bytes] - [23/02/2016 17:30:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [7148 bytes] - [23/02/2016 17:28:57]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7272 bytes] ##########
 

 



#4 buddy215

buddy215

  • Moderator
  • 13,103 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:58 AM

Posted 23 February 2016 - 12:34 PM

After you have posted the Eset Scan results, do this:

RESET GOOGLE CHROME

You can reset your browser settings in Chrome any time. You might need to do this if apps or extensions you installed changed your settings without your knowledge. Your saved bookmarks and passwords won't be cleared or changed.

  1. Open Chrome.
  2. In the top right, click the Chrome menu
  3. Click Settings.
  4. At the bottom, click Show advanced settings.
  5. Under the section "Reset settings,” click Reset settings.
  6. In the box that appears, click Reset.

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 adse

adse
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 23 February 2016 - 01:52 PM

Yes HKCU:Run Akamai NetSession Interface Akamai Technologies, Inc. "C:\Users\Adrian\AppData\Local\Akamai\netsession_win.exe"

Yes HKCU:Run Battle.net Blizzard Entertainment "C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe" --autostarted

Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

Yes HKCU:Run EADM Electronic Arts "F:\Origin\Origin.exe" -AutoStart

Yes HKCU:Run Facebook Update Facebook Inc. "C:\Users\Adrian\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

Yes HKCU:Run MoodEditor.exe Scendix Software-Vertriebsges. mbH "C:\Program Files (x86)\Pamela RichMood Editor\MoodEditor.exe"

Yes HKCU:Run OneDrive Microsoft Corporation "C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background

Yes HKCU:Run puush Dean Herbert C:\Program Files (x86)\puush\puush.exe

Yes HKCU:Run Skype Skype Technologies S.A. "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

Yes HKCU:Run Spotify Web Helper Spotify Ltd "C:\Users\Adrian\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

Yes HKLM:Run amd_dc_opt AMD C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

Yes HKLM:Run AvastUI.exe AVAST Software "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

Yes HKLM:Run FAStartup 

Yes HKLM:Run FATrayAlert 

Yes HKLM:Run GIZMO2 ants Inc. "C:\Program Files (x86)\GIZMO2\GIZMO.exe" -BootProcess

Yes HKLM:Run Launch LCore Logitech Inc. C:\Program Files\Logitech Gaming Software\LCore.exe /minimized

Yes HKLM:Run LogMeIn Hamachi Ui LogMeIn Inc. "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

Yes HKLM:Run NvBackend NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

Yes HKLM:Run Razer Synapse Razer Inc. "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"

Yes HKLM:Run RTHDVCPL Realtek Semiconductor C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s

Yes HKLM:Run ShadowPlay Microsoft Corporation "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

Yes HKLM:Run SL-6482 Gaming Keyboard  "C:\Program Files (x86)\SPEEDLINK\PARTHICA Core Gaming Keyboard\Monitor.exe"

Yes HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

Yes HKLM:Run USB3MON Intel Corporation "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

Yes Startup User Curse.lnk Curse, Inc C:\Users\Adrian\AppData\Roaming\Curse Client\Bin\Curse.exe



#6 buddy215

buddy215

  • Moderator
  • 13,103 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:58 AM

Posted 23 February 2016 - 02:43 PM

What about the Junkware Removal Tool and Eset online scanner results?


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 adse

adse
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 23 February 2016 - 03:28 PM

i think my junkware Removal Tool is broken http://puu.sh/niQbU/cafc31fdb2.png 



#8 buddy215

buddy215

  • Moderator
  • 13,103 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:58 AM

Posted 23 February 2016 - 04:14 PM

What happened when you pressed any key to continue? Try that...a piece of malware or you may be blocking 

the creation of restore points.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 adse

adse
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 24 February 2016 - 06:53 AM

It just nothing happends



#10 buddy215

buddy215

  • Moderator
  • 13,103 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:58 AM

Posted 24 February 2016 - 07:32 AM

Have you tried doing the Eset Online scan?

 

Did you disable Avast program before attempting a scan with JRT?

How to Disable (Turn Off, Stop) Avast Antivirus 2016


Edited by buddy215, 24 February 2016 - 07:36 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#11 adse

adse
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 24 February 2016 - 10:23 AM

Here is Junkware removal 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.0.3 (02.09.2016)

Operating System: Windows 10 Home x64 

Ran by Adrian (Administrator) on 24.02.2016 at 16:21:37,60

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

File System: 0 

 

 

 

 

Registry: 0 

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 24.02.2016 at 16:22:42,35

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#12 buddy215

buddy215

  • Moderator
  • 13,103 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:58 AM

Posted 24 February 2016 - 11:14 AM

Are you running the Eset scan now?

 

You posted the Windows Startups.....after Eset finishes please post the list of Installed programs and Scheduled Tasks

as requested in my post #4.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#13 adse

adse
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 26 February 2016 - 01:06 AM

Installed programms 

 

 

 

Adobe Acrobat Reader DC - Norsk Adobe Systems Incorporated 18.02.2016 579 MB 15.010.20059

Adobe AIR Adobe Systems Incorporated 15.02.2016 23,6 MB 20.0.0.260

Adobe Flash Player 20 NPAPI Adobe Systems Incorporated 10.02.2016 8,40 MB 20.0.0.306

Adobe Flash Player 20 PPAPI Adobe Systems Incorporated 10.02.2016 18,7 MB 20.0.0.306

Adobe Help Manager Adobe Systems Incorporated 04.11.2015 1,75 MB 4.0.244

Adobe Photoshop CS6 version 13.0.1 Adobe Systems, Inc. 09.11.2015 176 MB 13.0.1

Adobe Shockwave Player 12.2 Adobe Systems, Inc. 01.12.2015 35,6 MB 12.2.1.171

AdVenture Capitalist Hyper Hippo Games 11.12.2015 189 MB

Akamai NetSession Interface Akamai Technologies, Inc 23.02.2016

America's Army: Proving Grounds U.S. Army 15.02.2016 9,61 GB

Archeblade CodeBrush Games 29.01.2016 1,25 GB

Arma 3 Bohemia Interactive 01.12.2015 24,0 GB

AutoIt v3.3.8.1 AutoIt Team 04.11.2015

Avast Free Antivirus AVAST Software 17.02.2016 1,83 GB 11.1.2245

Battle.net Blizzard Entertainment 04.11.2015 661 MB

BattlEye for OA Uninstall 04.11.2015

CCleaner Piriform 04.11.2015 15,1 MB 5.03

Counter-Strike: Global Offensive Valve 29.01.2016 17,0 GB

Counter-Strike: Source Valve 15.02.2016 4,87 GB

CPUID HWMonitor 1.28 20.11.2015 2,90 MB

Curse Curse 27.10.2014 255 MB 6.0.0.0

Curse Client Curse 23.02.2016 5.1.1.844

Defraggler Piriform 04.11.2015 12,9 MB 2.19

Dota 2 Valve 28.01.2016

Dual-Core Optimizer AMD 29.06.2013 1,10 MB 1.1.4.0169

Emily is Away Kyle Seeley 29.01.2016 60,1 MB

Endless Sky Michael Zahniser 29.01.2016 47,0 MB

Facebook Video Calling 3.1.0.521 Skype Limited 15.09.2014 12,4 MB 3.1.521

FastAccess Sensible Vision 29.08.2014 59,1 MB 2.10.62.1

Firestorm-Releasex64 x64 The Phoenix Firestorm Project, Inc. 29.01.2016 583 MB 4.7.47975

Fraps (remove only) 04.11.2015

Futuremark SystemInfo Futuremark Corporation 15.06.2013 35,8 MB 4.15.0

Garry's Mod Facepunch Studios 31.01.2016 6,43 GB

GIZMO ants Inc. 01.11.2013 40,1 MB 3.21.4000

Google Chrome Google Inc. 19.03.2014 473 MB 48.0.2564.116

Google Drive Google, Inc. 28.01.2016 68,4 MB 1.27.1227.2094

Google Earth Plug-in Google 09.01.2014 116 MB 7.1.2.2041

Grand Theft Auto V Rockstar North 15.02.2016 64,0 GB

Guild Wars 2 NCsoft Corporation, Ltd. 04.11.2015

H1Z1 Daybreak Games 29.01.2016 6,79 GB

Hearthstone Blizzard Entertainment 04.11.2015 2,24 GB

Hotline Miami version v1.0 13.02.2015 515 MB v1.0

InstallShieldHiRezCurrent Hi-Rez Studios 29.09.2015 78,6 MB 3.0.0.0

Intel® Management Engine Components Intel Corporation 03.06.2013 9.0.0.1323

Intel® USB 3.0 eXtensible Host Controller Driver Intel Corporation 03.06.2013 1.0.8.251

Java 8 Update 73 Oracle Corporation 06.02.2016 227 MB 8.0.730.2

Java 8 Update 74 Oracle Corporation 15.02.2016 251 MB 8.0.740.2

LaCie Desktop Manager 1.5.5 LaCie 10.06.2013 13,7 MB 1.5.5

League of Legends Riot Games 04.11.2015 3.0.1

Left 4 Dead 2 Valve 29.01.2016 12,6 GB

Live! Cam Connect HD VF0750 Driver (1.01.01.00) Creative Technology Ltd. 04.11.2015

Logitech Gaming Software 8.50 Logitech Inc. 04.11.2015 83,0 MB 8.50.281

LogMeIn Hamachi LogMeIn, Inc. 11.12.2015 5,28 MB 2.2.0.410

Microsoft ASP.NET MVC 4 Runtime Microsoft Corporation 19.10.2014 2,47 MB 4.0.40804.0

Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 27.06.2013 31,3 MB 3.5.92.0

Microsoft Games for Windows Marketplace Microsoft Corporation 19.11.2013 8,87 MB 3.5.50.0

Microsoft Office Klikk og bruk 2010 Microsoft Corporation 01.12.2015 2,57 MB 14.0.4763.1004

Microsoft Office Starter 2010 - norsk Microsoft Corporation 04.11.2015 14.0.5128.5002

Microsoft Silverlight Microsoft Corporation 14.01.2016 447 MB 5.1.41212.0

Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 19.03.2013 5,21 MB 3.1.0000

Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 24.12.2014 38,7 MB 8.0.59193

Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 24.01.2015 39,0 MB 8.0.61000

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 19.03.2013 9,96 MB 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 03.06.2013 9,95 MB 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 19.03.2013 9,14 MB 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 15.12.2014 3,43 MB 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 19.03.2013 3,43 MB 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 03.06.2013 3,42 MB 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 19.03.2013 2,79 MB 9.0.30729.6161

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Corporation 09.11.2013 26,4 MB 10.0.40219

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Corporation 13.02.2015 18,1 MB 10.0.40219

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 04.11.2015 20,5 MB 11.0.61030.0

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 04.11.2015 17,3 MB 11.0.61030.0

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 20.01.2016 20,5 MB 12.0.30501.0

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 20.01.2016 17,1 MB 12.0.30501.0

Microsoft XNA Framework Redistributable 4.0 Refresh Microsoft Corporation 08.04.2014 21,8 MB 4.0.30901.0

Minecraft Mojang 17.07.2015 2,07 GB 1.0.3.0

MSI Afterburner 4.1.1 MSI Co., LTD 20.11.2015 4.1.1

Mumble 1.2.5 Thorvald Natvig 09.03.2014 2,12 GB 1.2.5

NCSOFT Game Launcher NCSOFT 29.01.2016 26,4 MB

Nexus Mod Manager Black Tree Gaming 09.06.2015 23,1 MB 0.55.3

No More Room in Hell No More Room in Hell Team 29.01.2016 8,49 GB

Nosgoth Psyonix 15.02.2016 6,31 GB

NVIDIA 3D Vision-driver 361.91 NVIDIA Corporation 16.02.2016 31,7 MB 361.91

NVIDIA Driver for HD-lyd 1.3.34.4 NVIDIA Corporation 16.02.2016 8,44 MB 1.3.34.4

NVIDIA Driver til 3D Vision-kontroller 352.65 NVIDIA Corporation 16.02.2016 12,9 MB 352.65

NVIDIA GeForce Experience 2.10.1.2 NVIDIA Corporation 29.01.2016 31,0 MB 2.10.1.2

NVIDIA Grafikkdriver 361.91 NVIDIA Corporation 16.02.2016 551 MB 361.91

NVIDIA PhysX systemprogramvare 9.15.0428 NVIDIA Corporation 29.05.2015 348 MB 9.15.0428

OCCT 4.4.0 Ocbase.com 04.11.2015 4.4.0

OpenAL 04.11.2015

Origin Electronic Arts, Inc. 31.01.2016 235 MB 9.5.12.2862

Pamela RME 2.0 Scendix Software-Vertriebsges. mbH 04.11.2015 2.0

PARTHICA Core Gaming Keyboard Driver SPEEDLINK 23.07.2014 18,1 MB 1.0

Portal 2 Valve 29.01.2016 11,4 GB

PunkBuster Services Even Balance, Inc. 04.11.2015 0.993

puush Dean Herbert 27.07.2013 2,07 GB 1.0.0.0

RaidCall raidcall.com 04.11.2015 7.3.6-1.0.12972.94

Razer Synapse Razer Inc. 06.11.2015 73,9 MB 1.18.21.27748

Realtek High Definition Audio Driver Realtek Semiconductor Corp. 04.11.2015 37,0 MB 6.0.1.6873

Revo Uninstaller Pro 3.1.2 VS Revo Group, Ltd. 23.04.2015 35,5 MB 3.1.2

RivaTuner Statistics Server 6.3.0 Unwinder 20.11.2015 6.3.0

ROBLOX Player for Adrian ROBLOX Corporation 01.01.2016

ROBLOX Studio for Adrian ROBLOX Corporation 17.11.2014

Rocket League Psyonix 29.01.2016 3,01 GB

Rockstar Games Social Club Rockstar Games 02.02.2016 1.1.7.2

SecondLifeViewer Linden Research, Inc. 19.01.2016 117 MB 4.0.1.310054

Skype™ 7.17 Skype Technologies S.A. 12.01.2016 158 MB 7.17.105

Speedball 2 HD Vivid Games 04.11.2015 409 MB

SpeedFan (remove only) 04.11.2015

Spotify Spotify AB 20.02.2016 1.0.23.90.g42187855

StarCraft II Blizzard Entertainment 04.11.2015

Steam Valve Corporation 24.06.2013 56,9 MB 1.0.0.0

System Requirements Lab CYRI Husdawg, LLC 22.12.2013 33,2 MB 6.0.8.0

System Requirements Lab Detection Husdawg, LLC 05.11.2015 1,91 GB 6.1.6.0

Team Fortress 2 Valve 15.02.2016 17,0 GB

TeamSpeak 3 Client TeamSpeak Systems GmbH 23.02.2016 3.0.17

The Witcher: Enhanced Edition CD PROJEKT RED 01.12.2015 15,6 GB

TrackMania Nations Forever Nadeo 11.12.2015 727 MB

Unity Web Player Unity Technologies ApS 23.02.2016 12,0 MB

Uplay Ubisoft 04.11.2015 127 MB 2.0

Ventrilo Client for Windows x64 Flagship Industries, Inc. 14.01.2014 68,6 MB 3.0.8.0

VLC media player VideoLAN 04.11.2015 112 MB 2.2.1

Warframe Digital Extremes 29.01.2016 11,3 GB

Warhammer® 40,000™: Dawn of War® II – Retribution™ Relic Entertainment 04.11.2015

Windows Live Essentials Microsoft Corporation 19.03.2013 16.4.3505.0912

Windows-driverpakke - Advanced Micro Devices, Inc System  (03/16/2011 5.12.0.0015) Advanced Micro Devices, Inc 04.11.2015 03/16/2011 5.12.0.0015

Windows-driverpakke - AMD (amd_sata) HDC  (04/11/2012 1.2.001.0331) AMD 03.06.2013 04/11/2012 1.2.001.0331

Windows-driverpakke - AMD (amd_sata) HDC  (04/11/2012 1.2.001.0331) AMD 04.11.2015 04/11/2012 1.2.001.0331

Windows-driverpakke - Asmedia Technology (asahci64) hdc  (07/18/2012 1.3.8.000) Asmedia Technology 04.11.2015 07/18/2012 1.3.8.000

Windows-driverpakke - ASUS (BCM43XX) Net  (11/21/2012 6.30.95.26) ASUS 04.11.2015 11/21/2012 6.30.95.26

Windows-driverpakke - Intel (MEIx64) System  (12/17/2012 9.0.0.1287) Intel 04.11.2015 12/17/2012 9.0.0.1287

Windows-driverpakke - Intel Corporation (iaStorA) HDC  (12/11/2012 11.7.1.1001) Intel Corporation 04.11.2015 12/11/2012 11.7.1.1001

Windows-driverpakke - Intel hdc  (02/25/2013 9.3.0.1027) Intel 04.11.2015 02/25/2013 9.3.0.1027

Windows-driverpakke - Intel System  (02/25/2013 9.3.0.1027) Intel 03.06.2013 02/25/2013 9.3.0.1027

Windows-driverpakke - Intel System  (02/25/2013 9.3.0.1027) Intel 04.11.2015 02/25/2013 9.3.0.1027

Windows-driverpakke - Intel System  (02/25/2013 9.3.0.1027) Intel 03.06.2013 02/25/2013 9.3.0.1027

Windows-driverpakke - Intel USB  (02/25/2013 9.3.0.1027) Intel 04.11.2015 02/25/2013 9.3.0.1027

Windows-driverpakke - Realtek (RTL8167) Net  (03/04/2013 7.069.0304.2013) Realtek 04.11.2015 03/04/2013 7.069.0304.2013

Windows-driverpakke - Realtek (RTL8167) Net  (12/26/2012 7.067.1226.2012) Realtek 04.11.2015 12/26/2012 7.067.1226.2012

Windows-driverpakke - Realtek Semiconductor Corp. HD Audio Driver (03/29/2013 6.0.1.6873) Realtek Semiconductor Corp. 04.11.2015 03/29/2013 6.0.1.6873

Windows-driverpakke - Realtek Semiconductor Corp. HD Audio Driver (06/19/2012 6.0.1.6662) Realtek Semiconductor Corp. 04.11.2015 06/19/2012 6.0.1.6662

WinRAR 5.21 (64-bit) win.rar GmbH 04.11.2015 4,93 MB 5.21.0

World of Warcraft Blizzard Entertainment 29.01.2016 61,6 GB

Worms Armageddon Team17 Digital Ltd 01.12.2015 520 MB

Worms Revolution Team17 Digital Ltd 01.12.2015 1,59 GB

Wuala LaCie 23.02.2016 1.0.391.0

Wuala CBFS LaCie 04.11.2015 1,74 MB 3.2.102.0

Wuala OverlayIcons LaCie 04.11.2015 1,01 MB 1.0.0.1



#14 buddy215

buddy215

  • Moderator
  • 13,103 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:08:58 AM

Posted 26 February 2016 - 06:27 AM

Please run a scan using the Eset Online Scanner and post the results. I keep asking for this but you

have not responded. VERY IMPORTANT!

 

Please post the Scheduled Tasks using CCleaner. I keep asking for this but you have not posted it.

Thanks for posting the list of installed programs.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#15 adse

adse
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  

Posted 26 February 2016 - 08:07 PM

Scanning now, takes awhile tho






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users