Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 computer running very poorly, not sure what is wrong exactly


  • Please log in to reply
6 replies to this topic

#1 whermsherman

whermsherman

  • Members
  • 5 posts
  • OFFLINE
  •  

Posted 15 March 2016 - 07:38 PM

I apologize if this is the wrong forum to post this, due to not knowing the root of the problem, I was a bit unsure and had to guess.

 

I built my computer in July of 2013 and (after experiencing many BSODs, which this forum helped me fix), it has generally ran pretty well. However in the past few months (starting maybe in fall of last year), the speed of my computer has continually been dropping. Now, games are pretty much impossible, the computer lags with just 2 chrome windows (~7 tabs total), and a skype window are open. Restarting is a temporary fix, however not something I wish to do every hour. I've done a couple virus scans, with any malicious items being removed, yet the problem persists.

 

SPECS:

Motherboard: MSI Z77A-G45 LGA 1155 Intel Z77 HDMI SATA 6Gb/s USB 3.0 ATX Intel Motherboard with UEFI BIOS

Video Card: MSI N660 TF 2GD5/OC G-SYNC Support GeForce GTX 660 2GB 192-Bit GDDR5 PCI Express 3.0 x16 HDCP Ready SLI Support Video Card

Power source: Antec EarthWatts EA-650 GREEN 650W ATX12V v2.3 SLI Ready CrossFire Certified 80 PLUS BRONZE Certified Active PFC Power Supply

Processor: Intel Core i7-3770K

RAM: G.SKILL Ripjaws X Series 16GB (2 x 8GB) 240-Pin DDR3 SDRAM DDR3 1600 (PC3 12800) Desktop Memory Model F3-1600C9D-16GXM

Hard Drive: TOSHIBA PH3300U-1I72 3TB 7200 RPM 64MB Cache SATA 6.0Gb/s 3.5" Internal Hard Drive Retail Kit



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:44 PM

Posted 15 March 2016 - 08:42 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.



If you already have MBAM 2.0 installed:

  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


How to get logs:
(Export log to save as txt)


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.



(Copy to clipboard for pasting into forum replies or tickets)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit (MBAR) to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"


NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 whermsherman

whermsherman
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  

Posted 21 March 2016 - 05:21 PM

Sorry for the late reply, this was the first day I was able to make time to do this:
 
 
SECURITY CHECK:
 
 Results of screen317's Security Check version 1.014 --- 12/23/15  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 25  
 Java 8 Update 5  
 Java SE Development Kit 8 Update 5 
 Java version 32-bit out of Date! 
 Adobe Flash Player 21.0.0.182  
 Mozilla Firefox 37.0.1 Firefox out of Date!  
 Google Chrome (48.0.2564.116) 
 Google Chrome (49.0.2623.87) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 
 
FARBAR:
 
Farbar Service Scanner Version: 27-01-2016
Ran by Connor (administrator) on 21-03-2016 at 15:44:28
Running from "C:\Users\Connor\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****
 
MINITOOLBOX:
 
MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by Connor (administrator) on 21-03-2016 at 15:46:42
Running from "C:\Users\Connor\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: MS-7752 Manufacturer: MSI
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
========================= FF Proxy Settings: ============================== 
 
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add route prefix=255.255.255.255/32 interface="VirtualBox Host-Only Network-QoS Packet Scheduler-0000" nexthop=0.0.0.0 metric=1 publish=No
add route prefix=224.0.0.0/4 interface="VirtualBox Host-Only Network-QoS Packet Scheduler-0000" nexthop=0.0.0.0 metric=1 publish=No
add address name="VMware Network Adapter VMnet1" address=192.168.31.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet8" address=192.168.231.1 mask=255.255.255.0
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Connor-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : D4-3D-7E-B1-3F-88
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:4860:4860::8888(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::707d:8cab:ae5d:6dc4%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, March 21, 2016 3:00:36 PM
   Lease Expires . . . . . . . . . . : Tuesday, March 22, 2016 3:00:34 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 248790398
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-67-88-1A-D4-3D-7E-B1-3F-88
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter VMware Network Adapter VMnet1:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1
   Physical Address. . . . . . . . . : 00-50-56-C0-00-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d57:7584:bea6:7b40%17(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.31.1(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 385896534
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-67-88-1A-D4-3D-7E-B1-3F-88
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter VMware Network Adapter VMnet8:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8
   Physical Address. . . . . . . . . : 00-50-56-C0-00-08
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d060:36ed:2b47:8e94%18(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.231.1(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 402673750
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-67-88-1A-D4-3D-7E-B1-3F-88
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter VirtualBox Host-Only Network:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
   Physical Address. . . . . . . . . : 08-00-27-00-24-A4
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::303b:efbe:ced4:224e%19(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 419954727
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-67-88-1A-D4-3D-7E-B1-3F-88
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{017E3BE5-F937-465F-8194-087158FECDB4}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{B9BED54D-BF76-4717-B181-339826CDB509}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{CA96EE0F-C273-44D2-BE61-6B31E378755B}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{383DEB6A-3A98-4921-9BA1-D1290C06FFAD}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4002:c06::66
 173.194.219.101
 173.194.219.138
 173.194.219.113
 173.194.219.139
 173.194.219.102
 173.194.219.100
 
 
Pinging google.com [173.194.219.102] with 32 bytes of data:
Reply from 173.194.219.102: bytes=32 time=40ms TTL=41
Reply from 173.194.219.102: bytes=32 time=99ms TTL=41
 
Ping statistics for 173.194.219.102:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 40ms, Maximum = 99ms, Average = 69ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
 2001:4998:58:c02::a9
 2001:4998:44:204::a7
 206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=44ms TTL=50
Reply from 98.138.253.109: bytes=32 time=160ms TTL=50
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 44ms, Maximum = 160ms, Average = 102ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...d4 3d 7e b1 3f 88 ......Realtek PCIe GBE Family Controller
 17...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
 18...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
 19...08 00 27 00 24 a4 ......VirtualBox Host-Only Ethernet Adapter
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.3     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.3    276
      192.168.1.3  255.255.255.255         On-link       192.168.1.3    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.3    276
     192.168.31.0    255.255.255.0         On-link      192.168.31.1    276
     192.168.31.1  255.255.255.255         On-link      192.168.31.1    276
   192.168.31.255  255.255.255.255         On-link      192.168.31.1    276
     192.168.56.0    255.255.255.0         On-link      192.168.56.1    276
     192.168.56.1  255.255.255.255         On-link      192.168.56.1    276
   192.168.56.255  255.255.255.255         On-link      192.168.56.1    276
    192.168.231.0    255.255.255.0         On-link     192.168.231.1    276
    192.168.231.1  255.255.255.255         On-link     192.168.231.1    276
  192.168.231.255  255.255.255.255         On-link     192.168.231.1    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.56.1    276
        224.0.0.0        240.0.0.0         On-link      192.168.31.1    276
        224.0.0.0        240.0.0.0         On-link     192.168.231.1    276
        224.0.0.0        240.0.0.0         On-link       192.168.1.3    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.56.1    276
  255.255.255.255  255.255.255.255         On-link      192.168.31.1    276
  255.255.255.255  255.255.255.255         On-link     192.168.231.1    276
  255.255.255.255  255.255.255.255         On-link       192.168.1.3    276
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
  255.255.255.255  255.255.255.255         On-link        1
        224.0.0.0        240.0.0.0         On-link        1
===========================================================================
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 2001:4860:4860::/64      On-link
 11    276 2001:4860:4860::8888/128 On-link
 19    276 fe80::/64                On-link
 17    276 fe80::/64                On-link
 18    276 fe80::/64                On-link
 11    276 fe80::/64                On-link
 17    276 fe80::d57:7584:bea6:7b40/128
                                    On-link
 19    276 fe80::303b:efbe:ced4:224e/128
                                    On-link
 11    276 fe80::707d:8cab:ae5d:6dc4/128
                                    On-link
 18    276 fe80::d060:36ed:2b47:8e94/128
                                    On-link
  1    306 ff00::/8                 On-link
 19    276 ff00::/8                 On-link
 17    276 ff00::/8                 On-link
 18    276 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/21/2016 02:41:44 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7987
 
Error: (03/21/2016 02:41:44 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7987
 
Error: (03/21/2016 02:41:44 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/21/2016 02:41:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6989
 
Error: (03/21/2016 02:41:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6989
 
Error: (03/21/2016 02:41:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/21/2016 02:41:42 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5991
 
Error: (03/21/2016 02:41:42 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5991
 
Error: (03/21/2016 02:41:42 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/21/2016 02:41:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4992
 
 
System errors:
=============
Error: (03/21/2016 06:30:58 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
 
Error: (03/20/2016 02:17:15 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.215.2410.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.8.0204.00
 
Source Path: 4.8.0204.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (03/20/2016 02:17:15 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.215.2410.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.8.0204.00
 
Source Path: 4.8.0204.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (03/19/2016 08:04:22 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
 
Error: (03/18/2016 09:37:24 AM) (Source: nvlddmkm) (User: )
Description: \Device\000000c6Variable String to Large
 
Error: (03/18/2016 09:37:24 AM) (Source: nvlddmkm) (User: )
Description: \Device\000000c6NVRM: Graphics TEX Exception on (GPC 2, TPC 1):     TEX NACK / Page Fault
 
Error: (03/18/2016 09:37:24 AM) (Source: nvlddmkm) (User: )
Description: \Device\000000c6NVRM: Graphics TEX Exception on (GPC 2, TPC 1):     TEX LAYOUT
 
Error: (03/18/2016 09:37:24 AM) (Source: nvlddmkm) (User: )
Description: \Device\000000c6Variable String to Large
 
Error: (03/18/2016 09:37:24 AM) (Source: nvlddmkm) (User: )
Description: \Device\000000c6NVRM: Graphics TEX Exception on (GPC 2, TPC 1):     TEX NACK / Page Fault
 
Error: (03/18/2016 09:37:24 AM) (Source: nvlddmkm) (User: )
Description: \Device\000000c6NVRM: Graphics TEX Exception on (GPC 2, TPC 1):     TEX LAYOUT
 
 
Microsoft Office Sessions:
=========================
Error: (03/21/2016 02:41:44 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7987
 
Error: (03/21/2016 02:41:44 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7987
 
Error: (03/21/2016 02:41:44 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/21/2016 02:41:43 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6989
 
Error: (03/21/2016 02:41:43 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6989
 
Error: (03/21/2016 02:41:43 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/21/2016 02:41:42 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5991
 
Error: (03/21/2016 02:41:42 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5991
 
Error: (03/21/2016 02:41:42 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/21/2016 02:41:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4992
 
 
=========================== Installed Programs ============================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
3DMark (HKLM-x32\...\{F1A6C690-C12C-4E7A-B4BD-958678215418}) (Version: 1.1 - Futuremark)
5KPlayer 2.2 (HKLM-x32\...\5KPlayer_is1) (Version:  - DearMob, Inc.)
7 Days to Die - Alpha version 0.9.1 (HKLM-x32\...\{967E55B4-6DDD-4A2F-BFC7-07F1E327971E}_is1) (Version: 0.9.1 - The Fun Pimps LLC)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
8BitMMO (HKLM-x32\...\Steam App 250420) (Version:  - Archive Entertainment)
Acoustica Mixcraft 6 (HKLM-x32\...\Acoustica Mixcraft 6) (Version: b216 - Acoustica)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.1.181 - Adobe Systems Incorporated)
Adobe Dreamweaver CC (HKLM-x32\...\{00E094E1-A852-11E2-803D-ACEA632352B4}) (Version: 13 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.2.1 - Adobe Systems Incorporated)
Adobe Flash CS3 Professional (HKLM-x32\...\Adobe_c3c7fe8b09d497ab2b3fd91c9353390) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Flash CS3 Professional version CS3 (HKLM-x32\...\{9969874F-176B-4316-9867-55DBBEA11227}_is1) (Version: CS3 - Adobe Systems, Inc.)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Professional CC (HKLM-x32\...\{B56B95BF-7161-4166-8288-DB1BA9F6C9B8}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Adobe InDesign CC (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB6}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Muse (HKLM-x32\...\{9A554C9D-E12D-4205-8101-9F4337CD5673}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Muse (HKLM-x32\...\AdobeMuse) (Version: 6.0.751 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Prelude CC (HKLM-x32\...\{5D73C19B-BE10-44A6-96B2-A516756ED29F}) (Version: 2.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.1 - Adobe Systems Incorporated)
Amazing World (HKLM-x32\...\Steam App 293500) (Version:  - Ganz)
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 4.2.0.1281 - Amazon Services LLC)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Any Video Converter 5 5.0.3 (HKLM-x32\...\Any Video Converter 5_is1) (Version:  - Any-Video-Converter.com)
Any Video Converter Ultimate 5.8.0 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Aptana Studio 3 (HKLM-x32\...\Aptana Studio 3) (Version: 3.4.2 - Appcelerator, Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.5510 - Perfect World Entertainment)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (HKLM-x32\...\Steam App 219540) (Version:  - )
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Audials (HKLM-x32\...\{39DE26F8-C180-47F3-9CCC-6EE4B95DA93D}) (Version: 14.0.51000.0 - Audials AG)
Avid Effects (HKLM-x32\...\{A86F1158-A7F7-4E8C-98E3-88F4996E85EB}) (Version: 10.3 - Avid Technology, Inc.)
Avid HD Driver (x64) (HKLM\...\{658E112A-8776-4430-A275-D9248732DFB9}) (Version: 10.3 - Avid Technology, Inc.)
Avid Pro Tools (HKLM-x32\...\{8E60BB71-7EF3-42ED-9F10-AA041F25841A}) (Version: 10.3 - Avid Technology, Inc.)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.5.8897 - )
Bamboo Dock (HKLM-x32\...\{90DFD61B-8224-00C6-3D69-A983B60A394E}) (Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (HKLM-x32\...\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1) (Version: 4.1.0 - Wacom Europe GmbH) Hidden
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
BeamNG-Techdemo-0.3 (remove only) (HKCU\...\BeamNG-Techdemo-0.3) (Version:  - )
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Blacklight: Retribution (HKLM-x32\...\Steam App 209870) (Version:  - Zombie, Inc.)
Blender (HKLM\...\{EA3C8A99-1565-44FF-89FC-926CEEB623B5}) (Version: 2.75.1 - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.1.4057 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{981B38A6-E4D0-4D94-98C2-75AC645755F5}) (Version: 0.9.1.4057 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
Celtx (2.9.7) (HKLM-x32\...\Celtx (2.9.7)) (Version: 2.9.7 (en-US) - Greyfirst)
Chrome Remote Desktop Host (HKLM-x32\...\{EBFF2EA1-3944-4CA2-89FA-8B70C0058DD3}) (Version: 49.0.2623.40 - Google Inc.)
Corel Painter 13 - IPM (HKLM\...\{0B598D32-B873-4794-8F30-90C53CD562D7}) (Version: 13.1 - Corel Corporation) Hidden
Corel Painter 13 - IPM Content (HKLM\...\{9983025B-AA60-4CF3-9E6C-C48DB9CD2310}) (Version: 13.1 - Corel Corporation) Hidden
Corel Painter X3 (HKLM\...\_{EF449371-6B69-49C8-B789-76A0B0E3446B}) (Version: 13.0.1.920 - Corel Corporation)
Corona SDK (HKLM-x32\...\{370EFB73-17E8-42E3-8DEC-A3BE4A55DD67}) (Version: 14.0.2189 - Corona Labs)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Crafty 1.0.2 (HKLM-x32\...\Crafty_is1) (Version:  - Ryan Gregg)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
Defy Gravity (HKLM-x32\...\Steam App 96100) (Version:  - Fish Factory Games)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
DriverDoc (HKLM-x32\...\DriverDoc_is1) (Version: 1.52.1086.14425 - Solvusoft Corporation)
Dropbox (HKCU\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dxtory version 2.0.119 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.119 - Dxtory Software)
Express Rip (HKLM-x32\...\ExpressRip) (Version: 1.92 - NCH Software)
f.lux (HKCU\...\Flux) (Version:  - )
Fallout 3 (HKLM-x32\...\Steam App 22300) (Version:  - Bethesda Game Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
FormatFactory 3.1.1 (HKLM-x32\...\FormatFactory) (Version: 3.1.1 - Free Time)
Free Audio Converter version 5.0.56.128 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.56.128 - DVDVideoSoft Ltd.)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.4 - Ellora Assets Corporation)
Freemake YouTube To MP3 Boom (HKLM-x32\...\Freemake YouTube To MP3 Boom_is1) (Version: 1.0.3 - Ellora Assets Corporation)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.17.0 - Futuremark Corporation)
GameSalad Creator (HKLM-x32\...\{54398F55-5123-4FAA-9753-76E94AA77C20}) (Version: 0.10.5 - GameSalad)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
GIF Optimizer 2.0 (HKLM-x32\...\GIF Optimizer_is1) (Version:  - Leapic Software)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Chrome Canary (HKCU\...\Google Chrome SxS) (Version: 51.0.2686.0 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.22.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Gyazo 1.2.1 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc. & Toshiyuki Masui)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Hard Time  (HKLM-x32\...\Hard Time) (Version:  - MDickie)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Hitman: Sniper Challenge (HKLM-x32\...\Steam App 205930) (Version:  - IO Interactive)
HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{FB555BCF-9202-4886-9203-88C9A210D727}) (Version: 25.0.571.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Help (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{710D4D91-1924-4A6B-8659-9CDE02DC7207}) (Version: 25.0.571.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}) (Version: 5.002.007.004 - Hewlett-Packard)
IconHandler 64 bit (HKLM\...\{4E82E2E9-668B-4F8A-814A-78E163FCDBCD}) (Version: 2.0 - Corel Corporation) Hidden
ImageGrab 5.0.6 en (HKLM-x32\...\{FF990174-A68E-4B91-91C5-98C07785A62D}}_is1) (Version: 5.0.6 - Paul Glagla)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Insecticide Part 1 (HKLM-x32\...\Steam App 16710) (Version:  - Crackpot Entertainment)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel® Smart Connect Technology 3.0 x64 (HKLM\...\{DE788AD4-F7CE-4995-ADF8-56174A7B613C}) (Version: 3.0.41.1571 - Intel)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
InterActual Player (HKLM-x32\...\InterActual Player) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218005FF}) (Version: 8.0.50 - Oracle Corporation)
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java SE Development Kit 8 Update 5 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
JC2-MP version 0.0.14 (Build 481) (HKLM-x32\...\{7F12FECB-1D75-42D7-9074-D6FEA6D91E65}_is1) (Version: 0.0.14 (Build 481) - )
Jed's Half-Life Model Viewer 1.3.6 (HKLM-x32\...\Jed's Half-Life Model Viewer) (Version: 1.3.6 - wunderboy.org)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version:  - JC2-MP Team)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.25.20150529 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{4DE95ED9-0A29-4C4F-8463-35857CF9BA36}) (Version: 3.14.1 - LG Electronics)
License Support (HKLM\...\{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.) Hidden
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
LOOXIS Faceworx 1.0 (HKLM-x32\...\LOOXIS Faceworx_is1) (Version: 1.0.0.1 - LOOXIS GmbH)
M4VGear 5.1.5 (HKLM-x32\...\M4VGear_is1) (Version:  - M4VGear.com Inc.)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
MAGIX Speed burnR (MSI) (HKLM\...\{D6D57ABA-D2DB-4069-84A4-D39F24E275C5}) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{D6D57ABA-D2DB-4069-84A4-D39F24E275C5}) (Version: 7.0.2.6 - MAGIX AG)
MakeMKV v1.9.0 (HKLM-x32\...\MakeMKV) (Version: v1.9.0 - GuinpinSoft inc)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version:  - 4A Games)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40620.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSI Afterburner 2.3.0 (HKLM-x32\...\Afterburner) (Version: 2.3.0 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MultiBit 0.5.15 (HKLM-x32\...\MultiBit 0.5.15) (Version: 0.5.15 - )
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
Nero MediaHome Free (HKLM-x32\...\{BB842C3B-B4B1-4586-BED1-C5F07ABB0E09}) (Version: 16.0.01700 - Nero AG)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Graphics Driver 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenBEXI (HKLM-x32\...\OpenBEXI 4.1) (Version: 4.1 - OpenBEXI)
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Painter 13 - Contentx64 (HKLM\...\{A16926CB-C4BF-4FC9-8F99-200236731FCA}) (Version: 13.1 - Corel Corporation) Hidden
Painter 13 - Core (HKLM\...\{B1EA198B-FF19-46C9-84DE-E2F3D11619ED}) (Version: 13.1 - Corel Corporation) Hidden
Painter 13 - Corex64 (HKLM\...\{DA929FB1-A118-4F6E-9AD6-729633E84805}) (Version: 13.0 - Corel Corporation) Hidden
Painter 13 - EN (HKLM\...\{61F6F8FC-C448-418E-BF14-8B272DFDD51B}) (Version: 13.1 - Corel Corporation) Hidden
Painter 13 - Setup Files (HKLM\...\{EF449371-6B69-49C8-B789-76A0B0E3446B}) (Version: 13.1 - Corel Corporation) Hidden
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )
Paramount Download Manager (HKCU\...\103487595.www.paramountmovies.com) (Version:  - www.paramountmovies.com)
PDF Settings (HKLM-x32\...\{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF Settings CC (HKLM-x32\...\{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
Perfect Effects 8 (HKLM-x32\...\Perfect Effects 8 PE) (Version: 8.5.1 - onOne Software)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.1.0 - Popcorn Time)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Prerequisite installer (HKLM-x32\...\{799AFA36-4EA5-4323-8689-74C06645A26B}) (Version: 16.0.0003 - Nero AG) Hidden
Prism Video File Converter (HKLM-x32\...\Prism) (Version:  - NCH Software)
Project 64 version 2.0.0.14 (HKLM-x32\...\Project 64_is1) (Version: 2.0.0.14 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Puzzle Agent - Puzzle Agent (HKLM-x32\...\Puzzle Agent) (Version: 1.0.0.0 - Telltale Games)
Puzzle Pirates (HKLM-x32\...\Steam App 99910) (Version:  - Three Rings)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6923 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Riffplayer 0.4.3 (HKLM-x32\...\Riffplayer) (Version: 0.4.3 - RVM)
Riot - Radical Image Optimization Tool (HKLM-x32\...\Riot) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Samplitude Music Studio 2013 (HKLM\...\{F604DBB7-4CBB-4ECB-9171-3E9A9C722679}) (Version: 19.0.0.15 - MAGIX AG) Hidden
Samplitude Music Studio 2013 (HKLM-x32\...\MAGIX_{F604DBB7-4CBB-4ECB-9171-3E9A9C722679}) (Version: 19.0.0.15 - MAGIX AG)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
School of Dragons: How to Train Your Dragon (HKLM-x32\...\Steam App 332070) (Version:  - JumpStart Games, Inc.)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version:  - 5th Cell Media)
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version:  - )
SharpKeys (HKLM-x32\...\{B6685367-A8AD-4414-A2A3-10B40EC5CF30}) (Version:  - )
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Sid Meier's Civilization IV (HKLM-x32\...\Steam App 3900) (Version:  - Firaxis Games)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version:  - Firaxis Games)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1807.0 - Hi-Rez Studios)
Snap.Do (HKLM-x32\...\{12D85DFB-576B-4643-A065-8FBB8B1F2EB1}) (Version: 1.72.1.12048 - ReSoft Ltd.)
Sniper Elite: Nazi Zombie Army (HKLM-x32\...\Steam App 227100) (Version:  - Rebellion)
Sniper Elite: Nazi Zombie Army 2 (HKLM-x32\...\Steam App 247910) (Version:  - )
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version:  - Valve)
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
Speccy (HKLM\...\Speccy) (Version: 1.23 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 1.0.1.1060.gc75ebdfd - Spotify AB)
Sqirlz Morph (HKLM-x32\...\Sqirlz Morph) (Version: 2.1 - xiberpix)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synthesia (HKLM-x32\...\Synthesia) (Version: 10.1 - Synthesia LLC)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TAG (HKCU\...\TAG) (Version:  - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Office (HKLM-x32\...\The Office) (Version: 1.1.0.0 - MumboJumbo)
Toon Boom Harmony 7.8 (HKLM-x32\...\{48AA8D74-0505-494F-AD0B-337A18AB66B3}) (Version: 7.8.1 - Toon Boom Animation)
Toon Boom Studio 6.0 (HKLM-x32\...\{FF7C8AA3-8753-4D82-838F-D4CBBCE1E129}) (Version:  - Toon Boom Animation Inc.)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
Tropico 3 - Steam Special Edition (HKLM-x32\...\Steam App 23490) (Version:  - Haemimont Games)
TunesKit for Windows 2.1.3.18 (HKLM-x32\...\TunesKit for Windows_is1) (Version:  - TunesKit, Inc.)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 5.2 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VMware Workstation (HKLM\...\{0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}) (Version: 10.0.2 - VMware, Inc.) Hidden
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.2 - VMware, Inc)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.2-1 - Wacom Technology Corp.)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WildTangent Updater (HKLM-x32\...\wcmdmgr.exe) (Version:  - )
WildTangent Web Driver (HKLM-x32\...\wtwebdriver) (Version:  - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.00 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.6 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only) (HKLM-x32\...\x264vfw64) (Version:  - )
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
XSplit Broadcaster (HKLM-x32\...\{781B7F3D-8107-4049-80C0-16FF46420184}) (Version: 1.3.1306.2101 - SplitMediaLabs)
Yet Another Zombie Defense (HKLM-x32\...\Steam App 270550) (Version:  - Awesome Games Studio)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 23%
Total physical RAM: 16331.34 MB
Available physical RAM: 12461.41 MB
Total Virtual: 32660.89 MB
Available Virtual: 25895.23 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:2047.9 GB) (Free:1110.58 GB) NTFS
2 Drive d: (HP DJ3050A_J611) (CDROM) (Total:0.23 GB) (Free:0 GB) CDFS
 
========================= Users: ========================================
 
User accounts for \\CONNOR-PC
 
96BF58C4943A42B28005     Administrator            Connor                   
Guest                    
 
========================= Restore Points ==================================
 
16-03-2016 13:06:33 Windows Update
20-03-2016 15:49:13 Windows Update
 
**** End of log ****
 
 
MALWARE BYTES:
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 3/21/2016
Scan Time: 3:57 PM
Logfile: MalB.txt
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.03.21.05
Rootkit Database: v2016.03.12.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Connor
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 455257
Time Elapsed: 33 min, 38 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 1
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{12D85DFB-576B-4643-A065-8FBB8B1F2EB1}, Quarantined, [2e3b0a804851ab8b6089028ede26649c], 
 
Registry Values: 1
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{12D85DFB-576B-4643-A065-8FBB8B1F2EB1}|DisplayName, Snap.Do, Quarantined, 
 
[2e3b0a804851ab8b6089028ede26649c]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
M-BAR LOG:
 
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
 
Database version:
  main:    v2016.03.21.06
  rootkit: v2016.03.12.01
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18097
Connor :: CONNOR-PC [administrator]
 
3/21/2016 4:39:02 PM
mbar-log-2016-03-21 (16-39-02).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 462220
Time elapsed: 27 minute(s), 21 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
SYSTEM LOG:
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
Account is Administrative
 
Internet Explorer version: 11.0.9600.18097
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.500000 GHz
Memory total: 17124651008, free: 11724046336
 
Downloaded database version: v2016.03.21.06
Downloaded database version: v2016.03.12.01
Downloaded database version: v2016.03.18.01
=======================================
Initializing...
------------ Kernel report ------------
     03/21/2016 16:38:53
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\DRIVERS\vmci.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vsock.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\iaStorA.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\Tpkd.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\SysWOW64\speedfan.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\DRIVERS\iaStorF.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\RrNetCapFilterDriver.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
\SystemRoot\system32\DRIVERS\VBoxDrv.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\ISCTD64.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\droidcamvideo.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\droidcam.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\drivers\anvsnddrv.sys
\SystemRoot\system32\drivers\tbhsd.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\VBoxNetAdp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\VBoxNetFlt.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\DRIVERS\vmnetadapter.sys
\SystemRoot\system32\DRIVERS\VMNET.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\MBfilt64.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\ikbevent.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\imsevent.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Program Files\Sandboxie\SbieDrv.sys
\SystemRoot\system32\DRIVERS\diginet.sys
\SystemRoot\system32\DRIVERS\vmnetbridge.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Windows\system32\drivers\hcmon.sys
\??\C:\Windows\system32\drivers\vmx86.sys
\??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
\SystemRoot\system32\DRIVERS\IntelHaxm.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\system32\drivers\npf.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Windows\system32\drivers\vmnetuserif.sys
\SystemRoot\SysWOW64\drivers\vstor2-mntapi20-shared.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\WPRO_41_2001.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\drivers\WudfPf.sys
\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
\??\C:\Windows\system32\drivers\mbam.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\??\C:\Windows\system32\drivers\mwac.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\iertutil.dll
\Windows\System32\wininet.dll
\Windows\System32\imm32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\normaliz.dll
\Windows\System32\difxapi.dll
\Windows\System32\nsi.dll
\Windows\System32\lpk.dll
\Windows\System32\urlmon.dll
\Windows\System32\comdlg32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\shlwapi.dll
\Windows\System32\sechost.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\usp10.dll
\Windows\System32\Wldap32.dll
\Windows\System32\gdi32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\msctf.dll
\Windows\System32\ole32.dll
\Windows\System32\user32.dll
\Windows\System32\setupapi.dll
\Windows\System32\shell32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\advapi32.dll
\Windows\System32\kernel32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\psapi.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\crypt32.dll
\Windows\System32\userenv.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\devobj.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
 
Scan started
Database versions:
  main:    v2016.03.21.06
  rootkit: v2016.03.12.01
 
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 435D1A6C
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition is bootable
    Partition file system is NTFS
 
    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 4294760448
    Partition is not bootable
    Partition file system is NTFS
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable
 
Disk Size: 3000592982016 bytes
Sector size: 512 bytes
 
Done!
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-206848-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
 
 
(end)
 
 
RKILL:
 
Rkill 2.8.3 by Lawrence Abrams (Grinler)
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 03/21/2016 05:12:17 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Users\Connor\AppData\Roaming\uTorrent\updates\3.4.5_41865\utorrentie.exe (PID: 5668) [UP-HEUR]
 * C:\Users\Connor\AppData\Roaming\uTorrent\updates\3.4.5_41865\utorrentie.exe (PID: 7812) [UP-HEUR]
 
2 proccesses terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 03/21/2016 05:14:26 PM
Execution time: 0 hours(s), 2 minute(s), and 9 seconds(s)


#4 whermsherman

whermsherman
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  

Posted 24 March 2016 - 10:17 AM

@Broni Any idea of what is wrong?



#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:44 PM

Posted 24 March 2016 - 06:33 PM

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

p22002970.gif Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


p22002970.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


p22002970.gif Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#6 whermsherman

whermsherman
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  

Posted 26 March 2016 - 09:12 AM

AdwCleaner:

 

# AdwCleaner v5.105 - Logfile created 25/03/2016 at 10:49:04
# Updated 21/03/2016 by Xplode
# Database : 2016-03-24.4 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Connor - CONNOR-PC
# Running from : C:\Users\Connor\Downloads\adwcleaner_5.105.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[#] Folder Deleted : C:\Program Files (x86)\GS_x64.Enabler
[-] Folder Deleted : C:\Program Files (x86)\surf aNd keep
[-] Folder Deleted : C:\ProgramData\ab3e1f77682206bb
[-] Folder Deleted : C:\Users\Connor\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\adokjfanaflbkibffcbhihgihpgijcei
 
***** [ Files ] *****
 
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome SxS\User Data\Default\Local Extension Settings\elicpjhcidhpjomhibiffojpinpmmpil
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome SxS\User Data\Default\Local Extension Settings\adokjfanaflbkibffcbhihgihpgijcei
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_survey.researchresults.com_0.localstorage
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_survey.researchresults.com_0.localstorage-journal
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_embed.movshare.net_0.localstorage
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_embed.movshare.net_0.localstorage-journal
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_format-factory.en.softonic.com_0.localstorage
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_format-factory.en.softonic.com_0.localstorage-journal
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isurveys.researchresults.com_0.localstorage
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isurveys.researchresults.com_0.localstorage-journal
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mpeg-2-video-decoder.en.softonic.com_0.localstorage
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mpeg-2-video-decoder.en.softonic.com_0.localstorage-journal
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_paidviewpoint.com_0.localstorage
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_paidviewpoint.com_0.localstorage-journal
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage-journal
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_translation.babylon.com_0.localstorage
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_translation.babylon.com_0.localstorage-journal
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_us.yhs4.search.yahoo.com_0.localstorage
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_us.yhs4.search.yahoo.com_0.localstorage-journal
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_windows-live-movie-maker.en.softonic.com_0.localstorage
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_windows-live-movie-maker.en.softonic.com_0.localstorage-journal
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.movshare.net_0.localstorage
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.movshare.net_0.localstorage-journal
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage
[-] File Deleted : C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage-journal
[-] File Deleted : C:\Users\Connor\AppData\Roaming\Mozilla\Firefox\Profiles\k4b18evl.default\extensions\DailymotionVideoDownloader@PeterOlayev.com.xpi
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{643CAF08-2DA3-3CF1-0842-64205CD6F435}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CF987D06-1DCF-7B36-5B43-13BC8699C44C}
[-] Key Deleted : HKU\.DEFAULT\Software\IM
[-] Key Deleted : HKU\.DEFAULT\Software\ImInstaller
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2933866413-783807765-519024103-1000\Software\IM
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2933866413-783807765-519024103-1000\Software\WNLT
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{F1446FAD-1CF4-4730-976B-098B2B2D0B70}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{4692BA65-2AC6-4983-9F1C-4881646B453F}]
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : movies.netflix.com
[-] [C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search.snap.do
[-] [C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : scribblenauts-unlimited.en.softonic.com
[-] [C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com_
[-] [C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : netflix.com
[-] [C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=US&userid=ddb4c029-41b8-450a-a5bc-fe931ffa5a86&searchtype=hp&installDate={installDate}
[-] [C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://search.conduit.com/?ctid=CT3310511&SearchSource=48&CUI=UN22741923942826826&UM=2
[-] [C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : banjjklfojcdbofbhbgiedekefohoaff
[-] [C:\Users\Connor\AppData\Local\Google\Chrome SxS\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\Connor\AppData\Local\Google\Chrome SxS\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Connor\AppData\Local\Google\Chrome SxS\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=US&userid=ddb4c029-41b8-450a-a5bc-fe931ffa5a86&searchtype=hp&installDate={installDate}
[-] [C:\Users\Connor\AppData\Local\Google\Chrome SxS\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://search.conduit.com/?ctid=CT3310511&SearchSource=48&CUI=UN22741923942826826&UM=2
[-] [C:\Users\Connor\AppData\Local\Google\Chrome SxS\User Data\Default\Secure Preferences] [Extension] Deleted : banjjklfojcdbofbhbgiedekefohoaff
[-] [C:\Users\Connor\AppData\Local\Google\Chrome SxS\User Data\Default\Secure Preferences] [Extension] Deleted : elicpjhcidhpjomhibiffojpinpmmpil
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [10940 bytes] - [25/03/2016 10:49:04]
C:\AdwCleaner\AdwCleaner[R0].txt - [14787 bytes] - [30/08/2014 12:44:00]
C:\AdwCleaner\AdwCleaner[S0].txt - [14005 bytes] - [30/08/2014 12:45:15]
C:\AdwCleaner\AdwCleaner[S1].txt - [11057 bytes] - [25/03/2016 10:47:16]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [11236 bytes] ##########

 

 
JRT:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 7 Home Premium x64 
Ran by Connor (Administrator) on Fri 03/25/2016 at 10:58:23.39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 21 
 
Successfully deleted: C:\Users\Connor\AppData\Local\crashrpt (Folder) 
Successfully deleted: C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal (File) 
Successfully deleted: C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage (File) 
Successfully deleted: C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal (File) 
Successfully deleted: C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage (File) 
Successfully deleted: C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal (File) 
Successfully deleted: C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage (File) 
Successfully deleted: C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage-journal (File) 
Successfully deleted: C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage (File) 
Successfully deleted: C:\Users\Connor\Start Menu\Programs\search.lnk (Shortcut) 
Successfully deleted: C:\Windows\system32\Tasks\DriverDoc_UPDATES (Task)
Successfully deleted: C:\Windows\system32\Tasks\DriverDocRunAtStartup (Task)
Successfully deleted: C:\Windows\Tasks\DriverDoc_UPDATES.job (Task) 
Successfully deleted: C:\Users\Connor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6KJQCKVW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Connor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R470FFSH (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Connor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V72PRC2Z (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Connor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X95OA3AY (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6KJQCKVW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R470FFSH (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V72PRC2Z (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X95OA3AY (Temporary Internet Files Folder) 
 
 
 
Registry: 1 
 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 03/25/2016 at 11:03:15.28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Sophos:
 
2016-03-25 16:10:44.149 Sophos Virus Removal Tool version 2.5.5
2016-03-25 16:10:44.149 Copyright © 2009-2014 Sophos Limited. All rights reserved.
 
2016-03-25 16:10:44.149 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.
 
2016-03-25 16:10:44.149 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 WOW64
2016-03-25 16:10:44.149 Checking for updates...
2016-03-25 16:10:47.538 Update progress: proxy server not available
2016-03-25 16:11:00.693 Option all = no
2016-03-25 16:11:00.693 Option recurse = yes
2016-03-25 16:11:00.693 Option archive = no
2016-03-25 16:11:00.693 Option service = yes
2016-03-25 16:11:00.693 Option confirm = yes
2016-03-25 16:11:00.693 Option sxl = yes
2016-03-25 16:11:00.708 Option max-data-age = 35
2016-03-25 16:11:00.708 Option EnableSafeClean = yes
2016-03-25 16:11:04.296 Downloading updates...
2016-03-25 16:11:04.296 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0 
2016-03-25 16:11:04.296 Update progress: [I49502] Found supplement SAVIW32 LATEST 
2016-03-25 16:11:04.296 Update progress: [I49502] Found supplement IDE526 LATEST 
2016-03-25 16:11:04.296 Update progress: [I49502] Found supplement IDE527 LATEST 
2016-03-25 16:11:04.296 Update progress: [I49502] Found supplement IDE528 LATEST 
2016-03-25 16:11:04.296 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2016-03-25 16:11:04.296 Update progress: [I19463] Syncing product SAVIW32 68
2016-03-25 16:11:04.936 Option vdl-logging = yes
2016-03-25 16:11:04.998 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2016-03-25 16:11:04.998 Machine ID: 23b11effd17e4461b67e2fc8e3edf6bb
2016-03-25 16:11:04.998 Component SVRTcli.exe version 2.5.5
2016-03-25 16:11:04.998 Component control.dll version 2.5.5
2016-03-25 16:11:04.998 Component SVRTservice.exe version 2.5.5
2016-03-25 16:11:04.998 Component engine\osdp.dll version 1.44.1.2240
2016-03-25 16:11:04.998 Component engine\veex.dll version 3.64.0.2240
2016-03-25 16:11:04.998 Component engine\savi.dll version 9.0.0.2240
2016-03-25 16:11:04.998 Component rkdisk.dll version 1.5.30.0
2016-03-25 16:11:04.998 Version info: Product version 2.5.5
2016-03-25 16:11:04.998 Version info: Detection engine 3.64.0
2016-03-25 16:11:04.998 Version info: Detection data 5.25
2016-03-25 16:11:04.998 Version info: Build date 3/8/2016
2016-03-25 16:11:04.998 Version info: Data files added 250
2016-03-25 16:11:04.998 Version info: Last successful update (not yet updated)
2016-03-25 16:11:07.494 Update progress: [I19463] Syncing product IDE526 167
2016-03-25 16:11:08.637 Installing updates...
2016-03-25 16:11:09.448 Error level 1
2016-03-25 16:11:09.464 Update progress: [I19463] Syncing product IDE527 85
2016-03-25 16:11:09.464 Update progress: [I19463] Syncing product IDE528 1
2016-03-25 16:11:28.584 Update successful
2016-03-25 16:11:45.280 Option all = no
2016-03-25 16:11:45.280 Option recurse = yes
2016-03-25 16:11:45.280 Option archive = no
2016-03-25 16:11:45.280 Option service = yes
2016-03-25 16:11:45.280 Option confirm = yes
2016-03-25 16:11:45.280 Option sxl = yes
2016-03-25 16:11:45.280 Option max-data-age = 35
2016-03-25 16:11:45.280 Option EnableSafeClean = yes
2016-03-25 16:11:45.389 Option vdl-logging = yes
2016-03-25 16:11:45.405 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2016-03-25 16:11:45.405 Machine ID: 23b11effd17e4461b67e2fc8e3edf6bb
2016-03-25 16:11:45.405 Component SVRTcli.exe version 2.5.5
2016-03-25 16:11:45.405 Component control.dll version 2.5.5
2016-03-25 16:11:45.405 Component SVRTservice.exe version 2.5.5
2016-03-25 16:11:45.405 Component engine\osdp.dll version 1.44.1.2240
2016-03-25 16:11:45.405 Component engine\veex.dll version 3.64.0.2240
2016-03-25 16:11:45.405 Component engine\savi.dll version 9.0.0.2240
2016-03-25 16:11:45.405 Component rkdisk.dll version 1.5.30.0
2016-03-25 16:11:45.405 Version info: Product version 2.5.5
2016-03-25 16:11:45.405 Version info: Detection engine 3.64.0
2016-03-25 16:11:45.405 Version info: Detection data 5.25
2016-03-25 16:11:45.405 Version info: Build date 3/8/2016
2016-03-25 16:11:45.405 Version info: Data files added 250
2016-03-25 16:11:45.405 Version info: Last successful update 3/25/2016 11:11:28 AM
 
2016-03-25 19:51:21.673 SafeClean bin directory is empty.
2016-03-25 19:51:21.698 Error level 0
 
2016-03-25 19:51:25.837 Scan cancelled by user.
2016-03-25 19:51:25.837
 
------------------------------------------------------------
 
2016-03-25 19:51:41.982 Sophos Virus Removal Tool version 2.5.5
2016-03-25 19:51:41.982 Copyright © 2009-2014 Sophos Limited. All rights reserved.
 
2016-03-25 19:51:41.982 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.
 
2016-03-25 19:51:41.982 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 WOW64
2016-03-25 19:51:41.982 Checking for updates...
2016-03-25 19:51:44.943 Update progress: proxy server not available
2016-03-25 19:52:08.085 Option all = no
2016-03-25 19:52:08.085 Option recurse = yes
2016-03-25 19:52:08.085 Option archive = no
2016-03-25 19:52:08.085 Option service = yes
2016-03-25 19:52:08.085 Option confirm = yes
2016-03-25 19:52:08.085 Option sxl = yes
2016-03-25 19:52:08.086 Option max-data-age = 35
2016-03-25 19:52:08.086 Option EnableSafeClean = yes
2016-03-25 19:52:08.138 Option vdl-logging = yes
2016-03-25 19:52:08.145 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2016-03-25 19:52:08.145 Machine ID: 23b11effd17e4461b67e2fc8e3edf6bb
2016-03-25 19:52:08.204 Component SVRTcli.exe version 2.5.5
2016-03-25 19:52:08.204 Component control.dll version 2.5.5
2016-03-25 19:52:08.204 Component SVRTservice.exe version 2.5.5
2016-03-25 19:52:08.204 Component engine\osdp.dll version 1.44.1.2240
2016-03-25 19:52:08.204 Component engine\veex.dll version 3.64.0.2240
2016-03-25 19:52:08.204 Component engine\savi.dll version 9.0.0.2240
2016-03-25 19:52:08.205 Component rkdisk.dll version 1.5.30.0
2016-03-25 19:52:08.205 Version info: Product version 2.5.5
2016-03-25 19:52:08.205 Version info: Detection engine 3.64.0
2016-03-25 19:52:08.205 Version info: Detection data 5.25
2016-03-25 19:52:08.205 Version info: Build date 3/8/2016
2016-03-25 19:52:08.205 Version info: Data files added 250
2016-03-25 19:52:08.205 Version info: Last successful update 3/25/2016 11:11:28 AM
2016-03-25 19:52:21.885 Downloading updates...
2016-03-25 19:52:21.886 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0 
2016-03-25 19:52:21.886 Update progress: [I49502] Found supplement SAVIW32 LATEST 
2016-03-25 19:52:21.886 Update progress: [I49502] Found supplement IDE526 LATEST 
2016-03-25 19:52:21.886 Update progress: [I49502] Found supplement IDE527 LATEST 
2016-03-25 19:52:21.886 Update progress: [I49502] Found supplement IDE528 LATEST 
2016-03-25 19:52:21.886 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2016-03-25 19:52:21.886 Update progress: [I19463] Syncing product SAVIW32 68
2016-03-25 19:52:21.886 Update progress: [I19463] Syncing product IDE526 167
2016-03-25 19:52:23.528 Update progress: [I19463] Syncing product IDE527 86
2016-03-25 19:52:23.610 Installing updates...
2016-03-25 19:52:24.212 Error level 1
2016-03-25 19:52:24.577 Update progress: [I19463] Syncing product IDE528 1
2016-03-25 19:52:24.629 Update successful
2016-03-25 19:52:40.758 Option all = no
2016-03-25 19:52:40.758 Option recurse = yes
2016-03-25 19:52:40.758 Option archive = no
2016-03-25 19:52:40.758 Option service = yes
2016-03-25 19:52:40.758 Option confirm = yes
2016-03-25 19:52:40.758 Option sxl = yes
2016-03-25 19:52:40.763 Option max-data-age = 35
2016-03-25 19:52:40.763 Option EnableSafeClean = yes
2016-03-25 19:52:40.851 Option vdl-logging = yes
2016-03-25 19:52:40.867 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2016-03-25 19:52:40.867 Machine ID: 23b11effd17e4461b67e2fc8e3edf6bb
2016-03-25 19:52:40.868 Component SVRTcli.exe version 2.5.5
2016-03-25 19:52:40.869 Component control.dll version 2.5.5
2016-03-25 19:52:40.869 Component SVRTservice.exe version 2.5.5
2016-03-25 19:52:40.869 Component engine\osdp.dll version 1.44.1.2240
2016-03-25 19:52:40.869 Component engine\veex.dll version 3.64.0.2240
2016-03-25 19:52:40.869 Component engine\savi.dll version 9.0.0.2240
2016-03-25 19:52:40.870 Component rkdisk.dll version 1.5.30.0
2016-03-25 19:52:40.870 Version info: Product version 2.5.5
2016-03-25 19:52:40.871 Version info: Detection engine 3.64.0
2016-03-25 19:52:40.871 Version info: Detection data 5.25
2016-03-25 19:52:40.871 Version info: Build date 3/8/2016
2016-03-25 19:52:40.871 Version info: Data files added 251
2016-03-25 19:52:40.871 Version info: Last successful update 3/25/2016 2:52:24 PM
 
2016-03-26 00:21:11.569 Could not open C:\hiberfil.sys
2016-03-26 00:27:50.566 Could not open C:\pagefile.sys
2016-03-26 00:54:45.985 >>> Virus 'Mal/Behav-103' found in file C:\Program Files (x86)\Adobe Flash CS3 Professional\unins000.exe
2016-03-26 03:35:04.890 Could not open C:\System Volume Information\{109186b6-f0fe-11e5-b0ef-005056c00008}{3808876b-c176-4e48-b7ae-04046e6cc752}
2016-03-26 03:35:04.890 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2016-03-26 03:35:04.890 Could not open C:\System Volume Information\{5ea2d1ac-e933-11e5-8083-005056c00008}{3808876b-c176-4e48-b7ae-04046e6cc752}
2016-03-26 03:35:04.891 Could not open C:\System Volume Information\{5ea2d408-e933-11e5-8083-005056c00008}{3808876b-c176-4e48-b7ae-04046e6cc752}
2016-03-26 03:35:04.891 Could not open C:\System Volume Information\{98fc5bf9-f2a1-11e5-931a-005056c00008}{3808876b-c176-4e48-b7ae-04046e6cc752}
2016-03-26 03:35:04.891 Could not open C:\System Volume Information\{98fc5c25-f2a1-11e5-931a-005056c00008}{3808876b-c176-4e48-b7ae-04046e6cc752}
2016-03-26 04:15:17.050 Could not open C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Current Session
2016-03-26 04:15:17.051 Could not open C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Current Tabs
2016-03-26 04:15:17.829 Could not check C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\LOCK (virus scan failed)
2016-03-26 04:15:17.949 Could not check C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOCK (virus scan failed)
2016-03-26 04:15:29.521 Could not check C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\File System\006\t\00\00000015 (corrupt)
2016-03-26 04:15:38.202 Could not check C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\LOCK (virus scan failed)
2016-03-26 04:15:38.304 Could not check C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\GCM Store\LOCK (virus scan failed)
2016-03-26 04:15:38.561 Could not check C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_docs.google.com_0.indexeddb.leveldb\LOCK (virus scan failed)
2016-03-26 04:15:40.195 Could not check C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cfhdojbkjhnklbpkdaibdccddilifddb\LOCK (virus scan failed)
2016-03-26 04:15:40.298 Could not check C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ghbmnnjooekpmoecnnnilnnbdlolhkhi\LOCK (virus scan failed)
2016-03-26 04:15:40.372 Could not check C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mgijmajocgfcbeboacabfgobmjgjcoja\LOCK (virus scan failed)
2016-03-26 04:15:46.893 Could not check C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Managed Extension Settings\cfhdojbkjhnklbpkdaibdccddilifddb\LOCK (virus scan failed)
2016-03-26 04:16:06.921 Could not check C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOCK (virus scan failed)
2016-03-26 04:16:07.112 Could not check C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOCK (virus scan failed)
2016-03-26 04:16:07.348 Could not check C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\dcnjhgnfnmijfkmcddcmffeamphmmeed\LOCK (virus scan failed)
2016-03-26 04:16:07.354 Could not check C:\Users\Connor\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ohcpnigalekghcmgcdcenkpelffpdolg\LOCK (virus scan failed)
2016-03-26 04:34:17.992 Could not check C:\Users\Connor\Downloads\kennedy_14e_skills_ch12 (1).doc (corrupt)
2016-03-26 04:35:19.292 >>> Virus 'Mal/Generic-S' found in file C:\Users\Connor\Downloads\parks and recreation commentary_10924_i22326090_il345.exe
2016-03-26 04:37:00.170 >>> Virus 'Mal/MSIL-AX' found in file C:\Users\Connor\Downloads\Unturned V2.0.8 Trainer +6 MrAntiFun.zip\Unturned V2.0.8 Trainer +6 MrAntiFun/MrAntifFun Trainers.exe
2016-03-26 04:37:00.170 Disinfection not offered
2016-03-26 04:47:33.046 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2016-03-26 04:47:33.046 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2016-03-26 04:47:40.577 Could not open C:\Windows\System32\config\components
2016-03-26 04:47:40.614 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2016-03-26 04:47:40.615 Could not open C:\Windows\System32\config\RegBack\SAM
2016-03-26 04:47:40.616 Could not open C:\Windows\System32\config\RegBack\SECURITY
2016-03-26 04:47:40.627 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2016-03-26 04:47:40.628 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2016-03-26 13:04:27.411 Could not open C:\Windows\Temp\TMP000025BE61BCA5E6669725EF
2016-03-26 13:04:27.412 Could not open C:\Windows\Temp\TMP000025BF13E58159EF957B6B
2016-03-26 14:04:53.281 >>> Virus 'Mal/Generic-L' found in file C:\Windows\wt\webdriver\wthostctl.dll
2016-03-26 14:04:53.282 >>> Virus 'Mal/Generic-L' found in file HKCR\Interface\{3F44B498-8FD4-4A1E-852C-170156ED27C0}
2016-03-26 14:04:53.283 >>> Virus 'Mal/Generic-L' found in file HKCR\TypeLib\{B7E20302-C22C-4AF2-9D75-C3EB6EEE9DD8}
2016-03-26 14:04:53.283 >>> Virus 'Mal/Generic-L' found in file HKCR\WDMHHost.WTHoster.1
2016-03-26 14:04:53.284 >>> Virus 'Mal/Generic-L' found in file HKCR\WDMHHost.WTHoster
2016-03-26 14:04:53.284 >>> Virus 'Mal/Generic-L' found in file HKCR\CLSID\{ab29a544-d6b4-4e36-a1f8-d3e34fc7b00a}
2016-03-26 14:04:53.285 >>> Virus 'Mal/Generic-L' found in file HKCR\Interface\{3F44B498-8FD4-4A1E-852C-170156ED27C0}
2016-03-26 14:04:53.285 >>> Virus 'Mal/Generic-L' found in file HKCR\TypeLib\{B7E20302-C22C-4AF2-9D75-C3EB6EEE9DD8}
2016-03-26 14:04:53.310 >>> Virus 'Mal/Generic-L' found in file HKCR\WDMHHost.WTHoster.1
2016-03-26 14:04:53.311 >>> Virus 'Mal/Generic-L' found in file HKCR\WDMHHost.WTHoster
2016-03-26 14:04:53.311 >>> Virus 'Mal/Generic-L' found in file HKCR\CLSID\{ab29a544-d6b4-4e36-a1f8-d3e34fc7b00a}
2016-03-26 14:06:15.882 >>> Virus 'Mal/Generic-L' found in file C:\Windows\wt\wtupdates\wtwebdriver\files\2.2.0.100\wthostctl.dll
2016-03-26 14:06:24.748 The following items will be cleaned up:
2016-03-26 14:06:24.748 Mal/Behav-103
2016-03-26 14:06:24.748 Mal/Generic-S
2016-03-26 14:06:24.749 Mal/Generic-L
2016-03-26 14:06:24.749 Mal/MSIL-AX
 


#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,716 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:10:44 PM

Posted 26 March 2016 - 08:08 PM

p22002970.gif Update Firefox to the current version.

 

p22002970.gif Update your Java version here: http://www.java.com/en/download/manual.jsp
Alternate download: http://www.filehippo.com/search?q=java

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
Note 2: If you're running 64-bit system make sure you install BOTH, 32-bit and 64-bit Java.

 

=========================================

 

Your computer is clean p3879546.jpg

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download 51a5ce45263de-delfix.pngDelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry3187642

12. Please, let me know, how your computer is doing.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users