Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Got a virus - Do not know what.


  • Please log in to reply
12 replies to this topic

#1 coachoflife

coachoflife

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Local time:11:03 AM

Posted 24 May 2016 - 03:18 PM

My computer runs slowly,  e-mails stop coming into my account, websites are difficult to access and change which ones every few days and streaming things is very difficult.



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:03 AM

Posted 24 May 2016 - 04:54 PM

Adware Cleaner Scan.

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

 

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.
  •  

Adware Removal Tool Scan.

 

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

 

 

LOr0Gd7.png

 

Hit Ok.

 

sYFsqHx.png

 

Hit next make sure to leave all items checked, for removal.

 

8NcZjGc.png

 

 

The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

 

ZHP Scan.

Please download Zhp Cleaner  to your desktop.  Right Click the icon and select run as administrator.

 http://nicolascoolman.com/download/zhpcleaner

 

 

2. Once you have started the program, you will need to click the scanner button.

EgsT69u.png

The program will close all open browsers!

3. Once the scan is completed, the you will want to click the Repair button.

6QJjV50.png

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 Zemana Scan

 

 

Run a full scan with Zemana AntiMalware!

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply



#3 coachoflife

coachoflife
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Local time:11:03 AM

Posted 24 May 2016 - 07:28 PM

# AdwCleaner v5.114 - Logfile created 13/05/2016 at 05:41:28
# Updated 27/04/2016 by Xplode
# Database : 2016-05-09.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (X64)
# Username : x - X-PC
# Running from : C:\Users\x\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
# AdwCleaner v5.114 - Logfile created 13/05/2016 at 05:41:28
# Updated 27/04/2016 by Xplode
# Database : 2016-05-09.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (X64)
# Username : x - X-PC
# Running from : C:\Users\x\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
[-] File Deleted : C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock2 - Deleted C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [3567 bytes] - [24/02/2016 14:34:29]
C:\AdwCleaner\AdwCleaner[C2].txt - [1757 bytes] - [29/04/2016 18:37:34]
C:\AdwCleaner\AdwCleaner[C3].txt - [1224 bytes] - [13/05/2016 05:41:28]
C:\AdwCleaner\AdwCleaner[S1].txt - [3205 bytes] - [24/02/2016 14:16:26]
C:\AdwCleaner\AdwCleaner[S2].txt - [1470 bytes] - [29/04/2016 18:33:12]
C:\AdwCleaner\AdwCleaner[S3].txt - [1068 bytes] - [03/05/2016 19:47:18]
C:\AdwCleaner\AdwCleaner[S4].txt - [1142 bytes] - [06/05/2016 16:12:28]
C:\AdwCleaner\AdwCleaner[S5].txt - [1466 bytes] - [13/05/2016 05:39:05]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1662 bytes] ##########
# AdwCleaner v5.117 - Logfile created 25/05/2016 at 00:42:07
# Updated 15/05/2016 by Xplode
# Database : 2016-05-23.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (X64)
# Username : x - X-PC
# Running from : C:\Users\x\Desktop\adwcleaner_5.117.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock2 - Deleted C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [3567 bytes] - [24/02/2016 14:34:29]
C:\AdwCleaner\AdwCleaner[C2].txt - [1757 bytes] - [29/04/2016 18:37:34]
C:\AdwCleaner\AdwCleaner[C3].txt - [2709 bytes] - [13/05/2016 05:41:28]
C:\AdwCleaner\AdwCleaner[S1].txt - [3205 bytes] - [24/02/2016 14:16:26]
C:\AdwCleaner\AdwCleaner[S2].txt - [1470 bytes] - [29/04/2016 18:33:12]
C:\AdwCleaner\AdwCleaner[S3].txt - [1068 bytes] - [03/05/2016 19:47:18]
C:\AdwCleaner\AdwCleaner[S4].txt - [1142 bytes] - [06/05/2016 16:12:28]
C:\AdwCleaner\AdwCleaner[S5].txt - [2755 bytes] - [13/05/2016 05:39:05]
C:\AdwCleaner\AdwCleaner[S6].txt - [1368 bytes] - [25/05/2016 00:40:00]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [3220 bytes] ##########
 
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
[-] File Deleted : C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\x\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock2 - Deleted C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [3567 bytes] - [24/02/2016 14:34:29]
C:\AdwCleaner\AdwCleaner[C2].txt - [1757 bytes] - [29/04/2016 18:37:34]
C:\AdwCleaner\AdwCleaner[C3].txt - [1224 bytes] - [13/05/2016 05:41:28]
C:\AdwCleaner\AdwCleaner[S1].txt - [3205 bytes] - [24/02/2016 14:16:26]
C:\AdwCleaner\AdwCleaner[S2].txt - [1470 bytes] - [29/04/2016 18:33:12]
C:\AdwCleaner\AdwCleaner[S3].txt - [1068 bytes] - [03/05/2016 19:47:18]
C:\AdwCleaner\AdwCleaner[S4].txt - [1142 bytes] - [06/05/2016 16:12:28]
C:\AdwCleaner\AdwCleaner[S5].txt - [1466 bytes] - [13/05/2016 05:39:05]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1662 bytes] ##########
# AdwCleaner v5.117 - Logfile created 25/05/2016 at 00:42:07
# Updated 15/05/2016 by Xplode
# Database : 2016-05-23.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (X64)
# Username : x - X-PC
# Running from : C:\Users\x\Desktop\adwcleaner_5.117.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock2 - Deleted C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [3567 bytes] - [24/02/2016 14:34:29]
C:\AdwCleaner\AdwCleaner[C2].txt - [1757 bytes] - [29/04/2016 18:37:34]
C:\AdwCleaner\AdwCleaner[C3].txt - [2709 bytes] - [13/05/2016 05:41:28]
C:\AdwCleaner\AdwCleaner[S1].txt - [3205 bytes] - [24/02/2016 14:16:26]
C:\AdwCleaner\AdwCleaner[S2].txt - [1470 bytes] - [29/04/2016 18:33:12]
C:\AdwCleaner\AdwCleaner[S3].txt - [1068 bytes] - [03/05/2016 19:47:18]
C:\AdwCleaner\AdwCleaner[S4].txt - [1142 bytes] - [06/05/2016 16:12:28]
C:\AdwCleaner\AdwCleaner[S5].txt - [2755 bytes] - [13/05/2016 05:39:05]
C:\AdwCleaner\AdwCleaner[S6].txt - [1368 bytes] - [25/05/2016 00:40:00]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [3220 bytes] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Professional x64 
Ran by x (Administrator) on 25/05/2016 at  0:46:48.65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 8 
 
Successfully deleted: C:\Users\x\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\14YN3CVC (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\x\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GMTU31XB (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\x\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NWANSMPI (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\x\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OEAGYJ2H (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\14YN3CVC (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GMTU31XB (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NWANSMPI (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OEAGYJ2H (Temporary Internet Files Folder) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25/05/2016 at  0:49:20.14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#4 coachoflife

coachoflife
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Local time:11:03 AM

Posted 24 May 2016 - 08:22 PM

Zemana AntiMalware 2.20.2.613 (Installed)
 
-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2016/5/25
Operating System       : Windows 7 64-bit
Processor              : 2X AMD Athlon™ Dual Core Processor 4450B
BIOS Mode              : Legacy
CUID                   : 001DC764FBB927431099B5
Scan Type              : Deep Scan
Duration               : 44m 26s
Scanned Objects        : 130450
Detected Objects       : 1
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : ON
Detect All Extensions  : OFF
Scan Documents         : OFF
Domain Info            : WORKGROUP,0,2
 
Detected Objects
-------------------------------------------------------
 
Simplix Root Authority
Status             : Scanned
Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\87C47CBB95638C2264392D88EEBCAE6AD9F84764\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\87C47CBB95638C2264392D88EEBCAE6AD9F84764\Blob = 5C0000000100000004000000001000000F000000010000001400000092547635B5487CE4EBBF5505DE6A7905B264900F03000000010000001400000087C47CBB95638C2264392D88EEBCAE6AD9F8476419000000010000001000000085DA4F62E23B06777BE2966D9271D72F1400000001000000140000004040547E8758BB4416A006F8324964CF9B30990C040000000100000010000000B25C2DE8AEB765180C2B3FF68CACE24720000000010000004D0500003082054930820331A003020102020900D7995F04B24AAF82300D06092A864886F70D01010505003021311F301D060355040A131653696D706C697820526F6F7420417574686F72697479301E170D3937303131303038303030305A170D3230313233313038303030305A3021311F301D060355040A131653696D706C697820526F6F7420417574686F7269747930820222300D06092A864886F70D01010105000382020F003082020A0282020100D95B732F0DFBC0A809FA5BB8CE1ED64BDC534BEDCA7357F2C8B462D3B7E7250E4F4CB34C9E5E6A446C2754566BB9571932BB47C27F26FDCC082F7296412D36CDDF7C917F21223D50EE461338EAD2E8887E648116BDA35820330F402BB8077253A49473BCFCF3419E330A1657EF3087712632F21B0E823A6EBEA94F295FE2F6C7D160CEA02AF2DBFF55802A296267D67FD7DF072B39A1A58DB48B920A9F75344534E84429714A44C70FA18AE09C8DB82A5143ADAA31C6D3CD28405FDBCF013DBECE0FC37F8E7B00CE7A2752E82807E800B24920ED54B15F7CE79BB0778DABE7AE935601B4C61E7B9BFA5D79BC7DC8FBC3FBBEBD4716742EFB02C49E368C3C57F449C238DBEC1C7BDDBA064CD6B22008750F401C758892EA9B2B1132B0C0251C2FFBE8D9474B5A274EBFF5C738CE22DC659E1A60AF0B214EE99BAB88865DA8AD34A2DBFBDB376AF19EE7DB29A8827FAA360CAB45F7C971CE8182F9AF6B123D0E5FF27D48FE74F42C3F46C57BEFC5182FC15C87D67DB6A73638C647C3A747FE47EDF9147192BA0C8F82FECCE89CE39E44E9DEBD31BDE27CB903A5D1F058B287CB6D33FE2EACAA51E9D6765F4F7CA07AA374FE481E3F7C8251CD2C0E81519C082E9CDD28F44DFD415881F664A98059A9F3D6509FF22F24CD4243A1F99C22872A3539552D6B58E76A8F45D53E2EA2C4402FD94BE4E3985E0561DD1A8DCB3DA04EA2570203010001A38183308180301D0603551D0E041604144040547E8758BB4416A006F8324964CF9B30990C30510603551D23044A304880144040547E8758BB4416A006F8324964CF9B30990CA125A4233021311F301D060355040A131653696D706C697820526F6F7420417574686F72697479820900D7995F04B24AAF82300C0603551D13040530030101FF300D06092A864886F70D0101050500038202010091AE13ED2CB26FADEF2C5F9A4CC8CD9E31FEDA49907617EC0F3C52D61A80A491BB6419B926D7149D3908DF7E206FAE69C5D9C959106E11A69636B30D4F57AFA4D4A9659C06655E7C3834031B198C626741CB03A1180B13502C11BD9F81EB5B942211AFEAA5224523B79A6C39A670516E6DDC14F15338832E0C491DB930458DBDC272EC72C97C466EC46794784E305122CE7BE72549DC87A6D1528B829C97695AB85685CD3E29DFBCA2EDEC86DCDCDC31D1EFB59FA141717850AB1AB19AC515A67DF78275F14AD365EDDB6D97F52432621185472889C418261A3B6DD0324DB529DC12F808A47F52B199B89F62362B4911FB4A3A14E4D2F99941CF05345722D1EA4A1A3CD9E1B58A11F3FE35ED63E97DC648072C53C5285FEB83364533B55B912038780E369F00A741EA24F5862C7641C062F49717FD5CCBEFE756AB75E232BB241FA5409EC99C0F268FB099F29ADE2C845D38C089616F791AA4B8EA6C210693B96B5800081501A9F14BDA172C21E3DA8AEA5E337700E48A82165A8383B6496173FDF7E915732A45256F05B3C8BEE16D206098981FA2FB2948D5AFBB1CAFFF4E1E2DEECDAE63B71F0512C08D878879F30011600A71C51A07E72DB55DA942714D2A814110CC487CA9F213B1EA9BDD35BE5BFA4E2DE69B319FEAEF1426C6E666F0A9EDF24E31023FD7CEF2DAEE4C8FCB820EF80E7E49696F27DA763784CB1AAC168A
 
 
Cleaning Result
-------------------------------------------------------
Cleaned               : 1
Reported as safe      : 0
Failed                : 0


#5 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:03 AM

Posted 25 May 2016 - 05:28 PM

How are things running now?

 

Malwarebytes Scan.

 

We need you to run MalwareBytes to get a log, please download the free version of MalwareBytes HERE

http://data-cdn.mbamupdates.com/web/mbam-setup-2.2.0.1024.exe  Alternate Link.

Save the file to somewhere you can easily find it. Double click the saved file to start the install, accept any security warnings that may appear, and after the install click the new desktop icon to start the program. We need to modify a couple of things with MalwareBytes before we use it so please follow the steps below.

  1. If the dashboard is not already displayed select it.
  2. Then select "Update Now" to get the latest database.

VSKiiIc.jpg

  1. Next we need to change a scanning option, select "Settings" on the main menu, then "Detection and Protection" on the left.
  2. Then select "Scan for rootkits" in the detection options, as well as the other two options already checked.

ZU4W2g2.jpg

  • Now return to Dashboard on the main menu and select "Scan Now" at the bottom of the screen.

nF8dOcq.jpg

  • Allow MalwareBytes to scan your system, it may take some time depending on what you have loaded onto your hard drive.

L8lsasM.jpg

When the scan is finished

  1. Click "Save Results"
  2. Then click on "Text file"

5x4JOvA.jpg

  • A window will then open allowing you to choose a name for the logfile and also allowing you to choose where to save it, save it to the desktop.
  • Please copy and paste the contents of this file in your next post.

 

 

Eset Online Scanner.

 

Eset Scan

Click Me To Download Eset Scan

Disable your antivirus prior to this scan.
 
 esetonlinebtn.png
 

  •  Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

 

Minitoolbox scan.

 

 

Please download MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

Security Check Scan.

 

Download Security Check to your desktop, right click it run as administrator. When the program completes, the tool will automatically open a log file, please post that log here in your next post.


You are missing the Adware Removal tool; the Zhp cleaner logs....



#6 coachoflife

coachoflife
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Local time:11:03 AM

Posted 25 May 2016 - 08:37 PM

Things are a lot better.  Thanks for your help.

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 26/05/2016
Scan Time: 00:57
Logfile: m.txt
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.05.25.07
Rootkit Database: v2016.05.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: x
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 337809
Time Elapsed: 26 min, 29 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 
 
Adware Removal Tool 5.1
Time: 2016_05_25_00_55_33
OS: Windows 7 Professional - x64 Bit
Account Name: x
Adware Definition: 05232016
Elapsed time: 04:20
Repair Status:- Automatic Done
\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\
 
 
No results found
 

~ ZHPCleaner v2016.5.21.68 by Nicolas Coolman (2016/05/21)
~ Run by x (Administrator)  (25/05/2016 01:11:28)
~ State version : Version OK
~ Type : Scan
~ Report : C:\Users\x\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\x\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
 
 
---\\  Services (0)
~ No malicious or unnecessary items found.
 
 
---\\  Browser internet (0)
~ No malicious or unnecessary items found.
 
 
---\\  Hosts file (1)
~ The hosts file is legitimate (23)
 
 
---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.
 
 
---\\  Explorer ( File, Folder) (0)
~ No malicious or unnecessary items found.
 
 
---\\  Registry ( Key, Value, Data) (0)
~ No malicious or unnecessary items found.
 
 
---\\ Result of repair
~ Any repair made
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)
 
 
---\\ Statistics
~ Items scanned : 49635
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 0
 
 
~ End of search in 00h06mn03s
~====================
ZHPCleaner-[S]-25052016-01_17_31.txt
 

SecurityCheck by glax24 & Severnyj v.1.4.0.40 [21.05.16]
WebSite: www.safezone.cc
DateLog: 26.05.2016 02:36:14
Path starting: C:\Users\x\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: x
VersionXML: 2.97is-24.05.2016
___________________________________________________________________________
 
Windows 7(6.1.7601) Service Pack 1 (x64) Professional Lang: English(0409)
Installation date OS: 01.02.2016 12:28:55
LicenseStatus: Windows® 7, Professional edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [148.7 Gb] Used: [35.9 Gb] Free: [112.8 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.18314
User Account Control enabled
Automatic download and scheduled installation
Date install updates: 2016-05-15 02:12:52
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service is running
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Microsoft Security Essentials (disabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Microsoft Security Essentials (disabled and up to date)
Windows Defender (disabled and out of date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Microsoft Security Essentials v.4.9.218.0
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
Zemana AntiMalware v.2.20.613
--------------------------- [ OtherUtilities ] ----------------------------
VLC media player v.2.2.1 Warning! Download Update
Microsoft Silverlight v.5.1.41212.0
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Acrobat Reader DC v.15.016.20041
------------------------------- [ Browser ] -------------------------------
Google Chrome v.50.0.2661.102
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.50.0.2661.102
Microsoft Network Inspection (NisSrv) - The service has stopped
Microsoft Antimalware Service (MsMpSvc) - The service is running
C:\Program Files\Microsoft Security Client\MsMpEng.exe v.4.9.218.0
Microsoft Network Inspection (NisSrv) - The service has stopped
Windows Defender (WinDefend) - The service has stopped
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.0.0.0.0
----------------------------- [ End of Log ] ------------------------------
 
 
Eset found nothing so did not produce a log.
 
Minitoolbox takes me to another persons post.
 
 


#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:03 AM

Posted 28 May 2016 - 08:58 AM

Sorry about that, here is the minitoolbox link.



#8 coachoflife

coachoflife
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Local time:11:03 AM

Posted 28 May 2016 - 03:55 PM

MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by x (administrator) on 28-05-2016 at 21:52:59
Running from "C:\Users\x\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Model: HP Compaq dx2450 Microtower PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1       localhost
========================= IP Configuration: ================================
 
NVIDIA nForce Networking Controller = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : x-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : lan
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
   Physical Address. . . . . . . . . : 00-22-64-BD-6F-69
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f89b:1bc9:c5dc:d57b%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.1(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 28 May 2016 21:47:48
   Lease Expires . . . . . . . . . . : 29 May 2016 21:47:48
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 234889828
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1E-41-12-97-00-22-64-BD-6F-69
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.lan:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dsldevice.lan
Address:  192.168.1.254
 
Name:    google.com
Addresses:  2a00:1450:4009:811::200e
 216.58.213.174
 
 
Pinging google.com [216.58.213.174] with 32 bytes of data:
Reply from 216.58.213.174: bytes=32 time=33ms TTL=57
Reply from 216.58.213.174: bytes=32 time=34ms TTL=57
 
Ping statistics for 216.58.213.174:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 33ms, Maximum = 34ms, Average = 33ms
Server:  dsldevice.lan
Address:  192.168.1.254
 
Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
 2001:4998:c:a06::2:4008
 2001:4998:44:204::a7
 206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=199ms TTL=49
Reply from 206.190.36.45: bytes=32 time=185ms TTL=49
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 185ms, Maximum = 199ms, Average = 192ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...00 22 64 bd 6f 69 ......NVIDIA nForce Networking Controller
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254      192.168.1.1     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.1    276
      192.168.1.1  255.255.255.255         On-link       192.168.1.1    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.1    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.1    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.1    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 fe80::/64                On-link
 11    276 fe80::f89b:1bc9:c5dc:d57b/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [File Not found] ()
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [File Not found] ()
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/13/2016 08:53:50 AM) (Source: MsiInstaller) (User: x-PC)
Description: Product: Adobe Acrobat Reader DC - Update '{AC76BA86-7AD7-0000-2550-AC0F104E4700}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127
 
Error: (05/13/2016 08:30:04 AM) (Source: MsiInstaller) (User: x-PC)
Description: Product: Adobe Acrobat Reader DC - Update '{AC76BA86-7AD7-0000-2550-AC0F104E4700}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127
 
Error: (04/27/2016 11:44:10 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
Error: (04/27/2016 11:44:09 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
Error: (04/27/2016 11:32:29 AM) (Source: WinMgmt) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\AACLIENT.MFL
 
Error: (04/27/2016 11:32:09 AM) (Source: WinMgmt) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF
 
Error: (04/27/2016 08:48:51 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
Error: (04/27/2016 08:48:49 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
Error: (04/27/2016 08:22:45 AM) (Source: Microsoft-Windows-LoadPerf) (User: x-PC)
Description: Installing the performance counter strings for service .NET Data Provider for Oracle () failed. The first DWORD in the Data section contains the error code.
 
Error: (04/27/2016 08:17:20 AM) (Source: WinMgmt) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\AACLIENT.MFL
 
 
System errors:
=============
Error: (05/28/2016 03:36:16 AM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
 
Error: (05/27/2016 10:51:01 PM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
 
Error: (05/27/2016 02:39:20 PM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
 
Error: (05/27/2016 01:08:50 PM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
 
Error: (05/27/2016 08:50:25 AM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
 
Error: (05/26/2016 01:44:44 AM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
Error: (05/26/2016 01:44:44 AM) (Source: Application Popup) (User: )
Description: \??\C:\Users\x\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (05/26/2016 01:44:43 AM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
Error: (05/26/2016 01:44:43 AM) (Source: Application Popup) (User: )
Description: \??\C:\Users\x\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (05/26/2016 01:44:43 AM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
 
Microsoft Office Sessions:
=========================
Error: (05/13/2016 08:53:50 AM) (Source: MsiInstaller)(User: x-PC)
Description: Adobe Acrobat Reader DC{AC76BA86-7AD7-0000-2550-AC0F104E4700}1625(NULL)(NULL)(NULL)
 
Error: (05/13/2016 08:30:04 AM) (Source: MsiInstaller)(User: x-PC)
Description: Adobe Acrobat Reader DC{AC76BA86-7AD7-0000-2550-AC0F104E4700}1625(NULL)(NULL)(NULL)
 
Error: (04/27/2016 11:44:10 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
Error: (04/27/2016 11:44:09 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
Error: (04/27/2016 11:32:29 AM) (Source: WinMgmt)(User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\AACLIENT.MFL
 
Error: (04/27/2016 11:32:09 AM) (Source: WinMgmt)(User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF
 
Error: (04/27/2016 08:48:51 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
Error: (04/27/2016 08:48:49 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
Error: (04/27/2016 08:22:45 AM) (Source: Microsoft-Windows-LoadPerf)(User: x-PC)
Description: .NET Data Provider for Oracle2E412
 
Error: (04/27/2016 08:17:20 AM) (Source: WinMgmt)(User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\AACLIENT.MFL
 
 
=========================== Installed Programs ============================
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
HP Deskjet 3050 J610 series Basic Device Software (HKLM\...\{7D220A57-969F-4D09-9297-D48195A8ABDD}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Help (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Deskjet 3050 J610 series Product Improvement Study (HKLM\...\{860B418B-F90B-465A-BC1D-04B518045C72}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Port Royale (HKLM-x32\...\Port Royale_is1) (Version:  - )
Shockwave (HKLM-x32\...\Shockwave) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.20.905 - Zemana Ltd.)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 55%
Total physical RAM: 3966.49 MB
Available physical RAM: 1762.68 MB
Total Virtual: 7931.17 MB
Available Virtual: 5853.68 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:148.67 GB) (Free:112.08 GB) NTFS
2 Drive d: (Port Royale) (CDROM) (Total:0.52 GB) (Free:0 GB) CDFS
 
========================= Users: ========================================
 
User accounts for \\X-PC
 
Administrator            Guest                    UpdatusUser              
x                        
 
 
**** End of log ****


#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:03 AM

Posted 28 May 2016 - 03:56 PM

What issues remain, if any?



#10 coachoflife

coachoflife
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Local time:11:03 AM

Posted 28 May 2016 - 11:44 PM

No issues remain.  Thanks very much for your help.



#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:03 AM

Posted 29 May 2016 - 06:59 AM

I suggest the following in place of adblock.

Alternate DNS Server. Ad Blocking DNS.

Ublock Origin.

Anti Ad Block Killer.

 

Also, keep your browsing private with these tools:

 

Self Destructing Cookies.

Self Destructing Cookies Chrome.

 

 

Some items to keep you safe on the internet.

 

VooDoo Shield. control of what is running on your machine

Qualys BrowserCheck To update plugins.

Web Of Trust  To Avoid  Shady Websites.

Unchecky To Avoid Bundled Software.

Privazer To Clean up your mahcine.

 

 

 

 

Now Lets Clean up the tools we used and remove old restore points.

 

 

 

Download DelFix by "Xplode" to your Desktop.
Right Click the tool and Run as Admin ( Xp Users Double Click)
Put a check mark next the items below:


Remove disinfection tools
Create registry backup
Purge System Restore




Now click on "Run" button.
allow the program to complete its work.
all the tools we used will be removed.
Tool will create and open a log report (DelFix.txt)
Note: The report can be located at the following location C:\DelFix.txt



#12 coachoflife

coachoflife
  • Topic Starter

  • Members
  • 118 posts
  • OFFLINE
  •  
  • Local time:11:03 AM

Posted 29 May 2016 - 07:58 AM

Thanks once again for your help.

 

# DelFix v1.013 - Logfile created 29/05/2016 at 13:55:16
# Updated 17/04/2016 by Xplode
# Username : x - X-PC
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\SecurityCheck
Deleted : C:\RegBackup
Deleted : C:\Users\x\Desktop\AdwCleaner.exe
Deleted : C:\Users\x\Desktop\adwcleaner_5.117.exe
Deleted : C:\Users\x\Desktop\JRT.exe
Deleted : C:\Users\x\Desktop\JRT.txt
Deleted : C:\Users\x\Desktop\MiniToolBox.exe
Deleted : C:\Users\x\Desktop\SecurityCheck.exe
Deleted : C:\Users\x\Desktop\ZHPCleaner.exe
Deleted : C:\Users\x\Desktop\ZHPCleaner.lnk
Deleted : C:\Users\x\Downloads\RogueKiller.exe
 
~ Creating registry backup ... OK
 
~ Cleaning system restore ...
 
Deleted : RP #61 [Windows Update | 05/19/2016 00:45:21]
Deleted : RP #62 [Windows Update | 05/22/2016 16:55:45]
Deleted : RP #63 [Windows Modules Installer | 05/23/2016 06:22:19]
Deleted : RP #64 [JRT Pre-Junkware Removal | 05/24/2016 23:46:51]
Deleted : RP #65 [Windows Update | 05/26/2016 00:06:37]
Deleted : RP #66 [Windows Update | 05/26/2016 02:00:12]
Deleted : RP #67 [Windows Update | 05/29/2016 04:44:19]
 
New restore point created !
 
########## - EOF - ##########


#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:03 AM

Posted 29 May 2016 - 08:05 AM

:guitar:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users