Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think i got infected via eMail.


  • Please log in to reply
28 replies to this topic

#1 arrak

arrak

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 07 June 2016 - 12:25 AM

Hello there,

 

Thank you for taking your precious time to help me out.

 

Last week there is someone contact me via facebook said that they interested in buying our product and asking for my email address.

We communicate for 2-3 days and he send me the PDF file mentioned it as his company portfolio.

 

I do click his website and open the said PDF, after that i never here from him again.

 

I used to think that PDF can not contain a virus but after doing some google search, i think PDF can possibly carry a virus.

 

So, it is kind of obvious that this contact person want me to open his website and a PDF file.

 

"I am using Windows Home 7 Basic"

 

Thank you.!

 

(i did load malwarebyte and run a log but i did not fix anything, just run and read the log)

 

Kong


Edited by arrak, 07 June 2016 - 04:20 AM.


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 PM

Posted 07 June 2016 - 08:05 PM

Adware Cleaner Scan.

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

 

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.
  •  

Adware Removal Tool Scan.

 

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

 

 

LOr0Gd7.png

 

Hit Ok.

 

sYFsqHx.png

 

Hit next make sure to leave all items checked, for removal.

 

8NcZjGc.png

 

 

The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

 

ZHP Scan.

Please download Zhp Cleaner  to your desktop.  Right Click the icon and select run as administrator.

 http://nicolascoolman.com/download/zhpcleaner

 

 

2. Once you have started the program, you will need to click the scanner button.

EgsT69u.png

The program will close all open browsers!

3. Once the scan is completed, the you will want to click the Repair button.

6QJjV50.png

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 Zemana Scan

 

 

Run a full scan with Zemana AntiMalware!

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply



#3 arrak

arrak
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 08 June 2016 - 01:54 AM

# AdwCleaner v5.119 - Logfile created 08/06/2016 at 13:49:00
# Updated 30/05/2016 by Xplode
# Database : 2016-06-07.1 [Server]
# Operating system : Windows 7 Home Basic Service Pack 1 (X64)
# Username : dell - DELL-PC
# Running from : C:\Users\dell\Desktop\adwcleaner_5.119.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : WtuSystemSupport
[-] Service Deleted : vToolbarUpdater40.3.1

***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\Babylon
[-] Folder Deleted : C:\ProgramData\Tarma Installer
[-] Folder Deleted : C:\ProgramData\avg web tuneup
[-] Folder Deleted : C:\ProgramData\Avg_Update_0516tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_0814tb
[#] Folder Deleted : C:\ProgramData\Application Data\AVG Secure Search
[#] Folder Deleted : C:\ProgramData\Application Data\Babylon
[#] Folder Deleted : C:\ProgramData\Application Data\Tarma Installer
[#] Folder Deleted : C:\ProgramData\Application Data\avg web tuneup
[#] Folder Deleted : C:\ProgramData\Application Data\Avg_Update_0516tb
[#] Folder Deleted : C:\ProgramData\Application Data\Avg_Update_0814tb
[-] Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
[-] Folder Deleted : C:\Program Files (x86)\avg web tuneup
[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder Deleted : C:\Users\dell\AppData\Local\avg web tuneup
[-] Folder Deleted : C:\Users\dell\AppData\LocalLow\AVG Secure Search
[-] Folder Deleted : C:\Users\dell\AppData\Roaming\Babylon
[-] Folder Deleted : C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search

***** [ Files ] *****

[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : AVG-Secure-Search-Update_JUNE2013_HP_rmv
[-] Task Deleted : AVG-Secure-Search-Update_JUNE2013_TB_rmv
[-] Task Deleted : AVG-Secure-Search-Update_JUNE2013_HP_rmv
[-] Task Deleted : AVG-Secure-Search-Update_JUNE2013_TB_rmv

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\s
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
[-] Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Key Deleted : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[-] Key Deleted : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\PIP
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKCU\Software\delta
[-] Key Deleted : HKLM\SOFTWARE\Babylon
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKLM\SOFTWARE\AVG Tuneup
[-] Key Deleted : HKLM\SOFTWARE\delta
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\delta
[-] Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-2290262075-583357166-4039447969-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bearshare.com
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

***** [ Web browsers ] *****

[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("browser.search.selectedEngine", "Delta Search");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.admin", false);
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.aflt", "babsst");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.autoRvrt", "false");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.dfltLng", "en");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.excTlbr", false);
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.id", "6c2317f1000000000000c01885bf7c8e");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.instlDay", "15837");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.instlRef", "sst");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.newTab", false);
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.prdct", "delta");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.prtnrId", "delta");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.rvrt", "false");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.smplGrp", "none");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.tlbrId", "base");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.vrsn", "1.8.16.16");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.vrsnTs", "1.8.16.1622:28:25");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js] Deleted : user_pref("extensions.delta.vrsni", "1.8.16.16");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.id", "6c2317f1000000000000c01885bf7c8e");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.instlDay", "15837");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.vrsn", "1.8.16.16");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.vrsni", "1.8.16.16");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.vrsnTs", "1.8.16.1622:28:25");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.prtnrId", "delta");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.prdct", "delta");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.aflt", "babsst");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.smplGrp", "none");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.tlbrId", "base");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.instlRef", "sst");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.dfltLng", "en");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.excTlbr", false);
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.admin", false);
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.autoRvrt", "false");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.rvrt", "false");
[-] [C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js] Deleted : user_pref("extensions.delta.newTab", false);
[-] [C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : chfdnecihphmhljaaejmgoiahnihplgn

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [15661 bytes] - [08/06/2016 13:49:00]
C:\AdwCleaner\AdwCleaner[S1].txt - [15864 bytes] - [08/06/2016 13:42:02]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [15809 bytes] ##########
 



#4 arrak

arrak
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 08 June 2016 - 02:03 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Home Basic x64
Ran by dell (Administrator) on 08-Jun-16 at 14:00:36.44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 62

Successfully deleted: C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\user.js (File)
Successfully deleted: C:\Windows\system32\Tasks\PCDEventLauncherTask (Task)
Successfully deleted: C:\Windows\system32\Tasks\PCDoctorBackgroundMonitorTask (Task)
Successfully deleted: C:\Program Files (x86)\delta (Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\008VQPAD (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12C3WBZW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\552QE5D0 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6ZA6FJ02 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\76ZS0KML (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\83B06F9Z (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8CRAQDMV (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9B8VBW2Z (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9NLV8Y18 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AL9K09HF (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BF50GWBN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C1LBARM3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CQF153MW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EUKMZHKH (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IKZXFXZB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J4F9IE5K (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JC2JZGUZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LM95J3RC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M2TQ5VUM (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N1B7ZA9R (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OC4GFTLB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PCCZQ7IX (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QBDSL279 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RU5C10W8 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S982Z4EQ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHFYFCDM (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X0E4B20B (Temporary Internet Files Folder)
Successfully deleted: C:\Users\dell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X5FP8KS4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\008VQPAD (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12C3WBZW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\552QE5D0 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6ZA6FJ02 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\76ZS0KML (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\83B06F9Z (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8CRAQDMV (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9B8VBW2Z (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9NLV8Y18 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AL9K09HF (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BF50GWBN (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C1LBARM3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CQF153MW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EUKMZHKH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IKZXFXZB (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J4F9IE5K (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JC2JZGUZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LM95J3RC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M2TQ5VUM (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N1B7ZA9R (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OC4GFTLB (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PCCZQ7IX (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QBDSL279 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RU5C10W8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S982Z4EQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHFYFCDM (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X0E4B20B (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X5FP8KS4 (Temporary Internet Files Folder)

Deleted the following from C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js
user_pref(extensions.delta.vrsni, 1.8.16.16);
user_pref(extensions.ffxtlbr@delta.com.install-event-fired, true);



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08-Jun-16 at 14:03:11.66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#5 arrak

arrak
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 08 June 2016 - 02:12 AM

[-] Repaired ->> File ->> C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\prefs.js
[-] Repaired ->> File ->> C:\Users\dell\AppData\Roaming\Mozilla\Firefox\Profiles\k724lk6q.default\search-metadata.json
 



#6 arrak

arrak
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 08 June 2016 - 02:27 AM

~ ZHPCleaner v2016.6.6.72 by Nicolas Coolman (2016/06/06)
~ Run by dell (Administrator)  (08/06/2016 14:21:57)
~ Site : http://www.nicolascoolman.com
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\dell\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\dell\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Basic, 64-bit Service Pack 1 (Build 7601)


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (0)
~ No malicious or unnecessary items found.


---\\  Hosts file (1)
~ The hosts file is legitimate (21)


---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\  Explorer ( File, Folder) (7)
MOVED file: C:\Windows\Temp\GURE455.exe    =>Heuristic.Suspect
MOVED file: C:\Windows\System32\ssm1mci.exe [SS - SSCoInstExe]  =>.Superfluous.SwiftSearch
MOVED file: C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage    =>.Superfluous.CloudfrontNet
MOVED file: C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage-journal    =>.Superfluous.CloudfrontNet
MOVED file: C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage    =>PUP.Optional.Generic
MOVED file: C:\Users\dell\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal    =>PUP.Optional.Generic
MOVED folder: C:\Program Files (x86)\QuickTime  =>Riskware.QuickTime


---\\  Registry ( Key, Value, Data) (3)
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\soundcloud.com [931]  =>PUP.Optional.SoundCloud
DELETED key*: [X64] HKLM\SOFTWARE\Classes\d [escrtAx Object]  =>PUP.Optional.Generic
DELETED value: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task ["C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime]  =>Riskware.QuickTime


---\\  Summary of the elements found (6)








---\\  Other deletions. (37)
~ Registry Keys Tracing deleted (37)
~ Remove the old reports ZHPCleaner. (0)


---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 511
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 10


~ End of clean in 00h00mn10s
~====================
ZHPCleaner-[R]-08062016-14_22_07.txt
ZHPCleaner-[S]-08062016-14_19_20.txt
 



#7 arrak

arrak
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 08 June 2016 - 03:24 AM

Zemana AntiMalware 2.20.2.911 (Installed)

-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2016-6-8
Operating System       : Windows 7 64-bit
Processor              : 4X Intel® Core™ i5-3210M CPU @ 2.50GHz
BIOS Mode              : Legacy
CUID                   : 12F0251F18E725728ACF74
Scan Type              : Deep Scan
Duration               : 22m 44s
Scanned Objects        : 195373
Detected Objects       : 13
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : Enabled
Detect All Extensions  : Disabled
Scan Documents         : Disabled
Domain Info            : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Internet Explorer Search
Status             : Scanned
Object             : GamesGoFree - http://home.gamesgofree.com
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Internet Explorer Search

Firefox Search
Status             : Scanned
Object             : GamesGoFree - http://home.gamesgofree.com
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Firefox Search

Firefox Search
Status             : Scanned
Object             : เธเธเธเธฒเธเธธเธเธฃเธก เธฅเธญเธเธ”เธน - http://dict.longdo.org
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Firefox Search

Firefox Search
Status             : Scanned
Object             : เธเธเธเธฒเธเธธเธเธฃเธก เธฅเธญเธเธ”เธน - http://search.longdo.com
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Firefox Search

Firefox Search
Status             : Scanned
Object             : GamesGoFree - http://home.gamesgofree.com
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Firefox Search

ICReinstall_CR_Downloader_for_samurai-shodown.exe
Status             : Scanned
Object             : %temp%\icreinstall_cr_downloader_for_samurai-shodown.exe
MD5                : 876807BE730B2BBBB52A94DBD08F452A
Publisher          : eCHANG Net Inc.
Size               : 893120
Version            : 0.0.0.0
Detection          : Adware:Win32/eCHANG!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %temp%\icreinstall_cr_downloader_for_samurai-shodown.exe

OCSetupHlp.dll
Status             : Scanned
Object             : %temp%\hyd7ca7.tmp.1440686497\hta\3rdparty\ocsetuphlp.dll
MD5                : 083807DA406DC4B67F3555BBFA397E37
Publisher          : OpenCandy
Size               : 856048
Version            : 2.0.0.353
Detection          : Adware:Win32/OpenCandy!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %temp%\hyd7ca7.tmp.1440686497\hta\3rdparty\ocsetuphlp.dll

OCComSDK.dll
Status             : Scanned
Object             : %temp%\hyd7ca7.tmp.1440686497\hta\3rdparty\occomsdk.dll
MD5                : 3AE76492B3AFFC0E4337D2D4F79E8BA1
Publisher          : OpenCandy
Size               : 195056
Version            : 1.0.0.1
Detection          : Adware:Win32/OpenCandy!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %temp%\hyd7ca7.tmp.1440686497\hta\3rdparty\occomsdk.dll

WINZIPSSSystemCleaner.exe
Status             : Scanned
Object             : %programw6432%\winzip\utils\wzsysscan\winzipsssystemcleaner.exe
MD5                : A4635F5FE8BC9D86366A3153B1345C43
Publisher          : WinZip Computing
Size               : 1439048
Version            : 1.0.648.10781
Detection          : Scareware:Win32/FakeOptimizer
Cleaning Action    : Quarantine
Related Objects    :
                File - %programw6432%\winzip\utils\wzsysscan\winzipsssystemcleaner.exe

WINZIPSS.exe
Status             : Scanned
Object             : %programw6432%\winzip\utils\wzsysscan\winzipss.exe
MD5                : 4DBAF3F124243B8A0B0145B190EB8AF3
Publisher          : WinZip Computing
Size               : 4568392
Version            : 1.0.648.10781
Detection          : Scareware:Win32/FakeOptimizer
Cleaning Action    : Quarantine
Related Objects    :
                File - %programw6432%\winzip\utils\wzsysscan\winzipss.exe

WINZIPSSRegClean.exe
Status             : Scanned
Object             : %programw6432%\winzip\utils\wzsysscan\winzipssregclean.exe
MD5                : 7EA646F513B135CD74EAA15444C9F28C
Publisher          : WinZip Computing
Size               : 1056072
Version            : 1.0.648.10781
Detection          : Scareware:Win32/FakeOptimizer
Cleaning Action    : Quarantine
Related Objects    :
                File - %programw6432%\winzip\utils\wzsysscan\winzipssregclean.exe

WINZIPSSPrivacyProtector.exe
Status             : Scanned
Object             : %programw6432%\winzip\utils\wzsysscan\winzipssprivacyprotector.exe
MD5                : 5B93B13F808E4B05A38A3498D9C9B6D4
Publisher          : WinZip Computing
Size               : 1544008
Version            : 1.0.648.10781
Detection          : Scareware:Win32/FakeOptimizer
Cleaning Action    : Quarantine
Related Objects    :
                File - %programw6432%\winzip\utils\wzsysscan\winzipssprivacyprotector.exe

HyperTheme.exe
Status             : Scanned
Object             : %homedrive%\hyperspin\hypertheme.exe
MD5                : DC9DDABD4084997CD13D0921426D9126
Publisher          : -
Size               : 719872
Version            : 1.1.5.0
Detection          : Malware:Win32/Bundpill.A!Iter
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\hyperspin\hypertheme.exe
 


I hope i did every thing correct



#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 PM

Posted 08 June 2016 - 04:24 PM

Malwarebytes Scan.

 

We need you to run MalwareBytes to get a log, please download the free version of MalwareBytes HERE

http://data-cdn.mbamupdates.com/web/mbam-setup-2.2.0.1024.exe  Alternate Link.

Save the file to somewhere you can easily find it. Double click the saved file to start the install, accept any security warnings that may appear, and after the install click the new desktop icon to start the program. We need to modify a couple of things with MalwareBytes before we use it so please follow the steps below.

  1. If the dashboard is not already displayed select it.
  2. Then select "Update Now" to get the latest database.

VSKiiIc.jpg

  1. Next we need to change a scanning option, select "Settings" on the main menu, then "Detection and Protection" on the left.
  2. Then select "Scan for rootkits" in the detection options, as well as the other two options already checked.

ZU4W2g2.jpg

  • Now return to Dashboard on the main menu and select "Scan Now" at the bottom of the screen.

nF8dOcq.jpg

  • Allow MalwareBytes to scan your system, it may take some time depending on what you have loaded onto your hard drive.

L8lsasM.jpg

When the scan is finished

  1. Click "Save Results"
  2. Then click on "Text file"

5x4JOvA.jpg

  • A window will then open allowing you to choose a name for the logfile and also allowing you to choose where to save it, save it to the desktop.
  • Please copy and paste the contents of this file in your next post.

 

 

Eset Online Scanner.

 

Eset Scan

Click Me To Download Eset Scan

Disable your antivirus prior to this scan.
 
 esetonlinebtn.png
 

  •  Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

 

Minitoolbox scan.

 

 

Please download Minitoolbox and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

Security Check Scan.

 

Download Security Check to your desktop, right click it run as administrator. When the program completes, the tool will automatically open a log file, please post that log here in your next post.


Edited by InadequateInfirmity, 08 June 2016 - 04:25 PM.


#9 arrak

arrak
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 09 June 2016 - 03:52 AM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 09-Jun-16
Scan Time: 15:12
Logfile: anitmalware.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.06.09.01
Rootkit Database: v2016.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: dell

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 329666
Time Elapsed: 35 min, 40 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 5
PUP.Optional.InstallCore, C:\Users\dell\AppData\Local\Temp\ICReinstall_CR_Downloader_for_samurai-shodown.exe, , [d70e17e3f3a6e551114f34f5a95802fe],
PUP.Optional.OpenCandy, C:\Users\dell\AppData\Local\Temp\HYD7CA7.tmp.1440686497\HTA\3rdparty\OCComSDK.dll, , [796cf8028811c07612243712ca3a57a9],
PUP.Optional.OpenCandy, C:\Users\dell\AppData\Local\Temp\HYD7CA7.tmp.1440686497\HTA\3rdparty\OCSetupHlp.dll, , [885dfbfffa9f96a0cba0710442c23cc4],
PUP.Optional.IntroKeygen, C:\Users\dell\Desktop\Social Media อ นัฐ\AAA.Logo.2010.v3.10.FULL_SeasonDL.rar, , [05e0dc1e9504a78f6b9c2014ab59926e],
PUP.Optional.WinYahoo, C:\Users\dell\AppData\LocalLow\Microsoft\Internet Explorer\Services\WinYahoo.ico, , [ac39f307dcbd122497eec4bc41c2926e],

Physical Sectors: 0
(No malicious items detected)


(end)



#10 arrak

arrak
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 09 June 2016 - 05:42 AM

eSet scan is taking too, i can not finish it now will post log again tomorrow.

 

Thank you~



#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 PM

Posted 09 June 2016 - 05:48 PM

Ok, let me know when you can. :) 



#12 arrak

arrak
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 11 June 2016 - 03:08 AM

After Running Online verion of eSet, it said no threat were found, and only option i can click is "Finish" then close application (X mark on top right)



#13 arrak

arrak
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 11 June 2016 - 03:21 AM

MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by dell (administrator) on 11-06-2016 at 15:11:57
Running from "C:\Users\dell\Downloads"
Microsoft Windows 7 Home Basic  Service Pack 1 (X64)
Model: Inspiron 5520 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Dell Wireless 1704 802.11b/g/n (2.4GHz) = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Broadcom Virtual Wireless Adapter = Local Area Connection 2 (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?2. subinterface=ethernet_12 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : dell-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : C0-18-85-BF-7C-8E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom Virtual Wireless Adapter
   Physical Address. . . . . . . . . : C2-18-85-BF-FC-8D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Dell Wireless 1704 802.11b/g/n (2.4GHz)
   Physical Address. . . . . . . . . : C0-18-85-BF-7C-8D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8cde:36bb:5a55:a6b9%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.36(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, June 11, 2016 1:36:03 PM
   Lease Expires . . . . . . . . . . : Sunday, June 12, 2016 1:36:03 PM
   Default Gateway . . . . . . . . . : fe80::1%12
                                       192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 230692997
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-57-D3-6F-D4-BE-D9-34-21-F8
   DNS Servers . . . . . . . . . . . : fe80::1%12
                                       192.168.1.1
   Primary WINS Server . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : D4-BE-D9-34-21-F8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{DA2DC3D0-65CF-47A0-8A62-407CA6D741EA}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A335B42A-A77C-4B7F-B5FE-A1A0D696F04E}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F38E8B27-FD6E-4FE9-95F6-D3FFD9FAF94F}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E4CCDB18-73D0-4A94-8B89-22CB8D02C88C}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  fe80::1

Name:    google.com
Addresses:  2404:6800:4001:808::200e
      172.217.25.14


Pinging google.com [172.217.25.14] with 32 bytes of data:
Reply from 172.217.25.14: bytes=32 time=1229ms TTL=52
Reply from 172.217.25.14: bytes=32 time=64ms TTL=52

Ping statistics for 172.217.25.14:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 64ms, Maximum = 1229ms, Average = 646ms
Server:  UnKnown
Address:  fe80::1

Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
      2001:4998:c:a06::2:4008
      2001:4998:44:204::a7
      98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=369ms TTL=43
Reply from 206.190.36.45: bytes=32 time=276ms TTL=43

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 276ms, Maximum = 369ms, Average = 322ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...c0 18 85 bf 7c 8e ......Bluetooth Device (Personal Area Network)
 14...c2 18 85 bf fc 8d ......Broadcom Virtual Wireless Adapter
 12...c0 18 85 bf 7c 8d ......Dell Wireless 1704 802.11b/g/n (2.4GHz)
 11...d4 be d9 34 21 f8 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.36     30
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.36    286
     192.168.1.36  255.255.255.255         On-link      192.168.1.36    286
    192.168.1.255  255.255.255.255         On-link      192.168.1.36    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.36    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.36    286
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12    286 ::/0                     fe80::1
  1    306 ::1/128                  On-link
 12    286 fe80::/64                On-link
 12    286 fe80::8cde:36bb:5a55:a6b9/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/11/2016 01:36:00 PM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (06/09/2016 08:20:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15506

Error: (06/09/2016 08:20:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15506

Error: (06/09/2016 08:20:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/08/2016 01:53:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/08/2016 01:39:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: prevhost.exe, version: 6.1.7601.17562, time stamp: 0x4d5dee89
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0x4484
Faulting application start time: 0xprevhost.exe0
Faulting application path: prevhost.exe1
Faulting module path: prevhost.exe2
Report Id: prevhost.exe3

Error: (06/08/2016 10:21:47 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (06/08/2016 01:14:13 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1123

Error: (06/08/2016 01:14:13 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1123

Error: (06/08/2016 01:14:13 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (06/11/2016 01:40:06 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (06/11/2016 01:40:06 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\dell\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (06/11/2016 01:40:05 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (06/11/2016 01:40:05 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\dell\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (06/11/2016 01:40:05 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (06/11/2016 01:40:05 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\dell\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (06/11/2016 01:40:05 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (06/11/2016 01:40:05 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\dell\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (06/11/2016 01:40:04 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275

Error: (06/11/2016 01:40:04 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\dell\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.


Microsoft Office Sessions:
=========================
Error: (06/11/2016 01:36:00 PM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (06/09/2016 08:20:13 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15506

Error: (06/09/2016 08:20:13 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15506

Error: (06/09/2016 08:20:13 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/08/2016 01:53:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/08/2016 01:39:41 PM) (Source: Application Error)(User: )
Description: prevhost.exe6.1.7601.175624d5dee89ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c3448401d1a9c62f8bfd33C:\Windows\SysWOW64\prevhost.exeC:\Windows\SysWOW64\ntdll.dllc6cc4f51-2d43-11e6-880f-c01885bf7c8e

Error: (06/08/2016 10:21:47 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (06/08/2016 01:14:13 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1123

Error: (06/08/2016 01:14:13 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1123

Error: (06/08/2016 01:14:13 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2016-06-08 14:51:26.543
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-08 14:51:26.527
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-06 10:50:41.863
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-06 10:50:41.847
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-06 10:50:41.832
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-06 10:50:41.812
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-06 10:50:41.589
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-06 10:50:41.530
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-06 10:50:41.488
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-06 10:50:41.471
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
7-Zip 15.14 (HKLM-x32\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.4.402.287 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.8.800.168 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.16) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
AMD Catalyst Install Manager (HKLM\...\{7ED590E8-636E-EBAF-70C7-6795361F8049}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.1.831 - AVG Technologies)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CD  Organizer (HKLM-x32\...\CD  Organizer) (Version:  - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.53.0 - OEM) Hidden
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.29.0 - Conexant)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.4822 - CyberLink Corp.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.8.0 - Dell Inc.) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{AFC08A81-D3C5-46F4-8F08-876E4BA606EA}) (Version: 1.7.4502.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Stage (HKLM-x32\...\{0F99CA59-7CB4-4167-A43A-4B1D5E584281}) (Version: 1.6.301.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6793.01 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{3ED468C2-2235-4747-90AD-A7A34F0FE70A}) (Version: 1.2.2.8 - Dell)
Dell Touchpad (HKLM\...\Elantech) (Version: 10.3.0.49 - ELAN Microelectronic Corp.)
Dell VideoStage  (HKLM-x32\...\{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.) Hidden
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Dropbox (HKLM-x32\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.27.35 - Dropbox, Inc.) Hidden
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.20.55.31 - Dell Inc.)
eFinSmartPortal (HKLM-x32\...\{F72305F6-87C5-4BC2-A43D-4017A380CDEB}) (Version: 4.4.0 - Online Asset Co.,Ltd)
EmulationStation (HKLM-x32\...\EmulationStation) (Version:  - )
Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000004}) (Version: 11.0.0 - Adobe Systems Incorporated)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
GlassWire 1.1 (remove only) (HKLM-x32\...\GlassWire 1.1) (Version: 1.1.32 - SecureMix LLC)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.1.47.5133 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
High-Definition Video Playback (HKLM-x32\...\{237CCB62-8454-43E3-B158-3ACD0134852E}) (Version: 7.3.10000.0.0 - Nero AG) Hidden
iCloud (HKLM\...\{2AAF09D5-4B3F-4975-B6A9-ECE2631FC942}) (Version: 4.0.5.20 - Apple Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3090 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java™ 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.350 - Oracle)
LINE (HKLM-x32\...\LINE) (Version: 4.0.3.369 - LINE Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 11.6.518 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F112F66E-25CA-42DD-983C-6118EB38F606}) (Version: 3.0.89.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Outlook 2010 (HKLM-x32\...\Office14.OUTLOOK) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 th) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 th)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5997 - Mozilla)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PowerXpressHybrid (HKLM-x32\...\{51FDC2DE-0917-46B7-EAEC-5377504701DE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
PX Profile Update (HKLM-x32\...\{8FECAD13-D225-9B4A-20E4-3982F2E8F495}) (Version: 1.00.1. - AMD) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.14.010 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.39019 - Realtek Semiconductor Corp.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.06.10 - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.05.29.00 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.45.00 - Samsung Electronics Co., Ltd.)
Samsung SCX-3400 Series (HKLM-x32\...\Samsung SCX-3400 Series) (Version: 1.20 (12/4/2013) - Samsung Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Smart Portal - 1  (HKCU\...\242b1a3144bd2d4f) (Version: 5.3.0.2 - Online Asset)
Smart Portal (HKCU\...\93a62adfe565e6ff) (Version: 4.7.1.3 - Online Asset)
SyncUP (HKLM-x32\...\{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}) (Version: 1.12.11100.9.104 - Nero AG) Hidden
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.16100 - Nero AG)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
Tenorshare iPhone 4S Data Recovery  (HKLM-x32\...\Tenorshare iPhone 4S Data Recovery) (Version:  - Tenorshare, Inc.)
View User's Guide (HKLM-x32\...\View User Guide) (Version: 3.60.02.0 - )
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240ED}) (Version: 19.5.11532 - WinZip Computing, S.L. )
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.20.911 - Zemana Ltd.)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 8094.36 MB
Available physical RAM: 4925.67 MB
Total Virtual: 16186.9 MB
Available Virtual: 12542.17 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:920.79 GB) (Free:829.1 GB) NTFS
2 Drive d: (14023138) (CDROM) (Total:0.06 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\DELL-PC

Administrator            dell                     Guest                    


**** End of log ****
 



#14 arrak

arrak
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  

Posted 11 June 2016 - 03:40 AM

SecurityCheck by glax24 & Severnyj v.1.4.0.40 [21.05.16]
WebSite: www.safezone.cc
DateLog: 11.06.2016 15:39:57
Path starting: C:\Users\dell\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: dell
VersionXML: 3.05is-10.06.2016
___________________________________________________________________________

Windows 7(6.1.7601) Service Pack 1 (x64) HomeBasic Lang: English(0409)
Installation date OS: 24.10.2012 08:38:43
LicenseStatus: Windows® 7, HomeBasic edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
SystemDrive: C: FS: [NTFS] Capacity: [920.8 Gb] Used: [91.9 Gb] Free: [828.9 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 9.0.8112.16421 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control disabled
The elevation prompt for administrators disabled
^It is recommended to enable: Win+R typing UserAccountControlSettings and Enter^
Automatic Updates disabled (-1)
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2010 x86 v.14.0.4763.1000
---------------------------- [ Antivirus_WMI ] ----------------------------
McAfee Anti-Virus and Anti-Spyware (enabled)
---------------------------- [ Firewall_WMI ] -----------------------------
McAfee Firewall
--------------------------- [ AntiSpyware_WMI ] ---------------------------
McAfee Anti-Virus and Anti-Spyware (enabled)
Windows Defender (disabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
GlassWire 1.1 (remove only) v.1.1.32
McAfee SecurityCenter v.11.6.518
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
Zemana AntiMalware v.2.20.911
--------------------------- [ OtherUtilities ] ----------------------------
7-Zip 15.14 v.15.14 Warning! Download Update
Uninstall old version and install new one.
Picasa 3 v.3.9.141.259 Warning! This software is no longer supported.
TeamViewer 9 v.9.0.41110 Warning! Download Update
TeamViewer 9 (TeamViewer9) - The service is running
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.8 v.7.8.102 Warning! Download Update
^Optional update.^
--------------------------------- [ P2P ] ---------------------------------
µTorrent v.3.4.4.40911 Warning! P2P-client.
-------------------------------- [ Java ] ---------------------------------
Java™ 6 Update 35 v.6.0.350 Warning! This software is no longer supported. Please uninstall it and use Java SE 8.
--------------------------- [ AppleProduction ] ---------------------------
iTunes v.12.0.1.26 Warning! Download Update
^Please use Apple Software Update tool.^
Bonjour v.3.0.0.10 Warning! Download Update
^Please use Apple Software Update tool.^
QuickTime 7 v.7.76.80.95 Warning! This software is no longer supported. Please uninstall it and use another software.
Bonjour Service (Bonjour Service) - The service is running
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 11 ActiveX v.11.4.402.287 Warning! Download Update
Adobe Flash Player 11 Plugin v.11.8.800.168 Warning! Download Update
Adobe Reader XI (11.0.16) v.11.0.16
------------------------------- [ Browser ] -------------------------------
Google Chrome v.51.0.2704.84
Mozilla Firefox 47.0 (x86 th) v.47.0
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Mozilla Firefox\firefox.exe v.47.0.0.5997
------------------ [ AntivirusFirewallProcessServices ] -------------------
GlassWire Control Service (GlassWire) - The service is running
C:\Program Files (x86)\GlassWire\GWCtlSrv.exe v.1.1.32.0
McAfee Validation Trust Protection Service (mfevtp) - The service is running
C:\Windows\System32\mfevtps.exe
McAfee McShield (McShield) - The service is running
C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe v.15.1.0.520
McAfee Firewall Core Service (mfefire) - The service is running
C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe v.15.1.0.595
McAfee Personal Firewall Service (McMPFSvc) - The service is running
C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe v.2.6.259.0
McAfee Scanner (McODS) - The service has stopped
McAfee VirusScan Announcer (McNaiAnn) - The service is running
McAfee OOBE Service (McOobeSv) - The service has stopped
McAfee Proxy Service (McProxy) - The service is running
Windows Defender (WinDefend) - The service has stopped
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.0.0.0.0
---------------------------- [ UnwantedApps ] -----------------------------
Skype Click to Call v.8.0.0.9103 Warning! Browser's toolbar. It can slow down the working of your browser and have violation privacy problems.
----------------------------- [ End of Log ] ------------------------------
 



#15 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:18 PM

Posted 11 June 2016 - 03:17 PM

Ccleaner To disable Useless Startups.

 

Go ahead and install ccleaner Now that you have the program installed go ahead and run the cleaner function.

CCleaner - Free Download - Piriform
kwLN4uv.png

Now that you have cleaned out some temp files, lets go ahead and disable all of the items starting up with your machine except your antivirus. To do this you will need to click on tools then start up then under the Windows Tab select each item then disable. Also under the scheduled task tab, you are safe to disable all task. Only disable items under the windows tab and scheduled task tab!

GjWwvEu.png

Now that you have disabled those un-needed start ups lets go into the settings, we will have Ccleaner run when your machine boots, so that you will never have to worry about cleaning temp files again.

To do this:

 

  • Hit options.
  • Settings.
  • Place a tick to run Ccleaner when the computer starts.

Lxioao1.png

Now go to the advanced tab, and select close program after cleaning, now run the cleaner again this will close Ccleaner.

SnqZ2JW.png

Reboot the machine after.

 

Remove these with D-Uninstaller.

 

 

AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.1.831 - AVG Technologies)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.8.0 - Dell Inc.) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{AFC08A81-D3C5-46F4-8F08-876E4BA606EA}) (Version: 1.7.4502.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Stage (HKLM-x32\...\{0F99CA59-7CB4-4167-A43A-4B1D5E584281}) (Version: 1.6.301.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6793.01 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{3ED468C2-2235-4747-90AD-A7A34F0FE70A}) (Version: 1.2.2.8 - Dell)
Dell VideoStage  (HKLM-x32\...\{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.) Hidden
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Java™ 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.350 - Oracle)

 

Make sure and update the programs suggested by Security Check, then tell  me how things are. :)

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users