Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus Can't run or uninstall programs


  • Please log in to reply
32 replies to this topic

#1 vimg123

vimg123

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:38 PM

Posted 19 June 2016 - 09:33 PM

Hi, I'm new here for some reason I think I have a virus when I open certain software that I usually use every week it gives me a run-time error and when I try installing programs same thing. Not sure what's going on could someone help me please!!! See screen shot

Edit: Moved topic from Windows 7 to the more appropriate forum. ~ Animal

Attached Files



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:38 PM

Posted 20 June 2016 - 01:06 PM

Adware Cleaner Scan.

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

 

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.
  •  

Adware Removal Tool Scan.

 

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

 

 

LOr0Gd7.png

 

Hit Ok.

 

sYFsqHx.png

 

Hit next make sure to leave all items checked, for removal.

 

8NcZjGc.png

 

 

The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

 

ZHP Scan.

Please download Zhp Cleaner  to your desktop.  Right Click the icon and select run as administrator.

http://ccm.net/download/download-24750-zhpcleaner

 

 

2. Once you have started the program, you will need to click the scanner button.

EgsT69u.png

The program will close all open browsers!

3. Once the scan is completed, the you will want to click the Repair button.

6QJjV50.png

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 Zemana Scan

 

 

Run a full scan with Zemana AntiMalware!

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply



#3 vimg123

vimg123
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:38 PM

Posted 20 June 2016 - 10:17 PM

Thank you so much I am working on this now , I will post logs as soon as I'm done 



#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:38 PM

Posted 20 June 2016 - 10:22 PM

If you have any issues running anything then use Process Close...



#5 vimg123

vimg123
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:38 PM

Posted 20 June 2016 - 10:48 PM

# AdwCleaner v5.200 - Logfile created 20/06/2016 at 22:38:12
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-20.3 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (X86)
# Username : Dr.D.J.Hunt - DRDJHUNT-PC
# Running from : C:\Users\Dr.D.J.Hunt\Desktop\adwcleaner_5.200.exe
# Option : Clean
 
***** [ Services ] *****
 
[-] Service Deleted : WtuSystemSupport
[-] Service Deleted : vToolbarUpdater40.3.1
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\avg web tuneup
[-] Folder Deleted : C:\ProgramData\Avg_Update_0814tb
[-] Folder Deleted : C:\ProgramData\Avg_Update_1215tb
[#] Folder Deleted : C:\ProgramData\Application Data\AVG Secure Search
[#] Folder Deleted : C:\ProgramData\Application Data\avg web tuneup
[#] Folder Deleted : C:\ProgramData\Application Data\Avg_Update_0814tb
[#] Folder Deleted : C:\ProgramData\Application Data\Avg_Update_1215tb
[-] Folder Deleted : C:\Program Files\AVG Security Toolbar
[-] Folder Deleted : C:\Program Files\avg web tuneup
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
[-] Folder Deleted : C:\Users\DRDJ~1.HUN\AppData\Local\Temp\mt_ffx
[-] Folder Deleted : C:\Users\DRDJ~1.HUN\AppData\Local\Temp\APNLogs
[-] Folder Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\PackageAware
[-] Folder Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\avg web tuneup
[-] Folder Deleted : C:\Users\Dr.D.J.Hunt\AppData\LocalLow\AVG Secure Search
[-] Folder Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
[-] Folder Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg
[-] Folder Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp
 
***** [ Files ] *****
 
[-] File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\extensions\Avg@toolbar.xpi
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\searchplugins\avg-secure-search.xml
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\searchplugins\search.xml
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cpngackimfmofbokmjmljamhdncknpmg_0.localstorage
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cpngackimfmofbokmjmljamhdncknpmg_0.localstorage-journal
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage-journal
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_isearch.avg.com_0.localstorage
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_isearch.avg.com_0.localstorage-journal
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isearch.avg.com_0.localstorage
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isearch.avg.com_0.localstorage-journal
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage
[-] File Deleted : C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage-journal
[-] File Deleted : C:\user.js
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : RunAsStdUser Task for VeohWebPlayer
[-] Task Deleted : 1215tbUpdateInfo
[-] Task Deleted : AVG-Secure-Search-Update_JUNE2013_HP_rmv
[-] Task Deleted : AVG-Secure-Search-Update_JUNE2013_TB_rmv
[-] Task Deleted : 1215tbUpdateInfo
[-] Task Deleted : AVG-Secure-Search-Update_JUNE2013_HP_rmv
[-] Task Deleted : AVG-Secure-Search-Update_JUNE2013_TB_rmv
 
***** [ Registry ] *****
 
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\s
[-] Key Deleted : HKLM\SOFTWARE\Classes\ctTOOLBAR.ctToolBarCtrl.4
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[-] Key Deleted : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Cr_Installer
[-] Key Deleted : HKLM\SOFTWARE\bProtector
[-] Key Deleted : HKLM\SOFTWARE\AVG Tuneup
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-1984451733-3029435203-3225966956-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\18.7.0.147");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.comgoogle\\.\\w+yahoo\\.\\w+gmail\\.\\w+hotmail\\.\\w+live\\.\\w+isearch\\.avg\\.commysearch\\.avg\\.com");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("avg.wtu.ext.extParams", "{\"action\":\"extParams\",\"data\":{\"searchParams\":{\"pid\":\"wtu\",\"cid\":\"{e2deef30-49e7-4526-b868-cb42b1239d42}\",\"mid\":\"2007b3af3f8947d0a7eed16f64b698b3-[...]
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("avg.wtu.ext.setting_hp_list", "[{\"name\":\"AVG Secure Search\",\"value\":\"hxxps://mysearch.avg.com\"},{\"name\":\"Google\",\"value\":\"hxxp://www.google.com\"},{\"name\":\"Yahoo\",\"value[...]
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("browser.BabylonToolbar_i.newTab", "");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("browser.BabylonToolbar_i.newTabUrl", "");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("browser.babylon.HPOnNewTab", "");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("browser.search.defaultenginename.US", "AVG Secure Search");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("browser.startup.homepage", "hxxps://mysearch.avg.com?pid=wtu&sg=&cid=%7Be2deef30-49e7-4526-b868-cb42b1239d42%7D&mid=2007b3af3f8947d0a7eed16f64b698b3-9b6b5e3b31a52983f018332674d97aad59a839da[...]
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.aflt", "foxtab");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.autoRvrt", false);
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.cntry", "US");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.dfltLng", "");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.dfltSrch", true);
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.dnsErr", true);
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.envrmnt", "production");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.excTlbr", false);
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.hdrMd5", "D34D9889091D4D6B524B504DDAFE7F97");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.hmpg", true);
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.hmpgUrl", "hxxp://www.searchya.com/?s=0&a=foxtab&chnl=ft-100&cd=2XzuyEtN2Y1L1QzutD0CyCtDyByCyDyEtBtC0BzzzzyBtC0EtN0D0Tzu0CtBtByCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=246542795")[...]
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.id", "0C60765421B8871E");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.instlDay", "15566");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.instlRef", "ft-100");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.isdcmntcmplt", true);
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.lastVrsnTs", "1.5.25.011:9:45");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.mntrFFxVrsn", "11.0");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.mntrvrsn", "1.3.0");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.newTab", true);
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.newTabUrl", "hxxp://www.searchya.com/?s=2&a=foxtab&chnl=ft-100&cd=2XzuyEtN2Y1L1QzutD0CyCtDyByCyDyEtBtC0BzzzzyBtC0EtN0D0Tzu0CtBtByCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=246542795[...]
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.pnu_base", "{\"newVrsn\":\"65\",\"lastVrsn\":\"65\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"true\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.prdct", "searchya");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.prtnrId", "searchya");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.sg", "none");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.smplGrp", "none");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.srchPrvdr", "Search");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.tlbrId", "base");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.tlbrSrchUrl", "hxxp://www.searchya.com/?s=3&a=foxtab&chnl=ft-100&cd=2XzuyEtN2Y1L1QzutD0CyCtDyByCyDyEtBtC0BzzzzyBtC0EtN0D0Tzu0CtBtByCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2465427[...]
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.vrsn", "1.5.25.0");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.vrsnTs", "1.5.25.011:9:45");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya.vrsni", "1.5.25.0");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya_i.newTab", true);
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya_i.smplGrp", "none");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\prefs.js] Deleted : user_pref("extensions.searchya_i.vrsnTs", "1.5.25.011:9:45");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.hmpg", true);
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.hmpgUrl", "hxxp://www.searchya.com/?s=0&a=foxtab&chnl=ft-100&cd=2XzuyEtN2Y1L1QzutD0CyCtDyByCyDyEtBtC0BzzzzyBtC0EtN0D0Tzu0CtBtByCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=246542795")[...]
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.dfltSrch", true);
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.srchPrvdr", "Search");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.dnsErr", true);
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya_i.newTab", true);
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.newTabUrl", "hxxp://www.searchya.com/?s=2&a=foxtab&chnl=ft-100&cd=2XzuyEtN2Y1L1QzutD0CyCtDyByCyDyEtBtC0BzzzzyBtC0EtN0D0Tzu0CtBtByCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=246542795[...]
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.tlbrSrchUrl", "hxxp://www.searchya.com/?s=3&a=foxtab&chnl=ft-100&cd=2XzuyEtN2Y1L1QzutD0CyCtDyByCyDyEtBtC0BzzzzyBtC0EtN0D0Tzu0CtBtByCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2465427[...]
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.id", "0C60765421B8871E");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.instlDay", "15566");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.vrsn", "1.5.25.0");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.vrsni", "1.5.25.0");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya_i.vrsnTs", "1.5.25.011:9:45");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.prtnrId", "searchya");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.prdct", "searchya");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.aflt", "foxtab");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya_i.smplGrp", "none");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.tlbrId", "base");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.instlRef", "ft-100");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.dfltLng", "");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.excTlbr", false);
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.autoRvrt", false);
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.envrmnt", "production");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.isdcmntcmplt", true);
[-] [C:\Users\Dr.D.J.Hunt\AppData\Roaming\Mozilla\Firefox\Profiles\pmuiq9bo.default\user.js] Deleted : user_pref("extensions.searchya.mntrvrsn", "1.3.0");
[-] [C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : cjpglkicenollcignonpgiafdgfeehoj
[-] [C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : cpngackimfmofbokmjmljamhdncknpmg
[-] [C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : elicpjhcidhpjomhibiffojpinpmmpil
[-] [C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jbolfgndggfhhpbnkgnpjkfhinclbigj
[-] [C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lfmhcpmkbdkbgbmkjoiopeeegenkdikp
[-] [C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ndibdjnfmopecpmkdieinmbadjfpblof
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [23040 bytes] - [20/06/2016 22:38:12]
C:\AdwCleaner\AdwCleaner[S1].txt - [22876 bytes] - [20/06/2016 22:33:03]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [23188 bytes] ##########


#6 vimg123

vimg123
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:38 PM

Posted 20 June 2016 - 10:54 PM

The JRT Scan will not run it's giving an error starting 



#7 vimg123

vimg123
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:38 PM

Posted 20 June 2016 - 11:56 PM

[-] Deleted ->> Folder ->> C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\QAPGWAE8\static.dealply.com
[-] Deleted ->> Folder ->> C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\QAPGWAE8\static.dealply.com\flash\dealply_swf_engine.swf
[-] Deleted ->> Folder ->> C:\Users\Dr.D.J.Hunt\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\QAPGWAE8\static.dealply.com
[-] Deleted ->> Folder ->> C:\Users\Dr.D.J.Hunt\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\QAPGWAE8\static.dealply.com\flash\dealply_swf_engine.swf
[-] Repaired ->> File ->> C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Preferences


#8 vimg123

vimg123
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:38 PM

Posted 21 June 2016 - 01:16 AM

~ ZHPCleaner v2016.6.18.75 by Nicolas Coolman (2016/06/18)
~ Run by Dr.D.J.Hunt (Administrator)  (21/06/2016 01:09:00)
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Dr.D.J.Hunt\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Dr.D.J.Hunt\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601)
 
 
---\\  Services (0)
~ No malicious or unnecessary items found.
 
 
---\\  Browser internet (1)
DELETED: [pmuiq9bo.default] - user_pref("avg.wtu.ext.dnsWhiteList", "toolbarhome.com,avg.com");  =>Trojan.Vonteera
 
 
---\\  Hosts file (1)
~ The hosts file is legitimate (21)
 
 
---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.
 
 
---\\  Explorer ( File, Folder) (36)
MOVED file: C:\Users\Dr.D.J.Hunt\Downloads\100898_wpmu-dev-dashboard-3.4.6.zip    =>PUP.Optional.WpManager
MOVED file: C:\Users\Dr.D.J.Hunt\Downloads\100898_wpmu-dev-dashboard-3.4.8.zip    =>PUP.Optional.WpManager
MOVED file: C:\Users\Dr.D.J.Hunt\Downloads\ACFrOgDd-oe1JtA0WQbKMT9-ikA0V5YK2f4Fb5tddrf9i0AuGvDxVA299LZga8K0CHupPWcwKR9RuSlCan_HkBc_z15SwgoW3Lw7SWxTqrVm_JBEzqrZdJFcMDJ96jo=.pdf    =>PUP.Optional.Bang5mai
MOVED file: C:\Users\Dr.D.J.Hunt\Downloads\ACFrOgDd-oe1JtA0WQbKMT9-ikA0V5YK2f4Fb5tddrf9i0AuGvDxVA299LZga8K0CHupPWcwKR9RuSlCan_HkBc_z15SwgoW3Lw7SWxTqrVm_JBEzqrZdJFcMDJ96jo_.docx    =>PUP.Optional.Bang5mai
MOVED file: C:\Users\Dr.D.J.Hunt\Downloads\Flyer__Loose_As_A_Goose_by_TheSpinxSage.rar    =>.Superfluous.MaxStart
MOVED file: C:\Users\Dr.D.J.Hunt\Downloads\https---pdlvimeocdn-a.akamaihd.net-01248-600-226426659.mp4-token2=1423398993_7f61a40fa2bff6bd21f57bc39d5ae476&aksessionid=8aa4ff833548c2f1.mp4    =>.Superfluous.AkamaiHD
MOVED file: C:\Users\Dr.D.J.Hunt\Downloads\~$FrOgDd-oe1JtA0WQbKMT9-ikA0V5YK2f4Fb5tddrf9i0AuGvDxVA299LZga8K0CHupPWcwKR9RuSlCan_HkBc_z15SwgoW3Lw7SWxTqrVm_JBEzqrZdJFcMDJ96jo_.docx    =>PUP.Optional.Bang5mai
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage    =>.Superfluous.CloudfrontNet
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage-journal    =>.Superfluous.CloudfrontNet
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d23716qn9q7omq.cloudfront.net_0.localstorage    =>.Superfluous.CloudfrontNet
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d23716qn9q7omq.cloudfront.net_0.localstorage-journal    =>.Superfluous.CloudfrontNet
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d3l3lkinz3f56t.cloudfront.net_0.localstorage    =>.Superfluous.CloudfrontNet
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d3l3lkinz3f56t.cloudfront.net_0.localstorage-journal    =>.Superfluous.CloudfrontNet
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_premium.wpmudev.org_0.localstorage    =>PUP.Optional.WpManager
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_premium.wpmudev.org_0.localstorage-journal    =>PUP.Optional.WpManager
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage    =>PUP.Optional.Generic
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal    =>PUP.Optional.Generic
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d2m2wsoho8qq12.cloudfront.net_0.localstorage    =>.Superfluous.CloudfrontNet
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d2m2wsoho8qq12.cloudfront.net_0.localstorage-journal    =>.Superfluous.CloudfrontNet
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_visalus.com_0.localstorage    =>PUP.Optional.Salus
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_visalus.com_0.localstorage-journal    =>PUP.Optional.Salus
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_wpmu.org_0.localstorage    =>PUP.Optional.WpManager
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_wpmu.org_0.localstorage-journal    =>PUP.Optional.WpManager
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.similarsites.com_0.localstorage    =>PUP.Optional.SimilarSites
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.similarsites.com_0.localstorage-journal    =>PUP.Optional.SimilarSites
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.supertorch.com_0.localstorage    =>.Superfluous.Torch
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.supertorch.com_0.localstorage-journal    =>.Superfluous.Torch
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Temp\AskSLib.dll [Ask.com - AskIC Dynamic Link Library]  =>Toolbar.Ask
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Temp\installChecker.exe [Ask.com - Install Checker]  =>Toolbar.Ask
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Temp\Savings SidekickInstaller_1347470532.log    =>PUP.Optional.GamePlayLabs
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Temp\Savings SidekickUninstaller_1347476340.log    =>PUP.Optional.GamePlayLabs
MOVED file: C:\Users\Dr.D.J.Hunt\AppData\Local\Temp\tmpnb5tly28789014.cert    =>PUP.Optional.Bang5mai
MOVED folder: C:\Program Files\QuickTime  =>Riskware.QuickTime
MOVED folder: C:\Users\Dr.D.J.Hunt\AppData\Local\Google\Chrome\User Data\Default\File System\008  =>PUP.Optional.DomaIQ
MOVED folder: C:\Windows\Installer\MSI2046.tmp-  =>Empty
MOVED folder: C:\Windows\Installer\MSI2E5B.tmp-  =>Empty
 
 
---\\  Registry ( Key, Value, Data) (5)
DELETED key*: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160} []  =>PUP.Optional.CrossRider
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160} []  =>PUP.Optional.CrossRider
DELETED key*: HKLM\SOFTWARE\Classes\CLSID\{206DAA08-0036-11D5-80D8-0050DA5F08E3} [Groove WebBrowserView2]  =>PUP.Optional.CrossRider
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.]  =>Heuristic.Suspect
DELETED key: HKLM\SOFTWARE\Classes\CLSID\{206DAA08-0036-11D5-80D8-0050DA5F08E3}\InprocServer32 [C:\PROGRA~1\MICROS~4\Office12\GRF080~1.DLL]  =>PUP.Optional.CrossRider
 
 
---\\  Summary of the elements found (16)
http://www.nicolascoolman.fr/?p=173  =>PUP.Optional.WpManager
http://www.nicolascoolman.fr/?p=5145  =>.Superfluous.AkamaiHD
http://www.nicolascoolman.fr/?p=5145  =>.Superfluous.CloudfrontNet
http://www.nicolascoolman.fr/?p=583  =>PUP.Optional.SimilarSites
http://www.nicolascoolman.fr/?p=710  =>PUP.Optional.GamePlayLabs
http://www.nicolascoolman.fr/?p=679  =>PUP.Optional.DomaIQ
 
 
---\\  Other deletions. (8)
~ Registry Keys Tracing deleted (8)
~ Remove the old reports ZHPCleaner. (0)
 
 
---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)
 
 
---\\ Statistics
~ Items scanned : 1161
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 42
 
 
~ End of clean in 00h01mn03s
~====================
ZHPCleaner-[R]-21062016-01_10_03.txt
ZHPCleaner-[S]-21062016-01_06_54.txt


#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:38 PM

Posted 21 June 2016 - 06:29 AM

Zemana Anti-malware Scan?



#10 vimg123

vimg123
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:38 PM

Posted 21 June 2016 - 06:33 AM

Zemana AntiMalware 2.21.2.15 (Portable)
 
-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2016/6/21
Operating System       : Windows 7 32-bit
Processor              : 2X AMD Athlon™ X2 Dual Core Processor L310
BIOS Mode              : Legacy
CUID                   : 125CCADE90ECBE8B7A7264
Scan Type              : Deep Scan
Duration               : 46m 8s
Scanned Objects        : 386791
Detected Objects       : 7
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : Enabled
Detect All Extensions  : Disabled
Scan Documents         : Disabled
Domain Info            : WORKGROUP,0,2
 
Detected Objects
-------------------------------------------------------
 
Search Helper Extension
Status             : Scanned
Object             : %programfiles%\microsoft\search enhancement pack\search helper\firefoxextension\searchhelperextension
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : PUA.FirefoxExt!Gr
Cleaning Action    : Repair
Related Objects    :
                Browser Extension - Search Helper Extension
 
Bing Bar
Status             : Scanned
Object             : %programfiles%\msn toolbar\platform\5.0.1423.0\firefox
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : PUA.FirefoxExt!Gr
Cleaning Action    : Repair
Related Objects    :
                Browser Extension - Bing Bar
 
OrbitDownloaderSetup.exe
Status             : Scanned
Object             : %userprofile%\downloads\orbitdownloadersetup.exe
MD5                : 49055A8FFADE6718EA6C917779761C0D
Publisher          : KORAM GAMES LIMITED
Size               : 5498816
Version            : 4.1.1.19
Detection          : Malware:Win32/Quarand!Aacr
Cleaning Action    : Quarantine
Related Objects    :
                File - %userprofile%\downloads\orbitdownloadersetup.exe
 
PDFEditor.exe
Status             : Scanned
Object             : %homedrive%\users\dr.derek j.hunt\appdata\local\xenocode\sandbox\expert pdf editor\6.2.0.0\2010.04.21t04.25\virtual\stubexe\8.0.1135\@programfiles@\visagesoft\expert pdf 6\pdfeditor.exe
MD5                : DF04A7ADF5E0AE68854174D2303DE442
Publisher          : -
Size               : 17408
Version            : -
Detection          : Malware:Win32/Hellium.A!Ralk
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\users\dr.derek j.hunt\appdata\local\xenocode\sandbox\expert pdf editor\6.2.0.0\2010.04.21t04.25\virtual\stubexe\8.0.1135\@programfiles@\visagesoft\expert pdf 6\pdfeditor.exe
 
installChecker.exe
Status             : Scanned
Object             : %appdata%\zhp\quarantine\installchecker.exe
MD5                : 8F9B5F4F87207BE1CF810DDC95124F92
Publisher          : Ask.com
Size               : 248664
Version            : 1.5.0.0
Detection          : Adware:Win32/AskBrowserHijack!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %appdata%\zhp\quarantine\installchecker.exe
 
AskSLib.dll
Status             : Scanned
Object             : %appdata%\zhp\quarantine\askslib.dll
MD5                : 197215658B8015182192E1EBCA3BBCC3
Publisher          : Ask.com
Size               : 246440
Version            : 5.1.1.0
Detection          : Adware:Win32/AskBrowserHijack!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %appdata%\zhp\quarantine\askslib.dll
 
VideoConverter.ToolbarInstaller.exe
Status             : Scanned
Object             : %programfiles%\freemake\freemake video converter\freemakevideoconverter\toolbars\videoconverter.toolbarinstaller.exe
MD5                : F7503CE3905B2D38483E0C207E23BCB5
Publisher          : -
Size               : 92672
Version            : 1.0.0.0
Detection          : Adware:Win32/BrowserHijack.Gen
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\freemake\freemake video converter\freemakevideoconverter\toolbars\videoconverter.toolbarinstaller.exe
 
 
Cleaning Result
-------------------------------------------------------
Cleaned               : 7
Reported as safe      : 0
Failed                : 0


#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:38 PM

Posted 21 June 2016 - 06:40 AM

Malwarebytes Scan.

 

We need you to run MalwareBytes to get a log, please download the free version of MalwareBytes HERE

http://data-cdn.mbamupdates.com/web/mbam-setup-2.2.0.1024.exe  Alternate Link.

Save the file to somewhere you can easily find it. Double click the saved file to start the install, accept any security warnings that may appear, and after the install click the new desktop icon to start the program. We need to modify a couple of things with MalwareBytes before we use it so please follow the steps below.

  1. If the dashboard is not already displayed select it.
  2. Then select "Update Now" to get the latest database.

VSKiiIc.jpg

  1. Next we need to change a scanning option, select "Settings" on the main menu, then "Detection and Protection" on the left.
  2. Then select "Scan for rootkits" in the detection options, as well as the other two options already checked.

ZU4W2g2.jpg

  • Now return to Dashboard on the main menu and select "Scan Now" at the bottom of the screen.

nF8dOcq.jpg

  • Allow MalwareBytes to scan your system, it may take some time depending on what you have loaded onto your hard drive.

L8lsasM.jpg

When the scan is finished

  1. Click "Save Results"
  2. Then click on "Text file"

5x4JOvA.jpg

  • A window will then open allowing you to choose a name for the logfile and also allowing you to choose where to save it, save it to the desktop.
  • Please copy and paste the contents of this file in your next post.

 

 

Eset Online Scanner.

 

Eset Scan

Click Me To Download Eset Scan

Disable your antivirus prior to this scan.
 
 esetonlinebtn.png
 

  •  Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

 

Minitoolbox scan.

 

 

Please download Minitoolbox and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

Security Check Scan.

 

Download Security Check to your desktop, right click it run as administrator. When the program completes, the tool will automatically open a log file, please post that log here in your next post.



#12 vimg123

vimg123
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:38 PM

Posted 21 June 2016 - 03:09 PM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 6/21/2016
Scan Time: 9:00 AM
Logfile: scan.txt
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.06.21.04
Rootkit Database: v2016.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Dr.D.J.Hunt
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 477673
Time Elapsed: 3 hr, 35 min, 37 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:38 PM

Posted 21 June 2016 - 03:13 PM

Ok, continue on with all of the scans, and let me know what issues remain when you have completed them all. :) 



#14 vimg123

vimg123
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:38 PM

Posted 21 June 2016 - 09:48 PM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Dr.D.J.Hunt (administrator) on 21-06-2016 at 21:42:47
Running from "C:\Users\Dr.D.J.Hunt\Desktop"
Microsoft Windows 7 Ultimate  Service Pack 1 (X86)
Model: Aspire 5534 Manufacturer: Acer
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Atheros AR5B93 Wireless Network Adapter = Wireless Network Connection (Connected)
Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection" nexthop=192.168.0.20 publish=Yes
add address name="Local Area Connection" address=192.168.0.100 mask=255.255.255.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : DrDJHunt-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : T-mobile.com
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 0A-60-76-54-21-B8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : T-mobile.com
   Description . . . . . . . . . . . : Atheros AR5B93 Wireless Network Adapter
   Physical Address. . . . . . . . . : 0C-60-76-54-21-B8
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::ddae:296e:9ccd:7cc9%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.29.200(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, June 20, 2016 10:41:33 PM
   Lease Expires . . . . . . . . . . : Wednesday, June 22, 2016 6:21:30 PM
   Default Gateway . . . . . . . . . : 192.168.29.1
   DHCP Server . . . . . . . . . . . : 192.168.29.1
   DHCPv6 IAID . . . . . . . . . . . : 218914934
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-FE-B7-86-00-26-22-52-71-40
   DNS Servers . . . . . . . . . . . : 192.168.29.1
   Primary WINS Server . . . . . . . : 192.168.29.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
   Physical Address. . . . . . . . . : 00-26-22-52-71-40
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.T-mobile.com:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : T-mobile.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 28:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{797B7DF1-AD04-4B2F-A441-DA61A40BB07C}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  cellspot.router
Address:  192.168.29.1
 
Name:    google.com
Addresses:  2607:f8b0:4005:806::200e
 216.58.194.110
 
 
Pinging google.com [216.58.194.110] with 32 bytes of data:
Reply from 216.58.194.110: bytes=32 time=35ms TTL=52
Reply from 216.58.194.110: bytes=32 time=30ms TTL=52
 
Ping statistics for 216.58.194.110:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 30ms, Maximum = 35ms, Average = 32ms
Server:  cellspot.router
Address:  192.168.29.1
 
Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
 2001:4998:c:a06::2:4008
 2001:4998:44:204::a7
 98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=78ms TTL=43
Reply from 98.139.183.24: bytes=32 time=71ms TTL=43
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 71ms, Maximum = 78ms, Average = 74ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...0a 60 76 54 21 b8 ......Microsoft Virtual WiFi Miniport Adapter
 11...0c 60 76 54 21 b8 ......Atheros AR5B93 Wireless Network Adapter
 10...00 26 22 52 71 40 ......Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
  1...........................Software Loopback Interface 1
 43...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 38...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 45...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     192.168.29.1   192.168.29.200     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
     192.168.29.0    255.255.255.0         On-link    192.168.29.200    281
   192.168.29.200  255.255.255.255         On-link    192.168.29.200    281
   192.168.29.255  255.255.255.255         On-link    192.168.29.200    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link    192.168.29.200    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link    192.168.29.200    281
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0     192.168.0.20  Default 
===========================================================================
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    281 fe80::/64                On-link
 11    281 fe80::ddae:296e:9ccd:7cc9/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 47 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 48 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (06/21/2016 09:40:24 PM) (Source: Application Error) (User: )
Description: Faulting application name: esetonlinescanner_enu.exe, version: 2.0.8.0, time stamp: 0x573dab40
Faulting module name: esetonlinescanner_enu.exe, version: 2.0.8.0, time stamp: 0x573dab40
Exception code: 0xc0000005
Fault offset: 0x00056f56
Faulting process id: 0x148c
Faulting application start time: 0xesetonlinescanner_enu.exe0
Faulting application path: esetonlinescanner_enu.exe1
Faulting module path: esetonlinescanner_enu.exe2
Report Id: esetonlinescanner_enu.exe3
 
Error: (06/21/2016 02:49:47 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (06/21/2016 02:48:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/20/2016 10:09:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: atibtmon.exe, version: 2.0.0.0, time stamp: 0x4a04ab6c
Faulting module name: atioglxx.dll_unloaded, version: 0.0.0.0, time stamp: 0x4a8a0dde
Exception code: 0xc0000005
Fault offset: 0x69830910
Faulting process id: 0x1490
Faulting application start time: 0xatibtmon.exe0
Faulting application path: atibtmon.exe1
Faulting module path: atibtmon.exe2
Report Id: atibtmon.exe3
 
Error: (06/20/2016 10:09:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 46474866
 
Error: (06/20/2016 10:09:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 46474866
 
Error: (06/20/2016 10:09:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/20/2016 09:14:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4851
 
Error: (06/20/2016 09:14:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4851
 
Error: (06/20/2016 09:14:32 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (06/21/2016 07:16:46 AM) (Source: atikmdag) (User: )
Description: Display is not active
 
Error: (06/21/2016 07:16:44 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (06/21/2016 06:35:29 AM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (06/21/2016 06:35:29 AM) (Source: Service Control Manager) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (06/21/2016 06:35:29 AM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (06/21/2016 06:35:29 AM) (Source: Service Control Manager) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (06/21/2016 06:35:29 AM) (Source: Service Control Manager) (User: )
Description: The SAS Core Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (06/21/2016 06:34:17 AM) (Source: Service Control Manager) (User: )
Description: The FABS - Helping agent for MAGIX media database service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/21/2016 06:34:17 AM) (Source: Service Control Manager) (User: )
Description: The Web Deployment Agent Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/21/2016 06:34:17 AM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (05/13/2016 11:21:27 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 158436 seconds with 480 seconds of active time.  This session ended with a crash.
 
Error: (05/12/2016 12:23:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 519118 seconds with 8700 seconds of active time.  This session ended with a crash.
 
Error: (08/21/2015 10:06:53 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4343 seconds with 3300 seconds of active time.  This session ended with a crash.
 
Error: (07/29/2015 11:56:28 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 427516 seconds with 660 seconds of active time.  This session ended with a crash.
 
Error: (05/30/2014 04:03:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1237 seconds with 1200 seconds of active time.  This session ended with a crash.
 
Error: (03/23/2014 08:28:45 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 60 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (11/10/2013 07:32:24 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 44003 seconds with 960 seconds of active time.  This session ended with a crash.
 
Error: (10/06/2013 10:36:38 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 3491 seconds with 1380 seconds of active time.  This session ended with a crash.
 
Error: (06/15/2013 07:46:06 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 76925 seconds with 1080 seconds of active time.  This session ended with a crash.
 
Error: (11/13/2012 06:24:40 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 37160 seconds with 900 seconds of active time.  This session ended with a crash.
 
 
=========================== Installed Programs ============================
 
Accordance (HKLM\...\{9B088535-6E1D-480E-A5F1-510E1DE6B572}_is1) (Version: 11.0 - Oaktree Software, Inc.)
Adobe Flash Media Live Encoder 3.2 (HKLM\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Reader 9.5.2 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Audacity 2.0 (HKLM\...\Audacity_is1) (Version:  - Audacity Team)
Avast Free Antivirus (HKLM\...\avast) (Version: 11.2.2262 - AVAST Software)
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.3.1.831 - AVG Technologies)
BibleWorks 7 (HKLM\...\{942E0955-C67C-474C-8D4E-63C23E93C13A}) (Version: 1.00.000 - BibleWorks)
Bing Bar (HKLM\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 5.0.1363.0 - Microsoft Corporation)
Bing Bar Platform (HKLM\...\{E21DA178-9FB0-4F91-B79C-5A6DDEEBFB8D}) (Version: 5.0.1423.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-9970CDW (HKLM\...\{979742CC-2CBB-49D8-9BEE-C2F7875F5393}) (Version: 1.1.5.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-J470DW (HKLM\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
CameraHelperMsi (HKLM\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.50.854.0 - Logitech) Hidden
Cisco WebEx Meetings (HKCU\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
CSS3 Menu (HKLM\...\CSS3 Menu_is1) (Version:  - )
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version:  - )
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.)
EPSON NX125 NX127 Series Printer Uninstall (HKLM\...\EPSON NX125 NX127 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Projector USB-Virtual COM Driver (HKLM\...\{B08C7F49-95C2-11D6-89F2-0040B4115999}) (Version:  - )
erLT (HKLM\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Excellerate 4.1.23 Free (HKLM\...\{79EE4204-418F-49F8-9772-AA3979484123}) (Version: 4.1.23 - Micro System Design)
FastImageResizer (remove only) (HKLM\...\FastImageResizer) (Version:  - )
FileZilla Client 3.9.0.6 (HKLM\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Freemake Video Converter version 4.0.1 (HKLM\...\Freemake Video Converter_is1) (Version: 4.0.1 - Ellora Assets Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
Gyazo 3.2.2 (HKLM\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
iCloud (HKLM\...\{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}) (Version: 1.1.0.40 - Apple Inc.)
IIS 7.5 Express (HKLM\...\{3A30B5F5-F12C-490F-8CD4-D200C75DF7E8}) (Version: 7.5.1190 - Microsoft Corporation)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
iTunes (HKLM\...\{2C741651-87E0-4479-9703-6DD0D7988B84}) (Version: 12.3.2.35 - Apple Inc.)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.1.60.19 - Oracle, Inc.) Hidden
Jing (HKLM\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation)
join.me (HKCU\...\JoinMe) (Version: 1.20.0.125 - LogMeIn, Inc.)
Kodi (HKCU\...\Kodi) (Version:  - XBMC-Foundation)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.31 - Logitech Inc.)
Logos Bible Software (HKLM\...\{48C362A3-70B9-4FC3-984C-F40B395BF7BC}) (Version: 6.112.44 - Faithlife Corporation)
LWS Facebook (HKLM\...\{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}) (Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (HKLM\...\{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}) (Version: 13.50.854.0 - Logitech) Hidden
LWS Help_main (HKLM\...\{1651216E-E7AD-4250-92A1-FB8ED61391C9}) (Version: 13.50.862.0 - Logitech) Hidden
LWS Launcher (HKLM\...\{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}) (Version: 13.50.859.0 - Logitech) Hidden
LWS Motion Detection (HKLM\...\{71E66D3F-A009-44AB-8784-75E2819BA4BA}) (Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (HKLM\...\{08610298-29AE-445B-B37D-EFBE05802967}) (Version: 13.50.861.0 - Logitech) Hidden
LWS Twitter (HKLM\...\{174A3B31-4C43-43DD-866F-73C9DB887B48}) (Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (HKLM\...\{EED027B7-0DB6-404B-8F45-6DFEE34A0441}) (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (HKLM\...\{8937D274-C281-42E4-8CDB-A0B2DF979189}) (Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (HKLM\...\{9DAEA76B-E50F-4272-A595-0124E826553D}) (Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (HKLM\...\{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}) (Version: 13.31.1038.0 - Logitech) Hidden
Lyrics Plugin for Windows Media Player (HKLM\...\{43002AE2-4093-49E0-A03D-990EE184C568}) (Version: 0.4 - Lyrics Plugin)
Macromedia Shockwave Player (HKLM\...\Macromedia Shockwave Player) (Version:  - )
MAGIX Movie Edit Pro 2013 (HKLM\...\{853D3F6B-20A6-4164-B261-8A80B4EB5683}) (Version: 12.0.0.32 - MAGIX AG) Hidden
MAGIX Movie Edit Pro 2013 (HKLM\...\MAGIX_{853D3F6B-20A6-4164-B261-8A80B4EB5683}) (Version: 12.0.0.32 - MAGIX AG)
MAGIX Screenshare (HKLM\...\{078E1552-E06E-4D8B-A04A-E7FF487B732E}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM\...\{96B611E2-153B-4E37-87C1-A9C35A49AD44}) (Version: 7.0.1.27 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM\...\MAGIX_{96B611E2-153B-4E37-87C1-A9C35A49AD44}) (Version: 7.0.1.27 - MAGIX AG)
MAGIX Video Sound Cleaning Lab Download Version (HKLM\...\{B71D5BC4-18EB-473A-9304-0BD67346A0BC}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video Sound Cleaning Lab Download Version (HKLM\...\MAGIX_MSI_Videoton_Cleaning_Lab) (Version: 1.0.0.0 - MAGIX AG)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Converter 4.02 Standard (HKLM\...\Media Converter) (Version: 4.02 Standard - Sermon Share)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Access 2002 Runtime (HKLM\...\{901C0409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages 2 (HKLM\...\{ea76c490-c7cd-461a-93f2-e664d3e0d997}) (Version: 2.0.20505.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 (HKLM\...\Microsoft Report Viewer Redistributable 2008) (Version:  - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{185292F7-7C0A-4F72-B2CC-CBEBD40B050E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{83C7F964-AC58-4104-B613-B4D0F61DA8CD}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{CD920828-2B95-49A4-8BFD-1D34BCBF5A27}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 ENU CTP1 (HKLM\...\{973805E6-9CDB-43F8-A14E-2161532B56A7}) (Version: 4.0.8854.1 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 Scripting Tools ENU CTP1 (HKLM\...\{82284382-30E3-4DED-980B-746278DA6CC2}) (Version: 4.0.8854.1 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 Web Tools ENU (HKLM\...\{A51500FE-6408-4305-B071-B961F691A4CE}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{15D2101C-B306-4451-A23D-3A299B695481}) (Version: 3.1236.1516 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E9986555-6AE8-4BB3-B025-F3111C1587C3}) (Version: 4.0.1586 - Microsoft Corporation)
Movie Maker (HKLM\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Mp3tag v2.52 (HKLM\...\Mp3tag) (Version: v2.52 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MySQL Connector Net 6.4.4 (HKLM\...\{2DDC7E93-29AB-4260-A9DB-697F7FA88157}) (Version: 6.4.4 - Oracle)
MySQL Server 5.1 (HKLM\...\{8BEC4440-FE49-4C5B-8F47-6A0EBE0179D1}) (Version: 5.1.57 - Oracle Corporation)
Nuance PaperPort 12 (HKLM\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
OpenOffice.org 3.3 (HKLM\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
PaperPort Image Printer (HKLM\...\{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}) (Version: 14.00.0000 - Nuance Communications, Inc.)
Photo Common (HKLM\...\{DD7C5FC1-DCA5-487A-AF23-658B1C00243F}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (HKLM\...\{0F929651-F516-4956-90F2-FFBD2CD5D30E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (HKLM\...\{89C7E0A7-4D9D-4DCC-8834-A9A2B92D7EBB}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
proDAD Adorage 2.0 (HKLM\...\proDAD-Adorage-2.0) (Version: 3.0.93mv13 - proDAD GmbH)
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Safari (HKLM\...\{A08BAD08-9AA3-410F-98F3-C92C8EE37218}) (Version: 5.34.54.16 - Apple Inc.)
SafeZone Stable 1.48.2066.101 (HKLM\...\SafeZone 1.48.2066.101) (Version: 1.48.2066.101 - Avast Software) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.10.22.gf87988f9 - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
TekniaGreek (HKLM\...\TekniaGreek) (Version:  - )
Total Access Memo (HKLM\...\Total Access Memo) (Version:  - )
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WORDsearch 10 (HKLM\...\{79FA6372-38F7-4059-B059-A4EB4A68CC87}) (Version: 10 - WORDsearch Corp) Hidden
WORDsearch 10 (HKLM\...\WORDsearch 10) (Version:  - LifeWay)
WORDsearch 11 (HKLM\...\{BEAA412A-1C39-40B3-8535-C8C3121917D2}) (Version: 11 - WORDsearch Corp) Hidden
WORDsearch 11 (HKLM\...\WORDsearch 11) (Version:  - LifeWay)
WORDsearch 7  Basic Edition (HKLM\...\{FB433B8B-FAB5-4170-BC91-181BA85BD181}) (Version: 7.1 - WORDsearch Corp) Hidden
WORDsearch 7  Basic Edition (HKLM\...\WORDsearch 7  Basic Edition) (Version:  - WORDsearch Corp)
Workspace Desktop (HKCU\...\workspacedesktop) (Version:  - Starfield Technologies)
Yawcam 0.4.1 (HKLM\...\{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1) (Version:  - )
 
========================= Devices: ================================
 
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid: 
Manufacturer: 
Service: 
Device ID: USBSTOR\OTHER&VEN_WD&PROD_SES_DEVICE&REV_1004\57584131414235504B535838&1
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 66%
Total physical RAM: 3580.05 MB
Available physical RAM: 1204.62 MB
Total Virtual: 7158.39 MB
Available Virtual: 4852.52 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:223.02 GB) (Free:4.57 GB) NTFS
3 Drive e: (My Passport) (Fixed) (Total:931.48 GB) (Free:369.07 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\DRDJHUNT-PC
 
Administrator            Dr.D.J.Hunt              Guest                    
 
 
**** End of log ****


#15 vimg123

vimg123
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:05:38 PM

Posted 21 June 2016 - 11:36 PM

Security Check Scan. is not working 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users