Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet keeps disconnecting and reconnecting


  • Please log in to reply
37 replies to this topic

#1 Aequalis

Aequalis

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 17 July 2016 - 07:38 PM

So, I got a new internet service provider a few week ago, now I am having issues with my internet. What happens is every random minutes or so, my internet for my pc, keeps disconnecting me from the internet then a few seconds later, it connects me again. This is very annoying when I am gaming, if anyone could help me please! I want to get this problem over with. I already tried deleting my network adapter and that didn't do anything, and I also restarted my router, which didn't do anything either. I connect to my internet with an Ethernet cable (wired), this doesn't seem to be happening to the wifi and I don't notice any lights from router/modem.



BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,111 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:17 AM

Posted 18 July 2016 - 09:47 AM

I would uninstall the ethernet/NIC driver and then reboot and reinstall same...the current installed driver may be damaged.

 

Have you contacted your ISP, since you seem to indicate that troubles began with the change?

 

Louis


Edited by hamluis, 18 July 2016 - 09:48 AM.


#3 Aequalis

Aequalis
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 18 July 2016 - 07:50 PM

I would uninstall the ethernet/NIC driver and then reboot and reinstall same...the current installed driver may be damaged.

 

Have you contacted your ISP, since you seem to indicate that troubles began with the change?

 

Louis

Well, I uninstalled my network adapter and updated it to a new version, it still seems to be happening, but less. I already contacted my ISP, and they gave me a new router/modem, but that didn't fix the problem.



#4 hamluis

hamluis

    Moderator


  • Moderator
  • 56,111 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:17 AM

Posted 19 July 2016 - 08:08 AM

1.  Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
2.  Please download and install Speccy to provide us with information about your computer.  Clicking on this link will automatically initiate the download.  
 
When Speccy opens you will see a screen similar to the one below.
 
speccy9_zps2d9cdedc.png
 
Click on File which is outlined in red in the screen above, and then click on Publish Snapshot.
 
The following screen will appear, click on Yes.
 
speccy7_zpsfa02105f.png
 
The following screen will appear, click on Copy to Clipboard.
 
speccy3_zps1791b093.png
 
In your next post right click inside the Reply to Topic box, then click on Paste.  This will load a link to the Speccy log.
 
Louis


#5 Aequalis

Aequalis
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 19 July 2016 - 11:25 AM

========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/18/2016 08:46:56 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "urn:schemas-microsoft-com:asm.v1^file1".Error in manifest or policy file "urn:schemas-microsoft-com:asm.v1^file2" on line urn:schemas-microsoft-com:asm.v1^file3.
The value "F:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dll" of attribute "name" in element "urn:schemas-microsoft-com:asm.v1^file" is invalid.
 
Error: (07/16/2016 08:32:49 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "urn:schemas-microsoft-com:asm.v1^file1".Error in manifest or policy file "urn:schemas-microsoft-com:asm.v1^file2" on line urn:schemas-microsoft-com:asm.v1^file3.
The value "F:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dll" of attribute "name" in element "urn:schemas-microsoft-com:asm.v1^file" is invalid.
 
Error: (07/15/2016 09:16:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: mbam.exe, version: 2.3.173.0, time stamp: 0x56e065b4
Faulting module name: iertutil.dll, version: 11.0.9600.17801, time stamp: 0x55367506
Exception code: 0xc0000005
Fault offset: 0x00106685
Faulting process id: 0x184
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (07/14/2016 02:21:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "urn:schemas-microsoft-com:asm.v1^file1".Error in manifest or policy file "urn:schemas-microsoft-com:asm.v1^file2" on line urn:schemas-microsoft-com:asm.v1^file3.
The value "F:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dll" of attribute "name" in element "urn:schemas-microsoft-com:asm.v1^file" is invalid.
 
Error: (07/12/2016 09:12:33 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "urn:schemas-microsoft-com:asm.v1^file1".Error in manifest or policy file "urn:schemas-microsoft-com:asm.v1^file2" on line urn:schemas-microsoft-com:asm.v1^file3.
The value "F:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dll" of attribute "name" in element "urn:schemas-microsoft-com:asm.v1^file" is invalid.
 
Error: (07/11/2016 12:07:46 PM) (Source: RasClient) (User: )
Description: CoId={E73888CA-3030-4B01-9E20-95B7FAF195DB}: The user AEQUALIS\johnny dialed a connection named VPN Connection which has failed. The error code returned on failure is 0.
 
Error: (07/11/2016 12:02:59 PM) (Source: RasClient) (User: )
Description: CoId={B6892471-C4D6-435C-BEC9-1820D5ECF217}: The user AEQUALIS\johnny dialed a connection named VPN Connection which has failed. The error code returned on failure is 691.
 
Error: (07/11/2016 11:58:42 AM) (Source: RasClient) (User: )
Description: CoId={38CC6A4B-BD6C-426C-A76E-8A13A4CE3629}: The user AEQUALIS\johnny dialed a connection named VPN Connection which has failed. The error code returned on failure is 0.
 
Error: (07/11/2016 11:54:15 AM) (Source: RasClient) (User: )
Description: CoId={5C54FE03-D07B-4B4E-A52C-D912A4CB711B}: The user AEQUALIS\johnny dialed a connection named VPN Connection which has failed. The error code returned on failure is 691.
 
Error: (07/11/2016 11:53:55 AM) (Source: RasClient) (User: )
Description: CoId={30361A26-0F0A-49C8-9BAA-29F3786088C3}: The user AEQUALIS\johnny dialed a connection named VPN Connection which has failed. The error code returned on failure is 691.
 
System errors:
=============
Error: (07/19/2016 08:55:33 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147014847 = The requested address is not valid in its context.
 
Error: (07/19/2016 08:52:02 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147014847 = The requested address is not valid in its context.
 
Error: (07/11/2016 12:11:36 PM) (Source: Service Control Manager) (User: )
Description: The OpenVPN Manager Service service has reported an invalid current state 0.
 
Error: (07/11/2016 12:11:36 PM) (Source: Service Control Manager) (User: )
Description: The OpenVPN Manager Service service has reported an invalid current state 0.
 
Error: (07/11/2016 12:09:49 PM) (Source: Service Control Manager) (User: )
Description: The OpenVPN Manager Service service has reported an invalid current state 0.
 
Error: (07/11/2016 12:09:47 PM) (Source: Service Control Manager) (User: )
Description: The OpenVPN Manager Service service has reported an invalid current state 0.
 
Error: (07/11/2016 12:06:38 PM) (Source: Service Control Manager) (User: )
Description: The OpenVPN Manager Service service has reported an invalid current state 0.
 
Error: (07/11/2016 12:06:36 PM) (Source: Service Control Manager) (User: )
Description: The OpenVPN Manager Service service has reported an invalid current state 0.
 
Error: (07/11/2016 12:03:13 PM) (Source: RasSstp) (User: )
Description: CoId={E73888CA-3030-4B01-9E20-95B7FAF195DB}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again.
An existing connection was forcibly closed by the remote host.
 
Error: (07/11/2016 12:01:29 PM) (Source: RasSstp) (User: )
Description: CoId={B6892471-C4D6-435C-BEC9-1820D5ECF217}:The initial Secure Socket Tunneling Protocol request could not be successfully sent to the server. This can be due to network connectivity issues or certificate (trust) issues. The detailed error message is provided below. Correct the problem and try again.
 An existing connection was forcibly closed by the remote host.
 
Microsoft Office Sessions:
=========================
Error: (07/18/2016 08:46:56 AM) (Source: SideBySide)(User: )
Description: urn:schemas-microsoft-com:asm.v1^filenameF:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dllc:\program files (x86)\Razer\razer cortex\StreamingServicesAPI.dll.Manifestc:\program files (x86)\Razer\razer cortex\StreamingServicesAPI.dll.Manifest2
 
Error: (07/16/2016 08:32:49 AM) (Source: SideBySide)(User: )
Description: urn:schemas-microsoft-com:asm.v1^filenameF:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dllc:\program files (x86)\Razer\razer cortex\StreamingServicesAPI.dll.Manifestc:\program files (x86)\Razer\razer cortex\StreamingServicesAPI.dll.Manifest2
 
Error: (07/15/2016 09:16:12 PM) (Source: Application Error)(User: )
Description: mbam.exe2.3.173.056e065b4iertutil.dll11.0.9600.1780155367506c00000050010668518401d1df18ad120023C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Windows\syswow64\iertutil.dll074cbec6-4b0c-11e6-8333-d485649fcb95
 
Error: (07/14/2016 02:21:12 PM) (Source: SideBySide)(User: )
Description: urn:schemas-microsoft-com:asm.v1^filenameF:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dllc:\program files (x86)\Razer\razer cortex\StreamingServicesAPI.dll.Manifestc:\program files (x86)\Razer\razer cortex\StreamingServicesAPI.dll.Manifest2
 
Error: (07/12/2016 09:12:33 AM) (Source: SideBySide)(User: )
Description: urn:schemas-microsoft-com:asm.v1^filenameF:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dllc:\program files (x86)\Razer\razer cortex\StreamingServicesAPI.dll.Manifestc:\program files (x86)\Razer\razer cortex\StreamingServicesAPI.dll.Manifest2
 
Error: (07/11/2016 12:07:46 PM) (Source: RasClient)(User: )
Description: {E73888CA-3030-4B01-9E20-95B7FAF195DB}AEQUALIS\johnnyVPN Connection0
 
Error: (07/11/2016 12:02:59 PM) (Source: RasClient)(User: )
Description: {B6892471-C4D6-435C-BEC9-1820D5ECF217}AEQUALIS\johnnyVPN Connection691
 
Error: (07/11/2016 11:58:42 AM) (Source: RasClient)(User: )
Description: {38CC6A4B-BD6C-426C-A76E-8A13A4CE3629}AEQUALIS\johnnyVPN Connection0
 
Error: (07/11/2016 11:54:15 AM) (Source: RasClient)(User: )
Description: {5C54FE03-D07B-4B4E-A52C-D912A4CB711B}AEQUALIS\johnnyVPN Connection691
 
Error: (07/11/2016 11:53:55 AM) (Source: RasClient)(User: )
Description: {30361A26-0F0A-49C8-9BAA-29F3786088C3}AEQUALIS\johnnyVPN Connection691
 
CodeIntegrity Errors:
===================================
  Date: 2011-08-25 20:36:50.847
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-08-25 20:36:50.800
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-08-22 21:28:21.041
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-08-22 21:28:21.026
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-08-22 19:09:13.273
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-08-22 19:09:13.242
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-08-22 17:01:18.503
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-08-22 17:01:18.472
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-08-10 21:20:34.473
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2011-08-10 21:20:34.442
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
=========================== Installed Programs ============================

ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.0.0.4080 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.1.102.62 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin 64-bit (HKLM\...\Adobe Flash Player Plugin) (Version: 11.2.202.233 - Adobe Systems Incorporated)
ATI Catalyst Install Manager (HKLM\...\{7C7A5A92-046C-A38C-AE0F-8F9CCA0F67A8}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
ccc-core-static (HKLM-x32\...\{0E1C256F-6B90-E5A5-F62E-5DAE1AEAE294}) (Version: 2010.0511.2153.37435 - ATI) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version:  - CyberGhost S.R.L.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard)
Fantapper Browser Plugin (HKLM-x32\...\{30A0F8D9-709B-451C-BFB3-D8559F4797F8}) (Version: 1.0.0 - Brand Affinity Technologies)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4301 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{319E272A-B5DB-4939-99D0-1F1F0C55699E}) (Version: 5.0.11.16 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.0.3 - Hewlett-Packard) Hidden
Internet Explorer Toolbar 4.7 by SweetPacks (HKLM-x32\...\{80F3F10B-A177-4494-93CE-98090D819093}) (Version: 4.7.0008 - SweetIM Technologies Ltd.)
Itibiti RTC (HKLM-x32\...\{730E03E4-350E-48E5-9D3E-4329903D454D}) (Version: 0.0.1 - Itibiti Inc) Hidden
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Lightshot-5.3.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.3.0.0 - Skillbrains)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.2 - Notepad++ Team)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
PhotoNow! (HKLM-x32\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
Pixel Piracy (HKLM\...\Steam App 264140) (Version:  - Quadro Delta)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2 beta r2326 - )
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.2.16.12597 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.100.422.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2926 - CyberLink Corp.) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Unturned (HKLM\...\Steam App 304930) (Version:  - Smartly Dressed Games)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
 
========================= Memory info: ===================================
Percentage of memory in use: 58%
Total physical RAM: 2815.29 MB
Available physical RAM: 1166.88 MB
Total Virtual: 7035.48 MB
Available Virtual: 5087.73 MB
 
========================= Partitions: =====================================
1 Drive c: (OS) (Fixed) (Total:584.01 GB) (Free:440.62 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:12.06 GB) (Free:1.47 GB) NTFS
 
========================= Users: ========================================
User accounts for \\AEQUALIS
 
Administrator            Guest                    johnny                   
 
 
**** End of log ****
 
 
http://speccy.piriform.com/results/SPxHltT1xpLx157oXJ25oAe


Edited by hamluis, 20 July 2016 - 05:32 PM.


#6 hamluis

hamluis

    Moderator


  • Moderator
  • 56,111 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:17 AM

Posted 19 July 2016 - 04:10 PM

You have Sweetpacks software installed...you previously had PC Optimizer Pro installed...it appears to be scamware or something close.  I see no installed AV.

 

BC does not support the use of "registry cleaners/optimizers", see Registry Cleaner, Animal - http://www.bleepingcomputer.com/forums/t/526247/tune-up-utilities-2014-problem/?p=3303494 .

 

Looking at reflected processes and hardware...I can't see anything that points to a problem.

 

Moving topic to Am I Infected for a malware check.

 

Louis



#7 Aequalis

Aequalis
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 19 July 2016 - 05:46 PM

You have Sweetpacks software installed...you previously had PC Optimizer Pro installed...it appears to be scamware or something close.  I see no installed AV.

 

BC does not support the use of "registry cleaners/optimizers", see Registry Cleaner, Animal - http://www.bleepingcomputer.com/forums/t/526247/tune-up-utilities-2014-problem/?p=3303494 .

 

Looking at reflected processes and hardware...I can't see anything that points to a problem.

 

Moving topic to Am I Infected for a malware check.

 

Louis

I mean I have Malwarebytes installed, should I just run a scan in safe mode?

 

Edit: When I try to uninstall the program this is what shows up http://prntscr.com/bv0gkc


Edited by Aequalis, 19 July 2016 - 06:06 PM.


#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:17 AM

Posted 19 July 2016 - 09:09 PM

Adware Cleaner Scan.

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

 

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.
  •  

Adware Removal Tool Scan.

 

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

 

 

LOr0Gd7.png

 

Hit Ok.

 

sYFsqHx.png

 

Hit next make sure to leave all items checked, for removal.

 

8NcZjGc.png

 

 

The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

 

ZHP Scan.

Please download Zhp Cleaner  to your desktop.  Right Click the icon and select run as administrator.

http://ccm.net/download/download-24750-zhpcleaner

 

 

2. Once you have started the program, you will need to click the scanner button.

EgsT69u.png

The program will close all open browsers!

3. Once the scan is completed, the you will want to click the Repair button.

6QJjV50.png

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 Zemana Scan

 

 

Run a full scan with Zemana AntiMalware!

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply



#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:17 AM

Posted 19 July 2016 - 09:10 PM

if u have issues uninstalling something use this.

 

http://www.geekuninstaller.com/



#10 Aequalis

Aequalis
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 20 July 2016 - 12:43 AM

if u have issues uninstalling something use this.

 

http://www.geekuninstaller.com/

file:///C:/Users/johnny/Desktop/JRT.txt

 

file:///C:/Users/johnny/Desktop/AdwCleaner[S2].txt

 

file:///C:/Users/johnny/Desktop/AdwCleaner[C1].txt

 

file:///C:/Users/johnny/Desktop/ZHPCleaner.txt

 

I will be posting Zemana results tomorrow.


Edited by Aequalis, 20 July 2016 - 01:20 AM.


#11 Aequalis

Aequalis
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 20 July 2016 - 12:13 PM

http://pastebin.com/acsEdvVM
 


Edited by hamluis, 20 July 2016 - 05:30 PM.


#12 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:17 AM

Posted 20 July 2016 - 08:58 PM

Can you copy and paste all logs here please.



#13 Aequalis

Aequalis
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 20 July 2016 - 09:52 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Home Premium x64
Ran by johnny (Administrator) on Tue 07/19/2016 at 22:23:35.38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 180

Successfully deleted: C:\ai_recyclebin (Folder)
Successfully deleted: C:\end (File)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\ProgramData\Start Menu\Programs\ebay.lnk (Shortcut)
Successfully deleted: C:\ProgramData\update~1 (Folder)
Successfully deleted: C:\user.js (File)
Successfully deleted: C:\Users\johnny\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\esupport.com (Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\ilivid player (Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\opencandy (Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\packageaware (Folder)
Successfully deleted: C:\Users\johnny\Appdata\LocalLow\bandoo (Folder)
Successfully deleted: C:\Users\johnny\Appdata\LocalLow\mediabarim (Folder)
Successfully deleted: C:\Users\johnny\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Users\johnny\Documents\add-in express (Folder)
Successfully deleted: C:\Windows\SysWOW64\conduitengine.tmp (File)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Program Files (x86)\imesh applications (Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01NM9ZBS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0RYP2J59 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0ZQ9WG4C (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\117FD98T (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1GR3RAQ1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1R7NDPA9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1TK003KF (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1WBD7CX3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2ASAG6YP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2AZYIQFA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31XTAV2I (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3R5GHFBX (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WHI02NB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3YAKVLDC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\58SYK8EK (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5XQNO6A6 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6A43JU1V (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6IQC7NC7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6XTRFW59 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7UD48XQY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7XY4RP4S (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8597DTQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\89652OH3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DP9UGBJ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\91UNDKF8 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\92H76K4O (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\96XKCJFA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9TAUUDOF (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9WBU2EXJ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0IBHTW3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AW7G7U52 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BPQULTTN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BWDURDQF (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DXEUG90Y (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ED95MVJI (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFLIKWH1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F8H1PI2L (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GCPVQ39R (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZ9I1O8I (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IADYIQH4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ICVD11J3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IPEZUIAG (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IQU4CEY5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JQAJY8MZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KNF6SY1R (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L2UTRY6H (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MXNWWFM4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N32UQO51 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NCFDOVDD (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NTYAHW03 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NZ8KRDHR (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5TSP2E8 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O6EHJG0L (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OAXRKS3T (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODT5B8J4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ON8JQ8XP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OV0Q5M6V (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2GLNUE5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PCJBJMTY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PR0YHUE1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYZAIL6T (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RKI1LELA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SFY4N1IP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SVMF7WOS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SY5Q65I9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SYPYIFKZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TEQVTVBI (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TJJFDZID (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TSVV2JQS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U5VAXC40 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8V1R2UQ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VFEH9Y7S (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VJJV4Z97 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VP1AQK76 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VZKY7G8Y (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y3INKH17 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\johnny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YULVO92V (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\01NM9ZBS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0RYP2J59 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0ZQ9WG4C (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\117FD98T (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1GR3RAQ1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1R7NDPA9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1TK003KF (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1WBD7CX3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2ASAG6YP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2AZYIQFA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\31XTAV2I (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3R5GHFBX (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WHI02NB (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3YAKVLDC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\58SYK8EK (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5XQNO6A6 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6A43JU1V (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6IQC7NC7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6XTRFW59 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7UD48XQY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7XY4RP4S (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8597DTQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\89652OH3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DP9UGBJ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\91UNDKF8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\92H76K4O (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\96XKCJFA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9TAUUDOF (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9WBU2EXJ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0IBHTW3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AW7G7U52 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BPQULTTN (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BWDURDQF (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DXEUG90Y (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ED95MVJI (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFLIKWH1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F8H1PI2L (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GCPVQ39R (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZ9I1O8I (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IADYIQH4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ICVD11J3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IPEZUIAG (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IQU4CEY5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JQAJY8MZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KNF6SY1R (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L2UTRY6H (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MXNWWFM4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N32UQO51 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NCFDOVDD (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NTYAHW03 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NZ8KRDHR (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O5TSP2E8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O6EHJG0L (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OAXRKS3T (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODT5B8J4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ON8JQ8XP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OV0Q5M6V (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2GLNUE5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PCJBJMTY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PR0YHUE1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYZAIL6T (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RKI1LELA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SFY4N1IP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SVMF7WOS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SY5Q65I9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SYPYIFKZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TEQVTVBI (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TJJFDZID (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TSVV2JQS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U5VAXC40 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U8V1R2UQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VFEH9Y7S (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VJJV4Z97 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VP1AQK76 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VZKY7G8Y (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y3INKH17 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YULVO92V (Temporary Internet Files Folder)



Registry: 20

Successfully deleted: HKLM\Software\Google\Chrome\Extensions\bcjagnifjocnddgeknajocbkkhlgibem (Registry Key)
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{6D8D66F3-14FC-4736-A096-FAC0EA66289C} (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A8864317-E18B-4292-99D9-E6E65AB905D3} (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1B0C79B2-74B3-4296-8ADD-AAD0CB28D8D3} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5B6D2640-5C91-4FC5-AC05-FDBE953BAEC2} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A2A1F46-B256-4F42-BB7E-97F8A6A06F11} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7B11ACB-D3B2-4B9E-9EFC-0B15FFB2EE54} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{1B0C79B2-74B3-4296-8ADD-AAD0CB28D8D3} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 07/19/2016 at 22:27:54.77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

# AdwCleaner v5.201 - Logfile created 19/07/2016 at 22:29:41
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-19.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : johnny - AEQUALIS
# Running from : C:\Users\johnny\Desktop\adwcleaner_5.201.exe
# Option : Scan
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\Yahoo!\Companion
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\ConduitEngine
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\midicase
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\PriceGong
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\searchquband
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Searchqutoolbar
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Toolbar4
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Yahoo! Companion
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Yahoo!\Companion
Folder Found : C:\Users\johnny\AppData\Local\Zoom_Downloader
Folder Found : C:\Users\johnny\AppData\LocalLow\wincoreimband
Folder Found : C:\Users\johnny\AppData\LocalLow\Yahoo!\Companion
Folder Found : C:\Users\johnny\Documents\DCSCMIN
Folder Found : C:\Users\johnny\Documents\DealRunner
Folder Found : C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh
Folder Found : C:\Users\johnny\AppData\Local\Geckofx

***** [ Files ] *****

File Found : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerTrust\Bandoo.cfg
File Found : C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_isearch.avg.com_0.localstorage
File Found : C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_isearch.avg.com_0.localstorage-journal
File Found : C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Found : C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ DLL ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Found : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Found : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Found : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
Key Found : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
Key Found : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Key Found : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Key Found : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Key Found : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]
Key Found : HKLM\SOFTWARE\Classes\Applications\iLividSetupV1.exe
Key Found : HKLM\SOFTWARE\Classes\Applications\iLividSetupV1[1].exe
Key Found : HKCU\Software\Classes\bndle
Key Found : HKLM\SOFTWARE\Classes\AmiBs.Boot
Key Found : HKLM\SOFTWARE\Classes\AmiBs.Boot.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Key Found : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
Key Found : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\Classes\bndle
Key Found : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Found : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Key Found : HKLM\SOFTWARE\Classes\AppID\{50F7F0BE-31BA-4145-BD8B-6B0DECFED804}
Key Found : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Found : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Classes\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}
Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F0356CB6-4AB7-425B-A31C-0369E0CB5E81}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C29CF951-7F4F-4B8D-ACA8-C4EE934C27DC}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35C-6118-11DC-9C72-001320C79847}]
Value Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks [{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}]
Key Found : HKCU\Software\BrowserCompanion
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\DealRunner
Key Found : HKCU\Software\Escolade
Key Found : HKCU\Software\eSupport.com
Key Found : HKCU\Software\FunWebProducts
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\MyWebSearch
Key Found : HKCU\Software\Nation Toolbar
Key Found : HKCU\Software\speedypc software
Key Found : HKCU\Software\tinydm.com
Key Found : HKCU\Software\W3I
Key Found : HKCU\Software\Yahoo\Companion
Key Found : HKCU\Software\Yahoo\YFriendsBar
Key Found : HKCU\Software\Zugo
Key Found : HKCU\Software\WIN
Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\StartNow Toolbar
Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Updater By Sweetpacks
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\Freecause
Key Found : HKCU\Software\AppDataLow\Software\mediabarim
Key Found : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Found : HKCU\Software\AppDataLow\Software\Toolbar
Key Found : HKCU\Software\AppDataLow\Software\Yahoo\Companion
Key Found : HKLM\SOFTWARE\Bandoo
Key Found : HKLM\SOFTWARE\BrowserCompanion
Key Found : HKLM\SOFTWARE\Cheat Engine\OpenCandy
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\GinyasBrowserCompanion
Key Found : HKLM\SOFTWARE\Nation Toolbar
Key Found : HKLM\SOFTWARE\speedypc software
Key Found : HKLM\SOFTWARE\Uniblue
Key Found : HKLM\SOFTWARE\Vittalia
Key Found : HKLM\SOFTWARE\W3I
Key Found : HKLM\SOFTWARE\Yahoo\Companion
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{730E03E4-350E-48E5-9D3E-4329903D454D}
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Key Found : HKU\.DEFAULT\Software\Yahoo\Companion
Key Found : HKU\.DEFAULT\Software\AppDataLow\Toolbar
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\Conduit
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\Freecause
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\Midicase
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\Yahoo\Companion
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\BrowserCompanion
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\Conduit
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\Cr_Installer
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\DealRunner
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\Escolade
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\eSupport.com
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\FunWebProducts
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\IM
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\ImInstaller
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\MyWebSearch
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\Nation Toolbar
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\speedypc software
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\tinydm.com
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\W3I
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\Yahoo\Companion
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\Yahoo\YFriendsBar
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\Zugo
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\WIN
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\AppDataLow\Software\Conduit
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\AppDataLow\Software\Freecause
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\AppDataLow\Software\mediabarim
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\AppDataLow\Software\MyWebSearch
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\AppDataLow\Software\Toolbar
Key Found : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\AppDataLow\Software\Yahoo\Companion
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\BabylonToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\bbrs_002.tb
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\Blabbers
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\BrowserCompanion
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\incredibar.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\SweetIM
Key Found : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\Yahoo\Companion
Key Found : HKU\S-1-5-18\Software\Yahoo\Companion
Key Found : HKU\S-1-5-18\Software\AppDataLow\Toolbar
Key Found : HKU\S-1-5-18\Software\AppDataLow\Software\Conduit
Key Found : HKU\S-1-5-18\Software\AppDataLow\Software\Freecause
Key Found : HKU\S-1-5-18\Software\AppDataLow\Software\Midicase
Key Found : HKU\S-1-5-18\Software\AppDataLow\Software\Yahoo\Companion
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\B01F3F08771A494439EC8990D0180939
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\4E30E037E0535E84D9E3349209D354D4
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\B01F3F08771A494439EC8990D0180939
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\4E30E037E0535E84D9E3349209D354D4
Key Found : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3038A20B9089EC34D8F74220191FAB30
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B01F3F08771A494439EC8990D0180939
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E30E037E0535E84D9E3349209D354D4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Key Found : [x64] HKLM\SOFTWARE\Classes\Installer\Products\B01F3F08771A494439EC8990D0180939
Key Found : [x64] HKLM\SOFTWARE\Classes\Installer\Products\4E30E037E0535E84D9E3349209D354D4
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{E14E8F89-A7C3-4DFF-B1A7-EC81425967B1}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{1C92DBB4-AED2-44B0-9FA1-667664FAAC3E}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{410FAFC4-F27A-4836-AB06-9BC9AE2A5BD2}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{E8F0AB75-A476-4268-9E7C-844DAE0E5563}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{0FD90E4B-537F-4465-8780-9DB5A3A5877C}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{C3990098-A886-4551-96FE-A20536370394}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{9408DC47-1204-4BC9-9551-B8D13A4FC95A}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{B1AF05F4-4EF6-4397-A1EB-5BB4A4819659}]
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1B0C79B2-74B3-4296-8ADD-AAD0CB28D8D3}
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\incredibar.net
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\imesh.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\imesh.net
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\incredibar.net
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search-results.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searchqu.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\MyWebSearch Email Plugin
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\Tiny download manager

***** [ Web browsers ] *****

[C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : bcjagnifjocnddgeknajocbkkhlgibem
[C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : bodddioamolcibagionmmobehnbhiakf
[C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : booedmolknjekdopkepjjeckmjkdpfgl
[C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : dloejdefkancmfajekobpfoacecnhpgp
[C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : flpcjncodpafbgdpnkljologafpionhb
[C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : hbcennhacfaagdopikcegfcobcadeocj
[C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : jpmbfleldcgkldadpdinhjjopdfpjfjp
[C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : kdidombaedgpfiiedeimiebkmbilgmlc
[C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : lfkjojacgdjkninepeghaamnapdjmlfn
[C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : mhkaekfpcppmmioggniknbnbdbcigpkk
[C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : nfengeggddojhakldhlpjdlddgkkjkdd
[C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : oiokahphinmbmakkehgelkmpolmnbkdh
[C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : pfndaklgolladniicklehhancnlgocpp

*************************

C:\AdwCleaner\AdwCleaner[S2].txt - [31409 bytes] - [19/07/2016 22:29:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [31483 bytes] ##########

 

# AdwCleaner v5.201 - Logfile created 19/07/2016 at 22:30:52
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-19.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : johnny - AEQUALIS
# Running from : C:\Users\johnny\Desktop\adwcleaner_5.201.exe
# Option : Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\Yahoo!\Companion
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\ConduitEngine
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\midicase
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\PriceGong
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\searchquband
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Searchqutoolbar
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Toolbar4
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Yahoo! Companion
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Yahoo!\Companion
[-] Folder Deleted : C:\Users\johnny\AppData\Local\Zoom_Downloader
[-] Folder Deleted : C:\Users\johnny\AppData\LocalLow\wincoreimband
[-] Folder Deleted : C:\Users\johnny\AppData\LocalLow\Yahoo!\Companion
[-] Folder Deleted : C:\Users\johnny\Documents\DCSCMIN
[-] Folder Deleted : C:\Users\johnny\Documents\DealRunner
[-] Folder Deleted : C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh
[-] Folder Deleted : C:\Users\johnny\AppData\Local\Geckofx

***** [ Files ] *****

[-] File Deleted : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerTrust\Bandoo.cfg
[-] File Deleted : C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_isearch.avg.com_0.localstorage
[-] File Deleted : C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_isearch.avg.com_0.localstorage-journal
[-] File Deleted : C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]
[-] Key Deleted : HKLM\SOFTWARE\Classes\Applications\iLividSetupV1[1].exe
[-] Key Deleted : HKCU\Software\Classes\bndle
[-] Key Deleted : HKLM\SOFTWARE\Classes\AmiBs.Boot
[-] Key Deleted : HKLM\SOFTWARE\Classes\AmiBs.Boot.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
[-] Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
[-] Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
[-] Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
[-] Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
[-] Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
[-] Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
[-] Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
[-] Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
[-] Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
[-] Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
[-] Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
[-] Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
[-] Key Deleted : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{50F7F0BE-31BA-4145-BD8B-6B0DECFED804}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F0356CB6-4AB7-425B-A31C-0369E0CB5E81}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C29CF951-7F4F-4B8D-ACA8-C4EE934C27DC}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35B-6118-11DC-9C72-001320C79847}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35C-6118-11DC-9C72-001320C79847}]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks [{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}]
[-] Key Deleted : HKCU\Software\BrowserCompanion
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Cr_Installer
[-] Key Deleted : HKCU\Software\DealRunner
[-] Key Deleted : HKCU\Software\Escolade
[-] Key Deleted : HKCU\Software\eSupport.com
[-] Key Deleted : HKCU\Software\FunWebProducts
[-] Key Deleted : HKCU\Software\IM
[-] Key Deleted : HKCU\Software\ImInstaller
[-] Key Deleted : HKCU\Software\MyWebSearch
[-] Key Deleted : HKCU\Software\Nation Toolbar
[-] Key Deleted : HKCU\Software\speedypc software
[-] Key Deleted : HKCU\Software\tinydm.com
[-] Key Deleted : HKCU\Software\W3I
[-] Key Deleted : HKCU\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Yahoo\YFriendsBar
[-] Key Deleted : HKCU\Software\Zugo
[-] Key Deleted : HKCU\Software\WIN
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\StartNow Toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Updater By Sweetpacks
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
[-] Key Deleted : HKCU\Software\AppDataLow\Software\mediabarim
[-] Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Key Deleted : HKLM\SOFTWARE\Bandoo
[-] Key Deleted : HKLM\SOFTWARE\BrowserCompanion
[-] Key Deleted : HKLM\SOFTWARE\Cheat Engine\OpenCandy
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\GinyasBrowserCompanion
[-] Key Deleted : HKLM\SOFTWARE\Nation Toolbar
[-] Key Deleted : HKLM\SOFTWARE\speedypc software
[-] Key Deleted : HKLM\SOFTWARE\Uniblue
[-] Key Deleted : HKLM\SOFTWARE\Vittalia
[-] Key Deleted : HKLM\SOFTWARE\W3I
[-] Key Deleted : HKLM\SOFTWARE\Yahoo\Companion
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{730E03E4-350E-48E5-9D3E-4329903D454D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
[-] Key Deleted : HKU\.DEFAULT\Software\Yahoo\Companion
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Toolbar
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Conduit
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Freecause
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Midicase
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\BabylonToolbar
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\bbrs_002.tb
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\Blabbers
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\BrowserCompanion
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\incredibar.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\SweetIM
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\Yahoo\Companion
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\B01F3F08771A494439EC8990D0180939
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\4E30E037E0535E84D9E3349209D354D4
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\B01F3F08771A494439EC8990D0180939
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\4E30E037E0535E84D9E3349209D354D4
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3038A20B9089EC34D8F74220191FAB30
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B01F3F08771A494439EC8990D0180939
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E30E037E0535E84D9E3349209D354D4
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{E14E8F89-A7C3-4DFF-B1A7-EC81425967B1}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{1C92DBB4-AED2-44B0-9FA1-667664FAAC3E}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{410FAFC4-F27A-4836-AB06-9BC9AE2A5BD2}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{E8F0AB75-A476-4268-9E7C-844DAE0E5563}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{0FD90E4B-537F-4465-8780-9DB5A3A5877C}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{C3990098-A886-4551-96FE-A20536370394}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{9408DC47-1204-4BC9-9551-B8D13A4FC95A}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{B1AF05F4-4EF6-4397-A1EB-5BB4A4819659}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1B0C79B2-74B3-4296-8ADD-AAD0CB28D8D3}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\incredibar.net
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\imesh.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\imesh.net
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\incredibar.net
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search-results.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searchqu.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\MyWebSearch Email Plugin
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\Tiny download manager

***** [ Web browsers ] *****

[-] [C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : bcjagnifjocnddgeknajocbkkhlgibem
[-] [C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : bodddioamolcibagionmmobehnbhiakf
[-] [C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dloejdefkancmfajekobpfoacecnhpgp
[-] [C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : flpcjncodpafbgdpnkljologafpionhb
[-] [C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : hbcennhacfaagdopikcegfcobcadeocj
[-] [C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jpmbfleldcgkldadpdinhjjopdfpjfjp
[-] [C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : kdidombaedgpfiiedeimiebkmbilgmlc
[-] [C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lfkjojacgdjkninepeghaamnapdjmlfn
[-] [C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : mhkaekfpcppmmioggniknbnbdbcigpkk
[-] [C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : nfengeggddojhakldhlpjdlddgkkjkdd
[-] [C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : oiokahphinmbmakkehgelkmpolmnbkdh
[-] [C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : pfndaklgolladniicklehhancnlgocpp

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [30518 bytes] - [19/07/2016 22:30:52]
C:\AdwCleaner\AdwCleaner[S2].txt - [31727 bytes] - [19/07/2016 22:29:41]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [30666 bytes] ##########

 

~ ZHPCleaner v2016.8.13.324 by Nicolas Coolman (2015/08/13)
~ Run by johnny (Administrator) (19/07/2016 22:57:21)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version KO
~ Type : Repair
~ Report : C:\Users\johnny\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\johnny\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)


---\\ Services (0)
~ No malicious or unnecessary items found.


---\\ Browser internet (0)
~ No malicious or unnecessary items found.


---\\ Hosts file (2)
REPLACED: 46.23.70.78 pagead2.googlesyndication.com
Number of found redirections 1/199


---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\ Explorer ( File, Folder) (65)
MOVED file: C:\Users\johnny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Lightshot.lnk [Bad : C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe] =>PUP.Optional.SkillBrains
MOVED file: C:\Users\johnny\AppData\Roaming\4o65d.exe =>PUP.Optional.Pirrit
MOVED file: C:\Users\johnny\AppData\Roaming\5EGAL676PTPSVFAppdata.64.exe =>PUP.Optional.Pirrit
MOVED file: C:\Users\johnny\AppData\Roaming\8cd98f00b.a.exe =>PUP.Optional.Pirrit
MOVED file: C:\Users\johnny\AppData\Roaming\a4808.exe =>PUP.Optional.Pirrit
MOVED file: C:\Users\johnny\AppData\Roaming\c3s07.exe =>PUP.Optional.Pirrit
MOVED file: C:\Users\johnny\AppData\Roaming\KUH6P21System.Data.64.exe =>PUP.Optional.Pirrit
MOVED file: C:\Users\johnny\AppData\Roaming\ul7og.exe =>PUP.Optional.Pirrit
MOVED file: C:\Users\johnny\AppData\Roaming\v30xo.exe =>PUP.Optional.Pirrit
MOVED file: C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage =>PUP.Optional.Generic
MOVED file: C:\Users\johnny\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal =>PUP.Optional.Generic
MOVED folder: C:\Program Files (x86)\Skillbrains =>PUP.Optional.SkillBrains
MOVED folder: C:\Program Files (x86)\WhiteSmokeTranslator =>PUP.Optional.WhiteSmoke
MOVED folder: C:\Windows\Installer\MSI11A2.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI17B5.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI2072.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI2AAD.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI2BD9.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI2F92.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI3236.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI3358.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI35D9.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI38B7.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI4605.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI4CE9.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI5E52.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI6085.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI6AAF.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI6BC8.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI6D7E.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI71F2.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI79D5.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI819C.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI8371.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI845C.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI8D9F.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI8FBA.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI8FF0.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI905A.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI9379.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI9638.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSI9EE3.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSIA4A3.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSIB09B.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSIB222.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSIB464.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSIB687.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSIB7F9.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSIB87B.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSIBA22.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSIC75D.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSICBE5.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSICC51.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSICC67.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSICCB7.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSICD5B.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSICEE4.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSID00A.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSIDF3F.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSIE1CC.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSIE5A6.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSIEAC5.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSIEEB4.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSIF2E9.tmp- =>Empty
MOVED folder: C:\Windows\Installer\MSIFDF.tmp- =>Empty


---\\ Registry ( Key, Value, Data) (119)
DELETED key*: HKEY_USERS\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\PC Optimizer Pro64 [] =>PUP.Optional.OptimizerPro
DELETED key*: HKEY_USERS\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\SkillBrains [] =>PUP.Optional.SkillBrains
DELETED key*: HKEY_USERS\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\Smartbar [] =>PUP.Optional.QuickShare
DELETED key*: HKEY_USERS\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\VITALI KIRPU & QUADRO DELTA [] =>Toolbar.DeltaSearch
DELETED key: HKCU\Software\PC Optimizer Pro64 [] =>PUP.Optional.OptimizerPro
DELETED key: HKCU\Software\SkillBrains [] =>PUP.Optional.SkillBrains
DELETED key: HKCU\Software\Smartbar [] =>PUP.Optional.QuickShare
DELETED key: HKCU\Software\VITALI KIRPU & QUADRO DELTA [] =>Toolbar.DeltaSearch
DELETED key*: HKCU\Software\AppDataLow\Software\Smartbar [] =>PUP.Optional.QuickShare
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6E86BDDD-9038-4f12-8572-4A859C76F21F} [C:\Program Files (x86)\RewardsArcade (Not File)] =>PUP.Optional.RewardsArcade
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\betterdeals.co [1901] =>PUP.Optional.CrossRider
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\freeze.com [16728] =>PUP.Optional.Freeze
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ilivid.com [15668] =>PUP.Optional.Bandoo
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searchqutoolbar [15579] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} [IPugiObj] =>Toolbar.AVGSearch
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} [IToolbarObj] =>PUP.Optional.SweetIM
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} [IPosBHO] =>PUP.Optional.SweetIM
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} [IToolbarURLSearchHook] =>PUP.Optional.SweetIM
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} [ITimerBHO] =>PUP.Optional.Blabbers
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} [IWitBHO] =>PUP.Optional.Blabbers
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} [ICommonUtils] =>PUP.Optional.SocialSkinz
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A} [IThirdPartyInstaller] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} [IFunWebProductsPopSwatterSettings] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} [_IFunWebProductsPopSwatterSettingsEvents] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} [IF3IMPlugin] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} [IMyWebSearchXMLElement] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} [IF3PopupMenu] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} [IMyWebSearchSkinSettings] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} [IMyWebSearchPseudoTransparent] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} [IMyWebSearchPopupMenu] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} [IMyWebSearchSkinWindow] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302} [IDisableAddonRebuttal] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{8e9cf769-3d3b-40eb-9e2d-76e7a205e4d2} [IMyWebSearchButtonRect] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} [IHistoryKillerScheduler] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{991aac62-b100-47ce-8b75-253965244f69} [ICookiesCollection] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} [ISessionData] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} [_IIECookiesManagerEvents] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} [IHTMLDocPlugin] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} [ILargeStringDisp] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} [IF3AIMContainer] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} [IHttpControl] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} [IHttpControlEvents] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} [IMyWebSearchChatSession] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} [_IMyWebSearchChatSessionEvents] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} [_IHistorySchedulerEvents] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} [IMyWebSearchSearchScope] =>PUP.Optional.SearchSettings
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5} [IGetResourceCallback] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} [IStatedContract] =>PUP.Optional.IMBooster
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} [IClientCallback] =>PUP.Optional.IMBooster
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} [_LogoutCommand] =>PUP.Optional.IMBooster
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} [_LoginCommand] =>PUP.Optional.IMBooster
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} [_LightUri] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} [_PlayContentCommand] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} [_VariableChangedCallback] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} [ITinyfyingArgs] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} [_AddToUserContentCommand] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} [IServerResult] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} [_TinyUrlArgs] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} [_RawDataArgs] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} [_LightContent] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} [_WarmUpCommand] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} [_CheckLoginStatusCommand] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} [_WelcomeCommand] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} [_ShowBrowserWindowCommand] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} [IMediatorClient] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} [_ShowControlCenterCommand] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} [IServerCommand] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} [ICoordCommand] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} [_GetVariableResult] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} [_GetLoginStatusResult] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} [_DownloadArgs] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} [_GameOverCallback] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} [IMediatorServiceProxy] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} [_InstallationContextResult] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} [IContractBase] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} [_CleanCacheCommand] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} [_GetInstallationContextCommand] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} [_LoginStatusChangedCallback] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} [_MergeIdentityCommand] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} [_SetVariableCommand] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} [_MyAccountCommand] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} [IHWndContract] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} [_RecycleViewsCommand] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} [_UserContentChangedCallback] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} [_GetCreditCommand] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} [_LinkToPromoteArgs] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} [_LoadContentCommandResult] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} [_ViralLinkArgs] =>PUP.Optional.RewardsArcade
DELETED key*: [X64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} [IESmartBar.SmartbarDisplayState] =>PUP.Optional.SmartBar
DELETED key*: [X64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} [IESmartBar.BandObjectAttribute] =>PUP.Optional.SmartBar
DELETED key*: [X64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} [IESmartBar.SmartbarMenuForm] =>PUP.Optional.SmartBar
DELETED key*: [X64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} [IESmartBar.DockingPanel] =>PUP.Optional.SmartBar
DELETED key*: [X64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} [IESmartBar.IESmartBarBandObject] =>PUP.Optional.SmartBar
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A} [IESmartBar.MSG] =>PUP.Optional.SmartBar
DELETED key*: [X64] HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95} [IESmartBar.DBIM] =>PUP.Optional.SmartBar
DELETED key*: [X64] HKLM\SOFTWARE\PC Optimizer Pro64 [] =>PUP.Optional.OptimizerPro
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 264140 [Quadro Delta] =>Toolbar.DeltaSearch
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC} [C:\Program Files (x86)\Bandoo (Not File)] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12} [C:\Program Files (x86)\Bandoo (Not File)] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} [C:\Program Files (x86)\Bandoo (Not File)] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080} [C:\Program Files (x86)\Bandoo (Not File)] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Driver-Soft [] =>Legitimate.DriverSoft
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Skillbrains [] =>PUP.Optional.SkillBrains
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmoke Bar Toolbar [] =>PUP.Optional.WhiteSmoke
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1 [Skillbrains] =>PUP.Optional.SkillBrains
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{80F3F10B-A177-4494-93CE-98090D819093} [SweetIM Technologies Ltd.] =>PUP.Optional.SweetIM
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC} [C:\Program Files (x86)\Bandoo (Not File)] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{64BA269E-F904-46ED-880A-412DB0DE5405} [C:\Program Files (x86)\WhiteSmoke_Bar (Not File)] =>PUP.Optional.WhiteSmoke
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE} [C:\Program Files (x86)\Incredibar.com\incredibar\1.5.3.11 (Not File)] =>PUP.Optional.IncrediBar
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12} [C:\Program Files (x86)\Bandoo (Not File)] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} [C:\Program Files (x86)\Bandoo (Not File)] =>PUP.Optional.Bandoo
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer (Not File)] =>PUP.Optional.SweetIM
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080} [C:\Program Files (x86)\Bandoo (Not File)] =>PUP.Optional.Bandoo
DELETED key: [X64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}\InprocServer32 [mscoree.dll] =>PUP.Optional.SmartBar
DELETED key: [X64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}\InprocServer32 [mscoree.dll] =>PUP.Optional.SmartBar
DELETED key: [X64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}\InprocServer32 [mscoree.dll] =>PUP.Optional.SmartBar
DELETED key: [X64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}\InprocServer32 [mscoree.dll] =>PUP.Optional.SmartBar
DELETED key: [X64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}\InprocServer32 [mscoree.dll] =>PUP.Optional.SmartBar
DELETED value: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\Lightshot [C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe] =>PUP.Optional.SkillBrains


---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 1077
~ Items found : 1
~ Items cancelled : 0
~ Items repaired : 184


~ End of clean in 2 minutes
===================
ZHPCleaner-[R]-19072016-22_59_34.txt
ZHPCleaner-[S]-19072016-22_54_40.txt

 

  1. Zemana AntiMalware 2.21.2.139 (Installed)
  2.  
  3. -------------------------------------------------------
  4. Scan Result            : Completed
  5. Scan Date              : 2016/7/20
  6. Operating System       : Windows 7 64-bit
  7. Processor              : 2X AMD Athlon™ II X2 250 Processor
  8. BIOS Mode              : Legacy
  9. CUID                   : 12241BCE2D7C0BEA1F17BC
  10. Scan Type              : Deep Scan
  11. Duration               : 43m 31s
  12. Scanned Objects        : 271758
  13. Detected Objects       : 27
  14. Excluded Objects       : 0
  15. Read Level             : SCSI
  16. Auto Upload            : Enabled
  17. Detect All Extensions  : Disabled
  18. Scan Documents         : Disabled
  19. Domain Info            : WORKGROUP,0,2
  20.  
  21. Detected Objects
  22. -------------------------------------------------------
  23.  
  24. dxvasbzat.exe
  25. Status             : Scanned
  26. Object             : %userprofile%\dxvasbzat.exe
  27. MD5                : 7F3DA2E40511591FB5CB0E22A4110AE1
  28. Publisher          : -
  29. Size               : 933421
  30. Version            : 3.3.8.1
  31. Detection          : Heur:Malicious/Generic
  32. Cleaning Action    : Quarantine
  33. Related Objects    :
  34.                 File - %userprofile%\dxvasbzat.exe
  35.  
  36. v30xo.exe
  37. Status             : Scanned
  38. Object             : %appdata%\zhp\quarantine\v30xo.exe
  39. MD5                : 8DB4F8219F57408E7AFB1A6DC46DC167
  40. Publisher          : -
  41. Size               : 129002
  42. Version            : -
  43. Detection          : Worm:Win32/UsbInf.VB
  44. Cleaning Action    : Quarantine
  45. Related Objects    :
  46.                 File - %appdata%\zhp\quarantine\v30xo.exe
  47.  
  48. a4808.exe
  49. Status             : Scanned
  50. Object             : %appdata%\zhp\quarantine\a4808.exe
  51. MD5                : 8DB4F8219F57408E7AFB1A6DC46DC167
  52. Publisher          : -
  53. Size               : 129002
  54. Version            : -
  55. Detection          : Worm:Win32/UsbInf.VB
  56. Cleaning Action    : Quarantine
  57. Related Objects    :
  58.                 File - %appdata%\zhp\quarantine\a4808.exe
  59.  
  60. c3s07.exe
  61. Status             : Scanned
  62. Object             : %appdata%\zhp\quarantine\c3s07.exe
  63. MD5                : 8DB4F8219F57408E7AFB1A6DC46DC167
  64. Publisher          : -
  65. Size               : 129002
  66. Version            : -
  67. Detection          : Worm:Win32/UsbInf.VB
  68. Cleaning Action    : Quarantine
  69. Related Objects    :
  70.                 File - %appdata%\zhp\quarantine\c3s07.exe
  71.  
  72. 4o65d.exe
  73. Status             : Scanned
  74. Object             : %appdata%\zhp\quarantine\4o65d.exe
  75. MD5                : 8DB4F8219F57408E7AFB1A6DC46DC167
  76. Publisher          : -
  77. Size               : 129002
  78. Version            : -
  79. Detection          : Worm:Win32/UsbInf.VB
  80. Cleaning Action    : Quarantine
  81. Related Objects    :
  82.                 File - %appdata%\zhp\quarantine\4o65d.exe
  83.  
  84. bootres.a.exe
  85. Status             : Scanned
  86. Object             : %appdata%\microsoft\windows\templates\bootres.a.exe
  87. MD5                : BBB3E1684C77589F61B2F21CDF97E72C
  88. Publisher          : -
  89. Size               : 8704
  90. Version            : 6.2.9200.16384
  91. Detection          : Malware:Win32/Tyron.A!Altt
  92. Cleaning Action    : Quarantine
  93. Related Objects    :
  94.                 File - %appdata%\microsoft\windows\templates\bootres.a.exe
  95.  
  96. dxyscxoee.exe
  97. Status             : Scanned
  98. Object             : %userprofile%\dxyscxoee.exe
  99. MD5                : 7F3DA2E40511591FB5CB0E22A4110AE1
  100. Publisher          : -
  101. Size               : 933421
  102. Version            : 3.3.8.1
  103. Detection          : Malware:Win32/Edizz.A!Eict
  104. Cleaning Action    : Quarantine
  105. Related Objects    :
  106.                 File - %userprofile%\dxyscxoee.exe
  107.  
  108. dxzskl.exe
  109. Status             : Scanned
  110. Object             : %userprofile%\dxzskl.exe
  111. MD5                : 7F3DA2E40511591FB5CB0E22A4110AE1
  112. Publisher          : -
  113. Size               : 933421
  114. Version            : 3.3.8.1
  115. Detection          : Malware:Win32/Edizz.A!Eict
  116. Cleaning Action    : Quarantine
  117. Related Objects    :
  118.                 File - %userprofile%\dxzskl.exe
  119.  
  120. 1347394884.exe
  121. Status             : Scanned
  122. Object             : %temp%\1347394884.exe
  123. MD5                : CC553AFF9A81D640BA3B2475585B4F53
  124. Publisher          : -
  125. Size               : 204288
  126. Version            : -
  127. Detection          : Backdoor:Win32/DarkComet.Variant
  128. Cleaning Action    : Quarantine
  129. Related Objects    :
  130.                 File - %temp%\1347394884.exe
  131.  
  132. 1346889125.exe
  133. Status             : Scanned
  134. Object             : %temp%\1346889125.exe
  135. MD5                : 5D555F9F998DD7054CD561CD9A39BEEB
  136. Publisher          : -
  137. Size               : 160256
  138. Version            : -
  139. Detection          : Trojan:Win32/Kloom.A!Etea
  140. Cleaning Action    : Quarantine
  141. Related Objects    :
  142.                 File - %temp%\1346889125.exe
  143.  
  144. 1366406360.exe
  145. Status             : Scanned
  146. Object             : %temp%\1366406360.exe
  147. MD5                : 1E8F6A0C7F1742E54F53176F2B75A249
  148. Publisher          : -
  149. Size               : 159744
  150. Version            : -
  151. Detection          : Trojan:Win32/Kloom.A!Ekei
  152. Cleaning Action    : Quarantine
  153. Related Objects    :
  154.                 File - %temp%\1366406360.exe
  155.  
  156. 1383477179.exe
  157. Status             : Scanned
  158. Object             : %temp%\1383477179.exe
  159. MD5                : 8FC6C140681A0876044364A060196388
  160. Publisher          : -
  161. Size               : 160256
  162. Version            : -
  163. Detection          : Trojan:Win32/Kloom.A!Etea
  164. Cleaning Action    : Quarantine
  165. Related Objects    :
  166.                 File - %temp%\1383477179.exe
  167.  
  168. msvxfcahm.exe
  169. Status             : Scanned
  170. Object             : %temp%\msvxfcahm.exe
  171. MD5                : 2806E5C3D0A180344D765E118A935959
  172. Publisher          : -
  173. Size               : 723733
  174. Version            : 3.3.8.1
  175. Detection          : Backdoor:Win32/Wauchos.Variant
  176. Cleaning Action    : Quarantine
  177. Related Objects    :
  178.                 File - %temp%\msvxfcahm.exe
  179.  
  180. bm_installer.exe
  181. Status             : Scanned
  182. Object             : %allusersprofile%\~0\bm_installer.exe
  183. MD5                : D0A36B821AE8877359D1BBF592C720BC
  184. Publisher          : Uniblue Systems
  185. Size               : 3283360
  186. Version            : 6.0.10.7
  187. Detection          : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
  188. Cleaning Action    : Quarantine
  189. Related Objects    :
  190.                 File - %allusersprofile%\~0\bm_installer.exe
  191.  
  192. riched20.dll
  193. Status             : Scanned
  194. Object             : %programfiles%\windows live\messenger\riched20.dll
  195. MD5                : 16D23575B5ADA54EB1BBF5A2745A632D
  196. Publisher          : Mindspark Interactive Network
  197. Size               : 30128
  198. Version            : 1.0.0.9
  199. Detection          : Adware:Win32/Mindspark!Ep
  200. Cleaning Action    : Quarantine
  201. Related Objects    :
  202.                 File - %programfiles%\windows live\messenger\riched20.dll
  203.  
  204. msimg32.dll
  205. Status             : Scanned
  206. Object             : %programfiles%\windows live\messenger\msimg32.dll
  207. MD5                : 296EC4F4DF2A1EB1CA1ADCA3694F0990
  208. Publisher          : Mindspark Interactive Network
  209. Size               : 38408
  210. Version            : 1.0.1.1
  211. Detection          : Adware:Win32/Mindspark!Ep
  212. Cleaning Action    : Quarantine
  213. Related Objects    :
  214.                 File - %programfiles%\windows live\messenger\msimg32.dll
  215.  
  216. npdetector.dll
  217. Status             : Scanned
  218. Object             : %homedrive%\mygames\skyforge_mycom\bin32\gamecenterlight\npdetector.dll
  219. MD5                : 0A63C85D51DB4CD9533F97A4A3FF0397
  220. Publisher          : LLC Mail.Ru
  221. Size               : 288320
  222. Version            : 2.0.0.0
  223. Detection          : PUA:Win32/BrowserHijacker.Mail.Ru!Ep
  224. Cleaning Action    : Quarantine
  225. Related Objects    :
  226.                 File - %homedrive%\mygames\skyforge_mycom\bin32\gamecenterlight\npdetector.dll
  227.  
  228. Skyforge.exe
  229. Status             : Scanned
  230. Object             : %homedrive%\mygames\skyforge_mycom\bin32\skyforge.exe
  231. MD5                : 28BD5BDC9BAE3C77731D5D1C51BB6F8F
  232. Publisher          : LLC Mail.Ru
  233. Size               : 29413888
  234. Version            : 1.0.0.0
  235. Detection          : PUA:Win32/BrowserHijacker.Mail.Ru!Ep
  236. Cleaning Action    : Quarantine
  237. Related Objects    :
  238.                 File - %homedrive%\mygames\skyforge_mycom\bin32\skyforge.exe
  239.  
  240. GameCenter@Mail.Ru.exe
  241. Status             : Scanned
  242. Object             : %homedrive%\mygames\skyforge_mycom\bin32\gamecenterlight\gamecenter@mail.ru.exe
  243. MD5                : AE46B23AB4D77EFDFC65750FF8D9AD2F
  244. Publisher          : LLC Mail.Ru
  245. Size               : 4793888
  246. Version            : 2.0.379.22745
  247. Detection          : PUA:Win32/BrowserHijacker.Mail.Ru!Ep
  248. Cleaning Action    : Quarantine
  249. Related Objects    :
  250.                 File - %homedrive%\mygames\skyforge_mycom\bin32\gamecenterlight
  251.  
  252. \gamecenter@mail.ru.exe
  253.  
  254. lightupdate.dll
  255. Status             : Scanned
  256. Object             : %homedrive%\mygames\skyforge_mycom\bin32\gamecenterlight\lightupdate.dll
  257. MD5                : 059C0354EC69D8B40D67917BC6695482
  258. Publisher          : LLC Mail.Ru
  259. Size               : 242920
  260. Version            : 2.0.0.75
  261. Detection          : PUA:Win32/BrowserHijacker.Mail.Ru!Ep
  262. Cleaning Action    : Quarantine
  263. Related Objects    :
  264.                 File - %homedrive%\mygames\skyforge_mycom\bin32\gamecenterlight\lightupdate.dll
  265.  
  266. gclay.dll
  267. Status             : Scanned
  268. Object             : %homedrive%\mygames\skyforge_mycom\bin32\gamecenterlight\gclay.dll
  269. MD5                : D486F676414B3510706777636ABD8E17
  270. Publisher          : LLC Mail.Ru
  271. Size               : 291392
  272. Version            : 2.0.0.302
  273. Detection          : PUA:Win32/BrowserHijacker.Mail.Ru!Ep
  274. Cleaning Action    : Quarantine
  275. Related Objects    :
  276.                 File - %homedrive%\mygames\skyforge_mycom\bin32\gamecenterlight\gclay.dll
  277.  
  278. bigup2.dll
  279. Status             : Scanned
  280. Object             : %homedrive%\mygames\skyforge_mycom\bin32\gamecenterlight\bigup2.dll
  281. MD5                : 044D8F5143E09BDEDCDFB5773075792D
  282. Publisher          : LLC Mail.Ru
  283. Size               : 2307648
  284. Version            : 2.0.0.298
  285. Detection          : PUA:Win32/BrowserHijacker.Mail.Ru!Ep
  286. Cleaning Action    : Quarantine
  287. Related Objects    :
  288.                 File - %homedrive%\mygames\skyforge_mycom\bin32\gamecenterlight\bigup2.dll
  289.  
  290. avadapt.dll
  291. Status             : Scanned
  292. Object             : %homedrive%\mygames\skyforge_mycom\bin32\gamecenterlight\avadapt.dll
  293. MD5                : CC8FAC2A16DCCA8D4982887C4EDC66EB
  294. Publisher          : LLC Mail.Ru
  295. Size               : 81992
  296. Version            : -
  297. Detection          : PUA:Win32/BrowserHijacker.Mail.Ru!Ep
  298. Cleaning Action    : Quarantine
  299. Related Objects    :
  300.                 File - %homedrive%\mygames\skyforge_mycom\bin32\gamecenterlight\avadapt.dll
  301.  
  302. svhost.a.exe
  303. Status             : Scanned
  304. Object             : D:\svhost.a.exe
  305. MD5                : C606C1E97CEA0F9861DABC60C74A3974
  306. Publisher          : -
  307. Size               : 1258617
  308. Version            : 3.3.8.1
  309. Detection          : Malware:Win32/Bliss.A!Lrti
  310. Cleaning Action    : Quarantine
  311. Related Objects    :
  312.                 File - D:\svhost.a.exe
  313.  
  314. svhost.exe
  315. Status             : Scanned
  316. Object             : D:\svhost.exe
  317. MD5                : 11D6D72B3CE1DEF38C0563F6BDFEB98E
  318. Publisher          : -
  319. Size               : 1252765
  320. Version            : 3.3.8.1
  321. Detection          : Malware:Win32/Bliss.A!Lrti
  322. Cleaning Action    : Quarantine
  323. Related Objects    :
  324.                 File - D:\svhost.exe
  325.  
  326. 1366939183.exe
  327. Status             : Scanned
  328. Object             : D:\1366939183.exe
  329. MD5                : C606C1E97CEA0F9861DABC60C74A3974
  330. Publisher          : -
  331. Size               : 1258617
  332. Version            : 3.3.8.1
  333. Detection          : Malware:Win32/Bliss.A!Lrti
  334. Cleaning Action    : Quarantine
  335. Related Objects    :
  336.                 File - D:\1366939183.exe
  337.  
  338. 1348237352.exe
  339. Status             : Scanned
  340. Object             : D:\1348237352.exe
  341. MD5                : 11D6D72B3CE1DEF38C0563F6BDFEB98E
  342. Publisher          : -
  343. Size               : 1252765
  344. Version            : 3.3.8.1
  345. Detection          : Malware:Win32/Bliss.A!Lrti
  346. Cleaning Action    : Quarantine
  347. Related Objects    :
  348.                 File - D:\1348237352.exe
  349.  
  350.  
  351. Cleaning Result
  352. -------------------------------------------------------
  353. Cleaned               : 27
  354. Reported as safe      : 0
  355. Failed                : 0


#14 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:17 AM

Posted 20 July 2016 - 10:07 PM

Scan & Clean With Ads Fix

 

  • Disable Windows Defender & Antivirus Prior To Running This Tool!!
  • Save Ads Fix to your desktop.
  • Right Click & Run As Administrator.
  • You will then be prompted to install Certificates.
  • Install then click OK.
  • Right Click & Run As Administrator Again.
  • Click Options then select Unlock the deletion.
  • Then click on clean.
  • Post the log created, if the tool does not run then skip it.

 

Reset Host File

 

 

  • Click here to download RstHosts v2.0
  • Save the file to your desktop.
  • Right Click and Run as Administrator.
  • Click on Restaurer, then click OK at the prompt.
  • This will restore the default host file.
  • Next Click on Creer Un Rapport.
  • This will open a logfile, post that in your next reply.

 

 

Pre_Scan

 

Please download Pre_Scan.

Save it to your desktop.

Disable your antivirus, and windows defender.

Close All open work Pre_Scan will close all processes to run.

Right Click Run as Admin.

Allow completion, when it completes the program will reboot your machine and open a log.

Please post that log here in your next reply.

 

 

 

9-Lab Scan.

 

  • Download 9-Lab Removal Tool.
  • CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
  • Install the program onto your computer, then right click the icon  run as administrator.
  • Update the program and then run a full scan!
  • Make sure the program updates, might be better to install it update reboot and check for updates again.
  • You need to make sure the database updates!!!
  • Upon Scan Completion Click on Show Results.
  • Then Click On Clean 
  • Then Click on Save Log.
  • Save it to your desktop, copy and paste the contents of the log here in your next reply.


#15 Aequalis

Aequalis
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 21 July 2016 - 03:08 PM

 

Scan & Clean With Ads Fix

 

  • Disable Windows Defender & Antivirus Prior To Running This Tool!!
  • Save Ads Fix to your desktop.
  • Right Click & Run As Administrator.
  • You will then be prompted to install Certificates.
  • Install then click OK.
  • Right Click & Run As Administrator Again.
  • Click Options then select Unlock the deletion.
  • Then click on clean.
  • Post the log created, if the tool does not run then skip it.

 

Reset Host File

 

 

  • Click here to download RstHosts v2.0
  • Save the file to your desktop.
  • Right Click and Run as Administrator.
  • Click on Restaurer, then click OK at the prompt.
  • This will restore the default host file.
  • Next Click on Creer Un Rapport.
  • This will open a logfile, post that in your next reply.

 

 

Pre_Scan

 

Please download Pre_Scan.

Save it to your desktop.

Disable your antivirus, and windows defender.

Close All open work Pre_Scan will close all processes to run.

Right Click Run as Admin.

Allow completion, when it completes the program will reboot your machine and open a log.

Please post that log here in your next reply.

 

 

 

9-Lab Scan.

 

  • Download 9-Lab Removal Tool.
  • CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
  • Install the program onto your computer, then right click the icon  run as administrator.
  • Update the program and then run a full scan!
  • Make sure the program updates, might be better to install it update reboot and check for updates again.
  • You need to make sure the database updates!!!
  • Upon Scan Completion Click on Show Results.
  • Then Click On Clean 
  • Then Click on Save Log.
  • Save it to your desktop, copy and paste the contents of the log here in your next reply.

 

-|x| RstHosts v2.0 - Rapport créé le 21/07/2016 à 10:36:35
-|x| Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
-|x| Nom d'utilisateur : johnny - AEQUALIS (Administrateur)
 
-|x|- Informations -|x|-
 
Emplacement : C:\Windows\System32\drivers\etc\hosts
Attribut(s) : RASH
Propriétaire : Administrators - BUILTIN
Taille : 89 bytes
Date de création : 13/07/2009 - 19:34:48
Date de modification : 21/07/2016 - 10:36:26
Date de dernier accès : 21/07/2016 - 10:36:26
 
-|x|- Contenu du fichier -|x|-
 
# Fichier Hosts créé par RstHosts
 
127.0.0.1       localhost
::1             localhost
 
-|x|- E.O.F - C:\RstHosts.txt - 625 bytes -|x|-
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | g3n-h@ckm@n | 6_20.07.2016.1 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
 
¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 10:38:18
 
Updated 20/07/2016 | 00.20 by g3n-h@ckm@n
 
[johnny (Administrator)] - [AEQUALIS]
SID = S-1-5-21-4234849188-1163541568-2843079188-1001
 
Boot: Normal boot
System : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1
ProcessorNameString : AMD Athlon™ II X2 250 Processor
Identifier : AMD64 Family 16 Model 6 Stepping 3
CoreTemp : -1 Celsius - Max :  Celsius
 
Memory RAM = Total (MB) : 2883 | Free (MB) : 1880
Pagefile = Total (MB) : 7204 | Free (MB) : 6392
Virtual = Total (MB) : 4194 | Free (MB) : 4043
 
¤¤¤¤¤¤¤¤¤¤ # Components of starting up
 
C:\Windows\Setup\Scripts\oobe.cmd
C:\Windows\Setup\Scripts\SetupComplete.cmd
 
¤¤¤¤¤¤¤¤¤¤¤ # Drives
 
D:\-> [Fixed] | [HP_RECOVERY] | Total : 12.06 Go | Free : 1.47 Go -> NTFS [SATA]
C:\-> [Fixed] | [OS] | Total : 584.01 Go | Free : 441.95 Go -> NTFS [SATA]
 
¤¤¤¤¤¤¤¤¤¤ # Windows updates
 
Last detection : 2015-06-13 04:39:19
Downloaded last ones : 2015-06-13 04:39:48
Installed last ones : 2015-06-06 05:01:19
 
Microsoft : +
 
 
¤¤¤¤¤¤¤¤¤¤ # Sessions
 
C:\Windows\system32\config\systemprofile
C:\Windows\ServiceProfiles\LocalService
C:\Windows\ServiceProfiles\NetworkService
C:\Users\johnny
 
Registry saved , to restore :  Shortcut on the desktop 'Pre_Scan_Restore' Restore the register (C:\Pre_Scan\Save\Registry [21.07.2016 @ 10_37_43])
To restore File or Folder : Shortcut on the desktop 'Pre_Scan_Restore' , select 'restore File - Folder' , select an Item and click on Restore
 
¤¤¤¤¤¤¤¤¤¤ # Browsers
 
IE : 11.0.9600.17801     (© Microsoft Corporation.)
GC : 51.0.2704.103     (Copyright 2015 Google Inc.)
 
¤¤¤¤¤¤¤¤¤¤ # FlashPlayer
 
ActiveX : 11.1.102.62
Plugin : 11.2.202.233
 
���������� # Security
 
AV :
AS : Windows Defender Disabled
AM : Malwarebytes Anti-Malware   (2.3.173.0)     [2014.06.24.02]
FW : 
WMI : OK
WU: Windows Update Service [Auto(2)] = stopped
AS: Windows Defender [Auto(2)] = stopped
FW: Windows FireWall Service [Auto(2)] = Running
 
¤¤¤¤¤¤¤¤¤¤ # Stopped processes
 
2696 | [Owner : johnny |Parent : 2600] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17567) = C:\Windows\explorer.exe
3176 | [Owner :  |Parent : 508] - (. - GameScannerService.) - (1.0.6.2695) = C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
1928 | [Owner :  |Parent : 508] - (.Microsoft Corporation - Windows Media Player Network Sharing Service.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe
3888 | [Owner : SYSTEM |Parent : 508] - (.Microsoft Corporation - Spooler SubSystem App.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
 
¤¤¤¤¤¤¤¤¤¤ # Winlogon user
 
 
¤¤¤¤¤¤¤¤¤¤ # Winlogon machine
 
Repaired : [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]~[userinit] : userinit.exe, -> C:\Windows\System32\userinit.exe,
Repaired : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]~[userinit] : userinit.exe, -> C:\Windows\SYSWOW64\userinit.exe,
 
¤¤¤¤¤¤¤¤¤¤ # SafeBoot
 
Safeboot Keys are O.K
 
Alternate shell is OK !
 
 
Safeboot Minimal Subkeys : O.K !
 
 
Safeboot Network Subkeys : O.K !
 
¤¤¤¤¤¤¤¤¤¤ # IFEO
 
 
¤¤¤¤¤¤¤¤¤¤ # Mountpoints2
 
 
 
¤¤¤¤¤¤¤¤¤¤ # Windows
 
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]~[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini]~[winlogon] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]~[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon
 
¤¤¤¤¤¤¤¤¤¤ # Security center
 
 
 
 
¤¤¤¤¤¤¤¤¤¤ # Services
 
 
Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Compbatt]~[Start] : 3 -> 0
Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\srService]~[Start] :  -> 2
Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Parvdm]~[Start] :  -> 2
Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\NVSvc]~[Start] :  -> 2
Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\NIHardwareService]~[Start] :  -> 2
Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\IAStorDataMgrsvc]~[Start] :  -> 2
Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\agp440]~[Start] : 3 -> 2
Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\ERSvc]~[Start] :  -> 2
Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\EapHost]~[Start] : 3 -> 2
Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess]~[Start] : 3 -> 2
Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\wudfsvc]~[Start] : 3 -> 2
Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\WerSvc]~[Start] : 3 -> 2
 
¤¤¤¤¤¤¤¤¤¤ # Internet Explorer
 
 
¤¤¤¤¤¤¤¤¤¤ # reparsepoint
 
 
 
¤¤¤¤¤¤¤¤¤¤ # Offsets
 
 
¤¤¤¤¤¤¤¤¤¤ # Files | Folders | Registry
 
 
Moved to quarantine successfully : C:\$Recycle.bin\S-1-5-21-4234849188-1163541568-2843079188-1001\$I7Y2OV5.dll
Moved to quarantine successfully : C:\$Recycle.bin\S-1-5-21-4234849188-1163541568-2843079188-1001\$I8QXNSQ.dll
Moved to quarantine successfully : C:\$Recycle.bin\S-1-5-21-4234849188-1163541568-2843079188-1001\$IMKSBYD.exe
Moved to quarantine successfully : C:\$Recycle.bin\S-1-5-21-4234849188-1163541568-2843079188-1001\$INJSIY7.dll
Moved to quarantine successfully : C:\$Recycle.bin\S-1-5-21-4234849188-1163541568-2843079188-1001\$IOP7544.dll
Moved to quarantine successfully : C:\$Recycle.bin\S-1-5-21-4234849188-1163541568-2843079188-1001\$IPZK5EH.exe
Moved to quarantine successfully : C:\$Recycle.bin\S-1-5-21-4234849188-1163541568-2843079188-1001\$IZHIA2R.exe
Deleted : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\4shared
Deleted : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\blinkx
Deleted : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\eduweb
Deleted : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\ijji
Deleted : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\remote
Deleted : HKU\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\user32.dll
 
 
¤¤¤¤¤¤¤¤¤¤ # ADS
 
 
Prefetch -> cleaned
 
 
D:\ : Vaccinated (Vaccin created by Pre_Scan)
 
���������� | Hidden files
 
~ [Drive D:] : Hidden : 16 | Restored : 16
~ [Drive C:] : Hidden : 6 | Restored : 6
~ [Program Files] : Hidden : 7 | Restored : 7
~ [Users] : Hidden : 2 | Restored : 2
~ [Documents] : Hidden : 2 | Restored : 2
~ [Searches] : Hidden : 2 | Restored : 2
~ [Windows] : Hidden : 86 | Restored : 86
~ [AppData] : Hidden : 47 | Restored : 47
 
 
¤¤¤¤¤¤¤¤¤¤ # Drives
 
 Disk: 0   Size=610G
 Pos MBRndx Type/Name  Size Active Hide Start Sector   Sectors
 --- ------ ---------- ---- ------ ---- ------------ ------------
  0    0    07-NTFS    100M   Yes   No         2,048      204,800
  1    1    07-NTFS    598G   No    No       206,848  224,755,200
  2    2    07-NTFS     12G   No    No   224,962,048   25,298,944
 
¤¤¤¤¤¤¤¤¤¤
 
Repaired : [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]~[AutoRestartShell] : 0 -> 1
Repaired : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]~[AutoRestartShell] :  -> 1
 
End : 10:56:37
 
 
¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤ - 197
 
9-lab Removal Tool 1.0.0.39 BETA
9-lab.com
 
Database version: 128.39590
 
Windows 7 Service Pack 1 (Version 6.1, Build 7601, 64-bit Edition)
Internet Explorer 9.11.9600.17801
johnny :: AEQUALIS
 
7/21/2016 11:07:49 AM
9lab-log-2016-07-21 (11-07-49).txt
 
Scan type: Full
Objects scanned: 48697
Time Elapsed: 36 m 36 s
 
Registry Keys detected: 7
Adware.RPL.Gen.bot [HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906}]
Adware.RPL.Gen.bot [HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}]
Adware.RPL.Gen.bot [HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}]
Adware.RPL.Gen.bot [HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}]
Adware.RPL.Gen.bot [HKEY_CLASSES_ROOT\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}]
Adware.RPL.Gen.bot [HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}]
Adware.RPL.Gen.vb [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}]
 
 
Registry Values detected: 2
Risk.EnableLUA [HKEY_USERS\S-1-5-21-4234849188-1163541568-2843079188-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System EnableLUA]
Risk.Path [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command (Default)]
 
 
Files detected: 89
[D41D8CD98F00B204E9800998ECF8427E] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\5EGAL676PTPSVFAppdata.64.exe]
[D41D8CD98F00B204E9800998ECF8427E] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\8cd98f00b.a.exe]
[3358128B1640044E23534F59986C0496] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\hosts]
[9BE493F2275E8A6D9F4CCEBB738AB72F] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\https_static.olark.com_0.localstorage]
[D41D8CD98F00B204E9800998ECF8427E] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\https_static.olark.com_0.localstorage-journal]
[D41D8CD98F00B204E9800998ECF8427E] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\KUH6P21System.Data.64.exe]
[C3776CC4114B7F5169D4A2596131F003] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\DXGIODScreenshot.dll]
[0A933B6964A69F08A3C7B22831247EAB] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\learnmore.url]
[5711278CD3487EE9EA475490B500ECC3] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\learnmore_ru.url]
[03887BFF85C4DB8060BCB04AF81EEF81] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\Lightshot.dll]
[0B42873501A576FF6CDE35EA69EE930A] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\Lightshot.exe]
[C85471C1E06D6A14B991564AD30BB140] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\ar.txt]
[E0E5E6B95A7C27CA88C30C250A4A2329] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\be-Cyrl.txt]
[7780ED7899C2A7B95D23E5D61F01FCEF] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\be.txt]
[E1D1E051026223916F04AF6B838ED370] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\bg.txt]
[EE01605F2FA3AB6292C54CE3DD74AB94] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\bn-BD.txt]
[258A25C307C83AFB79CD06B239E17244] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\bs.txt]
[F9377CBBBBFB1170097581EF1EBE4130] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\cs.txt]
[5618AAC9B1E52EE59B694D4C93693436] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\da.txt]
[1340627E17F5BFCF204755049D11149C] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\de.txt]
[D3D71FA439E4ABEB2CD9621437E2EAF3] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\el.txt]
[CD197F62EE6D954557BA60F57C169911] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\en.txt]
[A062F8FE3E97154999F0BF1ECE9D7B8B] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\es.txt]
[A9009F79A551E6BD947500B54256072D] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\et.txt]
[DDB6220F98F84BF60C3B3507F2EF352B] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\fa.txt]
[EFC8B2F84516EB9A2ACA53444DB5A1D7] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\fi.txt]
[A3E6C7C3B083EA009E217D33517C2C0B] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\fr.txt]
[C309481B1B24223883B048C5B58D1B7A] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\gl.txt]
[9C28CC2C63958084DF874DA5F270AFA0] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\he.txt]
[03CB3512C2A93C7E64869A1041935FB6] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\hr.txt]
[71EF7D84BDEBCC579EE26CCAB4575E5A] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\hu.txt]
[928D6495039E901126DD8A22AB06E078] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\hy.txt]
[6D865BA7660D6FB176D8A41D209A3AC0] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\id.txt]
[E0F349600A2F84FB8707A2C872973358] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\is.txt]
[A8B6BE11D713C0178897B0A0F2510BE3] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\it.txt]
[4B84C519AFEF69855C2B7F54EBD80B29] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\ja.txt]
[B92E59583AAE66E74D99039E36AFB758] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\ka.txt]
[5D945A85C81723C7FC0229DD5935D130] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\ko.txt]
[B1568E7572C74FF59CAF1A668544B2CB] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\ku.txt]
[E533CA50842B75236DE0163D01D237D7] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\lt.txt]
[059F7E21FC12559442218AF4E90C7166] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\lv.txt]
[AC3F6387C8C99EA6BE20DA363C701583] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\mk.txt]
[ACF21A98AEA3CEA8C724A44F857877DD] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\nb-NO.txt]
[B6756E836D046CCAE98438F1C0510E9F] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\nl.txt]
[7479BBB1C26D5004FCB03A98B64F84DA] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\pl.txt]
[9461D3951814D37B5E9F53AE69716537] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\pt-BR.txt]
[CB4B631B0D783168856F492B97751A00] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\pt-PT.txt]
[8D957E4EAADD935F5912939A9D539DE4] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\ro.txt]
[FDFE259E9D4C8CE858E2FAEB554DD7DB] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\ru.txt]
[899D331A59A1A68F656845E338042A71] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\sk.txt]
[233ED30E4038176AA96C985B23E74F2A] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\sl.txt]
[4EF533FC25A6AE5F1786FC0A6344CBB8] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\sq.txt]
[697EA2651484F03E0F00D9FAD7C46F05] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\sr.txt]
[4A1095FA7F4C1E8D35DACB98742238DB] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\sv.txt]
[3ECA8AF4E4DEDCFFA7A78344FCF4D2A1] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\th.txt]
[C2DAE97E470FDEB58D53155DC31B6A57] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\tr.txt]
[7B2AA01CED8372DD2C2F3CD9E7376237] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\uk.txt]
[B4213E796BD3B5D8E6EFC577228A4128] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\ur.txt]
[D4EC6423415763A79F2099FF62E051E9] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\vi.txt]
[DD2C63E55E55B2E84D482A124F29D4C3] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\zh-CN.txt]
[838C1838D7179D4EE301ED448A79BD66] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\locales\zh-TW.txt]
[B1F9575F047B88BC537E70D2D791B06C] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\net.dll]
[B0E3D9D58FF88A721A7D1D9C2502C54F] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\5.3.0.0\uploader.dll]
[53C6C41356D532FEFD8056AB2906D129] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\Lightshot.exe]
[34ECE1CD0F1AF82C1C9AE0B9D6041B03] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\unins000.dat]
[68B042F2B3723A413FFFE34115F279A1] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\unins000.exe]
[5F38274FC51EC35B61E925153E26EF1C] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\lightshot\unins000.msg]
[3B15FE4DF05B8F88BB5B1950885ADC36] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\Updater\1.7.2.5\Updater.exe]
[EEFB00A11C8683807E7BCF01175688C3] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\Updater\MachineProducts.xml]
[70D6EA378844CC762C57FA4B8AC63764] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\Updater\Updater.exe]
[ECAA88F7FA0BF610A5A26CF545DCD3AA] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Quarantine\Skillbrains\Updater\updater.log]
[9455B24D51B4C2ADF2A17E39A6615660] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Tempo.txt]
[3F02F452CD534BD1223097E37F922F2B] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\Trace.txt]
[AFBE30CADB48DA4F8A3A3A03CB275A72] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\ZHPCleaner-[R]-19072016-22_59_34.txt]
[B0BE5332EEE271A7651EFD1978F10E2B] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\ZHPCleaner-[S]-19072016-22_54_40.txt]
[AF04DB736B9BBDF69A919DF957F2A074] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\ZHPCleaner.exe]
[1CC1658A1462B0F06F2389FC71443445] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\ZHPCleaner.txt]
[7B5E1D30E89E0EF1C86FECB977131673] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\ZHPCleaner_Quarantine.txt]
[6015BD6FCF6AD19A70A7FF9C12A93737] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\ZHPCleaner_Tempo.txt]
[C018172E66DD9DFDDFFA2027908AAE3F] Trojan.FPL.Rotbrow.vb [c:\users\johnny\appdata\roaming\ZHP\ZHPQ_Files.txt]
[7F3DA2E40511591FB5CB0E22A4110AE1] Malware.MPL.Heur.vb [c:\users\johnny\dxalaeg.exe]
[7F3DA2E40511591FB5CB0E22A4110AE1] Malware.MPL.Heur.vb [c:\users\johnny\dxuompra.exe]
[9CEF63FDE7A3A91A747CEB26D00FCED3] Malware.Win32.Gen.sm [C:\Pre_Scan\smss.exe]
[D3B9773EF671DA0F501D42E38BD4CD21] Malware.Win32.Gen.250D.sm!ff [C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe]
[EE3802FB8E597D3436C3054599B617BD] Trojan.Win32.Downloader.vb!i [C:\Users\johnny\AppData\Local\DM\TinyDM.exe]
[0A170D9B50B29C5209248D95417C16DA] Malware.Win32.Gen.486E.sm!ff [C:\Users\johnny\Downloads\rsthosts_2.0.exe]
[CD6F52C145C56640467361781B32AB81] Adware.Linkury.vb!c [C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll]
[CB2463B868E099162133CE299DC34F0F] Adware.Linkury.vb!c [C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll]
[8DB4F8219F57408E7AFB1A6DC46DC167] Malware.Win32.Gen.cs0 [C:\Users\johnny\AppData\Roaming\ZHP\Quarantine\ul7og.exe]
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users