Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I'm not sure if I opened a malicious website


  • Please log in to reply
6 replies to this topic

#1 pusssykatt

pusssykatt

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 01 August 2016 - 09:00 AM

I got an email from a friend and it appeared to be a photo. I NEVER open or visit links without verifying that it was sent by the person, but yesterday I was wearing my stupid hat and visited the link. Nothing happened as it appeared to be a dead link. Now I'm wondering if I have set some monster loose on my computer.
 
 
Windows 7
Webroot SecureAnywhere (nothing showed up)
I run ccleaner every morning before I enter the web
I run and update Malwarebytes usually daily (nothing showed up)
 
My Webroot is very good about alerting me if I've done something I shouldn't have, but I got nothing.
 
This is the link: hXXp://lifestyle.x3x.pictures610d.ru/billie-jane/
 
Thank you for you help!

EDIT:Broke potentially dangerous link ~~boopme

Edited by boopme, 01 August 2016 - 09:54 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:46 AM

Posted 01 August 2016 - 09:56 AM

Hello, lets run these ....

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 pusssykatt

pusssykatt
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 01 August 2016 - 10:33 PM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by billie (administrator) on 01-08-2016 at 17:59:54
Running from "C:\Users\billie\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: p7-1003w Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : billie-HP
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 3C-D9-2B-4A-AE-AC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9537:a8ea:2ddf:70db%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, August 01, 2016 8:31:33 AM
   Lease Expires . . . . . . . . . . : Monday, August 01, 2016 6:59:09 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 272423211
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-A8-3D-44-3C-D9-2B-4A-AE-AC
   DNS Servers . . . . . . . . . . . : 72.240.13.7
                                       72.240.13.6
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{288D7C17-0E9D-4822-B812-BBCD15600A32}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  nsextcache3.buckeyecom.net
Address:  72.240.13.7

Name:    google.com
Addresses:  2607:f8b0:4009:80d::200e
      72.240.108.93
      72.240.108.106
      72.240.108.109
      72.240.108.83
      72.240.108.94
      72.240.108.108
      72.240.108.98
      72.240.108.79
      72.240.108.121
      72.240.108.87
      72.240.108.113
      72.240.108.91
      72.240.108.102
      72.240.108.117
      72.240.108.123


Pinging google.com [72.240.108.117] with 32 bytes of data:
Reply from 72.240.108.117: bytes=32 time=15ms TTL=60
Reply from 72.240.108.117: bytes=32 time=13ms TTL=60

Ping statistics for 72.240.108.117:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 13ms, Maximum = 15ms, Average = 14ms
Server:  nsextcache3.buckeyecom.net
Address:  72.240.13.7

Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
      2001:4998:c:a06::2:4008
      2001:4998:58:c02::a9
      98.138.253.109
      206.190.36.45
      98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=53ms TTL=51
Reply from 98.138.253.109: bytes=32 time=60ms TTL=51

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 53ms, Maximum = 60ms, Average = 56ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...3c d9 2b 4a ae ac ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.2     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.0.2    276
      192.168.0.2  255.255.255.255         On-link       192.168.0.2    276
    192.168.0.255  255.255.255.255         On-link       192.168.0.2    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.2    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.2    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 13    276 fe80::/64                On-link
 13    276 fe80::9537:a8ea:2ddf:70db/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/01/2016 08:33:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2016 08:31:38 AM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/01/2016 08:31:38 AM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/01/2016 08:31:38 AM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/01/2016 08:31:38 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (08/01/2016 08:31:36 AM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/01/2016 08:31:36 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (08/01/2016 08:31:36 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/01/2016 08:31:36 AM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/01/2016 08:31:36 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot open the Jet property store.


Details:
    0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))


System errors:
=============
Error: (08/01/2016 08:31:38 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (08/01/2016 08:31:38 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (07/31/2016 09:14:53 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/29/2016 11:38:44 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/28/2016 10:53:37 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/28/2016 10:49:33 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/27/2016 09:39:37 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/26/2016 09:45:43 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/25/2016 10:35:21 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/24/2016 10:51:03 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


Microsoft Office Sessions:
=========================
Error: (08/01/2016 08:33:13 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2016 08:31:38 AM) (Source: Windows Search Service)(User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/01/2016 08:31:38 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/01/2016 08:31:38 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/01/2016 08:31:38 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (08/01/2016 08:31:36 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (08/01/2016 08:31:36 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (08/01/2016 08:31:36 AM) (Source: Windows Search Service)(User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (08/01/2016 08:31:36 AM) (Source: Windows Search Service)(User: )
Description:
Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (08/01/2016 08:31:36 AM) (Source: Windows Search Service)(User: )
Description:
Details:
    0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))


CodeIntegrity Errors:
===================================
  Date: 2016-02-24 20:27:49.191
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2016-02-24 20:27:49.185
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2016-02-24 20:27:49.179
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2016-02-24 20:27:49.023
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2016-02-24 20:27:47.889
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2016-02-24 20:27:47.883
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2016-02-24 20:27:47.878
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2016-02-24 20:27:47.747
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2016-02-24 20:27:42.184
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.

  Date: 2016-02-24 20:27:42.177
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.


=========================== Installed Programs ============================

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft MediaImpression SE for Kodak (HKLM-x32\...\{EB4D42D6-627A-424E-981F-1474AFF3CC29}) (Version: 2.0.69.800 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{7C7A5A92-046C-A38C-AE0F-8F9CCA0F67A8}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
ccc-core-static (HKLM-x32\...\{0E1C256F-6B90-E5A5-F62E-5DAE1AEAE294}) (Version: 2010.0511.2153.37435 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Doc Reader 2.0 (HKLM-x32\...\Doc Reader 2.0) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FileZilla Client 3.10.1.1 (HKLM-x32\...\FileZilla Client) (Version: 3.10.1.1 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Deskjet 1510 series Basic Device Software (HKLM\...\{D17E60E8-478A-4D4A-8147-21D481B5CA55}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Deskjet 1510 series Help (HKLM-x32\...\{2E25FCEB-EFCB-4696-AA01-D3CBAC721831}) (Version: 30.0.0 - Hewlett Packard)
HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BB760C1D-98F4-4E38-8CC4-3B67329AA981}) (Version: 1.0.6.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.3.27.17 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.5.26.37 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
KompoZer 0.8b3 (HKLM-x32\...\{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1) (Version:  - KompoZer)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works 2000 (HKLM-x32\...\{56364334-9530-11D2-BFFC-00C04FA329AA}) (Version: 1.0.0.0000 - Microsoft Corporation)
Mozilla Firefox 47.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 en-US)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PageBreeze Free HTML Editor (HKLM-x32\...\PageBreeze Free HTML Editor) (Version:  - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Product Improvement Study for HP Deskjet 1510 series (HKLM\...\{35DB2630-846E-47C5-AF84-9D6AC3629F55}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.3621 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
SUABnR (HKLM-x32\...\{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden
SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Toddler Keys (HKLM-x32\...\{7339E7E7-FB6A-46EC-8303-D31E655EF617}) (Version: 00.97.0000 - none)
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{EE296443-E401-43D2-9864-1C63AD8D376E}) (Version: 2.14.0410 - Samsung Electronics Co., Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{69258FD1-F4EE-475A-83D1-BF68C8029592}) (Version: 2.14.0402 - Samsung Electronics Co., Ltd.)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 9.0.10.21 - Webroot)

========================= Memory info: ===================================

Percentage of memory in use: 21%
Total physical RAM: 7935.29 MB
Available physical RAM: 6265.21 MB
Total Virtual: 15868.75 MB
Available Virtual: 14191.67 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:920.27 GB) (Free:844.87 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.15 GB) (Free:1.36 GB) NTFS
8 Drive j: () (Removable) (Total:28.94 GB) (Free:28.78 GB) FAT32

========================= Users: ========================================

User accounts for \\BILLIE-HP

Administrator            billie                   Guest                    


**** End of log ****
 

# AdwCleaner v5.201 - Logfile created 01/08/2016 at 23:23:40
# Updated 30/06/2016 by ToolsLib
# Database : 2016-08-02.1 [Local]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : billie - BILLIE-HP
# Running from : C:\Users\billie\Desktop\AdwCleaner.exe
# Option : Scan
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLL ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

[C:\Users\billie\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : search.conduit.com
[C:\Users\billie\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
[C:\Users\billie\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Users\billie\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : jcrew.com

*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [794 bytes] - [01/08/2016 18:08:02]
C:\AdwCleaner\AdwCleaner[S2].txt - [866 bytes] - [01/08/2016 18:13:17]
C:\AdwCleaner\AdwCleaner[S3].txt - [1385 bytes] - [01/08/2016 20:36:06]
C:\AdwCleaner\AdwCleaner[S4].txt - [1458 bytes] - [01/08/2016 22:17:08]
C:\AdwCleaner\AdwCleaner[S5].txt - [1531 bytes] - [01/08/2016 23:18:57]
C:\AdwCleaner\AdwCleaner[S6].txt - [1451 bytes] - [01/08/2016 23:23:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [1524 bytes] ##########

 

I'm not sure this ran correctly. "Waiting for action. Uncheck elements you want to keep." However, nothing is showing up.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Home Premium x64
Ran by billie (Administrator) on Mon 08/01/2016 at 20:05:24.34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 8

Successfully deleted: C:\Users\billie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BRF12O16 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\billie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PWQSBRIH (Temporary Internet Files Folder)
Successfully deleted: C:\Users\billie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QE24EYTS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\billie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RA0B8ZQP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BRF12O16 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PWQSBRIH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QE24EYTS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RA0B8ZQP (Temporary Internet Files Folder)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C2445735-EF17-4770-B39A-075D64648377} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 08/01/2016 at 20:07:19.58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

When I ran ESET 44 threats were found. I clicked FINISH before I exported the threats file. This was in my ESET Online Scanner Program file, so I hope this is what you need.

 

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1

 

Thank you!
# EOSSerial=2a36212db177914695ffd9d4ec32d0b4
# end=init
# utc_time=2016-01-23 06:28:38
# local_time=2016-01-23 01:28:38 (-0500, Eastern Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27783
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=2a36212db177914695ffd9d4ec32d0b4
# end=updated
# utc_time=2016-01-23 06:32:12
# local_time=2016-01-23 01:32:12 (-0500, Eastern Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=2a36212db177914695ffd9d4ec32d0b4
# engine=27783
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-01-23 07:47:29
# local_time=2016-01-23 02:47:29 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 205121899 0 0
# compatibility_mode_1='Webroot SecureAnywhere'
# compatibility_mode=16132 16777213 100 100 1246418 1479057 0 0
# scanned=311523
# found=0
# cleaned=0
# scan_time=4516
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=2a36212db177914695ffd9d4ec32d0b4
# end=init
# utc_time=2016-08-02 12:10:06
# local_time=2016-08-01 08:10:06 (-0500, Eastern Daylight Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 30292
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=2a36212db177914695ffd9d4ec32d0b4
# end=updated
# utc_time=2016-08-02 12:13:04
# local_time=2016-08-01 08:13:04 (-0500, Eastern Daylight Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=2a36212db177914695ffd9d4ec32d0b4
# engine=30292
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2016-08-02 02:15:35
# local_time=2016-08-01 10:15:35 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 221647585 0 0
# compatibility_mode_1='Webroot SecureAnywhere'
# compatibility_mode=16131 16777214 100 80 59060 18004695 0 0
# scanned=289303
# found=44
# cleaned=44
# scan_time=7350
sh=6525F85F423A8ACB9DE261FCE7C1BFDCAF0651EC ft=1 fh=e751b5239200023c vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Program Files\CCleaner\CCleaner64(1).exe"
sh=ADF2AD3B94EB35DC371AB7A1A49B004B7C76BFA5 ft=1 fh=f95766f30bc4ebc6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Program Files\CCleaner\ccsetup406.exe"
sh=3B38ECE8A1605F66D7FC38CC9BCC5FF325A2ED55 ft=1 fh=bc0c24e3a63c61a6 vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\ccsetup313.exe"
sh=3FC75D7EC85B4B4766AE1195896F0C2C5FB3E6FE ft=1 fh=f3111313b4ad1f30 vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\ccsetup314.exe"
sh=DEAD469FFF7CE0F1BE574947EDFFA13AB6254BB3 ft=1 fh=a553c6fac1ec1496 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\FoxitReader510.1021_enu_Setup.exe"
sh=59C75B45AC46FAC8C4018205544938C46B1BA631 ft=1 fh=ab462a0af6e69b03 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Desktop\COMPUTER STUFF\ccsetup405.exe"
sh=3D84C7C0E316EAD02DD7A59E746EC798DAB8BC0C ft=1 fh=ce50a11e70bad71c vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Desktop\SPYWARE\ccsetup328.exe"
sh=EA244E84E1468A6AF4741F2184E113A16F833D8B ft=1 fh=a9c73d0d07b22a58 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Desktop\SPYWARE\ccsetup402.exe"
sh=C133DB147FA578119F34B675D45B477E110761B2 ft=1 fh=9272027fde077ca7 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup412.exe"
sh=D12F2B7B95F3EB52E57E5E034F4315F4716670FF ft=1 fh=fa0e3acfd523f7f9 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup415.exe"
sh=1DE5D70A411EBBF4441FD569E7427CC28A4D6B13 ft=1 fh=b572351b8a033ea9 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup417.exe"
sh=F69F5B71A6FA94B71504EF184913BCF428D43899 ft=1 fh=6c8257ade2556f83 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup418(1).exe"
sh=F69F5B71A6FA94B71504EF184913BCF428D43899 ft=1 fh=6c8257ade2556f83 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup418(2).exe"
sh=C942D9E23ACF66B9A96A3354EB574279092AF096 ft=1 fh=d19a4424818350b8 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup418.exe"
sh=5A4ADCA5CEFDEACCC9C4D2D197213E606014FDB4 ft=1 fh=63ae2f886e7f5dcc vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup419(1).exe"
sh=5A4ADCA5CEFDEACCC9C4D2D197213E606014FDB4 ft=1 fh=63ae2f886e7f5dcc vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup419(2).exe"
sh=A601D7FA1AC943E7C513C18554B4963A7CC30777 ft=1 fh=24077ef6e95ea586 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup419.exe"
sh=B6B12E4F8E59C61EC67A5E17DEDA7EA5B2FEF364 ft=1 fh=65d7fe9609cd6c74 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup500.exe"
sh=205EA3A873C765FF2E0F78FB1834D6EB44C21BF3 ft=1 fh=a409751ddc77dac3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup501.exe"
sh=74507D2AD5D69252167B682B5FA7E693E1AE0652 ft=1 fh=c644006b49a165d6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup502.exe"
sh=976D24D060C8F9B655B5EC01472194B9DA6C190C ft=1 fh=1966d8d77ea974eb vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup503.exe"
sh=95515E5CD54F8D3B375FAFB34E53C0C1D2E7C344 ft=1 fh=00a7bfbc17a0357b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup504(1).exe"
sh=95515E5CD54F8D3B375FAFB34E53C0C1D2E7C344 ft=1 fh=00a7bfbc17a0357b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup504.exe"
sh=3032CB5B0066ACB77259EC89E9ECAFDB21C06BE6 ft=1 fh=4cc4f419610b1b22 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup505.exe"
sh=012CB3E628C9FAC1159A4BA01F79C6C905757FF9 ft=1 fh=2ab5bfb1b985039b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup506.exe"
sh=BCA0BBDC1ECA7D7049B11DFDF06A731B0DEB0330 ft=1 fh=5d043d2b7dcbb6c6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup507.exe"
sh=AA7AFFCBDAF13C3872F32EACCF3BEFB92FD0FA80 ft=1 fh=02ff89afc7fa57e5 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup508.exe"
sh=6F77F2137756740F4E632BDD7FDAE582929CB411 ft=1 fh=cd73fc9df274ad5b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup509.exe"
sh=2CF9F87AA2EA689D9B9F5CCED4C51B2595C19027 ft=1 fh=4b16eff5bfe216f3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup510(1).exe"
sh=2CF9F87AA2EA689D9B9F5CCED4C51B2595C19027 ft=1 fh=4b16eff5bfe216f3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup510.exe"
sh=788BA11B32EAD116136308D48ABA501827BE6E3E ft=1 fh=f9ccf3513db0012f vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup511(1).exe"
sh=788BA11B32EAD116136308D48ABA501827BE6E3E ft=1 fh=f9ccf3513db0012f vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup511.exe"
sh=5B189555C663407C8DA7930EF070CE16C9B20CE1 ft=1 fh=033ec78b6d86e1cf vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup512(1).exe"
sh=5B189555C663407C8DA7930EF070CE16C9B20CE1 ft=1 fh=033ec78b6d86e1cf vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup512.exe"
sh=B7C20CA5F3D03CA0B47FE84EA238FF4F69E5183B ft=1 fh=075c4223825eb116 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup513.exe"
sh=91352F7C0C03DBAFE73A9D7B2539C7B346EF9582 ft=1 fh=50f3aee05957228d vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup514.exe"
sh=8B1F53A9E0FFB090032A69312B1BC1121CB97601 ft=1 fh=9ae2658579d22504 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup515.exe"
sh=E473F5DB747773B80FCCA8A50B4CF7BAEEC1EA47 ft=1 fh=0b4bffcfb4a8cb37 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup516.exe"
sh=F2812D6ECF216B1137B86BF4E0AFB4F6B012FF85 ft=1 fh=a0e15a68d2773df5 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup517.exe"
sh=065541754D2A46F2D0242D0D531188E5BACDF828 ft=1 fh=5079c4d5a4b31f01 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup518.exe"
sh=40F6CA5EF25B7DBD42AE8B4FDA5F98144B1AD360 ft=1 fh=08965c270c124c2f vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup519.exe"
sh=68B0376FB80EC5DBF7B47DCC7B5335383E9B063A ft=1 fh=893d1fa1996eca88 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\ccsetup520.exe"
sh=DABF7136C12F046453104FABC648308BF824130D ft=1 fh=d5271ac16c5d0b06 vn="a variant of Win32/OpenCandy.A potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\Downloads\FoxitReader614.0217_enu_Setup.exe"
sh=243AA6C14EB05D12071C608E967AD14E9BDFD96A ft=1 fh=b7edfdffc0eed7ac vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application (deleted)" ac=C fn="C:\Users\billie\FOXIT\FoxitReader543.0920_enu_Setup.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=2a36212db177914695ffd9d4ec32d0b4
# end=init
# utc_time=2016-08-02 02:21:10
# local_time=2016-08-01 10:21:10 (-0500, Eastern Daylight Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internet# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=2a36212db177914695ffd9d4ec32d0b4
# end=init
# utc_time=2016-08-02 02:27:19
# local_time=2016-08-01 10:27:19 (-0500, Eastern Daylight Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 30292
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=2a36212db177914695ffd9d4ec32d0b4
# end=updated
# utc_time=2016-08-02 02:27:54
# local_time=2016-08-01 10:27:54 (-0500, Eastern Daylight Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1


 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:46 AM

Posted 02 August 2016 - 09:19 AM

Ok, that worked with ESET.
Clean what ADWCleaner found.

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • The tool will start to update its database...please wait until complete.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button...a report (AdwCleaner[SX].txt) will open in Notepad (where the largest value of X represents the most recent report).
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
Reboot and see how it's running.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 pusssykatt

pusssykatt
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 02 August 2016 - 05:17 PM

# AdwCleaner v5.201 - Logfile created 02/08/2016 at 12:08:57
# Updated 30/06/2016 by ToolsLib
# Database : 2016-08-02.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : billie - BILLIE-HP
# Running from : C:\Users\billie\Desktop\AdwCleaner.exe
# Option : Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

[-] [C:\Users\billie\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search.conduit.com
[-] [C:\Users\billie\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\billie\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1086 bytes] - [02/08/2016 12:08:57]
C:\AdwCleaner\AdwCleaner[S1].txt - [794 bytes] - [01/08/2016 18:08:02]
C:\AdwCleaner\AdwCleaner[S2].txt - [866 bytes] - [01/08/2016 18:13:17]
C:\AdwCleaner\AdwCleaner[S3].txt - [1385 bytes] - [01/08/2016 20:36:06]
C:\AdwCleaner\AdwCleaner[S4].txt - [1458 bytes] - [01/08/2016 22:17:08]
C:\AdwCleaner\AdwCleaner[S5].txt - [1531 bytes] - [01/08/2016 23:18:57]
C:\AdwCleaner\AdwCleaner[S6].txt - [1603 bytes] - [01/08/2016 23:23:40]
C:\AdwCleaner\AdwCleaner[S7].txt - [1567 bytes] - [02/08/2016 12:05:26]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1668 bytes] ##########

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:46 AM

Posted 03 August 2016 - 03:41 PM

How's it doing now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 pusssykatt

pusssykatt
  • Topic Starter

  • Members
  • 90 posts
  • OFFLINE
  •  
  • Local time:01:46 AM

Posted 04 August 2016 - 08:45 PM

Thank you very much! Everything seems to be running fine.

 

I have a question you may not be allowed to answer. I use Webroot Secure Anywhere. I have used it for a few years, however, I changed to ESET last year, but went back to Webroot this year because I also use it on another computer. My question is did ESET Online Scanner pick up things (44 total) that my Webroot should have found?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users