Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MPC Cleaner / search.mpc.am - still showing as homepage


  • Please log in to reply
9 replies to this topic

#1 HollyMarie13

HollyMarie13

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 11 August 2016 - 09:44 AM

Hi there,

 

Two days ago I realised upon opening Firefox that my home page had been altered to search.mpc.am

 

I went through the logical steps to remove it e.g. deleting the programme in Control Panel, resetting homepage, disabling unknown add-ons/extensions, resetting Firefox etc, stopping processes in task manager etc. I also looked up online for any specifics related to this particular malware and followed those instructions.

 

I then ran the two Anti-Malware programmes I have (Malwarebytes and SpyHunter4) and they found some remnants of MPC Cleaner which they got rid of.

 

I have repeated this and both logs are now clear.

 

However, despite repeating these steps quite a few times - my firefox homepage is still showing up as search.mpc.am every time I open firefox.

 

This is incredibly frustrating - please help!

 

Thanks

Holly



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:36 AM

Posted 11 August 2016 - 12:42 PM

Please run MiniToolBox and see
3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 HollyMarie13

HollyMarie13
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 14 August 2016 - 03:12 PM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Holly Marie (administrator) on 14-08-2016 at 21:09:02
Running from "C:\Users\Holly Marie\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: HP Pavilion g6 Notebook PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Realtek RTL8188CE 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64 icmpredirects=enabled taskoffload=disabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : HollyMarie-HP
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : default

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : default
   Description . . . . . . . . . . . : Realtek RTL8188CE 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : 20-10-7A-72-28-B9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d47d:425e:ea21:9716%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.163(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 14 August 2016 20:55:45
   Lease Expires . . . . . . . . . . : 16 August 2016 21:03:53
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 320868474
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-F9-FA-A7-A0-B3-CC-70-A8-2D
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : A0-B3-CC-70-A8-2D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Server:  BrightBox.ee
Address:  192.168.1.1

DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Addresses:  2a00:1450:4009:801::200e
   216.58.210.46

Pinging google.com [216.58.214.14] with 32 bytes of data:
Reply from 216.58.214.14: bytes=32 time=13ms TTL=53
Reply from 216.58.214.14: bytes=32 time=17ms TTL=53

Ping statistics for 216.58.214.14:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 13ms, Maximum = 17ms, Average = 15ms
Server:  BrightBox.ee
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
   2001:4998:58:c02::a9
   2001:4998:44:204::a7
   98.139.183.24
   206.190.36.45
   98.138.253.109

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=94ms TTL=47
Reply from 98.139.183.24: bytes=32 time=90ms TTL=47

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 90ms, Maximum = 94ms, Average = 92ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...20 10 7a 72 28 b9 ......Realtek RTL8188CE 802.11b/g/n WiFi Adapter
 11...a0 b3 cc 70 a8 2d ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.163     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.163    281
    192.168.1.163  255.255.255.255         On-link     192.168.1.163    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.163    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.163    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.163    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 13    281 fe80::/64                On-link
 13    281 fe80::d47d:425e:ea21:9716/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/14/2016 08:56:57 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/14/2016 05:56:34 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.18427 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 173c

Start Time: 01d1f64bda9f81be

Termination Time: 27

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (08/14/2016 05:33:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2016 05:17:44 PM) (Source: Application Hang) (User: )
Description: The program SpyHunter4.exe version 4.23.2.4686 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: f68

Start Time: 01d1f3d4184f1a2b

Termination Time: 96

Application Path: C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe

Report Id:

Error: (08/11/2016 04:07:33 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.23418, time stamp: 0x570898dc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x0000000003e00fd8
Faulting process id: 0xcd4
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (08/11/2016 04:07:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.23418, time stamp: 0x570898dc
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000003e00fd8
Faulting process id: 0xcd4
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (08/11/2016 02:26:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2016 12:55:03 PM) (Source: ESENT) (User: )
Description: taskhost (2496) WebCacheLocal: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Users\Holly Marie\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (08/11/2016 12:54:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/10/2016 03:29:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (08/14/2016 08:57:37 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.

Error: (08/14/2016 08:57:36 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (08/14/2016 08:57:37 PM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (08/14/2016 08:55:43 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (08/14/2016 06:05:45 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (08/14/2016 05:31:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (08/11/2016 05:31:58 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (08/11/2016 02:26:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (08/11/2016 01:23:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB3178034).

Error: (08/11/2016 12:53:05 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Microsoft Office Sessions:
=========================
Error: (08/14/2016 08:56:57 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/14/2016 05:56:34 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.18427173c01d1f64bda9f81be27C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (08/14/2016 05:33:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2016 05:17:44 PM) (Source: Application Hang)(User: )
Description: SpyHunter4.exe4.23.2.4686f6801d1f3d4184f1a2b96C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe

Error: (08/11/2016 04:07:33 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.23418570898dcunknown0.0.0.000000000c000041d0000000003e00fd8cd401d1f3d40e350c1dC:\Windows\Explorer.EXEunknown542a583c-5fd5-11e6-824f-a0b3cc70a82d

Error: (08/11/2016 04:07:26 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.23418570898dcunknown0.0.0.000000000c00000050000000003e00fd8cd401d1f3d40e350c1dC:\Windows\Explorer.EXEunknown501df6aa-5fd5-11e6-824f-a0b3cc70a82d

Error: (08/11/2016 02:26:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2016 12:55:03 PM) (Source: ESENT)(User: )
Description: taskhost2496WebCacheLocal: C:\Users\Holly Marie\AppData\Local\Microsoft\Windows\WebCache\V01.log-1811 (0xfffff8ed)

Error: (08/11/2016 12:54:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/10/2016 03:29:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
  Date: 2013-03-24 17:29:17.321
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-20 18:32:05.444
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-02-27 19:15:47.940
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

=========================== Installed Programs ============================

«The Sims 3 Deluxe Edition» (build 7.0) (HKLM-x32\...\«The Sims 3 Deluxe Edition»_is1) (Version:  - R.G. Catalyst)
AccompanEase (HKLM-x32\...\AccompanEase) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.17) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.17 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.3.0 - IObit)
Air Playit 2.0.0 (HKLM\...\Air Playit_is1) (Version:  - Digiarty)
Amazon MP3 Downloader 1.0.18 (HKCU\...\Amazon MP3 Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{ACD449FA-9DF3-779D-DA68-11D486963225}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
AMD System Monitor (HKLM-x32\...\{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}) (Version: 1.0.9 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 19.4.0.508 - AVG Technologies)
Bejeweled 3 (HKLM-x32\...\WTA-c2b82056-f29b-48ad-997f-1f19b614d504) (Version: 2.2.0.97 - WildTangent) Hidden
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.5.41074 - BitTorrent Inc.)
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.8.0.29626 - BitTorrent Inc.)
Blackhawk Striker 2 (HKLM-x32\...\WTA-b50294e4-aabd-4051-ae43-40871b5c4bbb) (Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Chuzzle Deluxe (HKLM-x32\...\WTA-bc5c0831-dccd-42dc-818f-dea8d145646e) (Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Code Blue (HKLM-x32\...\Code Blue) (Version:  - )
Cradle of Rome 2 (HKLM-x32\...\WTA-99e46dbc-2e5b-48f8-b79e-8a474efd949f) (Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4528 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Digital Theatre Player 4.0 (HKLM-x32\...\{46E38045-B37A-0217-DF87-3412EB547249}) (Version: 4.0 - Digital Theatre.Com Limited) Hidden
Digital Theatre Player 4.0 (HKLM-x32\...\com.digitaltheatre.DTPlayer) (Version: 4.0 - Digital Theatre.Com Limited)
Dora's World Adventure (HKLM-x32\...\WTA-ce2e98c1-27f8-4d0e-be90-591d9beb99c9) (Version: 2.2.0.95 - WildTangent) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX420W Series Manual (HKLM-x32\...\EPSON SX420W Series Manual) (Version:  - )
EPSON SX420W Series Network Guide (HKLM-x32\...\EPSON SX420W Series Network Guide) (Version:  - )
EPSON SX420W Series Printer Uninstall (HKLM\...\EPSON SX420W Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.2 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.2a - SEIKO EPSON CORPORATION)
ER Disaster Strikes (HKLM-x32\...\ER Disaster Strikes) (Version:  - )
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Farm Frenzy (HKLM-x32\...\WTA-721832b0-9d23-4011-9717-c581ae40c1ee) (Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (HKLM-x32\...\WTA-8a33ad05-a798-457d-9283-c8073f06857a) (Version: 2.2.0.98 - WildTangent) Hidden
FATE (HKLM-x32\...\WTA-0234d8b2-fe17-4c98-b4ac-69d38fadfbed) (Version: 2.2.0.97 - WildTangent) Hidden
File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
Final Drive Fury (HKLM-x32\...\WTA-0c108643-9877-4be1-9ca6-a3491385ece3) (Version: 2.2.0.95 - WildTangent) Hidden
Hoyle Card Games (HKLM-x32\...\WTA-0cdc359c-78a7-484e-a402-1a2b191080b0) (Version: 2.2.0.95 - WildTangent) Hidden
HP Documentation (HKLM-x32\...\{3D5C7E0E-AEC0-40EB-99D3-C40469738040}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{BF1E75D0-E7AF-4BEA-9FBC-567F0C54BDF9}) (Version: 1.0.12 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Photosmart 5520 series Basic Device Software (HKLM\...\{53469789-996F-4193-9FBD-A053EE298C6F}) (Version: 27.0.847.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Help (HKLM-x32\...\{7137E26A-10F7-4B1C-9980-0893579E92DA}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Product Improvement Study (HKLM\...\{235FC8A2-FFDF-4F74-A829-BA20EC015EC7}) (Version: 27.0.847.0 - Hewlett-Packard Co.)
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Product Detection (HKLM-x32\...\{42D10994-A566-495D-A5E7-D0C6B5C6B35C}) (Version: 11.14.0006 - HP)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{562608FE-2051-4488-BF22-8CE4C03046AC}) (Version: 1.0.12 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{962CB079-85E6-405F-8704-1C62365AE46F}) (Version: 4.5.10.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
iCloud (HKLM\...\{D0CB24F4-084F-40DE-B6B9-A03626E682F0}) (Version: 2.1.1.3 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
IObit Apps Toolbar v23.8 (HKLM-x32\...\{44EB6B81-27FD-4A44-9D77-59D72EEAE6C5}) (Version: 23.8 - Spigot, Inc.)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.3.0.142 - IObit)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-8f4d9317-6f8e-4e0a-b935-35ea1600aa8e) (Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (HKLM-x32\...\WTA-291f051e-6ab7-4ceb-b46e-125458cdf9c7) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-46e32946-911b-4f1d-83fb-c40e600a3021) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Letters from Nowhere 2 (HKLM-x32\...\WTA-92db537a-32df-4c13-bbc9-aa9139b6e0e2) (Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (HKLM-x32\...\WTA-806a72b3-bc85-4fc5-a63e-aa6dec0a396b) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (HKLM-x32\...\WTA-6ad355fa-b30e-4d51-a974-9fa971281b82) (Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 48.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 en-GB)) (Version: 48.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0 - Mozilla)
Notebook Software (HKLM-x32\...\{F581DF68-CAE9-4064-A6CD-705D95D1C756}) (Version: 10.0.187.1 - SMART Technologies)
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
Papers, Please (HKLM-x32\...\GOGPACKPAPERSPLEASE_is1) (Version: 2.0.0.4 - GOG.com)
Penguins! (HKLM-x32\...\WTA-deeccea1-9139-49de-9a9a-87099a9540b7) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-759d14c4-b079-4a59-b806-d00d2c81768d) (Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (HKLM-x32\...\WTA-a7ffa437-7417-466e-a409-5381dc188568) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-f14c408e-4ac9-45be-8b8d-723b9a37610f) (Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WTA-54ff8f3c-2a4e-463a-a3be-cf8f23d3e4ff) (Version: 2.2.0.98 - WildTangent) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)
RollerCoaster Tycoon 3: Platinum (HKLM-x32\...\WTA-87c29eb2-1ee2-46f6-8398-81047e34bd16) (Version: 2.2.0.98 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Sibelius Scorch (Firefox, Opera, Netscape, Chrome only) (HKLM-x32\...\{41626CC0-A854-4402-AD06-D7939515C282}) (Version: 6.2.0 - Sibelius Software, a division of Avid Technology, Inc.)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
SMART Board Drivers (HKLM-x32\...\{FF7A64AB-214A-47D1-95E7-742BCBA7F6C9}) (Version: 10.0.165.1 - SMART Technologies)
Soda PDF 6 (HKLM-x32\...\Soda6) (Version: 6.3.2.17086 - LULU Software Limited)
Soda PDF 6 View Module (HKLM-x32\...\{0341A523-2227-42F5-A438-DC41DB815A17}) (Version: 6.4.8.18629 - LULU Software Limited) Hidden
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.23.2.4686 - Enigma Software Group, LLC)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
System Requirements Lab (HKLM-x32\...\{8DCAB1D8-F20C-4733-9B5F-646DDFEB59C9}) (Version: 6.1.1.0 - Husdawg, LLC)
Textease 6 (HKLM-x32\...\{92F4F67E-D332-4BB2-A831-773D511E5F83}) (Version: 6.060.000 - Lightbox Education)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.42.130 - Electronic Arts)
The Sims™ 3 Diesel Каталог (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Katy Perry Сладкие радости (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 В сумерках (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
The Sims™ 3 Времена года (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Все возрасты (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Городская жизнь Каталог (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 Изысканная спальня Каталог (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Карьера (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.10.1 - Electronic Arts)
The Sims™ 3 Мир приключений (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.9.10 - Electronic Arts)
The Sims™ 3 Отдых на природе Каталог (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
The Sims™ 3 Питомцы (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Сверхъестественное (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Скоростной режим Каталог (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.8.1 - Electronic Arts)
The Sims™ 3 Современная роскошь Каталог (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.9.6 - Electronic Arts)
The Sims™ 3 Шоу-бизнес (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Treasures of Mystery Island: The Ghost Ship (HKLM-x32\...\WTA-78802a56-e9e2-4eec-ab44-3884cc9f5f3e) (Version: 2.2.0.98 - WildTangent) Hidden
Theme Hospital (HKLM-x32\...\Theme Hospital_is1) (Version:  - GOG.com)
Torchlight (HKLM-x32\...\WTA-bbc321cb-ced5-49f6-b7d6-908d7515ab5d) (Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-75022e29-27d1-4097-85dc-d8e1f1f8a75b) (Version: 2.2.0.98 - WildTangent) Hidden
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. )
Zuma's Revenge (HKLM-x32\...\WTA-7e21aa6d-2719-4658-9556-0bb6f36513a1) (Version: 2.2.0.98 - WildTangent) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 3561.41 MB
Available physical RAM: 2078.54 MB
Total Virtual: 7121 MB
Available Virtual: 5150.27 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:907.54 GB) (Free:616.46 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:19.81 GB) (Free:2.15 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32

========================= Users: ========================================

User accounts for \\HOLLYMARIE-HP

Administrator            Guest                    Holly Marie             

**** End of log ****



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:36 AM

Posted 14 August 2016 - 08:33 PM

Hello, is there a reason you have many SIMS installed in Russian? If not Remove them all and reboot.

Remove Search.mpc.am from Mozilla Firefox
Click the Menu button in the top-right corner of Firefox and select Options.
In the General pane, remove Search.mpc.am from Home Page and click Restore to Default button.
In Search pane, choose Google as your default search engine. Under Default Search Engine and remove Search.mpc.am.

Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista/Windows7, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

Edited by boopme, 14 August 2016 - 08:34 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 HollyMarie13

HollyMarie13
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 23 August 2016 - 03:17 AM

Sorry it's taken me ages to reply to this - I've been away.

 

Rkill 2.8.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/23/2016 09:12:44 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Windows\SysWOW64\ezSharedSvcHost.exe (PID: 1092) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * TBS [Missing Service]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 08/23/2016 09:15:09 AM
Execution time: 0 hours(s), 2 minute(s), and 24 seconds(s)



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:36 AM

Posted 23 August 2016 - 09:06 AM

Hi, re run RKill and then Malwarebytes
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 HollyMarie13

HollyMarie13
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 29 August 2016 - 10:30 AM

Log from Malwarebytes:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 29/08/2016
Scan Time: 15:56
Logfile: Log.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.08.29.07
Rootkit Database: v2016.08.15.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Holly Marie

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 317963
Time Elapsed: 24 min, 19 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
PUP.Optional.MorePowerfulCleaner, C:\Users\Holly Marie\AppData\Roaming\Mozilla\Firefox\Profiles\p6qoknaj.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "search.mpc.am");), Replaced,[72695ef281190630f0b2a9f4b64ed12f]
PUP.Optional.MorePowerfulCleaner, C:\Users\Holly Marie\AppData\Roaming\Mozilla\Firefox\Profiles\p6qoknaj.default\prefs.js, Good: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Bad: (user_pref("browser.startup.homepage", "search.mpc.am");), Replaced,[e0fb81cf22786ec8a028e4bbbc48f30d]

Physical Sectors: 0
(No malicious items detected)

(end)



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:36 AM

Posted 30 August 2016 - 09:39 AM

Sorry was ill. Looks like we got it. How are things?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 HollyMarie13

HollyMarie13
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 01 September 2016 - 12:09 PM

All good! Not showing as my homepage anymore so looks like problem solved.

 

Thanks so much.



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:36 AM

Posted 01 September 2016 - 12:59 PM

Great!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users