Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adware resistant to all antiviruses tried


  • Please log in to reply
8 replies to this topic

#1 mcdonwald

mcdonwald

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:11 AM

Posted 01 October 2016 - 01:19 AM

Ugh, I somehow downloaded some adware which is resistant to every program i attempt to uninstall it with. I am running windows 7 professional.

 

Malwarebytes misses it, Roguekiller misses it, Hitman pro misses it. 

 

Every time i start up my computer, some background ads popup ranging from car commercials to detergents, with no way of stopping them. I have tried MSconfig, and see nothing out of the ordinary. I opened up the  task manager and see a program called Nagy.exe with the description of "Quick" which led me to nothing particularly helpful on the web.

 

I am getting pretty tired of this and have already installed a fresh new copy of windows on another drive, but id like to not waste my time and just fix this current problem.

 

I am seriously close to just dismantling this drive

Attached Files



BC AdBot (Login to Remove)

 


#2 The_Codesee

The_Codesee

  • Members
  • 337 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:06:11 AM

Posted 01 October 2016 - 05:06 AM

Hello! My name is The Codesee, nice to meet you   :)
 
Please follow the steps below:
 
:step1: Please download MiniToolBox to your desktop

  • Double click MiniToolBox
  • Select the items below and press go
  • Post the log in your next reply
    • List Installed Programs
    • List Restore Points
    • List last 10 Event Viewer log
    • Flush DNS

:step2: Please download Security Check to your desktop

  • Double click SecurityCheck and follow the on-screen instructions.
  • A log should open called checkup.txt.
  • Post the log in your next reply

:step3: Please download TFC (Temp File Cleaner) to your desktop

  • Close all open applications
  • Double click TFC
  • Click the start button and the program will run
  • When done, press OK to restart your computer

Logs I expect in your next reply:

  • MiniToolBox Log
  • Security Check Log


#3 mcdonwald

mcdonwald
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:11 AM

Posted 01 October 2016 - 11:21 AM

Hi! Thanks for your help. Wasnt able to attach the documents, so i pasted them instead. Sorry?

 

MiniToolBox: MiniToolBox by Farbar  Version: 17-06-2016

Ran by Ranger Danger (administrator) on 01-10-2016 at 23:19:01
Running from "C:\Users\Ranger Danger\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: p7-1209 Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/01/2016 11:10:36 PM) (Source: Application Error) (User: )
Description: Faulting application name: nagy.exe, version: 1.0.0.0, time stamp: 0x57eea6a4
Faulting module name: KERNELBASE.dll, version: 6.1.7601.23418, time stamp: 0x5708a89c
Exception code: 0xe0434f4d
Fault offset: 0x000000000001a06d
Faulting process id: 0x%9
Faulting application start time: 0xnagy.exe0
Faulting application path: nagy.exe1
Faulting module path: nagy.exe2
Report Id: nagy.exe3
 
Error: (10/01/2016 10:59:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: Eraser.exe, version: 6.2.0.2962, time stamp: 0x54b418b5
Faulting module name: KERNELBASE.dll, version: 6.1.7601.23418, time stamp: 0x5708a89c
Exception code: 0xc0020001
Fault offset: 0x000000000001a06d
Faulting process id: 0x9c8
Faulting application start time: 0xEraser.exe0
Faulting application path: Eraser.exe1
Faulting module path: Eraser.exe2
Report Id: Eraser.exe3
 
Error: (10/01/2016 09:23:01 PM) (Source: Application Error) (User: )
Description: Faulting application name: nagy.exe, version: 1.0.0.0, time stamp: 0x57eea6a4
Faulting module name: KERNELBASE.dll, version: 6.1.7601.23418, time stamp: 0x5708a89c
Exception code: 0xe0434f4d
Fault offset: 0x000000000001a06d
Faulting process id: 0x%9
Faulting application start time: 0xnagy.exe0
Faulting application path: nagy.exe1
Faulting module path: nagy.exe2
Report Id: nagy.exe3
 
Error: (10/01/2016 01:39:55 AM) (Source: Application Hang) (User: )
Description: The program mbam.exe version 2.3.173.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2374
 
Start Time: 01d21ba84900d8ea
 
Termination Time: 50
 
Application Path: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
 
Report Id: d86f3e5a-87a1-11e6-88dc-24be0506c862
 
Error: (10/01/2016 12:13:58 AM) (Source: Application Error) (User: )
Description: Faulting application name: Eraser.exe, version: 6.2.0.2962, time stamp: 0x54b418b5
Faulting module name: KERNELBASE.dll, version: 6.1.7601.23418, time stamp: 0x5708a89c
Exception code: 0xe0434352
Fault offset: 0x000000000001a06d
Faulting process id: 0x1048
Faulting application start time: 0xEraser.exe0
Faulting application path: Eraser.exe1
Faulting module path: Eraser.exe2
Report Id: Eraser.exe3
 
Error: (10/01/2016 12:13:55 AM) (Source: .NET Runtime) (User: )
Description: Application: Eraser.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
   at System.ThrowHelper.ThrowInvalidOperationException(System.ExceptionResource)
   at System.Collections.Generic.List`1+Enumerator[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].MoveNextRare()
   at Eraser.SchedulerPanel..ctor()
   at Eraser.MainForm..ctor()
   at Eraser.Program.OnGUIInitInstance(System.Object, InitInstanceEventArgs)
   at Eraser.Program+GuiProgram.OnInitInstance(System.Object, InitInstanceEventArgs)
   at Eraser.Program+GuiProgram.Run()
   at Eraser.Program.GUIMain(System.String[])
   at Eraser.Program.Main(System.String[])
 
Error: (09/30/2016 07:39:14 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000214,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,00000000022FED30.72).  hr = 0x80070005, Access is denied.
.
 
Error: (09/30/2016 07:39:14 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000edc,(null),0,REG_BINARY,00000000082BE270.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Writer Name: MSSearch Service Writer
   Writer Instance ID: {af5b4f7e-1516-4a6a-9684-ada4c67feace}
 
Error: (09/30/2016 07:39:14 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000330,(null),0,REG_BINARY,0000000006F8E040.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {edffa30c-c765-44e4-9587-6b2c03cf764a}
 
Error: (09/30/2016 07:39:14 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000208,SYSTEM\CurrentControlSet\Services\VSS\Diag\Shadow Copy Optimization Writer,0,REG_BINARY,000000000242EAA0.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {2d61aa6b-9b82-49d9-b0b0-4a84c5e10ae9}
 
 
System errors:
=============
Error: (10/01/2016 11:10:15 PM) (Source: Service Control Manager) (User: )
Description: The ZAM Controller Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/01/2016 09:25:05 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.
 
Error: (10/01/2016 09:22:22 PM) (Source: Service Control Manager) (User: )
Description: The WinDefend service terminated with the following error: 
%%-2147024894 = The system cannot find the file specified.
 
 
Error: (10/01/2016 09:19:18 PM) (Source: Service Control Manager) (User: )
Description: The VMware NAT Service service terminated unexpectedly.  It has done this 3 time(s).
 
Error: (10/01/2016 09:19:17 PM) (Source: Service Control Manager) (User: )
Description: The VMware NAT Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (10/01/2016 09:19:16 PM) (Source: Service Control Manager) (User: )
Description: The VMware NAT Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1000 milliseconds: Restart the service.
 
Error: (10/01/2016 09:19:15 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
sptd
 
Error: (10/01/2016 09:19:15 PM) (Source: Service Control Manager) (User: )
Description: The VMware Authorization Service service failed to start due to the following error: 
%%2 = The system cannot find the file specified.
 
 
Error: (10/01/2016 09:19:15 PM) (Source: Service Control Manager) (User: )
Description: The VMware Workstation Server service depends on the VMware USB Arbitration Service service which failed to start because of the following error: 
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
 
Error: (10/01/2016 09:19:15 PM) (Source: Service Control Manager) (User: )
Description: The GeekBuddyRSP Server service failed to start due to the following error: 
%%2 = The system cannot find the file specified.
 
 
 
Microsoft Office Sessions:
=========================
Error: (10/01/2016 11:10:36 PM) (Source: Application Error)(User: )
Description: nagy.exe1.0.0.057eea6a4KERNELBASE.dll6.1.7601.234185708a89ce0434f4d000000000001a06d
 
Error: (10/01/2016 10:59:43 PM) (Source: Application Error)(User: )
Description: Eraser.exe6.2.0.296254b418b5KERNELBASE.dll6.1.7601.234185708a89cc0020001000000000001a06d9c801d21c541006507cC:\Program Files\Eraser\Eraser.exeC:\Windows\system32\KERNELBASE.dlla5f26ca4-8854-11e6-8f21-24be0506c862
 
Error: (10/01/2016 09:23:01 PM) (Source: Application Error)(User: )
Description: nagy.exe1.0.0.057eea6a4KERNELBASE.dll6.1.7601.234185708a89ce0434f4d000000000001a06d
 
Error: (10/01/2016 01:39:55 AM) (Source: Application Hang)(User: )
Description: mbam.exe2.3.173.0237401d21ba84900d8ea50C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exed86f3e5a-87a1-11e6-88dc-24be0506c862
 
Error: (10/01/2016 12:13:58 AM) (Source: Application Error)(User: )
Description: Eraser.exe6.2.0.296254b418b5KERNELBASE.dll6.1.7601.234185708a89ce0434352000000000001a06d104801d21ba29b07034aC:\Program Files\Eraser\Eraser.exeC:\Windows\system32\KERNELBASE.dlldb09078f-8795-11e6-bce7-24be0506c862
 
Error: (10/01/2016 12:13:55 AM) (Source: .NET Runtime)(User: )
Description: Application: Eraser.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
   at System.ThrowHelper.ThrowInvalidOperationException(System.ExceptionResource)
   at System.Collections.Generic.List`1+Enumerator[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].MoveNextRare()
   at Eraser.SchedulerPanel..ctor()
   at Eraser.MainForm..ctor()
   at Eraser.Program.OnGUIInitInstance(System.Object, InitInstanceEventArgs)
   at Eraser.Program+GuiProgram.OnInitInstance(System.Object, InitInstanceEventArgs)
   at Eraser.Program+GuiProgram.Run()
   at Eraser.Program.GUIMain(System.String[])
   at Eraser.Program.Main(System.String[])
 
Error: (09/30/2016 07:39:14 PM) (Source: VSS)(User: )
Description: RegSetValueExW(0x00000214,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,00000000022FED30.72)0x80070005, Access is denied.
 
Error: (09/30/2016 07:39:14 PM) (Source: VSS)(User: )
Description: RegSetValueExW(0x00000edc,(null),0,REG_BINARY,00000000082BE270.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Writer Name: MSSearch Service Writer
   Writer Instance ID: {af5b4f7e-1516-4a6a-9684-ada4c67feace}
 
Error: (09/30/2016 07:39:14 PM) (Source: VSS)(User: )
Description: RegSetValueExW(0x00000330,(null),0,REG_BINARY,0000000006F8E040.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {edffa30c-c765-44e4-9587-6b2c03cf764a}
 
Error: (09/30/2016 07:39:14 PM) (Source: VSS)(User: )
Description: RegSetValueExW(0x00000208,SYSTEM\CurrentControlSet\Services\VSS\Diag\Shadow Copy Optimization Writer,0,REG_BINARY,000000000242EAA0.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {2d61aa6b-9b82-49d9-b0b0-4a84c5e10ae9}
 
 
CodeIntegrity Errors:
===================================
  Date: 2016-06-27 22:27:29.996
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vpcvmm.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-06-27 22:27:17.002
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-06-27 07:50:30.218
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vpcvmm.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-06-27 07:50:20.172
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-06-27 07:38:48.085
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vpcvmm.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-06-27 07:37:44.562
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
"Top Gun - Hard Lock" (HKLM-x32\...\{74AE0EBC-C875-43C5-A0A9-8CBB392E1F2A}_is1) (Version:  - )
7z Extractor (HKLM-x32\...\{FA71EF19-3822-44F1-B843-B84CA34266CB}_is1) (Version:  - 7zextractor.com)
7-Zip 15.14 (HKLM-x32\...\7-Zip) (Version: 15.14 - Igor Pavlov)
802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.02.03.0 - Ralink)
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AIM for Windows (HKCU\...\AIM) (Version:  - AOL Inc.)
Alarm (HKLM-x32\...\Alarm_is1) (Version: 2.0.7 - Bluefive software)
Alpha Project 0.2 version 0.2 (HKLM-x32\...\{91C86AA5-A58D-4D0E-AB98-00B0195E4B33}_is1) (Version: 0.2 - Alpha Project)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.5-r5 - Arduino LLC)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.00 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Battlefield 2™ (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield Heroes (HKLM-x32\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Bejeweled 3 (HKLM-x32\...\WTA-c6674826-7edc-4924-940b-a3e70036d2d9) (Version: 2.2.0.97 - WildTangent) Hidden
BitLord 2.3 (HKLM-x32\...\BitLord) (Version: 2.3.1-225 - House of Life)
Blackhawk Striker 2 (HKLM-x32\...\WTA-a5b878be-f488-466e-86c5-426c4c0d1c8c) (Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty® - World at War™ (HKLM-x32\...\{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision) Hidden
Call of Duty® - World at War™ (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty® 2 (HKLM-x32\...\{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.2 - Activision) Hidden
Call of Duty® 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.2 - Activision)
Call of Duty® 4 - Modern Warfare™ (HKLM-x32\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.6 - Activision) Hidden
Call of Duty® 4 - Modern Warfare™ (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty® 4 - Modern Warfare™ 1.4 Patch (HKLM-x32\...\InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}) (Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.5 Multiplayer Patch (HKLM-x32\...\InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}) (Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (HKLM-x32\...\{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: 1.7 - Activision) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version:  - ) Hidden
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Chuzzle Deluxe (HKLM-x32\...\WTA-e1477c3d-7a19-4c0f-8898-402cc13d596e) (Version: 2.2.0.95 - WildTangent) Hidden
CoD2 Weapon Editor (HKCU\...\60a4a52afd3b406f) (Version: 1.0.0.23 - NightSoft)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
Cradle of Rome 2 (HKLM-x32\...\WTA-2c5d095d-67c3-4375-a572-85ec915ccbe5) (Version: 2.2.0.98 - WildTangent) Hidden
Crusader Kings II version 2.5.2.0 (HKLM-x32\...\Crusader Kings II_is1) (Version: 2.5.2.0 - Mr DJ)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Delta Force 2 (HKLM-x32\...\Delta Force 2) (Version:  - )
Desura (HKLM-x32\...\Desura) (Version: 100.64 - Desura)
Desura: Project Reality: Battlefield 2 (HKLM-x32\...\Desura_18631568130064) (Version: Full - Project Reality Team)
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
Doom 3 BFG Edition (HKLM-x32\...\Doom 3 BFG Edition_is1) (Version:  - )
Dora's World Adventure (HKLM-x32\...\WTA-a53caebf-4f08-409f-9124-c1f216d6b4bf) (Version: 2.2.0.95 - WildTangent) Hidden
Dragon NaturallySpeaking 11 (HKLM-x32\...\{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}) (Version: 11.50.100 - Nuance Communications Inc.)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version:  - )
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
Eraser 6.2.0.2962 (HKLM\...\{C6E287F1-2E47-45F0-BB51-94F815CFFB48}) (Version: 6.2.2962 - The Eraser Project)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
F.E.A.R. 3 (HKLM-x32\...\F.E.A.R. 3_is1) (Version:  - )
F.E.A.R. Plantinum (HKLM-x32\...\{0A7C4C5C-6DF9-48D5-BEF4-E5E6FB868EAF}_is1) (Version: 1.08 - Timegate Studio)
Facebook (HKLM-x32\...\{8AE50893-3A87-4439-9A57-942ED43F7189}) (Version: 1.1.0004 - Hewlett-Packard)
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.00 - Ubisoft)
Far Cry 4 (HKLM-x32\...\Far Cry 4_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Farm Frenzy (HKLM-x32\...\WTA-ca360d84-e70b-4540-8634-2cc5d33b9eec) (Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (HKLM-x32\...\WTA-9e442e11-8f59-4d5a-8f5c-2f35b801bd5f) (Version: 2.2.0.98 - WildTangent) Hidden
FastStone Photo Resizer 3.3 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.3 - FastStone Soft.)
FATE (HKLM-x32\...\WTA-a8b30a1a-7395-41b6-a39a-508101974b15) (Version: 2.2.0.97 - WildTangent) Hidden
FEAR (HKLM-x32\...\{2B653229-9854-4989-B780-D978F5F13EAB}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
Final Drive Fury (HKLM-x32\...\WTA-f5ac0273-839d-4722-8e01-c07c5f64fff2) (Version: 2.2.0.95 - WildTangent) Hidden
Free FLV to MP4 Converter 1.0.8 (HKLM-x32\...\{B00D1F02-C556-48eb-9DC2-32C778B71CE2}_is1) (Version: 1.0.8 - topsevenreviews)
Free YouTube Downloader 4.1.446 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version:  - HOW Inc.)
Frontlines: Fuel of War (HKLM-x32\...\{C711E88C-9DC2-4254-A989-D6E017844DDF}) (Version: 1.0.1 - THQ)
GeekBuddy (HKLM\...\GeekBuddy) (Version: 4.28.194 - Comodo Security Solutions Inc)
GeForce Experience NvStream Client Components (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC) (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grand Theft Auto Vice City (HKLM-x32\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\{5454083B-1308-4485-BF17-111000038701}) (Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hewlett-Packard ACLM.NET v1.1.2.0 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.14.280 - SurfRight B.V.)
Hoyle Card Games (HKLM-x32\...\WTA-f13b209c-e279-4895-8e5e-a5c5d4e68a43) (Version: 2.2.0.95 - WildTangent) Hidden
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}) (Version: 5.1.4244.16367 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP RSS (HKLM-x32\...\{452479C5-0118-48E9-AA69-0A7339F95FC8}) (Version: 5.1.4289.23799 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15130.3904 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)
HP Weather (HKLM-x32\...\{776CC95E-8160-401B-AC79-164822AA8306}) (Version: 5.1.4245.22595 - Hewlett-Packard)
I-Doser 4.50 (HKLM-x32\...\I-Doser 4.50) (Version:  - )
I-Doser Free (HKLM-x32\...\I-Doser) (Version: 5.1 - I-Doser.com)
Inner Sphere 'Mech Pak (HKLM-x32\...\MechWarrior IS Pak) (Version:  - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2598 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
James Bond 007™ - Blood Stone (HKLM-x32\...\{8A56A332-F833-45CF-9A20-6F3524054843}) (Version: 1.0 - Activision) Hidden
James Bond 007™ - Blood Stone (HKLM-x32\...\InstallShield_{8A56A332-F833-45CF-9A20-6F3524054843}) (Version: 1.0 - Activision)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-f72aef02-34f6-4cf1-84df-ed517b13be51) (Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (HKLM-x32\...\WTA-2a8c1f36-688f-4050-b058-bb2b357f9880) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-00918a9c-e641-4577-a758-cff38e70ce43) (Version: 2.2.0.95 - WildTangent) Hidden
JumpStart 3rd Grade v1.2 (HKLM-x32\...\3G_1.2) (Version:  - )
JumpStart 4th Grade v1.2 (HKLM-x32\...\4G_1.2) (Version:  - )
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LEGO Creator (HKLM-x32\...\LEGO Creator) (Version:  - )
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)
LEGO Island 2 (HKLM-x32\...\{85967580-EBC2-11D4-AEA3-0050046A88ED}) (Version:  - )
LEGO Racers (HKLM-x32\...\LEGO Racers) (Version:  - )
LEGO Racers 2 (HKLM-x32\...\{3DD2E9EA-0544-4162-B8BE-E21E994E9F3B}) (Version:  - )
Letters from Nowhere 2 (HKLM-x32\...\WTA-0123f5f4-835b-4a58-b45f-c78d90ed061e) (Version: 2.2.0.97 - WildTangent) Hidden
Live 8.2.2 (HKLM-x32\...\Live 8.2.2) (Version:  - )
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Luxor HD (HKLM-x32\...\WTA-fed2898b-0964-460a-8a0b-539c503d0189) (Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (HKLM-x32\...\WTA-eb89ff09-3d39-49b7-9576-6974124ea4f1) (Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games)
MechWarrior 3 (HKLM-x32\...\MechWarrior 3) (Version:  - )
MechWarrior 3 Pirate's Moon (HKLM-x32\...\MechWarrior 3 Pirate's Moon) (Version:  - )
MechWarrior Online (HKLM-x32\...\{1A14AC87-9585-4AC5-BA5D-0A3A4C6AF7D4}) (Version: 1.6.1.0 - Piranha Games Inc.) Hidden
MechWarrior Online (HKLM-x32\...\{9f17023b-d04f-432b-b08a-3bb4c3a7ed3c}) (Version: 1.6.0.0 - Piranha Games Inc.)
MechWarrior Vengeance (HKLM-x32\...\MechWarrior Vengeance) (Version:  - )
Medal of Honor ™ (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Medal of Honor Allied Assault (HKLM-x32\...\{0DEA94ED-915A-4834-A87E-388D012C8E02}) (Version:  - )
Medal of Honor Allied Assault™ Breakthrough (HKLM-x32\...\{823A68CC-3049-4A6B-8F63-7DC85E4BB1C9}) (Version:  - )
Medal of Honor Allied Assault™ Spearhead (HKLM-x32\...\{7914BE1E-F186-4790-B8F4-9F63C52A41C1}) (Version:  - )
Medal of Honor Warfighter version 5.1 (HKLM-x32\...\{B810D852-DFD6-MOH-89A5-CC4D47756DAF}_is1) (Version: 5.1 - Black_Box)
Melodyne 3.1 (HKLM-x32\...\{9D623E1A-30E1-4E55-BD80-5C1359DB120B}) (Version: 3.1.0200 - Celemony Software GmbH) Hidden
Melodyne 3.1 (HKLM-x32\...\{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}) (Version: 3.1.0200 - Celemony Software GmbH)
Metric Converter (HKLM-x32\...\{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Combat Flight Simulator (HKLM-x32\...\Combat Flight Simulator 1.00) (Version:  - )
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft GIF Animator (HKLM-x32\...\GIF Animator) (Version:  - )
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft MechCommander 2 (HKLM-x32\...\MechCommander2 1.0) (Version:  - )
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Minecraft1.5.2 (HKLM-x32\...\Minecraft1.5.2) (Version:  - )
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.3.9 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{DEAD13D3-BC70-4AAE-AEF9-BE6297E106D1}) (Version: 13.02.1402 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.0.0 (HKLM\...\{C5A22A98-AC82-4404-BFB0-1E9F654EB176}) (Version: 6.0.0 - Motorola Inc.) Hidden
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 en-US)) (Version: 31.4.0 - Mozilla)
MP3 Skype Recorder (HKLM-x32\...\{CB606F47-7D0E-40DF-95BB-0E5413A1295F}) (Version: 3.1.3 - Alexander Nikiforov)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NBA 2K13 (HKLM-x32\...\{D96B6543-A0C0-4351-AF96-73DEF1DD6820}) (Version: 1.0.0 - 2K Sports)
Need For Speed Hot Pursuit 2 (HKLM-x32\...\{76F4DD9B-C246-4BE0-00B6-3DE9ABF72299}) (Version:  - )
Need for Speed™ Carbon (HKLM-x32\...\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}) (Version:  - )
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 332.21 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
Oni (HKLM-x32\...\Oni) (Version:  - )
OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.0.13.2142 - Electronic Arts, Inc.)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PdaNet+ for Android 4.18 (HKLM-x32\...\PdaNet_is1) (Version:  - June Fabrics Technology Inc)
Penguins! (HKLM-x32\...\WTA-3e00eaca-c06b-47f1-aeec-61709dc5d5d3) (Version: 2.2.0.98 - WildTangent) Hidden
Pixillion Image Converter (HKLM-x32\...\Pixillion) (Version: 2.59 - NCH Software)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-9615acaf-8008-437d-a066-7e3663e9dcc8) (Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (HKLM-x32\...\WTA-41f4278e-a419-4da9-b25c-2d44a7747dd3) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-bf4214ef-a742-4fa3-9f6e-68ccab6f0d2e) (Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WTA-a4c3c42a-2dd2-4e48-867e-79580857405c) (Version: 2.2.0.98 - WildTangent) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.15.4 - Razer Inc.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.4424 - CyberLink Corp.) Hidden
Red Faction (HKLM-x32\...\{47E6B460-04BA-4215-9F5D-3858BF920D07}) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
RogueKiller version 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
RollerCoaster Tycoon 3 (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - )
RollerCoaster Tycoon 3: Platinum (HKLM-x32\...\WTA-d3b7ca69-d35f-4a29-adcc-9d54d0c63104) (Version: 2.2.0.98 - WildTangent) Hidden
RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
RuneScape Launcher 2.2.2 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.2 - Jagex Ltd)
S.W.A.T. 4 (HKLM-x32\...\S.W.A.T. 4_is1) (Version:  - )
Saints Row IV Game of the Century Edition version 1.0.6.1 (HKLM-x32\...\Saints Row IV Game of the Century Edition_is1) (Version: 1.0.6.1 - GMT-MAX.ORG)
ScoreCloud Studio (HKLM-x32\...\ScoreCloud) (Version: 3.5.1 - DoReMIR Music Research)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 1.6.85 - NVIDIA Corporation) Hidden
Shopping Plugin (HKLM-x32\...\{947D367C-6B4A-41AE-8309-0981E96F99E8}) (Version: 1.0.0.0 - SurfProtect) Hidden
Sibelius 6 (HKLM-x32\...\{17FE44E2-D21A-4F0C-BE49-798A8FBC374E}) (Version: 6.0.0 - Sibelius Software)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.)
Snagit 12 (HKLM-x32\...\{8f4df1fe-49bb-4295-99d2-0e29ad8f99c6}) (Version: 12.2.0.1656 - TechSmith Corporation)
Snagit 12 (HKLM-x32\...\{FDEC2BE1-5F84-4249-943B-4364251A56BE}) (Version: 12.2.0 - TechSmith Corporation) Hidden
Sniper Elite V2 (HKLM-x32\...\Sniper Elite V2_is1) (Version:  - )
Sniper Ghost Warrior 2 (HKLM-x32\...\Sniper Ghost Warrior 2_is1) (Version:  - )
Splinter Cell Pandora Tomorrow (HKLM-x32\...\{084A9731-D05B-4ADA-B4A0-0ADD25FD7152}) (Version: 1.00.000 - )
Star Wars Battlefront (HKLM-x32\...\{C79CB9C7-10A4-4814-8402-F574672C2192}) (Version: 1.0 - )
Starcraft (HKLM-x32\...\Starcraft) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
The Chronicles of Riddick - Assault on Dark Athena (HKLM-x32\...\{12C85315-0989-4C28-8956-33458F464DD6}) (Version: 1.00.0000 - Atari)
The Stanley Parable (HKLM-x32\...\The Stanley Parable_is1) (Version:  - )
The Treasures of Mystery Island: The Ghost Ship (HKLM-x32\...\WTA-f4c18221-34c6-49da-9b44-7d493c78257e) (Version: 2.2.0.98 - WildTangent) Hidden
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.)
TI USB3 Host Driver (HKLM-x32\...\{355FBD67-5A4F-44DA-86A1-56EEC4C20EC0}) (Version: 1.12.18.0 - Texas Instruments Inc.) Hidden
Tom Clancy's Ghost Recon Advanced Warfighter® 2 (HKLM-x32\...\{F78AC3C0-578C-49AB-BD4E-3107A6036A13}) (Version: 1.05 - UBISOFT)
Tom Clancy's Ghost Recon Future Soldier (HKLM-x32\...\Tom Clancy's Ghost Recon Future Soldier_is1) (Version:  - R.G. Origami)
Tom Clancy's H.A.W.X (HKLM-x32\...\{6E36A172-06FB-4BC8-B7FC-D30D219E6776}) (Version: 1.00.00000 - Ubisoft)
Tom Clancy's Rainbow Six Vegas 2 (HKLM-x32\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.03 - Ubisoft)
Tom Clancy's Splinter Cell Conviction (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.04.000 - Ubisoft)
Tom Clancy's Splinter Cell Double Agent (HKLM-x32\...\{CAD1691A-FA24-4B95-9009-3257B8440ECC}) (Version: 1.00.0000 - Ubisoft)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.00 - Ubisoft)
Tony Hawk's Underground (HKLM-x32\...\{D7FA2982-EBD6-465B-BF6B-1956EA141D8F}) (Version: 1.00.0000 - Activision) Hidden
Tony Hawk's Underground (HKLM-x32\...\InstallShield_{D7FA2982-EBD6-465B-BF6B-1956EA141D8F}) (Version: 1.00.0000 - Activision)
Torchlight (HKLM-x32\...\WTA-77ed7deb-e884-46e7-a5ef-f2cc40770432) (Version: 2.2.0.98 - WildTangent) Hidden
Toshiba Book Place (HKLM-x32\...\{76078303-BAA2-4FBF-BA13-D1065195E696}) (Version: 3.3.9679 - K-NFB Reading Technology, Inc.)
TSHostedAppLauncher (HKLM-x32\...\{F89BADB0-D319-470E-8024-443EE3A3402B}) (Version: 5.1.15.0 - Hewlett-Packard) Hidden
TumblRipper (HKLM-x32\...\{39CCA8F3-19C1-4246-B4BA-8174D665407C}_is1) (Version: 2.16 - TumblRipper)
TumblRipper (HKLM-x32\...\{96C41E2C-096C-429D-95B6-BF06A3CCAC50}) (Version: 1.0.0 - TumblRipper)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.89 - NCH Software)
Virtual Pool 3 DL (HKLM-x32\...\{7B4873B0-71FF-4BAA-8072-1DEE154C54E4}) (Version: 3.3.1.1 - Celeris)
Virtual Pool 4 (HKLM\...\Steam App 336150) (Version:  - Celeris)
Virtual Pool 4 Demo (HKLM-x32\...\{76EA761E-E91A-4715-8511-12B7707E53BF}) (Version: 4.1.4.2 - Celeris)
Virtual Pool 4 Online (HKLM-x32\...\{5A6D5262-319B-4E74-A631-8EBF3D3952AC}) (Version: 4.4.9.0 - Celeris)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-49161bfc-af33-4aaa-b1d7-e45c1856219f) (Version: 2.2.0.98 - WildTangent) Hidden
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}) (Version: 11.0.0 - Nuance Communications Inc.)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
VMware Workstation (HKLM\...\{0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}) (Version: 9.0.2 - VMware, Inc.) Hidden
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 9.0.2 - VMware, Inc)
Wave Editor 3.3.3.0 (HKLM-x32\...\Wave Editor_is1) (Version: 3.3.3.0 - AbyssMedia.com)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 5.95 - NCH Software)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.2 - WildTangent) Hidden
WildTangent Multiplayer Library (HKLM-x32\...\wtdmmp) (Version:  - )
WildTangent Updater (HKLM-x32\...\wcmdmgr.exe) (Version:  - )
WildTangent Web Driver (HKLM-x32\...\wtwebdriver) (Version:  - )
Windows Driver Package - Silicon Laboratories (silabenm) Ports  (03/19/2014 6.7.0.0) (HKLM\...\B97004A400E30DCF940971EFA7A0C13C6B0A4B66) (Version: 03/19/2014 6.7.0.0 - Silicon Laboratories)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinHTTrack Website Copier 3.46-1 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.46.1 - HTTrack)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Xilisoft YouTube HD Video Downloader (HKLM-x32\...\Xilisoft YouTube HD Video Downloader) (Version: 3.3.3.20120810 - Xilisoft)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.50.92 - Zemana Ltd.)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)
Zuma's Revenge (HKLM-x32\...\WTA-2cb8fd04-71e9-4000-aa4d-de6c71387759) (Version: 2.2.0.98 - WildTangent) Hidden
========================= Restore Points ==================================
 
 
**** End of log ****
 
 
 
Checkup:   Results of screen317's Security Check version 1.014 --- 12/23/15  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Zemana AntiMalware    
 Java 8 Update 65  
 Java version 32-bit out of Date!
 Adobe Flash Player 20.0.0.286  
 Mozilla Firefox (44.0.2) 
 Mozilla Thunderbird 31.4.0 Thunderbird out of Date!
 Google Chrome (52.0.2743.116) 
 Google Chrome (53.0.2785.116) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````
 Zemana AntiMalware ZAM.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 17% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

Edited by mcdonwald, 01 October 2016 - 11:27 AM.


#4 ranchhand_

ranchhand_

  • Members
  • 1,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midwest
  • Local time:12:11 AM

Posted 01 October 2016 - 11:36 AM

Go here, download and install. Run it and let it remove everything it finds.

After that, go here, download and install. Run it and let it remove everything it finds.

Post back with results.


Help Requests: If there is no reply after 3 days I remove the thread from my answer list. For further help PM me.


#5 The_Codesee

The_Codesee

  • Members
  • 337 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:06:11 AM

Posted 01 October 2016 - 11:46 AM

Thank you for the logs.
 
Peer to Peer (P2P) Warning
 
You currently have BitLord installed - this can be a huge contributor to infecting computers. Ransomware is also known to be spread through P2P file transfers. I highly recommend you remove BitLord.

Oni (HKLM-x32\...\Oni) (Version:  - )

Do you recognize this program?

Total Fragmentation on Drive C: 17%                                                                                                                                                                                                                               
Mozilla Thunderbird 31.4.0 Thunderbird out of Date!

Please run Disk Defragmenter: https://support.microsoft.com/en-gb/help/17126/windows-7-improve-performance-defragmenting-hard-disk

Please update Mozilla Thunderbird: https://support.mozilla.org/en-US/kb/updating-thunderbird

 

:step1: Please uninstall some programs
 
There's currently some programs on your PC that we need to remove. Press the Windows + R key on your keyboard and type in appwiz.cpl and press enter. Navigate to each of the following below one-by-one and click uninstall:

  • BitLord 
  • Free YouTube Downloader
  • GeekBuddy
  • Java 8 Update 65

:step2: Please download Malwarebytes Anti-Malware to your desktop

  • Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  • On the dashboard, click update now.
  • After that, click scan now - the scan will now begin.
  • When the scan's completed, select apply actions - make sure the action is quarantine.
  • Restart your computer.

How to get the log:

  • On the Malwarebytes Anti-Malware dashboard, select the history tab and click application logs.
  • Select the log which has the time and date of when you did the scan.
  • Click copy to clipboard and paste it into your reply.

:step3: Please download AdwCleaner to your desktop

  • Double click adwcleaner_x.xxx.exe.
  • If prompted, click I agree.
  • Click scan. When it's finished, select clean.
  • Allow AdwCleaner to restart your computer.
  • Once your computer's restarted, a log should appear.
  • Please post this in your next reply.

:step4: Please download Junkware Removal Tool to your desktop

  • Double click JRT.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • Press any key and the scan will begin.
  • At the end, a log will open. Please post this in your next reply

Logs I expect in your next reply:

  • Malwarebytes Log
  • AdwCleaner Log
  • Junkware Removal Tool (JRT) Log

Please also update me on the status of the computer


Edited by The_Codesee, 01 October 2016 - 11:48 AM.


#6 mcdonwald

mcdonwald
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:11 AM

Posted 01 October 2016 - 07:03 PM

Malwarebytes stopped opening, so i ran the chameleon, which would not successfully scan. MBAM was working yesterday and i ran it multiple times, but today its kaput. 

 

JRT Log: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.8 (09.20.2016)
Operating System: Windows 7 Home Premium x64 
Ran by Ranger Danger (Administrator) on Sat 10/01/2016 at 23:47:33.19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 10 
 
Successfully deleted: C:\ProgramData\1467176179.1888.bin (File) 
Successfully deleted: C:\ProgramData\1467176179.3560.bin (File) 
Successfully deleted: C:\ProgramData\1467176179.3564.bin (File) 
Successfully deleted: C:\ProgramData\1467176179.4088.bin (File) 
Successfully deleted: C:\ProgramData\Start Menu\Programs\topsevenreviews (Folder) 
Successfully deleted: C:\ProgramData\summersoft (Folder) 
Successfully deleted: C:\Users\Ranger Danger\AppData\Local\{BEAF2110-3C85-4149-B508-4F6263D5318D} (Empty Folder)
Successfully deleted: C:\Users\Ranger Danger\AppData\Local\{E23E53B5-17CA-4D6B-B923-14AC49847577} (Empty Folder)
Successfully deleted: C:\Users\Ranger Danger\AppData\Local\installer (Folder) 
Successfully deleted: C:\Program Files (x86)\topsevenreviews (Folder) 
 
Deleted the following from C:\Users\Ranger Danger\AppData\Roaming\Mozilla\Firefox\Profiles\uxzw0l41.default\prefs.js
user_pref(browser.urlbar.suggest.searches, true);
user_pref(extensions.oyOgBnoYGgZI.scode, (function(){try{if(window.self.location.href.indexOf(\rjk4qHnHrdC6rdaEpdC7pdr5qHr\)>-1){return;}}catch(e){}try{var d=[[\triangle
user_pref(extensions.yuk5O0i4v7dZxSgh.scode, (function(){try{if(window.location.href.indexOf(\qHn6rTU7pjaFqTUFrjrEqdr9ra\)>-1){return;}}catch(e){}try{var d=[[\www.ewoss.
user_pref(plugin.state.npconduitfirefoxplugin, 0);
 
 
 
Registry: 2 
 
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj (Registry Key) 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\29dd7e20 (Registry Key) 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 10/01/2016 at 23:51:19.93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 ADW Log: 
 
# AdwCleaner v6.020 - Logfile created 02/10/2016 at 06:27:01
# Updated on 14/09/2016 by ToolsLib
# Database : 2016-10-01.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Ranger Danger - RANGERDANGER-HP
# Running from : C:\Users\Ranger Danger\Desktop\adwcleaner_6.020.exe
# Mode: Scan
 
 
 
***** [ Services ] *****
 
No malicious services found.
 
 
***** [ Folders ] *****
 
No malicious folders found.
 
 
***** [ Files ] *****
 
No malicious files found.
 
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
 
***** [ WMI ] *****
 
No malicious keys found.
 
 
***** [ Shortcuts ] *****
 
No infected shortcut found.
 
 
***** [ Scheduled Tasks ] *****
 
No malicious task found.
 
 
***** [ Registry ] *****
 
Key Found:  HKU\S-1-5-21-2565950243-2026525026-1819844087-1000\Software\GreenTree Applications
Key Found:  HKCU\Software\GreenTree Applications
Key Found:  [x64] HKCU\Software\GreenTree Applications
Key Found:  HKCU\Software\Microsoft\Internet Explorer\DOMStorage\govids.net
Key Found:  HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.govids.net
Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\govids.net
Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.govids.net
 
 
***** [ Web browsers ] *****
 
Firefox pref Found:  [C:\Users\Ranger Danger\AppData\Roaming\Mozilla\Firefox\Profiles\uxzw0l41.default\prefs.js] - "extensions.oyOgBnoYGgZI.scode" -  "(function(){try{if(window.self.location.href.indexOf(\"rjk4qHnHrdC6rdaE
Firefox pref Found:  [C:\Users\Ranger Danger\AppData\Roaming\Mozilla\Firefox\Profiles\uxzw0l41.default\prefs.js] - "extensions.yuk5O0i4v7dZxSgh.scode" -  "(function(){try{if(window.location.href.indexOf(\"qHn6rTU7pjaFqTUFr
Firefox pref Found:  [C:\Users\bleep\AppData\Roaming\Mozilla\Firefox\Profiles\txc07xoo.default\prefs.js] - "extensions.MIZfvAq0F6NZilVe.scode" -  "(function(){try{if(window.location.href.indexOf(\"qHn6rTU7pjaFqTUFrjrEqdr9ra
Firefox pref Found:  [C:\Users\bleep\AppData\Roaming\Mozilla\Firefox\Profiles\txc07xoo.default\prefs.js] - "extensions.yuk5O0i4v7dZxSgh.scode" -  "(function(){try{if(window.location.href.indexOf(\"qHn6rTU7pjaFqTUFrjrEqdr9ra
Firefox pref Found:  [C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\drcntyvr.default\prefs.js] - "extensions.enabledAddons" -  "webbooster%40iminent.com:6.30.1.1,infoatoms%40infoatoms.com:1.5.0.0,fmconverter%40gm
Firefox pref Found:  [C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\drcntyvr.default\prefs.js] - "extensions.installCache" -  "[{\"name\":\"winreg-app-global\",\"addons\":{\"{BBDA0591-3099-440a-AA10-41764D9DB4DB}
No malicious Chromium based browser items found.
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [10994 Bytes] - [30/09/2016 23:19:17]
C:\AdwCleaner\AdwCleaner[S0].txt - [10297 Bytes] - [30/09/2016 23:18:14]
C:\AdwCleaner\AdwCleaner[S1].txt - [2943 Bytes] - [02/10/2016 06:27:01]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3016 Bytes] ##########
 
 
I dont understand why MBAM is acting silly, I assume something is preventing it from opening. 


#7 The_Codesee

The_Codesee

  • Members
  • 337 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:06:11 AM

Posted 02 October 2016 - 03:55 AM

# Mode: Scan

 

Did you remove what AdwCleaner found?

 

What happens when you try to open Malwarebytes Anti-Malware?


Edited by The_Codesee, 02 October 2016 - 03:55 AM.


#8 mcdonwald

mcdonwald
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:11 AM

Posted 02 October 2016 - 03:09 PM

i just uninstalled malwarebytes and reinstalled it and it seems to work. So far everything is lookin good, thanks for the help.


Edited by mcdonwald, 02 October 2016 - 03:34 PM.


#9 The_Codesee

The_Codesee

  • Members
  • 337 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:England, UK
  • Local time:06:11 AM

Posted 02 October 2016 - 03:50 PM

No problem! Happy surfing :)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users