Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Possibly Infected with Malware, Possibly being used as a bot


  • Please log in to reply
13 replies to this topic

#1 Suprlazr

Suprlazr

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:14 PM

Posted 24 June 2017 - 04:52 PM

Hello, and thank you for taking the time to help. Please let me know if you need any more information or clarification. Thank you.

 

I am running WIndows 7.

 

My computer seems to have been infected for some time. 

 

The computer has sometimes taken a very long time to shutdown. Upwards of five minutes. Also, I sometimes here the computer operating when it should be sleeping, making me think that it is busy doing something else. 

 

I have ran ccleaner and malwarebytes, and recently starting running Spybot. 

 

When I run Malwarebytes it shows a list of issues, but then when I select to fix all selected issues, the program will stop working and I am forced to close it.

 

When I log in I am getting an error popup for CS5 service manager.exe file. Which I have to select OK to every time.

 

I was also getting a popup from a razer program not responding, and I have subsequently removed all razer programs. I don't need them anymore anyway. 

 

 

This started happening after I ran Spybot:

 

When I restart the computer now, I am getting a popup on the blue windows screen just before shutdown that says Bitdefender recognized a threat and it strongly encourages I report it. 

 

"Uninstall a program" is not working, I go to the Control Panel and click the text and nothing is responding. Other items on Control Panel still respond and work. 

 

These are the logs from Spybot:

 

 

 

 

Search results from Spybot - Search & Destroy
 
6/24/2017 1:29:41 PM
Scan took 00:19:56.
109 items found.
 
Babylon.Toolbar: [SBI $4D2B8FD6] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
  Category=Adware
  ThreatLevel=3
 
Babylon.Toolbar: [SBI $4AB6C1F6] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
  Category=Adware
  ThreatLevel=3
 
Babylon.Toolbar: [SBI $4AB6C1F6] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
  Category=Adware
  ThreatLevel=3
 
Babylon.Toolbar: [SBI $EDEE5496] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
  Category=Adware
  ThreatLevel=3
 
Babylon.Toolbar: [SBI $1A89274C] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
  Category=Adware
  ThreatLevel=3
 
Babylon.Toolbar: [SBI $1A89274C] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
  Category=Adware
  ThreatLevel=3
 
Babylon.Toolbar: [SBI $DAF071F2] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
  Category=Adware
  ThreatLevel=3
 
Babylon.Toolbar: [SBI $DAF071F2] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
  Category=Adware
  ThreatLevel=3
 
Babylon.Toolbar: [SBI $7FDC77BF] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
  Category=Adware
  ThreatLevel=3
 
Babylon.Toolbar: [SBI $7FDC77BF] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
  Category=Adware
  ThreatLevel=3
 
Babylon.Toolbar: [SBI $335BD69F] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
  Category=Adware
  ThreatLevel=3
 
Babylon.Toolbar: [SBI $F2D194B9] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
  Category=Adware
  ThreatLevel=3
 
Babylon.Toolbar: [SBI $CC37E2D7] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
  Category=Adware
  ThreatLevel=3
 
W3i.IQ5.fraud: [SBI $678078F9] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\W3i
  Category=Adware
  ThreatLevel=3
 
Yontoo.Pagerage: [SBI $F328E28A] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
  Category=Adware
  ThreatLevel=3
 
Yontoo.Pagerage: [SBI $C931777C] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
  Category=Adware
  ThreatLevel=3
 
Yontoo.Pagerage: [SBI $7EA79EE0] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}
  Category=Adware
  ThreatLevel=3
 
Yontoo.Pagerage: [SBI $2ADF7DD5] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
  Category=Adware
  ThreatLevel=3
 
Yontoo.Pagerage: [SBI $61D90200] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
  Category=Adware
  ThreatLevel=3
 
Yontoo.Pagerage: [SBI $5CAD9242] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
  Category=Adware
  ThreatLevel=3
 
Yontoo.Pagerage: [SBI $5CAD9242] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
  Category=Adware
  ThreatLevel=3
 
Yontoo.Pagerage: [SBI $879BC3EE] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{FE9271F2-6EFD-44b0-A826-84C829536E93}
  Category=Adware
  ThreatLevel=3
 
Win32.Downloader.gen: [SBI $E6AD2227] Program directory (Directory, nothing done)
  C:\Users\Eric\AppData\Local\Conduit\
  Category=Malware
  ThreatLevel=10
 
Montera.Toolbar: [SBI $57CD5FCF] Application ID (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\esrv.EXE
  Category=Malware
  ThreatLevel=10
 
Montera.Toolbar: [SBI $57CD5FCF] Application ID (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\esrv.EXE
  Category=Malware
  ThreatLevel=10
 
Montera.Toolbar: [SBI $C5E991BF] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
  Category=Malware
  ThreatLevel=10
 
Montera.Toolbar: [SBI $C5E991BF] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
  Category=Malware
  ThreatLevel=10
 
Montera.Toolbar: [SBI $7C893BE9] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
  Category=Malware
  ThreatLevel=10
 
Montera.Toolbar: [SBI $7C893BE9] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
  Category=Malware
  ThreatLevel=10
 
Toolbar.Facemood: [SBI $8F44A361] Application ID (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}
  Category=PUPS
  ThreatLevel=2
 
Toolbar.Facemood: [SBI $8F44A361] Application ID (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}
  Category=PUPS
  ThreatLevel=2
 
Toolbar.Facemood: [SBI $5E30C9D5] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
  Category=PUPS
  ThreatLevel=2
 
Toolbar.Facemood: [SBI $5E30C9D5] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
  Category=PUPS
  ThreatLevel=2
 
Toolbar.Facemood: [SBI $05615868] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4f05-9A6E-5D3B778EC567}
  Category=PUPS
  ThreatLevel=2
 
Toolbar.Facemood: [SBI $B0AC0542] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
  Category=PUPS
  ThreatLevel=2
 
Toolbar.Facemood: [SBI $7BBF0EC0] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
  Category=PUPS
  ThreatLevel=2
 
Toolbar.Facemood: [SBI $54FC7DB6] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
  Category=PUPS
  ThreatLevel=2
 
Toolbar.Facemood: [SBI $D74BE4BE] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
  Category=PUPS
  ThreatLevel=2
 
Toolbar.Facemood: [SBI $5EA898D8] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
  Category=PUPS
  ThreatLevel=2
 
Toolbar.Facemood: [SBI $35668AA4] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
  Category=PUPS
  ThreatLevel=2
 
Toolbar.Facemood: [SBI $2543F0B4] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
  Category=PUPS
  ThreatLevel=2
 
Toolbar.Facemood: [SBI $FCAC8542] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
  Category=PUPS
  ThreatLevel=2
 
Toolbar.Facemood: [SBI $D3994306] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
  Category=PUPS
  ThreatLevel=2
 
Toolbar.Facemood: [SBI $E5279435] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
  Category=PUPS
  ThreatLevel=2
 
Toolbar.Facemood: [SBI $04C50E46] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
  Category=PUPS
  ThreatLevel=2
 
Toolbar.Facemood: [SBI $D7D894B6] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
  Category=PUPS
  ThreatLevel=2
 
Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\Eric\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\77852CVC\mail.google.com\wakeup.sol
  Category=Tracks
  ThreatLevel=2
  Properties.size=0
  Properties.md5=D41D8CD98F00B204E9800998ECF8427E
 
DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_PUBLIC (default)) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
 
DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_PUBLIC (default)) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
 
CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_PUBLIC (default)) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
 
LinkSynergy: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_PUBLIC (default)) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
 
LinkSynergy: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_PUBLIC (default)) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
 
CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_PUBLIC (default)) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
 
CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_PUBLIC (default)) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
 
CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_PUBLIC (default)) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
 
CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_PUBLIC (default)) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
 
CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Firefox: PE_C_PUBLIC (default)) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
 
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
 
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
 
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
 
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
 
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
 
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
 
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
 
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
 
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
 
MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
  Category=Tracks
  ThreatLevel=2
 
MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\MediaPlayer\Player\Settings\Client ID
  Category=Tracks
  ThreatLevel=2
 
MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
 
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
 
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Direct3D\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
 
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Direct3D\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
 
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Direct3D\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
 
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Microsoft\Direct3D\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
 
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Direct3D\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
 
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
 
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
 
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
  Category=Tracks
  ThreatLevel=2
 
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
  Category=Tracks
  ThreatLevel=2
 
Windows.OpenWith: [SBI $16E309E0] Open with list - .ASF extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASF\OpenWithList
  Category=Tracks
  ThreatLevel=2
 
Windows.OpenWith: [SBI $16E309E0] Open with list - .ASF extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASF\OpenWithList
  Category=Tracks
  ThreatLevel=2
 
Windows.OpenWith: [SBI $CDE7D0A6] Open with list - .ASX extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASX\OpenWithList
  Category=Tracks
  ThreatLevel=2
 
Windows.OpenWith: [SBI $CDE7D0A6] Open with list - .ASX extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASX\OpenWithList
  Category=Tracks
  ThreatLevel=2
 
Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
  Category=Tracks
  ThreatLevel=2
 
Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
  Category=Tracks
  ThreatLevel=2
 
Windows.OpenWith: [SBI $7E93AD81] Open with list - .CSS extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
  Category=Tracks
  ThreatLevel=2
 
Windows.OpenWith: [SBI $7E93AD81] Open with list - .CSS extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
  Category=Tracks
  ThreatLevel=2
 
Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
  Category=Tracks
  ThreatLevel=2
 
Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
  Category=Tracks
  ThreatLevel=2
 
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
  Category=Tracks
  ThreatLevel=2
 
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
  Category=Tracks
  ThreatLevel=2
 
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
  Category=Tracks
  ThreatLevel=2
 
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
  Category=Tracks
  ThreatLevel=2
 
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
  Category=Tracks
  ThreatLevel=2
 
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
  Category=Tracks
  ThreatLevel=2
 
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
  Category=Tracks
  ThreatLevel=2
 
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
  Category=Tracks
  ThreatLevel=2
 
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
  Category=Tracks
  ThreatLevel=2
 
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
  Category=Tracks
  ThreatLevel=2
 
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
  Category=Tracks
  ThreatLevel=2
 
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
  Category=Tracks
  ThreatLevel=2
 
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
  Category=Tracks
  ThreatLevel=2
 
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
  Category=Tracks
  ThreatLevel=2
 
WinZip: [SBI $1059E532] Number of times run (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Nico Mak Computing\WinZip\rrs\Opened
  Category=Tracks
  ThreatLevel=2
 
WinZip: [SBI $1059E532] Number of times run (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3723773038-1254731625-85814526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Nico Mak Computing\WinZip\rrs\Opened
  Category=Tracks
  ThreatLevel=2
 
Cookie: [SBI $49804B54] Browser: Cookie (3) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
 
Cache: [SBI $49804B54] Browser: Cache (75) (Browser: Cache, nothing done)
  
  Category=Browser
  ThreatLevel=1
 
History: [SBI $49804B54] Browser: History (5) (Browser: History, nothing done)
  
  Category=Browser
  ThreatLevel=1
 
Cookie: [SBI $49804B54] Browser: Cookie (361) (Browser: Cookie, nothing done)
  
  Category=Browser
  ThreatLevel=1
 
 
--- Spybot - Search & Destroy version: 2.6.46.134  DLL (build: 20170523) ---
 
2017-05-23 blindman.exe (2.6.46.151)
2017-05-23 explorer.exe (2.6.46.181)
2017-05-23 SDBootCD.exe (2.6.46.109)
2017-05-23 SDCleaner.exe (2.6.46.110)
2017-05-23 SDDelFile.exe (2.6.46.94)
2017-05-23 SDFiles.exe (2.6.46.135)
2017-05-23 SDFileScanHelper.exe (2.6.46.1)
2017-05-23 SDFSSvc.exe (2.6.46.217)
2017-05-23 SDHelp.exe (2.6.46.1)
2017-05-23 SDHookHelper.exe (2.6.46.2)
2017-05-23 SDHookInst32.exe (2.6.46.2)
2017-05-23 SDHookInst64.exe (2.6.46.2)
2017-05-23 SDImmunize.exe (2.6.46.130)
2017-05-23 SDLogReport.exe (2.6.46.107)
2017-05-23 SDOnAccess.exe (2.6.46.11)
2017-05-23 SDPESetup.exe (2.6.46.3)
2017-05-23 SDPEStart.exe (2.6.46.86)
2017-05-23 SDPhoneScan.exe (2.6.46.28)
2017-05-23 SDPRE.exe (2.6.46.22)
2017-05-23 SDPrepPos.exe (2.6.46.15)
2017-05-23 SDQuarantine.exe (2.6.46.103)
2017-05-23 SDRootAlyzer.exe (2.6.46.116)
2017-05-23 SDSBIEdit.exe (2.6.46.39)
2017-05-23 SDScan.exe (2.6.46.181)
2017-05-23 SDScript.exe (2.6.46.54)
2017-05-23 SDSettings.exe (2.6.46.141)
2017-05-23 SDShell.exe (2.6.46.2)
2017-05-23 SDShred.exe (2.6.46.108)
2017-05-23 SDSysRepair.exe (2.6.46.102)
2017-05-23 SDTools.exe (2.6.46.157)
2017-05-23 SDTray.exe (2.6.46.129)
2017-05-23 SDUpdate.exe (2.6.46.94)
2017-05-23 SDUpdSvc.exe (2.6.46.77)
2017-05-23 SDWelcome.exe (2.6.46.130)
2017-05-23 SDWSCSvc.exe (2.6.46.3)
2017-06-24 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2017-06-08 DelZip192.dll (2.6.46.132)
2017-05-12 libeay32.dll (2.6.46.11)
2012-09-10 libssl32.dll (1.0.0.4)
2017-05-23 NotificationSpreader.dll (2.6.46.4)
2017-05-23 SDAdvancedCheckLibrary.dll (2.6.46.98)
2017-05-23 SDAV.dll (2.6.46.1)
2017-05-23 SDECon32.dll (2.6.46.114)
2017-05-23 SDECon64.dll (2.6.46.0)
2017-05-23 SDEvents.dll (2.6.46.2)
2017-05-23 SDFileScanLibrary.dll (2.6.46.14)
2017-05-23 SDHook32.dll (2.6.46.2)
2017-05-23 SDHook64.dll (2.6.46.2)
2017-05-23 SDImmunizeLibrary.dll (2.6.46.2)
2017-05-23 SDLicense.dll (2.6.46.0)
2017-05-23 SDLists.dll (2.6.46.4)
2017-05-23 SDResources.dll (2.6.46.7)
2017-05-23 SDScanLibrary.dll (2.6.46.134)
2017-05-23 SDTasks.dll (2.6.46.15)
2017-05-23 SDWinLogon.dll (2.6.46.0)
2017-05-12 sqlite3.dll
2017-05-12 ssleay32.dll (2.6.46.11)
2017-05-23 Tools.dll (2.6.46.36)
2017-04-18 Includes\Adware-000.sbi (*)
2015-08-05 Includes\Adware-001.sbi (*)
2017-06-21 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi (*)
2014-11-14 Includes\Dialer-001.sbi (*)
2016-11-16 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2017-01-30 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2016-07-06 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-11-14 Includes\Hijackers-000.sbi (*)
2014-11-14 Includes\Hijackers-001.sbi (*)
2016-11-09 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2016-05-27 Includes\Keyloggers-000.sbi (*)
2017-05-03 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2015-06-25 Includes\Malware-000.sbi (*)
2014-11-14 Includes\Malware-001.sbi (*)
2016-06-14 Includes\Malware-002.sbi (*)
2016-11-07 Includes\Malware-003.sbi (*)
2014-11-14 Includes\Malware-004.sbi (*)
2014-11-14 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2017-06-14 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-11-14 Includes\PUPS-000.sbi (*)
2017-06-14 Includes\PUPS-001.sbi (*)
2017-05-03 Includes\PUPS-002.sbi (*)
2017-06-21 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2017-05-16 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2015-11-11 Includes\Spyware-000.sbi (*)
2015-05-06 Includes\Spyware-001.sbi (*)
2016-08-10 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-11-14 Includes\Trojans-002.sbi (*)
2016-01-20 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2015-03-31 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-07-09 Includes\Trojans-008.sbi (*)
2014-07-09 Includes\Trojans-009.sbi (*)
2017-06-21 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2016-02-03 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:14 AM

Posted 27 June 2017 - 08:44 PM

Hello, also do these...

MiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP conf[iguration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
And finally I'd like us to scan your machine with ESET OnlineScan:
  • It is recommended to turn off your antivirus program. Click on the E5rfZI9.png button to see which antivirus is currently enabled:
c4VVzVO.png
  • Turn off your antivirus program. See here how to do this.
  • Check the option beside: Enable detection of potentially unwanted applications.
  • Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan archives
Enable Anti-Stealth Technology
  • Click on the Change button and select only Operating memory, Autostart locations and drive C:\ to be scanned.
yKulboi.jpg
  • Push the dtoGjAL.png button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
8L8IBHJ.png
  • When the scan completes a list of found threats will open automatically (if any malicious files are found).
imxEgHt.png
  • Push thecRhRYZ8.png button and save the file to your desktop using a unique name, such as ESETScan.txt. Include the contents of this report in your next reply.
  • Push the 9IjfdXq.png button.
  • Check the box beside RHzfZB1.png to uninstall the application when closed.
  • Push Vc3btaC.png and the close the application clicking the X in upper right corner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Suprlazr

Suprlazr
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:14 PM

Posted 30 June 2017 - 12:32 AM

Hi, thank you for taking the time.

 

Below are the results.

 

I didn't clean/remove anything in ESET or AdwCleaner.

 

Mini Tool Box

 

MiniToolBox by Farbar  Version: 17-06-2016

Ran by Eric (administrator) on 29-06-2017 at 20:03:10
Running from "C:\Users\Eric\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Model:  Manufacturer: 
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
ProxyServer: http=127.0.0.1:14080;https=127.0.0.1:14080
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection 2" forwarding=enabled advertise=enabled metric=5 nud=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Ericsbleep-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.ca.comcast.net
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : hsd1.ca.comcast.net
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 00-25-22-B4-31-BD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:642:4401:19aa::99dc(Preferred) 
   Lease Obtained. . . . . . . . . . : Thursday, June 29, 2017 7:59:25 PM
   Lease Expires . . . . . . . . . . : Sunday, July 02, 2017 12:50:28 PM
   IPv6 Address. . . . . . . . . . . : 2601:642:4401:19aa:6546:ce64:aa3e:207e(Preferred) 
   Temporary IPv6 Address. . . . . . : 2601:642:4401:19aa:7066:5891:ba6e:d54b(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::6546:ce64:aa3e:207e%14(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.75(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, June 29, 2017 7:59:24 PM
   Lease Expires . . . . . . . . . . : Thursday, July 06, 2017 7:59:24 PM
   Default Gateway . . . . . . . . . : fe80::d60a:a9ff:fee0:6dc8%14
                                       10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 436217122
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-95-F5-43-00-02-6F-A3-18-D0
   DNS Servers . . . . . . . . . . . : 2001:558:feed::1
                                       2001:558:feed::2
                                       75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.hsd1.ca.comcast.net:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.ca.comcast.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:405:302:b399:23a0(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::405:302:b399:23a0%12(Preferred) 
   Default Gateway . . . . . . . . . : 
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  cdns01.comcast.net
Address:  2001:558:feed::1
 
Name:    google.com
Addresses:  2607:f8b0:4005:801::200e
 172.217.6.78
 
 
Pinging google.com [2607:f8b0:4005:801::200e] with 32 bytes of data:
Reply from 2607:f8b0:4005:801::200e: time=12ms 
Reply from 2607:f8b0:4005:801::200e: time=12ms 
 
Ping statistics for 2607:f8b0:4005:801::200e:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 12ms, Maximum = 12ms, Average = 12ms
Server:  cdns01.comcast.net
Address:  2001:558:feed::1
 
Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
 2001:4998:58:c02::a9
 2001:4998:44:204::a7
 98.139.180.149
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [2001:4998:c:a06::2:4008] with 32 bytes of data:
Reply from 2001:4998:c:a06::2:4008: time=35ms 
Reply from 2001:4998:c:a06::2:4008: time=34ms 
 
Ping statistics for 2001:4998:c:a06::2:4008:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 34ms, Maximum = 35ms, Average = 34ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...00 25 22 b4 31 bd ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1        10.0.0.75     10
         10.0.0.0    255.255.255.0         On-link         10.0.0.75    266
        10.0.0.75  255.255.255.255         On-link         10.0.0.75    266
       10.0.0.255  255.255.255.255         On-link         10.0.0.75    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         10.0.0.75    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         10.0.0.75    266
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 14    266 ::/0                     fe80::d60a:a9ff:fee0:6dc8
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:90d7:405:302:b399:23a0/128
                                    On-link
 14     18 2601:642:4401:19aa::/64  On-link
 14    266 2601:642:4401:19aa::99dc/128
                                    On-link
 14    266 2601:642:4401:19aa:6546:ce64:aa3e:207e/128
                                    On-link
 14    266 2601:642:4401:19aa:7066:5891:ba6e:d54b/128
                                    On-link
 14    266 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::405:302:b399:23a0/128
                                    On-link
 14    266 fe80::6546:ce64:aa3e:207e/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 14    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (06/29/2017 07:59:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/29/2017 07:59:30 PM) (Source: .NET Runtime) (User: )
Description: Application: xvutil.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.BadImageFormatException
   at XvUtil.Program.Main(System.String[])
 
Error: (06/29/2017 07:59:28 PM) (Source: .NET Runtime) (User: )
Description: Application: xvutil.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.BadImageFormatException
   at XvUtil.Program.Main(System.String[])
 
Error: (06/29/2017 07:59:27 PM) (Source: nssm) (User: )
Description: Failed to read registry value AppDirectory:
The operation completed successfully.
 
Error: (06/29/2017 02:05:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
 
Error: (06/29/2017 02:05:53 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
 
Error: (06/29/2017 02:05:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
 
Error: (06/29/2017 02:05:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
 
Error: (06/29/2017 02:05:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
 
Error: (06/29/2017 02:05:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
 
 
System errors:
=============
Error: (06/29/2017 08:00:30 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053 = The service did not respond to the start or control request in a timely fashion.
 
 
Error: (06/29/2017 08:00:29 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (06/29/2017 07:59:59 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
mv91xx
 
Error: (06/29/2017 07:59:59 PM) (Source: DCOM) (User: )
Description: {ABC01078-F197-4B0B-ADBC-CFE684B39C82}
 
Error: (06/29/2017 07:59:58 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053 = The service did not respond to the start or control request in a timely fashion.
 
 
Error: (06/29/2017 07:59:58 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (06/29/2017 07:59:27 PM) (Source: Service Control Manager) (User: )
Description: The sbmntr service failed to start due to the following error: 
%%3 = The system cannot find the path specified.
 
 
Error: (06/29/2017 07:59:21 PM) (Source: Service Control Manager) (User: )
Description: The Emsisoft Anti-Malware 8.0 - Service service hung on starting.
 
Error: (06/29/2017 01:38:52 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053 = The service did not respond to the start or control request in a timely fashion.
 
 
Error: (06/29/2017 01:38:51 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
 
Microsoft Office Sessions:
=========================
Error: (06/29/2017 07:59:59 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/29/2017 07:59:30 PM) (Source: .NET Runtime)(User: )
Description: Application: xvutil.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.BadImageFormatException
   at XvUtil.Program.Main(System.String[])
 
Error: (06/29/2017 07:59:28 PM) (Source: .NET Runtime)(User: )
Description: Application: xvutil.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.BadImageFormatException
   at XvUtil.Program.Main(System.String[])
 
Error: (06/29/2017 07:59:27 PM) (Source: nssm)(User: )
Description: AppDirectoryThe operation completed successfully.
 
Error: (06/29/2017 02:05:54 PM) (Source: SideBySide)(User: )
Description: c:\program files (x86)\spybot - search & destroy 2\Tools.dllc:\program files (x86)\spybot - search & destroy 2\Tools.dll2
 
Error: (06/29/2017 02:05:53 PM) (Source: SideBySide)(User: )
Description: c:\program files (x86)\spybot - search & destroy 2\SDWinLogon.dllc:\program files (x86)\spybot - search & destroy 2\SDWinLogon.dll2
 
Error: (06/29/2017 02:05:52 PM) (Source: SideBySide)(User: )
Description: c:\program files (x86)\spybot - search & destroy 2\SDTasks.dllc:\program files (x86)\spybot - search & destroy 2\SDTasks.dll2
 
Error: (06/29/2017 02:05:51 PM) (Source: SideBySide)(User: )
Description: c:\program files (x86)\spybot - search & destroy 2\SDResources.dllc:\program files (x86)\spybot - search & destroy 2\SDResources.dll2
 
Error: (06/29/2017 02:05:48 PM) (Source: SideBySide)(User: )
Description: c:\program files (x86)\spybot - search & destroy 2\SDLists.dllc:\program files (x86)\spybot - search & destroy 2\SDLists.dll2
 
Error: (06/29/2017 02:05:48 PM) (Source: SideBySide)(User: )
Description: c:\program files (x86)\spybot - search & destroy 2\SDLicense.dllc:\program files (x86)\spybot - search & destroy 2\SDLicense.dll2
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-09-21 09:16:02.505
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-21 09:16:02.397
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-21 09:16:02.281
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-21 09:11:45.857
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-21 09:11:45.747
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-21 09:11:45.639
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\PCTRunner\pcwtc64f.sys because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
7-Zip 15.07 beta (x64) (HKLM\...\7-Zip) (Version: 15.07 - Igor Pavlov)
7-Zip 9.21 (HKLM-x32\...\{23170F69-40C1-2701-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\{628C2C7D-8AD1-E614-E8E2-6EEAD8D5F2D0}) (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Creative Suite 5.5 Design Premium (HKLM-x32\...\{60E59A6C-7399-495A-B85C-C829F4E59602}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.4 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Anker Precision Laser Gaming Mouse version 1.3 (HKLM-x32\...\{F9A7ED2C-34E1-4A96-9A25-B022C23C3361}_is1) (Version: 1.3 - ANKER Technology)
ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ASRock eXtreme Tuner v0.1.54 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version:  - )
AVG (HKLM\...\{FA46D289-E8EA-4222-AF8F-B205214947FA}) (Version: 1.181.4 - AVG Technologies) Hidden
AVG (HKLM\...\AvgZen) (Version: 1.181.3.3057 - AVG Technologies)
AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.4.3014 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.8.510 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
Chinese Reader (HKLM-x32\...\{259097E5-8459-4867-814D-0FCF95A7EC6E}) (Version: 6.5.2.88 - MDBG) Hidden
Chinese Reader (HKLM-x32\...\Chinese Reader) (Version: 6.5.2.88 - MDBG)
Click Install if prompted (HKLM-x32\...\{532383C7-3BA8-45AB-BE60-7B4EB2D2C93E}) (Version: 1.0.0.0 - ExpressVpn) Hidden
CPUID HWMonitor 1.18 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dropbox (HKLM-x32\...\Dropbox) (Version: 29.4.20 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EASEUS Partition Master 8.0.1 Home Edition (HKLM-x32\...\EASEUS Partition Master Home Edition_is1) (Version:  - EASEUS)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 8.1 - Emsisoft GmbH)
Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
ExpressVPN (HKLM-x32\...\{391A112D-09F1-49AF-A33F-9321E6B38CF7}) (Version: 6.0.9.1394 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{91c374e1-8110-4c28-8157-4b46f94c3396}) (Version: 6.0.9.1394 - ExpressVPN)
Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000049}) (Version: 11.0.09 - Adobe Systems Incorporated)
File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
FMW 1 (HKLM\...\{DC301684-9A48-4E46-870F-DDA8981E298D}) (Version: 1.192.3 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
League of Legends (HKLM-x32\...\{79BF4901-1EC4-4726-B3C2-A7859706C6E7}) (Version: 3.0.0 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Minecraft1.6.2 (HKLM-x32\...\Minecraft1.6.2) (Version:  - )
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
MPEG2 Codec(libmpeg2/mad) (HKLM-x32\...\MPEG2 Codec(libmpeg2/mad)) (Version:  - )
Mumble 1.2.5 (HKLM-x32\...\{C7BC557D-8C8B-4F5F-83AB-D20C58CF4575}) (Version: 1.2.5 - Thorvald Natvig)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Graphics Driver 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Pandora (HKLM-x32\...\{18E06EB1-FC6A-093F-D0E7-2B4E9315A709}) (Version: 2.0.7 - PANDORA MEDIA, INC.) Hidden
Pandora (HKLM-x32\...\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1) (Version: 2.0.7 - PANDORA MEDIA, INC.)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
QQ International (HKLM-x32\...\{3CA54984-A14B-42FE-9FF1-7EA90151D725}) (Version: 1.91.1213.0 - 腾讯科技(深圳)有限公司)
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Splashtop Connect IE (HKLM-x32\...\{F9F5EF72-18CF-4DCF-A721-EC86B94DAC46}) (Version: 1.1.12.1 - Splashtop Inc.)
Spotify (HKCU\...\Spotify) (Version: 1.0.57.474.gca9c9538 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinFF 1.5.4 (Codename EMMA) (HKLM-x32\...\WinFF_is1) (Version:  - WinFF.org)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E5}) (Version: 19.0.11293 - WinZip Computing, S.L. )
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-3 - Bitnami)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 33%
Total physical RAM: 8174.68 MB
Available physical RAM: 5476.9 MB
Total Virtual: 16347.54 MB
Available Virtual: 13441.48 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:119.14 GB) (Free:24.57 GB) NTFS
2 Drive d: (TeraByte) (Fixed) (Total:931.5 GB) (Free:320.52 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\ERICSbleep-PC
 
Administrator            Eric                     Guest                    
 
 
**** End of log ****
 

 

Adware Cleaner

 

# AdwCleaner v6.047 - Logfile created 29/06/2017 at 20:08:35
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-06-29.3 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Eric - ERICSbleep-PC
# Running from : C:\Users\Eric\Desktop\AdwCleaner.exe
# Mode: Scan
 
 
 
***** [ Services ] *****
 
Service Found:  vToolbarUpdater40.3.8
Service Found:  sbmntr
Service Found:  SCBackService
Service Found:  WtuSystemSupport
Service Found:  wcuservice_stc_ie
Service Found:  scbackservice
 
 
***** [ Folders ] *****
 
Folder Found:  C:\Users\Eric\AppData\Local\globalUpdate
Folder Found:  C:\Users\Eric\AppData\Local\avg web tuneup
Folder Found:  C:\Users\Eric\AppData\LocalLow\Object Browser
Folder Found:  C:\Users\Eric\AppData\Roaming\DeviceVM
Folder Found:  C:\Users\Eric\AppData\Roaming\Search Protection
Folder Found:  C:\Users\Eric\AppData\Roaming\Tencent
Folder Found:  C:\Program Files\Reimage
Folder Found:  C:\Program Files\reimage
Folder Found:  C:\Users\Eric\AppData\Local\VirtualStore\Program Files (x86)\Tencent
Folder Found:  C:\ProgramData\DeviceVM
Folder Found:  C:\ProgramData\avg web tuneup
Folder Found:  C:\ProgramData\Application Data\DeviceVM
Folder Found:  C:\ProgramData\Application Data\avg web tuneup
Folder Found:  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Folder Found:  C:\Users\Public\Documents\Tencent
Folder Found:  C:\Program Files (x86)\globalUpdate
Folder Found:  C:\Program Files (x86)\predm
Folder Found:  C:\Program Files (x86)\avg web tuneup
Folder Found:  C:\Program Files (x86)\Tencent
Folder Found:  C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found:  C:\Program Files (x86)\Common Files\Tencent
Folder Found:  C:\Users\Eric\AppData\Local\com
 
 
***** [ Files ] *****
 
File Found:  C:\Program Files\Common Files\System\SysMenu.dll
File Found:  C:\Program Files\Common Files\System\SysMenu64.dll
File Found:  C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\j1m8cw8n.default\extensions\Avg@toolbar.xpi
File Found:  C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\j1m8cw8n.default\searchplugins\avg-secure-search.xml
File Found:  C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
File Found:  C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
File Found:  C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
 
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
 
***** [ WMI ] *****
 
No malicious keys found.
 
 
***** [ Shortcuts ] *****
 
Shortcut infected:  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk (  hxxp://www-search.net/?s=E9Lztugdu0341,65f3aa5a-976b-4e4d-837f-2181110545ab,&pi=3 )
 
 
***** [ Scheduled Tasks ] *****
 
Task Found:  YTDownloader
Task Found:  YTDownloaderUpd
Task Found:  Microsoft\Windows\Multimedia\SMupdate3
Task Found:  Microsoft\Windows\Maintenance\SMupdate2
Task Found:  ytdownloader
 
 
***** [ Registry ] *****
 
Key Found:  HKLM\SOFTWARE\6e447d89-f8ef-4caa-9e04-ebf7f813907c
Key Found:  HKLM\SOFTWARE\Classes\Applications\iLividSetupV1.exe
Key Found:  HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3454f4da-0811-454e-9440-dc20dc44ad1c}
Key Found:  HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Classes\Tencent
Key Found:  HKCU\Software\Classes\Tencent
Key Found:  HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Found:  HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Found:  HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
Key Found:  HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
Key Found:  HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
Key Found:  HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
Key Found:  HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
Key Found:  HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
Key Found:  HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found:  HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found:  HKLM\SOFTWARE\Classes\Tencent
Key Found:  HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
Key Found:  HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
Key Found:  [x64] HKCU\Software\Classes\Tencent
Key Found:  [x64] HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Key Found:  [x64] HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Key Found:  [x64] HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
Key Found:  [x64] HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
Key Found:  [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
Key Found:  [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
Key Found:  [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
Key Found:  [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
Key Found:  [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found:  [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found:  [x64] HKLM\SOFTWARE\Classes\Tencent
Key Found:  [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
Key Found:  [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
Key Found:  HKLM\SOFTWARE\Classes\AppID\{82A5CE4D-AF0C-45B6-8AF8-75625BE6A08D}
Key Found:  HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Key Found:  HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{5E97F0FA-3B44-4634-A87E-8B0D5CFD6365}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{951F5841-FD1E-4F1D-8607-67B174DBD753}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{DCE24E28-D8EF-49BE-BC01-A1DD3B58FCE3}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Key Found:  HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found:  HKLM\SOFTWARE\Classes\TypeLib\{4E8E0178-00EF-413D-9324-E7B3E31572E3}
Key Found:  HKLM\SOFTWARE\Classes\TypeLib\{B1759D04-0EF9-472A-B5C3-C774997B5321}
Key Found:  HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found:  HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
Key Found:  HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Key Found:  HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found:  HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Value Found:  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks [{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}]
Key Found:  HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Conduit
Key Found:  HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\GlobalUpdate
Key Found:  HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\StormWatch
Key Found:  HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\YahooPartnerToolbar
Key Found:  HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\YTDownloader
Key Found:  HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\AppDataLow\Software\Object Browser
Key Found:  HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\AppDataLow\Software\SpeedChecker
Key Found:  HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3723773038-1254731625-85814526-1001\Software\facemoods.com
Key Found:  HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3723773038-1254731625-85814526-1001\Software\ShopperPro
Key Found:  HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Object Browser
Key Found:  HKCU\Software\Conduit
Key Found:  HKCU\Software\GlobalUpdate
Key Found:  HKCU\Software\StormWatch
Key Found:  HKCU\Software\YahooPartnerToolbar
Key Found:  HKCU\Software\YTDownloader
Key Found:  HKCU\Software\AppDataLow\Software\Object Browser
Key Found:  HKCU\Software\AppDataLow\Software\SpeedChecker
Key Found:  HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found:  HKLM\SOFTWARE\Conduit
Key Found:  HKLM\SOFTWARE\GlobalUpdate
Key Found:  HKLM\SOFTWARE\AVG Tuneup
Key Found:  HKLM\SOFTWARE\YTDownloader
Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3723773038-1254731625-85814526-1001\Software\facemoods.com
Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3723773038-1254731625-85814526-1001\Software\ShopperPro
Key Found:  [x64] HKCU\Software\Conduit
Key Found:  [x64] HKCU\Software\GlobalUpdate
Key Found:  [x64] HKCU\Software\StormWatch
Key Found:  [x64] HKCU\Software\YahooPartnerToolbar
Key Found:  [x64] HKCU\Software\YTDownloader
Key Found:  [x64] HKCU\Software\AppDataLow\Software\Object Browser
Key Found:  [x64] HKCU\Software\AppDataLow\Software\SpeedChecker
Key Found:  [x64] HKLM\SOFTWARE\Reimage
Key Found:  [x64] HKLM\SOFTWARE\ShopperPro
Key Found:  [x64] HKLM\SOFTWARE\YTDownloader
Key Found:  [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C168639F-5810-4EC8-B1E8-0251AA8A771C}
Data Found:  HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid={B793D5B2-A952-419E-A69C-991771F32798}&mid=e4d5289c0ec147cfa943d
Data Found:  HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid={B793D5B2-A952-419E-A69C-991771F32798}&mid=e4d5289c0ec147cfa943d16c6450d84e-ad1491be2ce6c122f6b66faa90e70c2d
Data Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid={B793D5B2-A952-419E-A69C-991771F32798}&mid=e4d5289c0ec147cfa943d16c6450d84e-ad1491be2ce6c122f6b66faa90e70c
Key Found:  HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data Found:  HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - 
Key Found:  HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data Found:  HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - 
Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - 
Key Found:  HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Key Found:  HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found:  HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
Key Found:  HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Found:  HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\smu.exe
Key Found:  HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found:  HKLM\SOFTWARE\MozillaPlugins\@qq.com/TXSSO
Key Found:  HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
Key Found:  HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC}
Key Found:  HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
Key Found:  HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1}
Value Found:  HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION [StormWatchApp.exe]
Key Found:  HKLM\SOFTWARE\MozillaPlugins\@qq.com/npqscall
Key Found:  HKLM\SOFTWARE\MozillaPlugins\@qq.com/npchrome
 
 
***** [ Web browsers ] *****
 
No malicious Firefox based browser items found.
Chrome pref Found:  [C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://Vosteran.com/?f=7&a=vst_wnzp01_14_50_ch&cd=2XzuyEtN2Y1L1QzutDtDtByDtBtB0ByEtAtC0B0DtA0FyB0CtN0D0Tzu0StCtDyByDtN
Chrome pref Found:  [C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - oilkkkefbalmbfppgjmgjoefbclebkce
 
[!] You may need to disable the Chrome synchronization from your Google account in order to fully remove the malicious preferences. Please consult this Google help: https://support.google.com/chrome/answer/3097271?hl=en [!]
 
 
*************************
 
C:\AdwCleaner\AdwCleaner[S0].txt - [13370 Bytes] - [29/06/2017 20:08:35]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13444 Bytes] ##########
 

 

Junk Removal Tool

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 7 Home Premium x64 
Ran by Eric (Administrator) on Thu 06/29/2017 at 20:22:30.41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 5 
 
Failed to delete: C:\Program Files (x86)\Common Files\avg secure search\vtoolbarupdater (Folder) 
Successfully deleted: C:\Users\Eric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9AHO1YW3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Eric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q6RQH1FH (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9AHO1YW3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q6RQH1FH (Temporary Internet Files Folder) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 06/29/2017 at 20:24:17.92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

ESET 

 

C:\Program Files\Common Files\System\SysMenu.dll a variant of Win32/SpeedBit.F potentially unwanted application

C:\Program Files\Common Files\System\SysMenu64.dll a variant of Win32/SBWatchman.D potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSS.exe a variant of Win32/Systweak.L potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSHelper.dll a variant of Win32/Systweak.N potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe a variant of Win32/Systweak.L potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe a variant of Win32/Systweak.L potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegistryOptimizer.exe a variant of Win32/Systweak.L potentially unwanted application
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSSystemCleaner.exe a variant of Win32/Systweak.L potentially unwanted application
C:\Users\Eric\AppData\Roaming\RGFSL JS/Toolbar.Crossrider.C potentially unwanted application
C:\Users\Eric\AppData\Roaming\XLYOD JS/Toolbar.Crossrider.C potentially unwanted application
C:\Users\Eric\Downloads\ccsetup408.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Eric\Downloads\ccsetup409 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Eric\Downloads\ccsetup409.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Eric\Downloads\ccsetup416.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Eric\Downloads\ccsetup417.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Eric\Downloads\ccsetup419.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Eric\Downloads\ccsetup500.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Eric\Downloads\ccsetup510.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Eric\Downloads\ccsetup527.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Eric\Downloads\ccsetup528.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Eric\Downloads\ccsetup531.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Windows\Installer\32a8c53.msi a variant of Win32/Systweak.L potentially unwanted application,a variant of Win32/Systweak.N potentially unwanted application


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:14 AM

Posted 30 June 2017 - 10:49 AM

Hi again.... First

Pleae remove or disable Either AVG or Bitdefender for now.

Next..
On your computer, open Chrome.
At the top right, click the button with your name.
Under "Sync isn't working," follow the instructions.
From
https://support.google.com/chrome/answer/3097271?hl=en

Now remove what ADW found.
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.


    Remove EST's finding ... Restart system twice.

    How is it now?

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Suprlazr

Suprlazr
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:14 PM

Posted 01 July 2017 - 01:21 PM

Hi, thanks again.

 

I ran through the steps, finished with two restarts and still no luck.

 

The problem persists that I am unable to open Uninstall a Program through the control panel. Additionally, the computer is taking a long time to start up, when it should be quite fast as it boots from the SSD. It will sit on a black screen with the cursor visible for about 30 seconds.  

 

On my first restart after completing the steps, there was a popup box that BitDefender had placed a .dmp file in my windows>temp directory. I'm unsure if that makes any difference but the popup box was telling me to report it. The box did go away after the first restart, and I clicked OK. 

 

I am unable to search for BitDefender through the start menu, and am unable to look at it through the control panel due to aforementioned problem. I don't think it's something I downloaded. 

 

Thank you for your time. 

 

Adwarecleaner report:

 

# AdwCleaner v6.047 - Logfile created 30/06/2017 at 18:11:51
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-06-29.3 [Local]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Eric - ERICSbleep-PC
# Running from : C:\Users\Eric\Desktop\AdwCleaner.exe
# Mode: Clean
 
 
 
***** [ Services ] *****
 
[-] Service deleted: WtuSystemSupport
 
 
***** [ Folders ] *****
 
[-] Folder deleted: C:\Users\Eric\AppData\Local\avg web tuneup
[-] Folder deleted: C:\Users\Eric\AppData\Roaming\DeviceVM
[-] Folder deleted: C:\Users\Eric\AppData\Local\VirtualStore\Program Files (x86)\Tencent
[-] Folder deleted: C:\ProgramData\DeviceVM
[-] Folder deleted: C:\ProgramData\avg web tuneup
[#] Folder deleted on reboot: C:\ProgramData\Application Data\DeviceVM
[#] Folder deleted on reboot: C:\ProgramData\Application Data\avg web tuneup
[-] Folder deleted: C:\Users\Public\Documents\Tencent
[-] Folder deleted: C:\Program Files (x86)\avg web tuneup
[-] Folder deleted: C:\Program Files (x86)\Common Files\AVG Secure Search
 
 
***** [ Files ] *****
 
[-] File deleted: C:\Program Files\Common Files\System\SysMenu.dll
[#] File deleted: C:\Program Files\Common Files\System\SysMenu64.dll
[-] File deleted: C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\j1m8cw8n.default\extensions\Avg@toolbar.xpi
[-] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ Shortcuts ] *****
 
 
 
***** [ Scheduled Tasks ] *****
 
[-] Task deleted: Microsoft\Windows\Multimedia\SMupdate3
[-] Task deleted: Microsoft\Windows\Maintenance\SMupdate2
 
 
***** [ Registry ] *****
 
[-] Key deleted: HKLM\SOFTWARE\6e447d89-f8ef-4caa-9e04-ebf7f813907c
[-] Key deleted: HKLM\SOFTWARE\Classes\Applications\iLividSetupV1.exe
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3454f4da-0811-454e-9440-dc20dc44ad1c}
[-] Key deleted: HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Classes\Tencent
[#] Key deleted on reboot: HKCU\Software\Classes\Tencent
[-] Key deleted: HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
[-] Key deleted: HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
[-] Key deleted: HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\Tencent
[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[#] Key deleted on reboot: [x64] HKCU\Software\Classes\Tencent
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Tencent
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{82A5CE4D-AF0C-45B6-8AF8-75625BE6A08D}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{5E97F0FA-3B44-4634-A87E-8B0D5CFD6365}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{951F5841-FD1E-4F1D-8607-67B174DBD753}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{DCE24E28-D8EF-49BE-BC01-A1DD3B58FCE3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{4E8E0178-00EF-413D-9324-E7B3E31572E3}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{B1759D04-0EF9-472A-B5C3-C774997B5321}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Key deleted: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
[-] Key deleted: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Value deleted: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks [{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}]
[-] Key deleted: HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Conduit
[-] Key deleted: HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\GlobalUpdate
[-] Key deleted: HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\StormWatch
[-] Key deleted: HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\YahooPartnerToolbar
[-] Key deleted: HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\YTDownloader
[-] Key deleted: HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\AppDataLow\Software\Object Browser
[-] Key deleted: HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\AppDataLow\Software\SpeedChecker
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3723773038-1254731625-85814526-1001\Software\facemoods.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3723773038-1254731625-85814526-1001\Software\ShopperPro
[-] Key deleted: HKU\S-1-5-21-3723773038-1254731625-85814526-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Object Browser
[#] Key deleted on reboot: HKCU\Software\Conduit
[#] Key deleted on reboot: HKCU\Software\GlobalUpdate
[#] Key deleted on reboot: HKCU\Software\StormWatch
[#] Key deleted on reboot: HKCU\Software\YahooPartnerToolbar
[#] Key deleted on reboot: HKCU\Software\YTDownloader
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\Object Browser
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\SpeedChecker
[-] Key deleted: HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key deleted: HKLM\SOFTWARE\Conduit
[-] Key deleted: HKLM\SOFTWARE\GlobalUpdate
[-] Key deleted: HKLM\SOFTWARE\AVG Tuneup
[-] Key deleted: HKLM\SOFTWARE\YTDownloader
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3723773038-1254731625-85814526-1001\Software\facemoods.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3723773038-1254731625-85814526-1001\Software\ShopperPro
[#] Key deleted on reboot: [x64] HKCU\Software\Conduit
[#] Key deleted on reboot: [x64] HKCU\Software\GlobalUpdate
[#] Key deleted on reboot: [x64] HKCU\Software\StormWatch
[#] Key deleted on reboot: [x64] HKCU\Software\YahooPartnerToolbar
[#] Key deleted on reboot: [x64] HKCU\Software\YTDownloader
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\Object Browser
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\SpeedChecker
[-] Key deleted: [x64] HKLM\SOFTWARE\Reimage
[-] Key deleted: [x64] HKLM\SOFTWARE\ShopperPro
[-] Key deleted: [x64] HKLM\SOFTWARE\YTDownloader
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C168639F-5810-4EC8-B1E8-0251AA8A771C}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\smu.exe
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC}
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1}
[-] Value deleted: HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION [StormWatchApp.exe]
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@qq.com/npchrome
 
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://Vosteran.com/?f=7&a=vst_wnzp01_14_50_ch&cd=2XzuyEtN2Y1L1QzutDtDtByDtBtB0ByEtAtC0B0DtA0FyB0CtN0D0Tzu0StCtDyByDtN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2SyDzztDyEtByC0F0EtGtCzzyDtDtG0AtBtA0DtGtA0AtDyCtGyBtD0B0FzytD0D0C0DtB0A0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztDtCyEtA0EyByEtG0EyByCyDtGyEzztDyCtG0BtByCyBtG0C0F0Fzz0E0A0BtA0E0AtDzz2Q&cr=667574696&ir=
[-] [C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: oilkkkefbalmbfppgjmgjoefbclebkce
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [11921 Bytes] - [30/06/2017 18:11:51]
C:\AdwCleaner\AdwCleaner[S0].txt - [13644 Bytes] - [29/06/2017 20:08:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [11309 Bytes] - [30/06/2017 18:06:16]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [12143 Bytes] ##########


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:14 AM

Posted 01 July 2017 - 08:42 PM

OK Run RKill and then MBAM immediately after.

Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista/Windows7, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.
post the MBAM log
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Suprlazr

Suprlazr
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:14 PM

Posted 02 July 2017 - 11:15 AM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/2/2017
Scan Time: 8:19:45 AM
Logfile: MBMscan7217.txt
Administrator: Yes

Version: 2.01.4.1018
Malware Database: v2017.07.02.02
Rootkit Database: v2017.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Eric

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 291139
Time Elapsed: 6 min, 7 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:14 AM

Posted 02 July 2017 - 02:03 PM

How is it? Still have errors or popups?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Suprlazr

Suprlazr
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:14 PM

Posted 02 July 2017 - 02:30 PM

Yes, I am still unable to open "Uninstall a Program" through Control Panel. Additionally, I feel like it has something to do with the installer function of Windows. I am attaching a screenshot of an error message I get when trying to install a program. In this case it is Final Fantasy 14. I am also unable to update Java.
 
Could this be some kind of OS problem? Did I delete some underlying program that doesn't allow me to install things? Is formatting the computer an option to resolve this issue?
 
Thanks.

 

http://imgur.com/a/nCxfo

 



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:14 AM

Posted 02 July 2017 - 02:37 PM

Lets try to fix corrupt files...


Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 2 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool indicates that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.

p22004342.gif


Once the above is done go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22004343.gif


Go to Step 4 and under "System Restore" click on Create button:

p22004346.gif


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22004347.gif

Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Suprlazr

Suprlazr
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:14 PM

Posted 02 July 2017 - 05:45 PM

Ran the program in safe mode. Problems still exist. 

 

 

 Tweaking.com - Windows Repair v3.9.35
--------------------------------------------------------------------------------
 
System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601.23833
OS Service Pack: Service Pack 1
Computer Name: ERICSbleep-PC
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\Eric
Current Profile SID: S-1-5-21-3723773038-1254731625-85814526-1001
Current Profile Classes: S-1-5-21-3723773038-1254731625-85814526-1001_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Eric\AppData\Local
--------------------------------------------------------------------------------
 
System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:05:02
 
Process Count: 26
Commit Total: 1.14 GB
Commit Limit: 15.96 GB
Commit Peak: 2.69 GB
Handle Count: 6821
Kernel Total: 471.52 MB
Kernel Paged: 382.51 MB
Kernel Non Paged: 89.01 MB
System Cache: 6.01 GB
Thread Count: 351
--------------------------------------------------------------------------------
 
Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7.98 GB
Memory Used: 1.24 GB(15.5039%)
Memory Avail.: 6.75 GB
--------------------------------------------------------------------------------
 
Cleaning Memory Before Starting Repairs...
 
Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7.98 GB
Memory Used: 1.03 GB(12.8552%)
Memory Avail.: 6.96 GB
--------------------------------------------------------------------------------
 
Starting Repairs...
   Started at (7/2/2017 3:14:17 PM)
 
Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 0
 
01 - Reset Registry Permissions
   Restore Windows 7/8/10 Default Registry Permissions
   Start (7/2/2017 3:14:20 PM)
 
 
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\hku.7z
Done,  0.14 seconds.
 
 
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\hklm.7z
Done,  1.45 seconds.
 
   Running Repair Under System Account
   Done (7/2/2017 3:14:53 PM)
 
Reset File Permissions
   Restore Windows 7/8/10 Default File Permissions
   Start (7/2/2017 3:14:53 PM)
 
 
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\default.7z
Done,  0.11 seconds.
 
 
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\profile.7z
Done,  0.13 seconds.
 
 
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\program_files.7z
Done,  0.13 seconds.
 
 
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\program_files_x86.7z
Done,  0.13 seconds.
 
 
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\programdata.7z
Done,  0.13 seconds.
 
 
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\windows.7z
Done,  1.13 seconds.
 
   Running Repair Under System Account
   Done (7/2/2017 3:16:04 PM)
 
03 - Reset Service Permissions
   Start (7/2/2017 3:16:05 PM)
 
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:16:17 PM)
 
04 - Register System Files
   Start (7/2/2017 3:16:17 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:16:29 PM)
 
05 - Repair WMI
   Start (7/2/2017 3:16:29 PM)
 
   Starting Security Center So We Can Export The Security Info.
 
   Exporting Antivirus Info...
   No Antivirus Products Reported.
 
   Exporting AntiSpyware Info...
   No AntiSpyware Products Reported.
 
   Exporting 3rd Party Firewall Info...
   No Firewall Products Reported.
 
   Running Repair Under Current User Account
   Done (7/2/2017 3:17:28 PM)
 
06 - Repair Windows Firewall
   Start (7/2/2017 3:17:28 PM)
 
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done,  0.16 seconds.
 
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:17:56 PM)
 
07 - Repair Internet Explorer
   Start (7/2/2017 3:17:56 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:18:03 PM)
 
08 - Repair MDAC/MS Jet
   Start (7/2/2017 3:18:03 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:18:07 PM)
 
09 - Repair Hosts File
   Start (7/2/2017 3:18:07 PM)
   Running Repair Under System Account
   Done (7/2/2017 3:18:08 PM)
 
10 - Remove Policies Set By Infections
   Start (7/2/2017 3:18:08 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:18:16 PM)
 
11 - Repair Start Menu Icons Removed By Infections
   Start (7/2/2017 3:18:16 PM)
   Running Repair Under System Account
   Done (7/2/2017 3:18:19 PM)
 
12 - Repair Icons
   Start (7/2/2017 3:18:19 PM)
   Running Repair Under Current User Account
   Done (7/2/2017 3:18:29 PM)
 
13 - Repair Network
   Start (7/2/2017 3:18:29 PM)
 
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done,  0.14 seconds.
 
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:18:47 PM)
 
14 - Remove Temp Files
   Start (7/2/2017 3:18:47 PM)
   Running Repair Under System Account
   Done (7/2/2017 3:18:50 PM)
 
15 - Repair Proxy Settings
   Start (7/2/2017 3:18:50 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:18:52 PM)
 
17 - Repair Windows Updates
   Start (7/2/2017 3:18:52 PM)
 
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done,  0.14 seconds.
 
   Running Repair Under Current User Account
   Running Repair Under System Account
   Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
   Done (7/2/2017 3:19:13 PM)
 
18 - Repair CD/DVD Missing/Not Working
   Start (7/2/2017 3:19:13 PM)
   iTunes or GEARAspiWDM.sys not found, not applying UpperFilters iTunes Reg Key
   Done (7/2/2017 3:19:13 PM)
 
19 - Repair Volume Shadow Copy Service
   Start (7/2/2017 3:19:13 PM)
 
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done,  0.14 seconds.
 
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:19:33 PM)
 
20 - Repair Windows Sidebar/Gadgets
   Start (7/2/2017 3:19:33 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:19:36 PM)
 
21 - Repair MSI (Windows Installer)
   Start (7/2/2017 3:19:36 PM)
 
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done,  0.14 seconds.
 
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:19:44 PM)
 
22 - Repair Windows Snipping Tool
   Start (7/2/2017 3:19:44 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:19:47 PM)
 
23.01 - Repair bat Association
   Start (7/2/2017 3:19:48 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:19:50 PM)
 
23.02 - Repair cmd Association
   Start (7/2/2017 3:19:50 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:19:52 PM)
 
23.03 - Repair com Association
   Start (7/2/2017 3:19:52 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:19:54 PM)
 
23.04 - Repair Directory Association
   Start (7/2/2017 3:19:54 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:19:56 PM)
 
23.05 - Repair Drive Association
   Start (7/2/2017 3:19:56 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:19:59 PM)
 
23.06 - Repair exe Association
   Start (7/2/2017 3:19:59 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:20:01 PM)
 
23.07 - Repair Folder Association
   Start (7/2/2017 3:20:01 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:20:04 PM)
 
23.08 - Repair inf Association
   Start (7/2/2017 3:20:04 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:20:06 PM)
 
23.09 - Repair lnk (Shortcuts) Association
   Start (7/2/2017 3:20:06 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:20:08 PM)
 
23.10 - Repair msc Association
   Start (7/2/2017 3:20:08 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:20:10 PM)
 
23.11 - Repair reg Association
   Start (7/2/2017 3:20:10 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:20:12 PM)
 
23.12 - Repair scr Association
   Start (7/2/2017 3:20:12 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:20:14 PM)
 
24 - Repair Windows Safe Mode
   Start (7/2/2017 3:20:14 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:20:17 PM)
 
25 - Repair Print Spooler
   Start (7/2/2017 3:20:17 PM)
 
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done,  0.14 seconds.
 
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:20:23 PM)
 
26 - Restore Important Windows Services
   Start (7/2/2017 3:20:23 PM)
 
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done,  0.13 seconds.
 
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:20:31 PM)
 
27 - Set Windows Services To Default Startup
   Start (7/2/2017 3:20:31 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:20:36 PM)
 
28.01 - Repair Windows 8/10 App Store
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1.7601.23833
 
29 - Repair Windows 8/10 Component Store
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1.7601.23833
 
30 - Restore Windows 8/10 COM+ Unmarshalers
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1.7601.23833
 
31 - Repair Windows 'New' Submenu
   Start (7/2/2017 3:20:36 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:20:38 PM)
 
32 - Restore UAC (User Account Control) Settings
   Start (7/2/2017 3:20:38 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (7/2/2017 3:20:42 PM)
 
33 - Repair Performance Counters
   Start (7/2/2017 3:20:42 PM)
   Running Repair Under Current User Account
   Done (7/2/2017 3:20:46 PM)
 
Cleaning up empty logs...
 
All Selected Repairs Done.
   Done at (7/2/2017 3:20:46 PM)
   Total Repair Time: 00:06:31
 
 
...YOU MUST RESTART YOUR SYSTEM...


#12 Suprlazr

Suprlazr
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:14 PM

Posted 02 July 2017 - 08:43 PM

Ran it again in safe mode - no luck still.  



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,344 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:14 AM

Posted 03 July 2017 - 08:32 AM

Rats, I am going to be away for 3 days.. So you don't have to wait .. Start a new topic with your issues in WIN 7 forum. I feel your clean so they can check other items.

You can reference back to here if needed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 Suprlazr

Suprlazr
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:14 PM

Posted 03 July 2017 - 10:09 AM

Thanks for all your help. Have a great holiday!

 

New thread: https://www.bleepingcomputer.com/forums/t/650664/install-uninstall-update-issues/


Edited by Suprlazr, 03 July 2017 - 10:12 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users