|
Sanguin
Anon
2013-Oct-1 3:47 pm
[Malware] Multiple InfectionsI'm hoping this machine isn't too far gone to recover. I uninstalled Norton 360 (was causing problems with my system) and TM (expired) today and I can install AVG if needed, but I wasn't sure if I needed to get my system clean before installing a new AV.
MBAM log: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org
Database version: v2013.10.01.07
Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16686 Paul :: PAUL-PC [administrator]
10/1/2013 9:52:10 AM mbam-log-2013-10-01 (09-52-10).txt
Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 446273 Time elapsed: 23 minute(s), 33 second(s)
Memory Processes Detected: 0 (No malicious items detected)
Memory Modules Detected: 0 (No malicious items detected)
Registry Keys Detected: 91 HKCR\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (Adware.Agent) -> Quarantined and deleted successfully. HKCR\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408} (Adware.Agent) -> Quarantined and deleted successfully. HKCR\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8} (Adware.Agent) -> Quarantined and deleted successfully. HKCR\PricePeep.PricePeepBho.1 (Adware.Agent) -> Quarantined and deleted successfully. HKCR\PricePeep.PricePeepBho (Adware.Agent) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (Adware.Agent) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (Adware.Agent) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (Adware.Agent) -> Quarantined and deleted successfully. HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully. HKCR\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully. HKCR\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully. HKCR\SWEETIE.IEToolbar.1 (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully. HKCR\SWEETIE.IEToolbar (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully. HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully. HKCR\Toolbar3.SWEETIE.1 (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully. HKCR\Toolbar3.SWEETIE (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully. HKCR\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. HKCR\AppID\{38495740-0035-4471-851E-F5BBB86AB085} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully. HKCR\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892} (PUP.Optional.PricePeep.A) -> Quarantined and deleted successfully. HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully. HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. HKCR\AppID\{F85FA3F2-D2C8-4D4D-BB1C-3181E691AF2B} (PUP.FaceThemes) -> Quarantined and deleted successfully. HKCR\CLSID\{2A28729E-2280-4986-BDB4-EC2623EAFBA4} (PUP.FaceThemes) -> Quarantined and deleted successfully. HKCR\TypeLib\{A3F56272-CDB4-4310-9BB1-9A0D0757A3B3} (PUP.FaceThemes) -> Quarantined and deleted successfully. HKCR\Interface\{D6975F9E-15B2-4FE7-9D16-FC2E85CB201B} (PUP.FaceThemes) -> Quarantined and deleted successfully. HKCR\CLSID\{FDCC62B4-8059-4FCF-8B69-BD2EC413A6F2} (PUP.FaceThemes) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDCC62B4-8059-4FCF-8B69-BD2EC413A6F2} (PUP.FaceThemes) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDCC62B4-8059-4FCF-8B69-BD2EC413A6F2} (PUP.FaceThemes) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDCC62B4-8059-4FCF-8B69-BD2EC413A6F2} (PUP.FaceThemes) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDCC62B4-8059-4FCF-8B69-BD2EC413A6F2} (PUP.FaceThemes) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FDCC62B4-8059-4FCF-8B69-BD2EC413A6F2} (PUP.FaceThemes) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDCC62B4-8059-4FCF-8B69-BD2EC413A6F2} (PUP.FaceThemes) -> Quarantined and deleted successfully. HKCR\SelectionLinks.SelectionLinksBHO.1 (PUP.FaceThemes) -> Quarantined and deleted successfully. HKCR\SelectionLinks.SelectionLinksBHO (PUP.FaceThemes) -> Quarantined and deleted successfully. HKCR\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully. HKCR\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully. HKCR\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully. HKCR\DefaultTabBHO.DefaultTabBrowser.1 (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully. HKCR\DefaultTabBHO.DefaultTabBrowser (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully. HKCR\CLSID\{A1E28287-1A31-4b0f-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully. HKCR\DefaultTabBHO.DefaultTabBrowserActiveX.1 (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully. HKCR\DefaultTabBHO.DefaultTabBrowserActiveX (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully. HKCR\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (PUP.Optional.PricePeep.A) -> Quarantined and deleted successfully. HKCR\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408} (PUP.Optional.PricePeep.A) -> Quarantined and deleted successfully. HKCR\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8} (PUP.Optional.PricePeep.A) -> Quarantined and deleted successfully. HKCR\PricePeep.PricePeepBho.1 (PUP.Optional.PricePeep.A) -> Quarantined and deleted successfully. HKCR\PricePeep.PricePeepBho (PUP.Optional.PricePeep.A) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (PUP.Optional.PricePeep.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (PUP.Optional.PricePeep.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} (PUP.Optional.PricePeep.A) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> Quarantined and deleted successfully. HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Quarantined and deleted successfully. HKCR\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Quarantined and deleted successfully. HKCR\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Quarantined and deleted successfully. HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook.1 (PUP.Optional.SweetIM) -> Quarantined and deleted successfully. HKCR\SweetIM_URLSearchHook.ToolbarURLSearchHook (PUP.Optional.SweetIM) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LessTabs (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. HKCR\CLSID\{3178A392-8963-471E-B7A2-969CB58D6496} (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. HKCR\TypeLib\{8A2BBD3A-2130-4882-B198-863271F320DE} (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. HKCR\Interface\{39E6096A-E5CA-483A-A05C-AA967F48FD1C} (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3178A392-8963-471E-B7A2-969CB58D6496} (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3178A392-8963-471E-B7A2-969CB58D6496} (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3178A392-8963-471E-B7A2-969CB58D6496} (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3178A392-8963-471E-B7A2-969CB58D6496} (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. HKCR\AppID\DefaultTabBHO.DLL (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully. HKCR\AppID\priam_bho.DLL (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully. HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully. HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\WAJAM (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Updater By SweetPacks (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Wow6432Node\Updater By SweetPacks (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully. HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
Registry Values Detected: 10 HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Data: -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{EEE6C35B-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetPacks) -> Data: -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGHELPERAPP.EXE (PUP.Optional.SweetIM) -> Data: 1 -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGTOOLBARPROXY.DLL (PUP.Optional.SweetIM) -> Data: 1 -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Data: http://www1.delta-search.com/?affID=119351&tt=gc_&babsrc=HP_ss&mntrId=A80AA41731A92EE3 -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Data: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> Quarantined and deleted successfully. HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0L1N1H2O1S -> Quarantined and deleted successfully. HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {2E6AF1B8-BB63-11E2-B811-A41731A92EE3} -> Quarantined and deleted successfully. HKCU\Software\Wajam|affiliate_id (PUP.Optional.Wajam.A) -> Data: 6447 -> Quarantined and deleted successfully. HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {2E6AF1B8-BB63-11E2-B811-A41731A92EE3} -> Quarantined and deleted successfully.
Registry Data Items Detected: 2 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit) -> Bad: (http://search.conduit.com?SearchSource=10&CUI=UN42180284573937173&UM=2&ctid=CT3286042) Good: (http://www.google.com) -> Quarantined and repaired successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.SweetPacks) -> Bad: (http://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={2E6AF1B8-BB63-11E2-B811-A41731A92EE3}) Good: (http://www.google.com) -> Quarantined and repaired successfully.
Folders Detected: 37 C:\Users\Paul\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\lib (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\spbd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\spbd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\spsd (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\spsd\images (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\ffprotect (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\LessTabs (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. C:\Program Files (x86)\LessTabs\3rd Party Licenses (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. C:\Program Files (x86)\LessTabs\Chrome (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. C:\Program Files (x86)\LessTabs\IE32 (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. C:\ProgramData\Tarma Installer (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Cache (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\Wajam (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\Wajam\Firefox (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\Wajam\IE (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\Wajam\Updater (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\conf (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
Files Detected: 203 C:\Program Files (x86)\PricePeep\pricepeep.dll (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (PUP.Optional.SweetPacks) -> Quarantined and deleted successfully. C:\Program Files (x86)\OApps\SelectionLinks.dll (PUP.FaceThemes) -> Quarantined and deleted successfully. C:\Program Files (x86)\PricePeep\pricepeep.dll (PUP.Optional.PricePeep.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe (PUP.Optional.SweetIM) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (PUP.Optional.SweetIM) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully. C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\Yontoo\OptChrome.exe (PUP.Optional.OptChrome.A) -> Quarantined and deleted successfully. C:\ProgramData\DnsBasic\dnsbasic112.exe (Adware.OneStep) -> Quarantined and deleted successfully. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\bin\SPHook32.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\bin\SPRunner.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\bin\uninstall.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.3_0\mgHelperGC.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully. C:\Users\Paul\AppData\Local\Temp\nsd7C72.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Users\Paul\AppData\Local\Temp\UpdUninstall.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\Chrome_Setup (1).exe (PUP.Optional.Ibryte) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\Chrome_Setup.exe (PUP.Optional.Ibryte) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\Extreme_Flash_Player_Setup.exe (PUP.Optional.Ibryte) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\FlashPlayer (1).exe (Adware.DomaIQ) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\FlashPlayer.exe (Adware.DomaIQ) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\FlashPlayer_V.77219792c.exe (Adware.DomaIQ) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\google-chrome_V.154231512c.exe (Adware.DomaIQ) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\google-chrome_V.89572963c.exe (Adware.DomaIQ) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\google-chrome_V.89573887c.exe (Adware.DomaIQ) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\google-chrome_V.89577012c.exe (Adware.DomaIQ) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\google-chrome_V.89577245c.exe (Adware.DomaIQ) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\PCHS_PCC32_EN_ID399 (1).exe (PUP.Optional.PCCleaner.A) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\PCHS_PCC32_EN_ID399.exe (PUP.Optional.PCCleaner.A) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\Setup (1).exe (PUP.Optional.Ibryte) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\setup (2).exe (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\setup (3).exe (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\setup (4).exe (PUP.Optional.InstallCore) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\setup.exe (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully. C:\Users\Paul\Downloads\ZipOpenerSetup.exe (PUP.Optional.InstallCore) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\bin\ChromeModule.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\bin\cltmng.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\bin\CltMngSvc.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\bin\FirefoxModule.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\bin\InternetExplorerModule.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\bin\SPHook32.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\bin\SPRunner.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\bin\uninstall.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Windows\Installer\a17b4e.msi (PUP.Optional.SweetIM) -> Quarantined and deleted successfully. C:\Users\Paul\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\dialogsApi.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\lib\jquery.min.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\lib\json2.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\spbd\bubble.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\spbd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\spbd\images\information.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-default-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-LTR.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\spbd\images\x-mouseover-RTL.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\spsd\main.html (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\spsd\SearchProtector.css (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\spsd\settings.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\spsd\images\ok-button.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\spsd\images\separation-line.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\Dialogs\spsd\images\warning.png (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\David\AppData\Roaming\SearchProtect\ffprotect\SProtectorRepository\EN (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\ffprotect\nsprotector.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\ffprotect\abstraction.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Users\Pauline\AppData\Roaming\SearchProtect\ffprotect\application.js (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\LessTabs\terms-of-service.rtf (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. C:\Program Files (x86)\LessTabs\Uninstall.exe (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. C:\Program Files (x86)\LessTabs\3rd Party Licenses\buildcrx-license.txt (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. C:\Program Files (x86)\LessTabs\3rd Party Licenses\Info-ZIP-license.txt (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. C:\Program Files (x86)\LessTabs\3rd Party Licenses\nsJSON-license.txt (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. C:\Program Files (x86)\LessTabs\3rd Party Licenses\UAC-license.txt (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. C:\Program Files (x86)\LessTabs\Chrome\cekmkdkefndbeciggfanobcemjnppbbb.crx (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. C:\Program Files (x86)\LessTabs\IE32\LessTabsClientIE.dll (PUP.Optional.Lesstabs) -> Quarantined and deleted successfully. C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully. C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\Wajam\uninstall.exe (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\Wajam\IE\favicon.ico (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\Wajam\IE\wajamLogo.bmp (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\default.xml (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\conf\logger.xml (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\about.html (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\affid.dat (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\basis.xml (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\bing.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\dating.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\find.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\games.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\glitter.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\google.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\help.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\highlight.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\locales.xml (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\music.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\news.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\onstart.js (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\options.html (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\photos.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\shopping.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\video.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\web-search.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_blank.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.
(end) More logs to follow.... |
actions · 2013-Oct-1 3:47 pm · (locked) |
lilhurricaneCrunchin' For Cures Numquam oblita join:2003-01-11 Purple Zone |
[Malware] Re: Multiple Infectionssaid by Sanguin :More logs to follow.... We'll be waiting |
actions · 2013-Oct-1 3:48 pm · (locked) |
|
Sanguin
Anon
2013-Oct-1 4:10 pm
AdwCleaner Log: # AdwCleaner v3.006 - Report created 01/10/2013 at 11:55:19 # Updated 01/10/2013 by Xplode # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) # Username : Paul - PAUL-PC # Running from : C:\Users\Paul\Downloads\adwcleaner.exe # Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Searchprotect Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\boost_interprocess Folder Deleted : C:\ProgramData\BrowserProtect Folder Deleted : C:\Program Files (x86)\Conduit Folder Deleted : C:\Program Files (x86)\Iminent Folder Deleted : C:\Program Files (x86)\MyPC Backup Folder Deleted : C:\Program Files (x86)\OApps Folder Deleted : C:\Program Files (x86)\SweetIM Folder Deleted : C:\Program Files (x86)\Yontoo Folder Deleted : C:\Program Files\DomaIQ Uninstaller Folder Deleted : C:\Users\Paul\AppData\Local\Conduit Folder Deleted : C:\Users\Paul\AppData\Local\DefineExt Folder Deleted : C:\Users\Paul\AppData\Local\Supreme Savings Folder Deleted : C:\Users\Paul\AppData\Local\SwvUpdater Folder Deleted : C:\Users\Paul\AppData\Local\Wajam Folder Deleted : C:\Users\Paul\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Paul\AppData\LocalLow\Delta Folder Deleted : C:\Users\Paul\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\Paul\AppData\LocalLow\SweetIM Folder Deleted : C:\Users\Paul\AppData\Roaming\Conduit Folder Deleted : C:\Users\Paul\AppData\Roaming\DSite Folder Deleted : C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect Folder Deleted : C:\Users\David\AppData\Roaming\Searchprotect Folder Deleted : C:\Users\Pauline\AppData\Roaming\Searchprotect Folder Deleted : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp Folder Deleted : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Folder Deleted : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko Folder Deleted : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpaiibklhaneknloaoccoidbaffjjlnb Folder Deleted : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi File Deleted : C:\END File Deleted : C:\Users\Paul\AppData\Local\Temp\Uninstall.exe File Deleted : C:\Windows\System32\Tasks\BrowserProtect File Deleted : C:\Windows\Tasks\DSite.job
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Key Deleted : HKCU\Software\Google\Chrome\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cbjibcbpmbcabnfnohhgjjmkgkimajko Key Deleted : HKCU\Software\Google\Chrome\Extensions\gpaiibklhaneknloaoccoidbaffjjlnb Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gpaiibklhaneknloaoccoidbaffjjlnb Key Deleted : HKCU\Software\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs Key Deleted : HKCU\Software\aede88bc6de541 Key Deleted : HKLM\SOFTWARE\aede88bc6de541 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3286042 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298569 Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B5FC24D2-2DB1-4603-88BD-6E2E551138F7} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4C4C7AAB-5854-4241-A414-E2F1EF119C4A} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} Key Deleted : HKCU\Software\BabSolution Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\dsiteproducts Key Deleted : HKCU\Software\Iminent Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\smartbar Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\Iminent Key Deleted : HKLM\Software\Supreme Savings Key Deleted : HKLM\Software\Tarma Installer Key Deleted : HKLM\Software\Uniblue\DriverScanner Key Deleted : HKLM\Software\Wajam Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DomaIQ Uninstaller Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16686
-\\ Google Chrome v29.0.1547.76
[ File : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : homepage Deleted : icon_url Deleted : search_url Deleted : suggest_url Deleted : keyword
*************************
AdwCleaner[R0].txt - [13092 octets] - [01/10/2013 11:54:55] AdwCleaner[S0].txt - [12345 octets] - [01/10/2013 11:55:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12406 octets] ########## |
actions · 2013-Oct-1 4:10 pm · (locked) |
Sanguin |
to lilhurricane
Checkup log: Results of screen317's Security Check version 0.99.74 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 [u]``````````````Antivirus/Firewall Check:``````````````[/u] [color=red]Windows Security Center service is not running! This report may not be accurate![/color] Norton 360 Trend Micro Client/Server Security Agent Antivirus [color=red]Antivirus out of date![/color] [u]`````````Anti-malware/Other Utilities Check:`````````[/u] Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 21 Java 7 Update 25 [color=red]Java version out of Date![/color] Adobe Reader XI Google Chrome 29.0.1547.66 Google Chrome 29.0.1547.76 [u]````````Process Check: objlist.exe by Laurent````````[/u] Malwarebytes Anti-Malware mbam.exe [u]`````````````````System Health check`````````````````[/u] Total Fragmentation on Drive C: 6% [u]````````````````````End of Log``````````````````````[/u] |
actions · 2013-Oct-1 4:15 pm · (locked) |
Sanguin |
to lilhurricane
|
actions · 2013-Oct-1 4:16 pm · (locked) |
Sanguin |
to lilhurricane
Extras Log: OTL Extras logfile created on: 10/1/2013 12:04:36 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Paul\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16686) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
7.99 Gb Total Physical Memory | 6.36 Gb Available Physical Memory | 79.64% Memory free 15.97 Gb Paging File | 13.98 Gb Available in Paging File | 87.53% Paging File free Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 930.74 Gb Total Space | 856.11 Gb Free Space | 91.98% Space Free | Partition Type: NTFS
Computer Name: PAUL-PC | User Name: Paul | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[color=#E56717]========== Shell Spawning ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
[color=#E56717]========== Security Center Settings ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[color=#E56717]========== Firewall Settings ==========[/color]
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software Installer "{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager "{100E94A6-F85A-E828-9EE3-C1DD14706B6A}" = AMD Catalyst Install Manager "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{237E305C-B625-466A-88CE-1E121BF4FDB1}" = Send To Neat "{2EECD5EF-5095-467C-B80C-4AB3096EFD60}" = SPBA 5.9 "{30C2392C-C7D6-4FE2-9617-05D2C6E9D3EE}" = Wave Infrastructure Installer "{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager "{3DCDFCDB-4D96-4CF0-9BB3-C91DAE9073F3}" = PC-CCID "{4E60E212-3177-4B16-BCB3-616CCC52357D}" = Upek Touchchip Fingerprint Reader "{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime "{5737101A-27C4-408A-8A57-D1DC78DF84B4}" = 64 Bit HP CIO Components Installer "{5F5CBF39-BD29-43C8-B63A-B9758F0FD090}" = EMBASSY Client Core "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6438A99C-A37E-4758-A0AE-95F8A63AAFF5}" = Intel(R) Network Connections 16.8.45.00 "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{6AC87FB3-ACFC-4416-890C-8976D5A9B371}" = Trusted Drive Manager "{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64) "{7206B668-FEE0-455B-BB1F-9B5A2E0EC94A}" = Custom "{7AA348CE-190E-416B-839E-68E33CFEB580}" = Broadcom NetXtreme-I Netlink Driver and Management Installer "{7EA2D88A-C8B7-4102-8644-0A437B6FC143}" = Neat Mobile Scanner Driver "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A2BC7D4-A7D3-45D5-B3D2-394718C53C41}" = Neat ADF Scanner 2008 Driver "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{91CE5F03-3A2A-4268-935A-04944F058AE9}" = Gemalto "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9DAED4FC-2B0E-4F3F-8141-F2ABF02CCFCB}" = BioAPI Framework "{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}" = Neat ADF Scanner Driver "{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Data Protection | Access "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{D021AEE9-18D2-1F56-46DA-CD72CA3E97F0}" = ccc-utility64 "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{D1108D4B-72F8-419F-88C5-ABB8DC09B3C7}" = Neat Mobile Scanner (Silver) Driver "{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DDE25FC9-892D-4D24-9325-3BAA5C15ACA9}" = Neat Mobile Scanner 2008 Driver "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{E9A97832-83B6-42B6-BAC6-492E344C2561}" = NTRU TCG Software Stack "{F4D304D9-7647-4253-957E-44286B8631F4}" = HP Unified IO "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F839C6BD-E92E-48FA-9CE6-7BFAF94F7096}" = DellAccess "0B1DCCBA5BC4F4EEFC1C4D6AC8B27D2393A38E9B" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssaeunic) USB (02/05/2010 5.14.0.0) "0E7272CE1AFA7996DFC0F8B0B359D995AA4DB9A1" = Windows Driver Package - Motorola (motport) Ports (06/08/2012 5.0.0.0) "1094B5BC21E9E962B506E05A69705228F8A5273A" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssadserd) Ports (05/13/2011 5.28.2.1) "1189BFED67524133874A995F6EE63DC76C2083C1" = Windows Driver Package - LG Electronics, Inc. Net (03/07/2012 3.7.0.0) "12C994695E7E2B88AD95A9735C24954239BEAE17" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. (sscdmdm) Modem (11/11/2010 5.16.0.2) "14AE004B19BD3BB393FF6268715C15E1F14216E8" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssaemdm) Modem (02/05/2010 5.14.0.0) "1D537EE1DAD90A300DC0325C62C72E6ACF2D2D65" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssceserd) Ports (10/09/2009 5.02.0.0) "1F35118DF730077690CF2BAEBDAC57D2138F7E44" = Windows Driver Package - Motorola (motusbdevice) USB (06/08/2012 1.1.3.0) "2301BE174B73BC5F63B7CAD6932299F0929C08B2" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. WPD (08/31/2012 2.9.505.0831) "26B4A31470CDCEEEA1A53E4A59FAB923B43A110E" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (08/31/2012 2.9.505.0831) "37C6E863D718F6363FBAC33FBAAA927F5DC2A43E" = Windows Driver Package - LG Electronics Inc. (AndGps) Ports (11/30/2010 2.2.0.0) "38207DB32AC6A59CE6075F5AAE1448040FAC76DB" = Windows Driver Package - LG Electronics Inc. (AndDiag) Ports (11/30/2010 2.2.0.0) "3DC1E396CEBB6BD7F49EA3CE751E35B9CDCC0972" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. (sscdbus) USB (11/11/2010 5.16.0.2) "3E885DDD8DE7247FEBCE2F5FEF86A3664DF51FEC" = Windows Driver Package - Motorola (bqusbser) Ports (02/24/2009 1.1.0.0) "3F162CA9EF5A33FF16B97554663A71E35053783E" = Windows Driver Package - LG Electronics Inc (ANDModem) Modem (11/30/2010 2.2.0.0) "4478FD8A17EBB830FFCEB0711D2F0FB5FE045A09" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. Net (08/31/2012 2.9.505.0831) "46D28B033482A13C68B1777C399248A0FE510D1A" = Windows Driver Package - Motorola (bqusbser) Modem (02/24/2009 1.1.0.0) "473A826891238E0A7004C32246D77CFDEDF4A65E" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssadbus) USB (05/13/2011 5.28.2.1) "4D55218052428488AFE6BA93FABC783E658657A7" = Windows Driver Package - LG Electronics Inc. (Andbus) USB (11/30/2010 2.2.0.0) "5A454C002BB9011E261D0C1B7E846CD23A1D1806" = Windows Driver Package - LG Electronics, Inc. WPD (03/07/2012 3.7.0.0) "5BAD868F0BB659A66CAB11EB79E98ECCA707FAAE" = Windows Driver Package - Android-Sync.com (WinUSB) AndroidUsbDeviceClass (05/01/2013 13.0.0501.00000) "603A5E6148EA90E9E55AEAE6A3415D542C6633F8" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssudobex) Ports (08/31/2012 2.9.505.0831) "65A0EC5C997DEB2CCF16DAB60F7FD025088FA983" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssadmdm) Modem (05/13/2011 5.28.2.1) "75005F34035E512FEEBCAE8E47C427F0D5B95E92" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssaend5) Net (02/05/2010 5.14.0.0) "7972D4F247E02C0849331540773B9ABFA384B182" = Windows Driver Package - LG Electronics Inc. (Andbus) USB (11/30/2010 2.2.0.0) "8328654005D05C83C119D86532E4C3EA03DD4067" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssuddmgr) Ports (08/31/2012 2.9.505.0831) "8CDE6EEFC346A059EC210060FC7B7DAA8279D584" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssaebus) USB (02/05/2010 5.14.0.0) "9512AA21B791B05A54E27065C45BBC417AB282DF" = Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) "97541C74689007984DD12A4E0B349E2F96A66C2F" = Windows Driver Package - LG Electronics, Inc. Net (03/07/2012 3.7.0.0) "9F5D55CA59818FDD3D5CEB25BE1B0FCF5393EFEF" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. (sscemdm) Modem (10/09/2009 5.02.0.0) "A185B27219B7757BA7055C38FA3E10B588031413" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (08/31/2012 2.9.505.0831) "A3F0461CF2623C40BC42C38D4C0E7319E5C458CA" = Windows Driver Package - LG Electronics Inc. (AndDiag) Ports (11/30/2010 2.2.0.0) "A43025A72B6CC28CB38B93867B2740C581E3B100" = Windows Driver Package - LG Electronics Inc (ANDModem) Modem (11/30/2010 2.2.0.0) "AE94D92D11D453B29C8587BB640E52F5BB0FCF4A" = Windows Driver Package - Android-Sync.com (WinUSB) AndroidUsbDeviceClass (03/30/2013 13.0.0330.00000) "BC0FC97093ED911878848F7852D617BA23E42F68" = Windows Driver Package - LG Electronics Inc. (AndGps) Ports (11/30/2010 2.2.0.0) "BDE134075C5EB079E606351CBB25D6785210D594" = Windows Driver Package - LG Electronics, Inc. (andnetndis) Net (03/07/2012 3.7.0.0) "C33CF0FB0990B3538506509270602B0B5D644E49" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. (sscdserd) Ports (11/11/2010 5.16.0.2) "CC16886829EBCBDE3BFDAE395E74FACD43F1386F" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. Net (05/13/2011 5.28.2.1) "CCleaner" = CCleaner "D0D70453248CA2C23E4C653B7F8C2E27B2047C81" = Windows Driver Package - Motorola (motccgp) USB (06/08/2012 3.3.0.0) "D36EE4906646B97CE2BD22721B14257AC200360E" = Windows Driver Package - Motorola (usbser) Ports (03/30/2012 1.0.0.0) "DW WLAN Card Utility" = DW WLAN Card Utility "E4F147629ED19D861019F10EE74074C3077C3FBD" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssudserd) Ports (08/31/2012 2.9.505.0831) "E670C2A33F5DE62100C1BF6291C8DBBCE5457692" = Windows Driver Package - LG Electronics, Inc. (andnetndis) Net (03/07/2012 3.7.0.0) "EC59CFD8B4CBED0A412E4B22DAB4C565DE2E79D5" = Windows Driver Package - Motorola (motmodem) Modem (06/08/2012 5.0.0.0) "ECE68E19FAAEB5C5ACC855B195FBCB21217053BE" = Windows Driver Package - SAMSUNG Electronics Co., Ltd. (sscebus) USB (10/09/2009 5.02.0.0) "EE7300AD4427B38D8BB9A77F148002562AF11EA9" = Windows Driver Package - Motorola (motandroidusb) USB (06/08/2012 1.2.13.0) "F0EE2BD961E485B5B5AE20058D7FEC68F3C0DE1D" = Windows Driver Package - Motorola (Motousbnet) Net (06/08/2012 2.6.0.0) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "PROSetDX" = Intel(R) Network Connections 16.8.45.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01709BCA-8553-4B46-8A75-DBCCAC95DD62}" = Hoyle Card Games 2012 "{04566294-A6B6-4462-9721-031073EB3694}" = Dell Client System Update "{08208143-777D-4A06-BB54-71BF0AD1BB70}" = IPTInstaller "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C779D9C-FD0F-4A53-86BE-3D53E58B2900}" = HPLJUTCore "{1125FC8E-975D-47BD-943D-0DFE0E2358B9}" = hppM351_M451LaserJetService "{14CF9AF8-10A6-4FA7-9E57-D22DBD644C77}" = HP Unified IO "{15CA73D8-3C82-4BAE-86CD-945BF9620516}" = HP LJ300-400 color M351-M451 "{180D6813-95E0-415C-B58A-5B9493DE2DDA}" = hppLaserJetService "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1E5C7043-09C5-4974-A69F-A5271FD82BBC}" = PlayMemories Home "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{210DD1FC-AAF8-4357-25FE-89E699BDB62E}" = CCC Help Greek "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver "{25E11B5A-4817-4296-A260-235AE77B1708}" = hpStatusAlertsM351_M451 "{266E41AB-D928-4AF2-A8E4-B24E31F5758C}" = ASUS RT-AC66U Wireless Router Utilities "{26A24AE4-039D-4CA4-87B4-2F83217021F0}" = Java 7 Update 21 "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25 "{27B201A5-A73B-1E7E-0C62-978A1B4A6696}" = CCC Help Danish "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{29725F9E-027A-22DC-7B17-9413A5C5E51C}" = CCC Help Polish "{2E1BA46C-A45B-F2C8-1197-0CEB4EB77F70}" = CCC Help Hungarian "{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77}" = GEAR driver installer for x86 and x64 "{2F739B19-3A61-40E3-8014-A9BB228E49DB}" = ASUS Wireless Router RT-AC66U Manuals "{32C0FD10-8FB4-427E-A16F-ED57C9343CF0}" = InstanceFinder "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{3528D412-5EEA-AAEA-AF64-9ADEE903D7D5}" = CCC Help English "{383FCD28-9484-48AC-9397-C8FCD9D8F76E}" = Catalyst Control Center - Branding "{39D555D6-3DB9-B304-042B-185E5FEBEF97}" = Catalyst Control Center InstallProxy "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU "{3D8BC028-6977-2124-8314-A480AFD53C20}" = CCC Help Korean "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{3F5AF1A5-68C6-63B6-9550-B0BBDEFCA76F}" = CCC Help Chinese Standard "{40B415DD-63CB-7269-F7F8-BD2A06792785}" = CCC Help French "{4587AD12-30F6-F902-299B-BD8428E7F090}" = Catalyst Control Center "{46A99EAE-98DA-4BE5-94C3-D41BA4C266DA}" = hpStatusAlerts "{48614A34-564D-1F2B-7D2E-8814113BDEA8}" = CCC Help Dutch "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A47438B-3146-4B9E-94A5-1EEAE3C36C53}" = Tableau Reader 8.0 "{4B055C77-BC0F-623F-5A73-F7D5012987DB}" = CCC Help Finnish "{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer "{4DB573AF-032C-482F-A262-F30DF9A65CC5}" = Team Developer 6.0 Deployment "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module "{54ED5964-9FEF-C9F8-F5D7-2663AFFD0C13}" = CCC Help Czech "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}" = HPLJDXPHelper "{601DAC8F-4594-11E2-A2E7-B8AC6F97B88E}" = Google Earth Pro "{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}" = hpbDSService "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6930AC06-C380-421E-91FE-9CA29D21D83E}" = hppToolboxProxyM351 "{703BB500-F54C-4F33-9D3C-D7A28CEAFBCF}" = toolkit32for64bit "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{751F6C35-7A18-EAB6-AD50-ADAA4C5DD103}" = Catalyst Control Center Profiles Desktop "{768012C6-AB93-3FDE-C3F6-6C0606948568}" = CCC Help Italian "{78C07322-CA1D-98B6-14CE-476F125081B2}" = CCC Help Swedish "{7DE49DE7-5B57-4AD9-9AD8-ACDD0DC07FD9}_is1" = AgStar "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{850C7BC5-8CBC-4635-552E-C0AD6A0EA01E}" = Catalyst Control Center Graphics Previews Common "{8B8EE744-5D73-3AAC-52FB-43517C1CFA0B}" = CCC Help Spanish "{8C0600A3-E772-4FC8-A67D-ED110E69665C}" = Wave Crypto Runtime 2.0.7.0 x86 "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup "{8ED262EE-FC73-47A9-BB86-D92223246881}" = PowerChute Personal Edition 3.0.2 "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{9416A209-B8AD-4FE5-A893-3BDA6E9BDEC5}" = HP Product FWUpdater "{95140000-0081-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update "{99432E4C-1189-4887-9D75-DAA796015FFD}" = Neat Core Files "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D3A232F-57E6-595E-1F77-637AFF16580C}" = CCC Help Thai "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A282AFAB-F862-FF2E-44FB-22AA15E54AAA}" = CCC Help Chinese Traditional "{A69EAF80-2710-6AD2-8515-2C27CE1B5802}" = CCC Help Turkish "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.04) "{AE72A9DF-CF98-6D61-841E-32EBD9A2A74E}" = CCC Help Portuguese "{B148E192-F289-4297-85BF-70E2A422EB25}_is1" = Android-Sync v1.026 "{B15E6BBB-6AB4-3B2B-54AE-A1B874FA5469}" = CCC Help German "{B64E0B43-A452-4B25-93DD-E5C6645A534A}" = ToolboxProxy "{BD019D8F-25B9-49D6-B301-07AFF65E35DD}" = HPLaserJet300-400ColorM351-M451Series_HelpLearnCenter_SI "{BE5B0450-DCCB-4FE9-93E2-3B38D88A745B}" = BlackBerry Desktop Software 7.1 "{BF2198EB-503D-4E0B-89FB-509AADD6D545}" = hpbM351M451DSService "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C6A344E9-6D72-560C-4A5E-93E6CA0EDDF7}" = CCC Help Russian "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D10D4895-3630-B0A7-B575-7D1735E588A7}" = CCC Help Norwegian "{D1BD700E-92C1-4F3E-B934-0140440B336A}" = CardScan 7.0.5 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E25710A1-F024-4BAF-898C-32703F047737}" = HPLJUTM351-M451 "{E3D5CBA4-1B99-4E8B-A46E-01B08E78D81C}" = CardScan for Outlook "{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}" = LJDXPHelperUI "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F3C7FDC9-0B49-A5EC-7987-3C17D7045462}" = CCC Help Japanese "{F838C3DD-5785-4F19-AD0F-BD532C8A31F4}" = HTC Sync Manager "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center "{FBFD7411-739D-B207-5B40-59EF15873810}" = Catalyst Control Center Localization All "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "BlackBerry_Desktop" = BlackBerry Desktop Software 7.1 "Borland Database Engine_is1" = Borland Database Engine 5.2 "EPSON Scanner" = EPSON Scan "ESET Online Scanner" = ESET Online Scanner v3 "Google Chrome" = Google Chrome "HTC_WModemDriver" = WModem Driver Installer "InstallShield_{4DB573AF-032C-482F-A262-F30DF9A65CC5}" = Team Developer 6.0 Deployment "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300 "Neat" = Neat "Norton PC Checkup_is1" = Norton PC Checkup "Office14.SingleImage" = Microsoft Office Professional 2010 "Printfil_is1" = Printfil 4.0-3 3 OEM FoodOrigins "Sendori" = Sendori "sl-cb" = SelectionLinks "The Weather Channel App" = The Weather Channel App "The Weather Channel Desktop 6" = The Weather Channel Desktop 6 "WinLiveSuite" = Windows Live Essentials
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "ActiveTouchMeetingClient" = Cisco WebEx Meetings
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ] Error - 9/5/2013 11:32:38 AM | Computer Name = Paul-PC | Source = SendoriService | ID = 99 Description = In the enable methodObject reference not set to an instance of an object.
Error - 9/5/2013 11:32:39 AM | Computer Name = Paul-PC | Source = WinMgmt | ID = 10 Description =
Error - 9/5/2013 11:58:12 AM | Computer Name = Paul-PC | Source = .NET Runtime | ID = 1026 Description =
Error - 9/5/2013 11:58:16 AM | Computer Name = Paul-PC | Source = Application Error | ID = 1000 Description = Faulting application name: TWCApp.exe, version: 7.5.3.0, time stamp: 0x51c84ddd Faulting module name: Sendori.dll, version: 2.2.1.5, time stamp: 0x5073643e Exception code: 0xc0000005 Fault offset: 0x00007046 Faulting process id: 0x1a44 Faulting application start time: 0x01ceaa4dde0502a8 Faulting application path: C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe Faulting module path: C:\Windows\system32\Sendori.dll Report Id: f9736adb-1643-11e3-beb2-000af704718e
Error - 9/6/2013 1:37:17 PM | Computer Name = Paul-PC | Source = WinMgmt | ID = 10 Description =
Error - 9/6/2013 1:38:06 PM | Computer Name = Paul-PC | Source = .NET Runtime | ID = 1026 Description =
Error - 9/6/2013 1:38:24 PM | Computer Name = Paul-PC | Source = Application Error | ID = 1000 Description = Faulting application name: TWCApp.exe, version: 7.5.3.0, time stamp: 0x51c84ddd Faulting module name: Sendori.dll, version: 2.2.1.5, time stamp: 0x5073643e Exception code: 0xc0000005 Fault offset: 0x0000838e Faulting process id: 0xd10 Faulting application start time: 0x01ceab27ac41d773 Faulting application path: C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe Faulting module path: C:\Windows\system32\Sendori.dll Report Id: 20f7ec01-171b-11e3-84b3-000af704718e
Error - 9/6/2013 2:00:37 PM | Computer Name = Paul-PC | Source = WinMgmt | ID = 10 Description =
Error - 9/6/2013 2:41:20 PM | Computer Name = Paul-PC | Source = .NET Runtime | ID = 1026 Description =
Error - 9/6/2013 2:41:21 PM | Computer Name = Paul-PC | Source = Application Error | ID = 1000 Description = Faulting application name: TWCApp.exe, version: 7.5.3.0, time stamp: 0x51c84ddd Faulting module name: Sendori.dll, version: 2.2.1.5, time stamp: 0x5073643e Exception code: 0xc0000005 Fault offset: 0x00007046 Faulting process id: 0xb00 Faulting application start time: 0x01ceab2ae61a2743 Faulting application path: C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe Faulting module path: C:\Windows\system32\Sendori.dll Report Id: ec1a8007-1723-11e3-a928-000af704718e
[ Broadcom Wireless LAN Events ] Error - 9/6/2013 1:37:27 PM | Computer Name = Paul-PC | Source = WLAN-Tray | ID = 0 Description = 10:37:27, Fri, Sep 06, 13 Error - Unable to set enhanced country code
Error - 9/6/2013 2:01:17 PM | Computer Name = Paul-PC | Source = WLAN-Tray | ID = 0 Description = 11:01:17, Fri, Sep 06, 13 Error - Unable to set enhanced country code
Error - 9/7/2013 12:01:06 PM | Computer Name = Paul-PC | Source = WLAN-Tray | ID = 0 Description = 09:01:06, Sat, Sep 07, 13 Error - Unable to set enhanced country code
Error - 9/8/2013 1:28:54 PM | Computer Name = Paul-PC | Source = WLAN-Tray | ID = 0 Description = 10:28:54, Sun, Sep 08, 13 Error - Unable to set enhanced country code
Error - 9/9/2013 12:52:07 PM | Computer Name = Paul-PC | Source = WLAN-Tray | ID = 0 Description = 09:52:07, Mon, Sep 09, 13 Error - Unable to set enhanced country code
Error - 9/10/2013 12:46:23 PM | Computer Name = Paul-PC | Source = WLAN-Tray | ID = 0 Description = 09:46:23, Tue, Sep 10, 13 Error - Unable to set enhanced country code
Error - 9/11/2013 12:08:19 PM | Computer Name = Paul-PC | Source = WLAN-Tray | ID = 0 Description = 09:08:19, Wed, Sep 11, 13 Error - Unable to set enhanced country code
Error - 9/11/2013 12:17:10 PM | Computer Name = Paul-PC | Source = WLAN-Tray | ID = 0 Description = 09:17:10, Wed, Sep 11, 13 Error - Unable to set enhanced country code
Error - 9/30/2013 2:22:55 PM | Computer Name = Paul-PC | Source = WLAN-Tray | ID = 0 Description = 11:22:55, Mon, Sep 30, 13 Error - Unable to get current user admin status
[ SendoriLogs Events ] Error - 10/1/2013 12:08:31 PM | Computer Name = Paul-PC | Source = SendoriLog | ID = 99 Description = On EnableObject reference not set to an instance of an object.
Error - 10/1/2013 12:13:31 PM | Computer Name = Paul-PC | Source = SendoriLog | ID = 99 Description = On EnableObject reference not set to an instance of an object.
Error - 10/1/2013 12:18:31 PM | Computer Name = Paul-PC | Source = SendoriLog | ID = 99 Description = On EnableObject reference not set to an instance of an object.
Error - 10/1/2013 12:23:31 PM | Computer Name = Paul-PC | Source = SendoriLog | ID = 99 Description = On EnableObject reference not set to an instance of an object.
[ System Events ] Error - 6/19/2013 1:41:16 PM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7000 Description = The Computer Backup (MyPC Backup) service failed to start due to the following error: %%1053
Error - 6/19/2013 1:41:39 PM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7034 Description = The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s).
Error - 6/20/2013 2:10:38 PM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7001 Description = The NTRU TSS v1.2.1.37 TCS service depends on the TPM Base Services service which failed to start because of the following error: %%0
Error - 6/20/2013 2:11:12 PM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
Error - 6/20/2013 2:11:12 PM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7000 Description = The Computer Backup (MyPC Backup) service failed to start due to the following error: %%1053
Error - 6/20/2013 2:11:26 PM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7034 Description = The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s).
Error - 6/20/2013 4:43:09 PM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7001 Description = The NTRU TSS v1.2.1.37 TCS service depends on the TPM Base Services service which failed to start because of the following error: %%0
Error - 6/20/2013 4:43:40 PM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7009 Description = A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
Error - 6/20/2013 4:43:40 PM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7000 Description = The Computer Backup (MyPC Backup) service failed to start due to the following error: %%1053
Error - 6/20/2013 4:43:52 PM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7034 Description = The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s). |
actions · 2013-Oct-1 4:16 pm · (locked) |
Sanguin |
to lilhurricane
ESET did find some things and fixed them, but it had me reboot the computer (I think it was ESET that caused the reboot) and now I'm not sure where the log is at. Are those kept around somewhere? |
actions · 2013-Oct-1 4:18 pm · (locked) |
Sanguin |
Sanguin
Anon
2013-Oct-1 4:19 pm
I also forgot to mention that the Windows Security Center service won't start up. It throws an error if I try to do it manually. |
actions · 2013-Oct-1 4:19 pm · (locked) |
lilhurricaneCrunchin' For Cures Numquam oblita join:2003-01-11 Purple Zone |
to Sanguin
said by Sanguin :I'm not sure where the log is at. Are those kept around somewhere? Log files should be located at C:\Program Files\EsetOnlineScanner\log.txt - even if the app was uninstalled ---or for 64bit Windows: C:\Program Files\ESET Online Scanner\log.txt Copy and paste that log into your next reply, along with a description of any remaining problems |
actions · 2013-Oct-1 6:09 pm · (locked) |
|
Sanguin
Anon
2013-Oct-2 11:35 am
Thanks, here it is: ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=d2d0ed34cc74bc4e9b041a28cbff009a # engine=15323 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-10-01 06:40:05 # local_time=2013-10-01 11:40:05 (-0800, Pacific Daylight Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5893 16776574 66 29 6741364 11928234 0 0 # scanned=195263 # found=5 # cleaned=5 # scan_time=3992 sh=28B29A0AA2F451EC3837933CE5B1BD353CF0DF3E ft=1 fh=d9a532cac918a019 vn="MSIL/Adware.StrongVault.A application (cleaned by deleting - quarantined)" ac=C fn="C:\AI_RecycleBin\{1BDC1625-7F86-477B-8490-7E86B5F6E6F3}\3\Strongvault\StrongVaultApp.exe" sh=28B29A0AA2F451EC3837933CE5B1BD353CF0DF3E ft=1 fh=d9a532cac918a019 vn="MSIL/Adware.StrongVault.A application (cleaned by deleting - quarantined)" ac=C fn="C:\AI_RecycleBin\{D54DDA6D-5F32-4238-9A1B-EE893F484C5B}\3\Strongvault\StrongVaultApp.exe" sh=15977FEE4E2177992185505D5D36448AC89086EF ft=1 fh=c71c0011977e947d vn="a variant of Win32/AdWare.OneStep.CL application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\DnsBasic\dnsbasic.dll" sh=443564CF2783A21B33E9241CBBAA3703C3AED39D ft=1 fh=f82cf47f67a3f09d vn="a variant of Win32/Adware.iBryte.G application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Paul\Downloads\downloadmanager_Setup (1).exe" sh=44F0B38D4ECEC681245B11D6E7A62F723C207AA6 ft=1 fh=21d7bc981d0dbb16 vn="a variant of Win32/Adware.iBryte.G application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Paul\Downloads\downloadmanager_Setup.exe" ESETSmartInstaller@High as downloader log: all ok ESETSmartInstaller@High as downloader log: all ok |
actions · 2013-Oct-2 11:35 am · (locked) |
1 recommendation |
to Sanguin
Please download Junkware Removal Tool to your desktop. » www.bleepingcomputer.com ··· al-tool/1. Shut down your protection software now to avoid potential conflicts. 2. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double- clicking, right-mouse click JRT.exe and select "Run as Administrator". 3. The tool will open and start scanning your system. 4. Please be patient as this can take a while to complete depending on your system's specifications. 5. On completion, a log (JRT.txt) is saved to your desktop and will automatically open. 6. Post the contents of JRT.txt into your next message. |
actions · 2013-Oct-2 7:53 pm · (locked) |
|
Sanguin
Anon
2013-Oct-2 8:10 pm
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.3 (09.27.2013:1) OS: Windows 7 Ultimate x64 Ran by Paul on Wed 10/02/2013 at 17:03:16.76 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\dw7 Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\otshot
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB8B3AE-757D-443F-B3A4-0629E709B0D9} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4095140257-976446707-2899445453-1000\Software\SweetIM Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3552D63B-BC7E-4DFA-BA78-E5831325A78F} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5A237B8F-094A-483A-BB4D-3A4D1D34D382} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D9D4BC59-ACCD-43F0-AD63-7CD55BD7949E}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\pc1data" Successfully deleted: [Folder] "C:\Users\Paul\AppData\Roaming\pccustubinstaller" Successfully deleted: [Folder] "C:\Users\Paul\AppData\Roaming\strongvault" Successfully deleted: [Folder] "C:\Users\Paul\appdata\local\cre" Successfully deleted: [Folder] "C:\Program Files (x86)\otshot" Successfully deleted: [Folder] "C:\ai_recyclebin" Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google\Chrome\extensioninstallforcelist [Blacklisted Policy] Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\extensioninstallforcelist [Blacklisted Policy]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Wed 10/02/2013 at 17:06:33.03 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
actions · 2013-Oct-2 8:10 pm · (locked) |
|
1 recommendation |
to Sanguin
There certainly was a lot of "junk" on this computer, and some is still there. Whether I recommend reformat/reinstall or not will be determined by the result of the next step. If there are any signs of a rootkit, then my only recommendation will be reformat/reinstall. The logs so far don't show any, but they are good at hiding. Please download the TDSS Rootkit Removing Tool (TDSSKiller.zip) and save it to your Desktop Be sure to print out and follow all instructions for performing a scan or refer to these instructions with screenshots. - Extract (unzip) the file to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the Desktop.
- If you don't have an extracting program, you can download TDSSKiller.exe and use that instead.
- Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
- Vista/Windows 7 users right-click and select Run As Administrator.
- When the program opens, click the Start Scan button.
- Do not use the computer during the scan
- If the scan completes with nothing found, click Close to exit.
- If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
- Ensure Cure is selected, then click Continue > Reboot now to finish the cleaning process.
Note: If 'Suspicious' objects are detected, Skip will be the default selection.
- A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
- Copy and paste the contents of that file in your next reply.
-- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension. |
actions · 2013-Oct-3 11:00 am · (locked) |
|
Sanguin
Anon
2013-Oct-3 11:51 am
I attached the log file. Looks like it is clear of rootkits, hopefully. |
actions · 2013-Oct-3 11:51 am · (locked) |
|
to Sanguin
The TDSS Killer log was clean. So far no signs of a compromised OS so we can continue cleaning. First:I want to remove any leftovers from previous AV products. Run the removal tools for Norton and Trend Micro. You'll find the download links, etal, at the following links: » support.norton.com/sp/en ··· le_en_us» esupport.trendmicro.com/ ··· 551.aspxSecond:Use Add/Remove Programs (Program Features) to uninstall the following: Sendori SelectionLinks Third:At this point it wise to install an AV if the computer will be online other than just for downloading any programs need for cleaning. You can install the product of your choice or use MSE from Microsoft. Fourth:Run OTL again, and post or attach the log in this thread. Not that there will not be a new Extras log. |
actions · 2013-Oct-3 12:41 pm · (locked) |
|
Sanguin
Anon
2013-Oct-3 2:16 pm
By the way, the error code starting up the Windows Security Center is 0x80070424. Some searching has some people suggesting the zero access rootkit. I assume we've ruled that out with the Rootkit scan we did earlier? |
actions · 2013-Oct-3 2:16 pm · (locked) |
Sanguin |
to LoPhatPhuud
OTL Log attached. AVG is now installed. |
actions · 2013-Oct-3 3:06 pm · (locked) |
1 recommendation |
to Sanguin
I had you run TDSS Killer not so much to check for the TDLx variety of rootkits, as to check the OS files for corruption. The result was negative. There are many reasons why you could be getting the error message from Windows Security Center. I am aware of a few patches via Microsoft FixIts that may apply. Microsoft is the preferred source for a solution and after we are done here, I recommend posting in the appropriate Microsoft Answers Forum for a solution. Now back to business here. Only a few items of cleanup remain, then we can cleanup. First:Run OTL [*]Under the Custom Scans/Fixes box at the bottom, copy and paste the contents of the following box: :OTL O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dll File not found O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dll File not found O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
:Services
:Reg
:Files
:Commands [purity] [emptytemp] [EMPTYFLASH] [Reboot]
[*]Then click the Run Fix button at the top [*]Let the program run unhindered, reboot the PC when it is done [*]Once you see a message box "Fix complete! Click OK to open the fix log." [*]Click the OK button [*]The log will open in Notepad (your default text editor). {*]Save the log. Post a copy of that log in your next reply. Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start-All Programs-Accessories-Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post. Second:Advise what issues, if any, still remain unresolved other than the Windows Security Center error. |
actions · 2013-Oct-4 11:15 am · (locked) |
|
Sanguin
Anon
2013-Oct-4 11:36 am
All processes killed ========== OTL ========== 64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== ========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Bart ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes
User: David ->Temp folder emptied: 304587 bytes ->Temporary Internet Files folder emptied: 128 bytes ->Java cache emptied: 0 bytes
User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes
User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes
User: Paul ->Temp folder emptied: 99146081 bytes ->Temporary Internet Files folder emptied: 17720993 bytes ->Java cache emptied: 170371 bytes ->Google Chrome cache emptied: 28238753 bytes ->Flash cache emptied: 669 bytes
User: Pauline ->Temp folder emptied: 76844 bytes ->Temporary Internet Files folder emptied: 128 bytes
User: Public
User: TEMP ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 15965325 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 87943 bytes %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 648 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 452211542 bytes RecycleBin emptied: 1535640 bytes
Total Files Cleaned = 587.00 mb
[EMPTYFLASH]
User: All Users
User: Bart
User: David
User: Default
User: Default User
User: Paul ->Flash cache emptied: 0 bytes
User: Pauline
User: Public
User: TEMP
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 10042013_082240
Files\Folders moved on Reboot... C:\Users\Paul\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Paul\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. File move failed. C:\Windows\temp\avg_secure_search.log scheduled to be moved on reboot. C:\Windows\temp\wbxtra_10032013_110229.wbt moved successfully. File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot... |
actions · 2013-Oct-4 11:36 am · (locked) |
Sanguin |
to LoPhatPhuud
Everything seems to be running mostly fine at this point. The only issue I've noticed is a very long login process where I put in my password on the login screen, then it goes to a black screen for about 2 minutes. |
actions · 2013-Oct-4 11:37 am · (locked) |
|
to Sanguin
OK, then let's cleanup. We've the most we can here. For the Windows Security Center, post in the appropriate forum at Microsoft Answers. » answers.microsoft.com/en-usBe sure to supply a link to this thread so they can use it. Cleaning Up:Delete TFC: - Delete the TFC icon on your Desktop
Delete OTL: - Double click the OTL icon on your Desktop
- Press the 'Cleanup' button
Delete Security Check: - Delete the SecurityCheck icon on your Desktop
Delete Malware Bytes: - We recommend that you keep MalwareBytes (MBAM) and run it every week. There is no charge to keep the program however the real time protection will stop after the trial period. Be sure to update the definitions before each use. If you decide not to keep MBAM, use Add/Remove Programs to uninstall it.
Delete AdwCleaner:- Double click the AdwCleaner icon on your Desktop
- Press the 'Uninstall' button
Other Programs:- If we asked you to install any other programs that are not removed by the OTL Cleanup procedure, we will provide separate removal instructions.
|
actions · 2013-Oct-5 10:32 am · (locked) |
|
Sanguin
Anon
2013-Oct-7 11:32 am
Ok, thanks for your assistance! |
actions · 2013-Oct-7 11:32 am · (locked) |