Quantcast
Channel: Tech Support Guy - Virus & Other Malware Removal
Viewing all 4746 articles
Browse latest View live

Internet Issues: Automatically Completing Passwords, Links in E-Mails Not Working, et

0
0
Hi

Sorry about the lateness, as I mentioned in the PM :(

Okay, it looks like you still have the Iobit software installed. This may be the reason, so lets remove that.

First, go to Programs and Features via the Control Panel, and uninstall the following programs:

Advanced SystemCare 7
Surfing Protection
IObit Uninstaller


Then, when that's done, can you run the following fix:


Download attached fixlist.txt file and save it to your Desktop.

NOTE It's important that both files FRST and fixlist.txt are in the same location or the fix won't work.

This script was written specifically for this user, for use on that particular machine. Running this on any other machine may cause damage to the operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Thanks

eddie

Attached Files
File Type: txt fixlist.txt (1.3 KB)

CCleaner "invalid firewall rules", suspicious hosts, and ATL80.dll missing, etc....

0
0
CCleaner found a number of "invalid firewall rules" when scanning my registry for errors. (I did not remove anything from the CCleaner registry scan.) Emsisoft has also been detecting many connection attempts to "the suspicious host" of different names... I've also seen a few messages saying that ATL80.dll is missing. I did try to download the Farbar Recovery Scan Tool from Bleeping Computer, but my system tells me it is malware. So I don't know where to begin, and I greatly appreciate any help you can give me. Thank you!

Update:
While waiting, I did a couple of things:

1) I went into safe mode and ran sfc /scannow, and the first results instructed to reboot and then run scannow again, which I did. The second results informed that there were corrupt files which it could not fix. I can post the CBS log here if that would help.

2) I also went to Microsoft and downloaded and ran the Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package ATL Security Update, as well as the Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package MFC Security Update. Then I tested one of the items that gave the missing ATL80.dll error (Snipping Tool), and didn't get the error message. But then I re-checked, and the missing ATL80.dll error is coming up again, consistently.

(I've also run bitdefender and ESET online scans, as well as MalwareBytes,Super AntiSpyware, etc, and none are indicating infections, except for the multiple messages from Emsisoft stated near the beginning of this post. And the "invalid firewall rules" are still showing up in CCleaner. So I am still perplexed.)


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 32 bit
Processor: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz, x64 Family 6 Model 15 Stepping 10
Processor Count: 2
RAM: 3582 Mb
Graphics Card: NVIDIA GeForce 8400M GS, 128 Mb
Hard Drives: C: Total - 152524 MB, Free - 85808 MB;
Motherboard: Dell Inc., 0TT361
Antivirus: Emsisoft Anti-Malware, Updated and Enabled

Trojan.Cidox Activity removal?

0
0
Hi there,

Norton constantly has a pop up telling me that it blocked an attack by: System Infected: Trojan.Cidox Activity.

Can't seem to remove it

Please help!

Thank you.


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 5925 Mb
Graphics Card: Intel(R) HD Graphics 4000, -1984 Mb
Hard Drives: C: Total - 453018 MB, Free - 353628 MB;
Motherboard: SAMSUNG ELECTRONICS CO., LTD., 530U3C/530U4C
Antivirus: Norton 360, Updated and Enabled

Youtube.com Timeout Error

0
0
I've tried everything... Cleaned the cache, diferent browsers(4. IE, Firefox, Opera and Chrome, Firefox was Installed after the Problem ), anti spyware, nothing worked...
All other sites work fine, but when i try to go to youtube it gives me the timeout error, like is blocked, so I went to the driver/etc hosts file to see if youtube was there but nothing.. I really don't know what to do..

Note: Youtube videos contained in other sites doesn't work as well.
Yes, I have Adobe Flash Updated
Pinging Youtube.com gives the timeout error.

If someone got an idea please help me..

Windows Safe Mode

0
0
Welcome. :)

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also produce another two logs (Addition.txt and Shortcut.txt). Please attach these to your reply.

something is screwing up my computer.

0
0
i have to re-enter my passwords, even if i've just visited a site, and even if i checked 'keep me logged in'. i have to do it all over again the next time i go there. also, the icons from my toolbar at top of browser appear and disappear. also, system restore seems to run, then after reboot it says it didn't work. also, i hear ads audio and can't figure out the source of them. many, many more nuisances. i have run spybot and avast free, but still have the problems. thanks for helping me,

Boyd.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 4043 Mb
Graphics Card: Intel(R) HD Graphics Family, 1797 Mb
Hard Drives: C: Total - 584792 MB, Free - 373803 MB; D: Total - 21422 MB, Free - 2278 MB; E: Total - 4055 MB, Free - 10 MB;
Motherboard: Hewlett-Packard, 1695
Antivirus: avast! Antivirus, Updated and Enabled

Bizarre System Resource Loss

0
0
I'm posting with an issue I can't seem to narrow down, no matter what. I have a HP desktop, 64-bit, running Windows 7. We've had the computer several years. Recently, a secondary "explorer.exe" popped up that hogs most of our system resources. I have ran multiple virus/malware/adware scans to no avail. The computer is clean. The computer's internet browsers redirect, which lead me to think it was a virus at first. The scans can't find any. I've used both Microsoft's and TrendMicro's scanners, as well as several others.

I have Process Explorer and traced it the first time to the Registry (by way of right-click and "Properties), to the font folder in the WindowsNT area. I simply deleted a number of fonts we didn't need an assumed that would be the end of it. Shortly thereafter, the extra "explorer.exe" returned, still eating up resources, and now the usage is supposed to be coming from "WindowsNT/CurrentVersion/Winlogon/Shell/."

If we kill the process, it comes right back a few minutes later. I am concerned that it will continue skipping through the registry and we'll keep solving symptoms without solving the overall problem. Any help will be most appreciated.

SafeSearch.exe - cannot uninstall, prompts at startup

0
0
Acer Aspire M5
Running Windows 8.1

At start up I am continually prompted to run "SafeSearch.exe." Ever since this started happening my computer has been running slowly. Hoping this is the sole reason for it, but I am not positive that it is.

Reg Pro Clean keeps coming up when computer restarts

0
0
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-12-2014
Ran by Dr. Tofu at 2014-12-08 22:48:37
Running from C:\Users\Dr. Tofu\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Agarest: Generations of War (HKLM-x32\...\Steam App 237890) (Version: - Idea Factory)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.01 - ASUSTeK Computer Inc.)
Amazon Music (HKU\S-1-5-21-2265380589-2991539385-3585036567-1000\...\Amazon Amazon Music) (Version: 3.7.0.693 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Another World (HKLM-x32\...\Steam App 233550) (Version: - Eric Chahi)
Archon:Classic (HKLM-x32\...\Steam App 65400) (Version: - React Games)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology)
ASUS Xonar DX Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
BIT.TRIP Presents... Runner2: Future Legend of Rhythm Alien (HKLM-x32\...\Steam App 218060) (Version: - Gaijin Games)
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version: - Gaijin Games)
Blackwell Convergence (HKLM-x32\...\Steam App 80350) (Version: - Wadjet Eye Games)
Blackwell Deception (HKLM-x32\...\Steam App 80360) (Version: - Wadjet Eye Games)
Blackwell Unbound (HKLM-x32\...\Steam App 80340) (Version: - Wadjet Eye Games)
Blood Bowl: Legendary Edition (HKLM-x32\...\Steam App 58520) (Version: - Cyanide Studios)
Botanicula (HKLM-x32\...\Steam App 207690) (Version: - Amanita Design)
Broken Age (HKLM-x32\...\Steam App 232790) (Version: - Double Fine Productions)
Brother HL-2070N (HKLM-x32\...\{2CD8B9F2-F3EA-4CB8-83D3-BB778CF150DE}) (Version: 1.00 - Brother)
Brothers - A Tale of Two Sons (HKLM-x32\...\Steam App 225080) (Version: - Starbreeze Studios AB)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version: - Criterion Games)
Canon CanoScan LiDE 110 User Registration (HKLM-x32\...\Canon CanoScan LiDE 110 User Registration) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version: - Canon Inc.)
Cave Story+ (HKLM-x32\...\Steam App 200900) (Version: - Nicalis)
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
Cisco WebEx Meetings (HKU\S-1-5-21-2265380589-2991539385-3585036567-1000\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Cities XL Platinum (HKLM-x32\...\Steam App 231140) (Version: - Focus Home Interactive)
Citrix Online Launcher (HKLM-x32\...\{F82C81F9-ADB5-42BD-AFE9-DD5DFDD215E3}) (Version: 1.0.135 - Citrix)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
Daum PotPlayer 1.5.44465 (HKLM-x32\...\PotPlayer) (Version: - )
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version: - BioWare)
Dropbox (HKU\S-1-5-21-2265380589-2991539385-3585036567-1000\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
DuckTales Remastered (HKLM-x32\...\Steam App 237630) (Version: - WayForward)
Dungeons & Dragons: Chronicles of Mystara (HKLM-x32\...\Steam App 229480) (Version: - Iron Galaxy Studios)
Elevated Installer (x32 Version: 2.3.17.0 - Garmin Ltd or its subsidiaries) Hidden
Epic Battle Fantasy 4 (HKLM-x32\...\Steam App 265610) (Version: - Matt Roszak)
Evoland (HKLM-x32\...\GOGPACKEVOLAND_is1) (Version: 2.0.0.3 - GOG.com)
f.lux (HKU\S-1-5-21-2265380589-2991539385-3585036567-1000\...\Flux) (Version: - )
FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version: - Square Enix)
Fitbit Connect (HKLM-x32\...\Fitbit Connect) (Version: 1.0.0.2578 - Fitbit Inc.)
Galactic Civilizations II: Ultimate Edition (HKLM-x32\...\Steam App 202200) (Version: - Stardock Entertainment)
Garmin Communicator Plugin (HKLM-x32\...\{032A13FF-D26D-4844-9597-7EF698627985}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{AFA301E1-B410-4F1B-B1C0-2E92FDCD94AD}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{d6f59919-3fd4-48c5-8404-def6f92d8422}) (Version: 2.3.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.3.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.3.17.0 - Garmin Ltd or its subsidiaries) Hidden
Google+ Auto Backup (HKLM-x32\...\{D4C4A751-F7F3-4DCA-B825-9AC391BFFC3F}) (Version: 1.0.19.76 - Google)
Guacamelee! Super Turbo Championship Edition (HKLM-x32\...\Steam App 275390) (Version: - DrinkBox Studios)
Gunpoint (HKLM-x32\...\Steam App 206190) (Version: - Suspicious Developments)
Half Minute Hero: Super Mega Neo Climax Ultimate Boy (HKLM-x32\...\Steam App 214830) (Version: - Opus )
Heroes of Might & Magic V (HKLM-x32\...\Steam App 15170) (Version: - Nival)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\Steam App 15380) (Version: - Nival)
Heroes of Might & Magic V: Tribes of the East (HKLM-x32\...\Steam App 15370) (Version: - Nival)
Heroine's Quest: The Herald of Ragnarok (HKLM-x32\...\Steam App 283880) (Version: - Crystal Shard)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Jet Set Radio (HKLM-x32\...\Steam App 205950) (Version: - Blit Software)
K-Lite Codec Pack 10.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
KMP Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - KMP) <==== ATTENTION
LEGO Batman 2 (HKLM-x32\...\Steam App 213330) (Version: - TT Games)
LEGO Lord of the Rings (HKLM-x32\...\Steam App 214510) (Version: - Traveller's Tales)
LEGO MARVEL Super Heroes (HKLM-x32\...\Steam App 249130) (Version: - Traveller's Tales)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version: - Tomorrow Corporation)
Living Trust Maker (HKLM-x32\...\Living Trust Maker) (Version: - Nolo)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios)
Media Player Codec Pack 4.2.9 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.2.9 - Media Player Codec Pack)
Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version: - The Creative Assembly)
Medieval II: Total War Kingdoms (HKLM-x32\...\Steam App 4780) (Version: - The Creative Assembly)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2265380589-2991539385-3585036567-1000\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Monaco (HKLM-x32\...\Steam App 113020) (Version: - Pocketwatch Games)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version: - Messhof)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
Oblivion mod manager 1.1.12 (HKLM-x32\...\Oblivion mod manager_is1) (Version: - Timeslip)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - Robot Entertainment)
PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version: - Mine Loader Software Co., Ltd.)
Photo Station Uploader (remove only) (HKLM-x32\...\Photo Station Uploader) (Version: - Synology)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinball FX2 (HKLM-x32\...\Steam App 226980) (Version: - Zen Studios)
Proteus (HKLM-x32\...\Steam App 219680) (Version: - Ed Key and David Kanaga)
Quicken WillMaker Plus 2012 (HKLM-x32\...\{2B21DAC6-647F-497F-918F-9A389EE24C1D}) (Version: 1.0.0.0 - Nolo)
Rayman Legends (HKLM-x32\...\Steam App 242550) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
RPG Maker VX Ace (HKLM-x32\...\Steam App 220700) (Version: - Enterbrain)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.5 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.2.1 - Samsung Electronics)
ScanExpress S40 Plus V1.3 (HKLM-x32\...\InstallShield_{BB5B3A30-CF21-44AF-8F84-5B7331AEB149}) (Version: 1.3 - Mustek)
ScanExpress S40 Plus V1.3 (x32 Version: 1.3 - Mustek) Hidden
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version: - 5th Cell Media)
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version: - Sega)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version: - Harebrained Schemes)
Shatter (HKLM-x32\...\Steam App 20820) (Version: - Sidhe)
Sid Meier's Civilization IV (HKLM-x32\...\Steam App 3900) (Version: - Firaxis Games)
Sid Meier's Civilization IV: Beyond the Sword (HKLM-x32\...\Steam App 8800) (Version: - Firaxis Games)
Sid Meier's Civilization IV: Warlords (HKLM-x32\...\Steam App 3990) (Version: - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
SimCity 4 Deluxe (HKLM-x32\...\Steam App 24780) (Version: - EA - Maxis)
Skullgirls (HKLM-x32\...\Steam App 245170) (Version: - Lab Zero Games)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sonic Adventure DX (HKLM-x32\...\Steam App 71250) (Version: - SEGA)
Sonic CD (HKLM-x32\...\Steam App 200940) (Version: - Blit Software)
Spotify (HKU\S-1-5-21-2265380589-2991539385-3585036567-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version: - BioWare)
Star Wars: Knights of the Old Republic II (HKLM-x32\...\Steam App 208580) (Version: - Obsidian Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.3.2 - Krzysztof Kowalczyk)
Synology Cloud Station (remove only) (HKU\S-1-5-21-2265380589-2991539385-3585036567-1000\...\Synology CloudStation) (Version: - )
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Blackwell Legacy (HKLM-x32\...\Steam App 80330) (Version: - Wadjet Eye Games)
The Bridge (HKLM-x32\...\Steam App 204240) (Version: - Ty Taylor and Mario Castañeda)
The Cave (HKLM-x32\...\Steam App 221810) (Version: - Double Fine Productions)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.7.0.109 - KMP Media co., Ltd)
The Typing of The Dead: Overkill (HKLM-x32\...\Steam App 246580) (Version: - Modern Dream)
Toki Tori 2+ (HKLM-x32\...\Steam App 201420) (Version: - Two Tribes)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version: - The Creative Assembly)
Trials Evolution Gold Edition (HKLM-x32\...\Steam App 220160) (Version: - Redlynx Ltd)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - Frozenbyte)
Unepic (HKLM-x32\...\Steam App 233980) (Version: - Francisco Téllez de Meneses)
Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version: - Giant Army)
Unofficial Oblivion Patch v3.4.4 (HKLM-x32\...\Unofficial Oblivion Patch_is1) (Version: 3.4.4 - Quarn, Kivan, and Arthmoor)
Unofficial Shivering Isles Patch v1.5.2 (HKLM-x32\...\Unofficial Shivering Isles Patch_is1) (Version: 1.5.2 - Quarn, Kivan, and Arthmoor)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-2265380589-2991539385-3585036567-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Wireless N Client Utility (HKLM-x32\...\{AF31A19F-EC05-4494-969F-584B02DF16FF}) (Version: 7.0 - Rosewill)
Worms Reloaded (HKLM-x32\...\Steam App 22600) (Version: - Team17 Software Ltd.)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)
You Need A Budget 4 (YNAB) (HKLM-x32\...\Steam App 227320) (Version: - YouNeedABudget.com)
Ys I (HKLM-x32\...\Steam App 223810) (Version: - Nihon Falcom)
Ys II (HKLM-x32\...\Steam App 223870) (Version: - Nihon Falcom)
Ys: The Oath in Felghana (HKLM-x32\...\Steam App 207320) (Version: - Nihon Falcom)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dr. Tofu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Dr. Tofu\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\ContextM enu.dll ()
CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Dr. Tofu\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOver lay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Dr. Tofu\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOver lay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Dr. Tofu\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64. dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Dr. Tofu\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOver lay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Dr. Tofu\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOver lay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Dr. Tofu\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64. dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Dr. Tofu\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64. dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Dr. Tofu\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64. dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Dr. Tofu\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dl l (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dr. Tofu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dr. Tofu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dr. Tofu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dr. Tofu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dr. Tofu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dr. Tofu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dr. Tofu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2265380589-2991539385-3585036567-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dr. Tofu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2014-02-01 15:59 - 00526213 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 abcstats.com
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 www2.a-counter.kiev.ua
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 ads.ad2games.com
0.0.0.0 content.ad20.net
0.0.0.0 core.ad20.net
0.0.0.0 banner.ad.nu

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {3D5B696C-0118-4381-AEA8-3A9AB5B4F33D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {9F7A4E30-A380-4C98-AC88-09997EF8D6D0} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {A9714531-09C5-454C-B337-408E6781D67D} - System32\Tasks\RPC => C:\Program Files (x86)\Bull Softwares\Reg Pro Cleaner\RegProCleaner.exe [2014-11-20] ()
Task: {B13C5034-0A27-429B-8BC5-0C45AF6611DA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {CA7ABAF1-CAE0-4B4F-9A05-AF860D992ADB} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {DCA267BD-FFF5-4F16-8275-854B8AD007E8} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2012-05-02] (ASUSTeK Computer Inc.)
Task: {F93F90CB-60AC-4548-BE7A-8052B9D333B4} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe [2012-08-14] (ASUSTeK Computer Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 20:25 - 2012-06-01 16:42 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2013-09-06 21:25 - 2008-07-11 14:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2013-09-06 21:25 - 2008-07-11 14:03 - 00282112 ____N () C:\Windows\system\HsMgr64.exe
2014-06-24 16:51 - 2014-11-18 19:55 - 06277952 _____ () C:\Users\Dr. Tofu\AppData\Local\Amazon Music\Amazon Music Helper.exe
2014-12-08 20:36 - 2014-11-26 12:40 - 00068096 _____ () C:\Windows\SysWOW64\encondinginterpreterUI\encondinginterpreterUI.exe
2013-09-05 20:25 - 2014-12-08 22:45 - 00028672 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-09-05 20:25 - 2010-06-29 09:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-09-05 23:01 - 2012-10-22 10:21 - 01277952 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avformat-53.dll
2013-09-05 23:01 - 2012-07-09 16:57 - 02090496 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avcodec-53.dll
2013-09-05 23:01 - 2011-12-06 15:19 - 00133632 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avutil-51.dll
2013-09-05 23:01 - 2012-03-23 09:07 - 00224768 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\libupnp.dll
2014-09-25 13:44 - 2014-09-25 13:44 - 00081056 _____ () C:\Users\Dr. Tofu\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2013-09-06 21:25 - 2011-04-19 13:56 - 00143360 ____N () C:\Program Files\ASUS Xonar DX Audio\Customapp\VmixP8.dll
2014-12-08 22:46 - 2014-12-08 22:46 - 00043008 _____ () c:\users\drb890~1.tof\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphy43pt.dll
2013-08-23 14:01 - 2013-08-23 14:01 - 25100288 _____ () C:\Users\Dr. Tofu\AppData\Roaming\Dropbox\bin\libcef.dll
2013-09-05 20:26 - 2012-05-17 17:57 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2013-09-05 20:26 - 2012-07-05 11:05 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2013-09-05 20:25 - 2011-07-12 18:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2013-09-05 20:25 - 2010-10-05 07:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2013-09-05 20:25 - 2011-09-26 18:36 - 00869376 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2013-09-05 20:25 - 2012-03-21 11:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2013-09-05 20:25 - 2013-05-08 16:22 - 01040896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2013-09-05 20:26 - 2012-06-19 11:56 - 01305600 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2013-09-05 20:26 - 2012-08-14 10:14 - 01123840 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2013-09-05 20:26 - 2012-07-20 08:39 - 01047040 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2013-09-05 20:25 - 2012-05-25 09:33 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2013-09-05 20:25 - 2012-05-28 20:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2013-09-05 20:25 - 2011-09-19 19:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2013-09-05 20:25 - 2011-07-21 08:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2013-09-05 20:25 - 2011-10-14 19:03 - 00885248 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-09-05 20:25 - 2010-08-23 09:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2013-09-05 20:25 - 2010-10-05 07:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2013-09-05 20:27 - 2012-01-19 08:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
2013-09-05 20:25 - 2009-08-12 19:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2014-12-08 22:08 - 2014-11-26 11:40 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-25 13:44 - 2014-09-25 13:44 - 00081056 _____ () C:\Users\Dr. Tofu\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
2013-09-05 20:26 - 2012-07-31 14:21 - 00152064 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll
2013-09-05 20:26 - 2012-08-15 13:42 - 00786432 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll
2013-09-05 20:26 - 2010-10-05 07:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll
2014-10-15 02:30 - 2014-10-15 02:30 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec72 2bdcb28b8eb8dd75\IsdiInterop.ni.dll
2013-09-05 20:55 - 2012-02-01 15:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-09-05 20:26 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun

========================= Accounts: ==========================

Administrator (S-1-5-21-2265380589-2991539385-3585036567-500 - Administrator - Disabled)
Dr. Tofu (S-1-5-21-2265380589-2991539385-3585036567-1000 - Administrator - Enabled) => C:\Users\Dr. Tofu
Guest (S-1-5-21-2265380589-2991539385-3585036567-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/08/2014 10:47:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (11/09/2014 01:30:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6705.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22147 seconds with 780 seconds of active time. This session ended with a crash.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 13%
Total physical RAM: 16330 MB
Available physical RAM: 14072.23 MB
Total Pagefile: 16528.18 MB
Available Pagefile: 14059.94 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:44.35 GB) NTFS
Drive d: (Data Storage) (Fixed) (Total:931.51 GB) (Free:677.73 GB) NTFS
Drive h: (Elements) (Fixed) (Total:931.51 GB) (Free:864.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 0C4CA770)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B31E5785)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0002846E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

help please

0
0
Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.

See the screenshot where the proper download buttons are highlighted


NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:



You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done, you will get a message saying "PENDING" , Ignore that & click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.
Please note: the newer versions of Adwcleaner have a pretty colour display on some versions of windows and slightly different icons. The screenshots are from the older version but are basically the same

How to remove adware,spyware from my PC

0
0
Click on this link to download : ADWCleaner Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop. Do not click on any links in the top Advert.

See the screenshot where the proper download buttons are highlighted


NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:



You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done, you will get a message saying "PENDING" , Ignore that & click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.
Please note: the newer versions of Adwcleaner have a pretty colour display on some versions of windows and slightly different icons. The screenshots are from the older version but are basically the same

Adware Problem

0
0
Hi dvk01, and THANKS!

I read your post this morning and I downloaded (and did) what you said. After that I got up to get my usual 2nd cup of coffee, and when I came back there was no adware over my Chrome tabs. SO THANK YOU!

The only problem is, and I'm sure it's something I didn't do, I never get an icon to click on. So I saved it to my favorites list and will try again later.

Here's the copy and paste you asked for:

# AdwCleaner v4.105 - Report created 09/12/2014 at 10:57:02
# Updated 08/12/2014 by Xplode
# Database : 2014-12-08.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Mark - MARK-HP
# Running from : C:\Users\Mark\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\374311380
[#] Folder Deleted : C:\ProgramData\BitGuard
Folder Deleted : C:\ProgramData\BonanzaDealsLive
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Performancer
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastPlayer
Folder Deleted : C:\Program Files (x86)\BonanzaDeals
Folder Deleted : C:\Program Files (x86)\BonanzaDealsLive
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\System Optimizer Pro
Folder Deleted : C:\Program Files (x86)\Viewpoint
Folder Deleted : C:\Program Files (x86)\wse_astromenda
Folder Deleted : C:\Program Files (x86)\FastPlayer
Folder Deleted : C:\Program Files (x86)\Consumer Input
Folder Deleted : C:\Program Files (x86)\Common Files\ParetoLogic
Folder Deleted : C:\Users\Mark\AppData\Local\BonanzaDealsLive
Folder Deleted : C:\Users\Mark\AppData\Local\torch
Folder Deleted : C:\Users\Mark\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Mark\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Mark\AppData\Roaming\PennyBee
Folder Deleted : C:\Users\Mark\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Mark\AppData\Roaming\UpdaterEX
Folder Deleted : C:\Users\Mark\AppData\Roaming\wse_astromenda
File Deleted : C:\END
File Deleted : C:\Windows\Reimage.ini
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Deleted : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : ASP
Task Deleted : LaunchSignup
Task Deleted : UpdaterEX
Task Deleted : WSE_Astromenda
Task Deleted : Reimage Reminder
Task Deleted : PennyBee

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\aoejbmmillcdifgagjpdlaamnalbielp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aoejbmmillcdifgagjpdlaamnalbielp
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aoejbmmillcdifgagjpdlaamnalbielp
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{dfc86759}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\BonanzaDealsLive
Key Deleted : HKCU\Software\BRS
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\UpdaterEX
Key Deleted : HKCU\Software\WSE_Astromenda
Key Deleted : HKCU\Software\Reimage
Key Deleted : HKCU\Software\StormWatch
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\InstallCore
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\torch
Key Deleted : HKLM\SOFTWARE\Viewpoint
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlay er
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSE_Astromenda
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Google Chrome v39.0.2171.71


*************************

AdwCleaner[R0].txt - [12792 octets] - [09/12/2014 10:51:18]
AdwCleaner[S0].txt - [10238 octets] - [09/12/2014 10:57:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10299 octets] ##########

Freezing then blue screen, can't run any virus removal programs

0
0
It has been two days or more since my last post. Do you still need help or more time?:)



Regards,

Richard:D

antivirus blocking connection to TEAMVIEWER9

0
0
Quote:

You also have a lot of malware that needs to be dealt with
I noticed that. :o

-----------------------------------------------------------

Help! - Virus aepdu.dll

0
0
Hello,
My Laptop (Win7) has been running suspiciously slow with a number of issues.
** When I start up it takes too long - Everything is slow
** Opening a new window using Chrome or IE gives me a blank white screen for about 5 seconds before finally providing an operational browser.
** Last night I received an AVG notification saying "GENERAL BEHAVIOUR DETECTION" and it quarantined C:\windows\system32\aepdu.dll
** Also last night I began to get a message when trying to use the snipping tool "SNIPPING TOOL IS NOT WORKING ON YUR COMPUTER RIGHT NOW, RESTART AND TRY AGAIN" (which I did numerous times to no avail)
** System restore does not work


Can someone help me, it would be so appreciated


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Pentium(R) CPU B950 @ 2.10GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 2
RAM: 5984 Mb
Graphics Card: Intel(R) HD Graphics Family, -1231 Mb
Hard Drives: C: Total - 700302 MB, Free - 635699 MB;
Motherboard: Gateway, NV47H
Antivirus: AVG AntiVirus Free Edition 2013, Updated and Enabled

How Do I get rid of Bing??

0
0
Hi, To help with this we need to ask for a bit more information, please do this and post what it shows you

http://static.techguy.org/download/SysInfo.exe

Copy /Paste the results into a Reply here in your thread.....

That will show us important generic info on things we need to see to help with your issue

DOJ Virus

0
0
Since we can not get into the system normally, this will allow us to scan the system using an external boot OS. Please note that this will delete whatever you have on the USB stick / drive that you use (just a warning).

Download Peazip to the desktop
Run and install the programme
As it installs this page will show, deselect the AVG ticks
Press decline and it will then install cleanly



Download the following files to the desktop .. Right click the links and select save as...then select desktop

Rufus

OTLPE_standard

Right click OTLPE on your desktop and select ..Open as archive




Select OTLPE standard



Click Extract, ensure that desktop is selected



Insert the USB stick Then run Rufus

Select the ISO file on the desktop via the ISO icon.

Press Start Burn


Once the USB has burnt then
  • Download Farbar Recovery Scan Tool and save it to the flash drive.
    • Reboot your system using the boot USB you just created.
      Note : If you do not know how to set your computer to boot from USB follow the steps here
    • As the Programme needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :)
    • Your system should now display a Reatogo desktop.
    • Locate the flash drive and run FSRT
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

    [/*]

Viruses not found

0
0
I have been trying for months to get rid of all of the viruses i downloaded trying to get a player to waych the world cup. I have tried many online dectors and fixes but nothing seems to find and remove them. any help wouodl be great

AVG blocked by group policy program

0
0
Hi Fizzlekaput,
-----------------------------------------------
Please download MiniToolBox and run it.
Double click MiniToolBox.exe to launch the program.
Checkmark only the following boxes in the list:
  • List Installed Programs
  • List Users, Partitions and Memory size
Click Go to start the scan.
When finished a log Result.txt will open.
Please post the contents of that log in your next reply.
---------------------------------------------
Download the OTL Scanner
Please download OTL.exe by OldTimer and save it to your desktop.
---------------------------------------------
Run a Scan with OTL
  • Right click the OTL icon and choose "Run as administrator" to run it.
  • Check the boxes labeled :
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  • Make sure all other windows are closed to let it run uninterrupted.
  • Click on the Run Scan button at the top left hand corner. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
OTL.txt will be open on your desktop, and Extras.txt will be minimized in your taskbar.
The Extras.txt file will only appear the very first time you run OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.
---------------------------------------------------
So, In Your Replies, we will be looking for the following :
The contents of:
  • The log from the MiniToolbox
  • OTL.txt
  • Extras.txt
Please feel free to use separate replies.

askey127

complicated problem dealing with malware and registry issues/ Windows 7

0
0
Solaris9123,
-----------------------------------------
Check hard Drive for Errors
Open Notepad... then copy and paste the following line into Notepad:
(Notepad is in Start, Programs, Accessories)
Code:

cmd  /c  chkdsk  c:  |find  /v  "percent"  >> "%userprofile%\desktop\checkhd.txt"
Now Save the NotePad file like this:
  • Click on File from the top menu bar.
  • Select Save As, use Filename: testhd.bat and Save As Type: All Files.
  • Choose Desktop as the location
  • Click Save.
Right click on testhd.bat on your desktop and select Run As Administrator to run it. OK the UAC.
A Command Prompt box will pop up, then close after a couple minutes.
Please post the contents of the checkhd.txt file from your desktop.
If the file is very long, just copy and paste the LAST 20 or 30 lines into your reply.

askey127
Viewing all 4746 articles
Browse latest View live




Latest Images