Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Laptop full of viruses need help removing [Solved]

Started by djmarzy , Jul 10 2014 06:55 AM
viruses adware optimizer pro reg clean pro buenosearch

  • This topic is locked This topic is locked

#1
djmarzy
Posted 10 July 2014 - 06:55 AM

djmarzy

    Member

  • Member
  • PipPipPip
  • 134 posts

Hi 

as tittle suggests my laptop is full of viruses and adware i have tried to remove myself but it seems to be making things worse i just keep getting more and more programs installed. so far i have had optimizer pro, reg clean pro and buenosearch pluss more automatically install. it has made my laptop very slow and hardly usable. if any one can help with this issue it would be great.   


  • 0

Advertisements

#2
Naathim
Posted 10 July 2014 - 06:58 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Minion%20Welcome.jpg


My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)

Before we start please note the following:

icon_arrow.gif Analysis and research take some time, also sometimes real life gets in the way, please be patient.
icon_arrow.gif Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
icon_arrow.gif Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
icon_arrow.gif Paste the logs in your posts, attachments make my work harder and more complicated.
icon_arrow.gif Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
icon_arrow.gif Note that we may live in totally different time zones, what may cause some delays between answers.

icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!
icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight! :)


51a612a8b27e2-Zoek.png Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;
process;
services-list;
systemspecs;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;
installedprogs;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Post its content into your next reply.


Cheers,
Naat :)
  • 0

#3
djmarzy
Posted 10 July 2014 - 07:40 AM

djmarzy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

Hi Naat thanks for your reply iv fallowed your instructions and this is the results

 

 
Zoek.exe v5.0.0.0 Updated 05-July-2014
Tool run by -LUKE- on 10/07/2014 at 14:18:47.22.
Microsoft® Windows Vista™ Home Basic  6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\-LUKE-\Downloads\zoek.exe [Scan all users] [Script inserted] 
 
==== System Restore Info ======================
 
10/07/2014 14:25:56 Zoek.exe System Restore Point Created Succesfully.
 
==== Installed Programs ======================
 
æTorrent  
Acer eDataSecurity Management  
Acer Empowering Technology  
Acer ePresentation Management  
Acer eSettings Management  
Adobe AIR  
Adobe Download Manager  
Adobe Flash Player 14 ActiveX  
Adobe Flash Player 14 Plugin  
Adobe Reader X (10.1.1)  
Adobe Shockwave Player 11.5  
Apple Application Support  
Apple Mobile Device Support  
Apple Software Update  
ASIO4ALL  
Atheros Driver Installation Program  
Bonjour  
Broadcom Driver v4.170.25.19_Foxconn Installation Program  
Buenosearch  
Buzzdock  
FL Studio 11  
FlowStone FL 3.0  
focusbase  
Free File Viewer 2014  
GEAR 32bit Driver Installer  
Google Chrome  
Google Update Helper  
Hercules DJ Products Series drivers  
High-Definition Video Playback  
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)  
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)  
iCloud  
iFunbox (v2.8.2414.748), iFunbox DevTeam  
IL Download Manager  
IL Shared Libraries  
ImgBurn  
Intel® Graphics Media Accelerator Driver  
iTunes  
Java 7 Update 55  
Java Auto Updater  
Java DB 10.6.2.1  
Java™ SE Development Kit 6 Update 24  
JavaFX 2.1.1  
K-Lite Codec Pack 5.2.0 (Full)  
Malwarebytes Anti-Malware version 1.75.0.1300  
Microsoft .NET Framework 3.5 SP1  
Microsoft .NET Framework 4.5.1  
Microsoft Security Client  
Microsoft Security Essentials  
Microsoft Silverlight  
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Windows Media Center SDK 5.3  
Microsoft_VC80_ATL_x86  
Microsoft_VC80_CRT_x86  
Microsoft_VC80_MFC_x86  
Microsoft_VC80_MFCLOC_x86  
Microsoft_VC90_ATL_x86  
Microsoft_VC90_CRT_x86  
Microsoft_VC90_MFC_x86  
MSXML 4.0 SP2 (KB927978)  
MSXML 4.0 SP2 (KB954430)  
MSXML 4.0 SP2 (KB973688)  
MSXML 4.0 SP3 Parser  
MSXML 4.0 SP3 Parser (KB2721691)  
MSXML 4.0 SP3 Parser (KB2758694)  
MSXML 4.0 SP3 Parser (KB973685)  
Nero 10 Menu TemplatePack Basic  
Nero 10 Movie ThemePack Basic  
Nero BackItUp 10 Help (CHM)  
Nero BurningROM 10 Help (CHM)  
Nero BurnRights 10 Help (CHM)  
Nero Control Center 10  
Nero ControlCenter 10 Help (CHM)  
Nero Core Components 10  
Nero CoverDesigner 10 Help (CHM)  
Nero DiscCopyGadget 10 Help (CHM)  
Nero DiscSpeed 10 Help (CHM)  
Nero Dolby Files 10  
Nero Express 10 Help (CHM)  
Nero InfoTool 10 Help (CHM)  
Nero Recode 10 Help (CHM)  
Nero RescueAgent 10 Help (CHM)  
Nero SoundTrax 10 Help (CHM)  
Nero StartSmart 10 Help (CHM)  
Nero Vision 10 Help (CHM)  
Nero WaveEditor 10 Help (CHM)  
NeroKwikMedia Help (CHM)  
neroxml  
Optimizer Pro v3.2  
Play Now Radio  
QuickTime 7  
reFX Nexus VSTi RTAS v2.2.0  
RegClean Pro  
RelevantKnowledge  
Revo Uninstaller Pro 3.0.8  
Search Protect  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)  
Sylenth1 v2.20  
TuneUp Utilities Language Pack (en-GB)  
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)  
v9 uninstall  
VirtualDJ PRO Full  
VLC media player 1.1.8  
VO Package  
Windows Media Player Firefox Plugin  
WinRAR archiver  
 
==== Running Processes ======================
 
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\SLsvc.exe
C:\ProgramData\IePluginServices\PluginService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\RelevantKnowledge\rlservice.exe
C:\Program Files\NetCrawl\updateNetCrawl.exe
C:\Users\-LUKE-\AppData\Roaming\VOPackage\VOsrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\002\yewimmxqbs32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\focusbase\bin\utilfocusbase.exe
C:\Program Files\focusbase\bin\focusbase.PurBrowse.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\focusbase\bin\focusbase.BrowserAdapter.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\RelevantKnowledge\rlvknlg.exe
C:\PROGRA~1\RELEVA~1\rlvknlg32.exe
C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2\buenosearch.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\-LUKE-\Downloads\zoek.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k swprv
 
==== Services (whitelist) ======================
Powered by E Dev
 
R2 - [ca82e1a5] - Optimizer Pro Crash Monitor - "C:\Windows\system32\rundll32.exe" "c:\Program Files\Optimizer Pro\OptProCrash.dll",ServiceMain
R2 - [IePluginServices] - IePlugin Services - C:\ProgramData\IePluginServices\PluginService.exe -service
R2 - [MsMpSvc] - Microsoft Antimalware Service - "c:\Program Files\Microsoft Security Client\MsMpEng.exe"
R2 - [RelevantKnowledge] - RelevantKnowledge - C:\Program Files\RelevantKnowledge\rlservice.exe /service
R2 - [slsvc] - Software Licensing - C:\Windows\system32\SLsvc.exe
R2 - [Update NetCrawl] - Update NetCrawl - "C:\Program Files\NetCrawl\updateNetCrawl.exe"
R2 - [Util focusbase] - Util focusbase - "C:\Program Files\focusbase\bin\utilfocusbase.exe"
R2 - [VOsrv] - Service Component of VO - C:\Users\-LUKE-\AppData\Roaming\VOPackage\VOsrv.exe
R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - "C:\Program Files\Windows Media Player\wmpnetwk.exe"
R2 - [WSearch] - Windows Search - C:\Windows\system32\SearchIndexer.exe /Embedding
R2 - [yewimmxqbs32] - yewimmxqbs32 - C:\Program Files\002\yewimmxqbs32.exe run options=01100010020000000000000000000000 sourceguid=39FABFBE-5A1E-4B00-ADC5-E8C0D0701167
R3 - [VSS] - Volume Shadow Copy - C:\Windows\system32\vssvc.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 - [Update focusbase] - Update focusbase - "C:\Program Files\focusbase\updatefocusbase.exe"
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
S3 - [ALG] - Application Layer Gateway Service - C:\Windows\System32\alg.exe
S3 - [aspnet_state] - ASP.NET State Service - C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
S3 - [COMSysApp] - COM+ System Application - C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 - [DFSR] - DFS Replication - C:\Windows\system32\DFSR.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
S3 - [gupdatem] - Google Update Service (gupdatem) - "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc
S3 - [IDriverT] - InstallDriver Table Manager - "C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"
S3 - [iPod Service] - iPod Service - "C:\Program Files\iPod\bin\iPodService.exe"
S3 - [MSDTC] - Distributed Transaction Coordinator - C:\Windows\System32\msdtc.exe
S3 - [msiserver] - Windows Installer - C:\Windows\system32\msiexec /V
S3 - [NisSrv] - Microsoft Network Inspection - "c:\Program Files\Microsoft Security Client\NisSrv.exe"
S3 - [NMIndexingService] - NMIndexingService - "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe"
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - C:\Windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - C:\Windows\System32\snmptrap.exe
S3 - [TrustedInstaller] - Windows Modules Installer - C:\Windows\servicing\TrustedInstaller.exe
S3 - [vds] - Virtual Disk - C:\Windows\System32\vds.exe
S3 - [wmiApSrv] - WMI Performance Adapter - C:\Windows\system32\wbem\WmiApSrv.exe
S3 - [WPFFontCache_v0400] - Windows Presentation Foundation Font Cache 4.0.0.0 - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
S4 - [AdobeARMservice] - Adobe Acrobat Update Service - "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe"
S4 - [Apple Mobile Device] - Apple Mobile Device - "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
S4 - [Bonjour Service] - Bonjour Service - "C:\Program Files\Bonjour\mDNSResponder.exe"
S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
S4 - [eDataSecurity Service] - eDataSecurity Service - "C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe"
S4 - [eRecoveryService] - eRecovery Service - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
S4 - [eSettingsService] - eSettings Service - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
S4 - [gupdate] - Google Update Service (gupdate) - "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
S4 - [HerculesDJControlMP3] - Hercules DJ Control MP3 - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\x86\HerculesDJControlMP3.EXE
 
==== System Specs ======================
 
Windows: Windows Vista Home Basic Edition Service Pack 2 (Build 6002)
Memory (RAM): 1014 MB
CPU Info: Intel® Celeron® CPU          530  @ 1.73GHz
CPU Speed: 1726.9 MHz
Sound Card: Speakers (High Definition Audio | 
Display Adapters: Mobile Intel® 965 Express Chipset Family | Mobile Intel® 965 Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1280 X 800 - 32 bit
Network: Network Present
Network Adapters: Atheros AR5007EG Wireless Network Adapter | Generic Marvell Yukon Chipset based Ethernet Controller
CD / DVD Drives: 1x (D: | ) D: MATSHITADVD-RAM UJ-850S
Ports: COM3 LPT Port NOT Present. 
Mouse: 2 Button Mouse Present
Hard Disks: C:  64.8GB
Hard Disks - Free: C:  6.7GB
Manufacturer *: Phoenix Technologies LTD
BIOS Info: AT/AT COMPATIBLE | 09/05/07 | ACRSYS - 6040000
Time Zone: GMT Standard Time
Motherboard *: Acer            Volvi2
Country: United Kingdom 
Language: ENG 
 
==== System Specs (Software) ======================
 
Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Default Browser: Google Chrome 35.0.1916.153
Internet Explorer Version: 9.0.8112.16421 
Google Chrome version: 35.0.1916.153
Sun Java version: 1.7.0_55 (32-bit) 
Flash Player version: 14.0.0.145
Shockwave Player version: 11.5.9r620
 
==== Files Recently Created / Modified ======================
 
====== C:\Windows ====
====== C:\Users\-LUKE-\AppData\Local\Temp ====
2014-07-10 09:47:34 C9B0E5CAB733D9B9FBB851A85DDE0299 576083 ------w- C:\Users\-LUKE-\AppData\Local\Temp\is45637729\1989389_stp\AnyProtectScannerSetup.exe
2014-07-10 09:47:34 C9B0E5CAB733D9B9FBB851A85DDE0299 576083 ------w- C:\Users\-LUKE-\AppData\Local\Temp\is45637729\1989389_stp\AnyProtectScannerSetup.exe
2014-07-09 23:16:52 EF8F8F959C53163555B7AF0F33DC5CB9 6884024 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\optprosetup.exe
2014-07-09 23:16:52 EF8F8F959C53163555B7AF0F33DC5CB9 6884024 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\optprosetup.exe
2014-07-09 23:13:38 2AFA8A9E0B307688BE29917D22E3B9D2 786640 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\107201401337\Uninstall Bubble Dock.exe
2014-07-09 23:13:38 2AFA8A9E0B307688BE29917D22E3B9D2 786640 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\107201401337\Uninstall Bubble Dock.exe
2014-07-09 23:05:14 A4B34F21548FFD7E9AADE1B56630AB3B 372832 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\AVBD.exe
2014-07-09 23:05:14 A4B34F21548FFD7E9AADE1B56630AB3B 372832 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\AVBD.exe
2014-07-09 23:01:10 9FB9D49C2DB7EDD1084AB765D619F5C6 66368 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\SearchProtectINT.exe
2014-07-09 23:01:10 9FB9D49C2DB7EDD1084AB765D619F5C6 66368 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\SearchProtectINT.exe
2014-07-09 10:36:08 C9B0E5CAB733D9B9FBB851A85DDE0299 576083 ------w- C:\Users\-LUKE-\AppData\Local\Temp\is45637729\30415327_stp\AnyProtectScannerSetup.exe
2014-07-09 10:36:08 C9B0E5CAB733D9B9FBB851A85DDE0299 576083 ------w- C:\Users\-LUKE-\AppData\Local\Temp\is45637729\30415327_stp\AnyProtectScannerSetup.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsv2B37.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsv2B37.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsq6C08.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsq6C08.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsq4A2D.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsq4A2D.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsl7424.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsl7424.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsg5BEA.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsg5BEA.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsa7C20.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsa7C20.exe
2014-07-03 22:35:32 13A09BECABCE7CE7DE02D42D9C00A250 38456 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\bitool.dll
2014-07-03 22:35:32 13A09BECABCE7CE7DE02D42D9C00A250 38456 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\bitool.dll
====== Java Cache =====
====== C:\Windows\system32 =====
2014-07-09 23:19:34 EEA80AB2D477D2CA04A4AE395CFEE1EC 660760 ----a-w- C:\Windows\System32\rlls.dll
2014-07-09 23:08:28 E6730883EF0AAC91922650671A9A24AF 18776 ----a-w- C:\Windows\System32\roboot.exe
2014-07-03 20:40:41 9033DAF3277F0498BC86C8D4566C25CE 1554944 ----a-w- C:\Windows\System32\vorbis.acm
====== C:\Windows\system32\drivers =====
2014-07-10 12:30:54 FD213DCD14FDD807670B6FD3A8D68065 55232 ----a-w- C:\Windows\System32\drivers\{2b929fe1-284b-4766-afb9-19b0915b99b0}t.sys
2014-07-09 23:03:03 637318A990CCFB83C5FD40BDBB19E81B 18360 ----a-w- C:\Windows\System32\drivers\SPPD.sys
2014-07-03 23:33:49 CBEAEA2729985BFB260641AB424E0166 320120 ----a-w- C:\Windows\System32\drivers\sptd.sys
2014-06-12 17:12:37 A4196D394207369E1431E8681B373312 915392 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-06-12 17:12:37 95389980F70FC4990A4395A0B8BBE1D6 31232 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
====== C:\Windows\Tasks ======
2014-07-09 23:27:13 97BBDC908F2B4092F36E8ECFB38907B6 3534 ----a-w- C:\Windows\system32\Tasks\Play Now Radio
2014-07-09 23:24:22 46E10FF7B1568B39FAB0916F5D5AC185 364 ----a-w- C:\Windows\Tasks\APSnotifierPP3.job
2014-07-09 23:24:02 7B6627B2B3CBF604F240A0064C8F1D5E 3236 ----a-w- C:\Windows\system32\Tasks\Optimizer Pro Schedule
2014-07-09 23:23:14 78751BB2ABE55BBFBAEBF6B89DE98DC6 2816 ----a-w- C:\Windows\system32\Tasks\APSnotifierPP3
2014-07-09 23:23:11 AE7A35123B7CD37CC0FA1E24C9F75E7A 2816 ----a-w- C:\Windows\system32\Tasks\APSnotifierPP2
2014-07-09 23:23:10 EC4EA4430F28C05BDA56FF6BC4A79408 364 ----a-w- C:\Windows\Tasks\APSnotifierPP2.job
2014-07-09 23:23:01 7A630CD22741EF9C90CD8535789F7964 2818 ----a-w- C:\Windows\system32\Tasks\APSnotifierPP1
2014-07-09 23:22:56 5547316B1FD5B18C4FD04D20D4676428 366 ----a-w- C:\Windows\Tasks\APSnotifierPP1.job
2014-07-09 23:15:28 1091425DE702F297744B0BC8BB9F5B76 3528 ----a-w- C:\Windows\system32\Tasks\Buenosearch
2014-07-09 23:09:13 98875FC8DCF2F87C8FBF2EB2D9E51FFE 2862 ----a-w- C:\Windows\system32\Tasks\RegClean Pro_DEFAULT
2014-07-09 23:09:11 AAFE37EF05ECCD3E63EB938B8FD1B0A9 3312 ----a-w- C:\Windows\system32\Tasks\Advanced System Protector
2014-07-09 23:09:11 24BB0B5A0E21A4BC925B6190103FCAA0 266 ----a-w- C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-07-09 23:09:07 E737ABAA20E931423A39746D991E8084 3018 ----a-w- C:\Windows\system32\Tasks\RegClean Pro_UPDATES
2014-07-09 23:09:05 EBAB34CE622837A30FD167896804DEE2 274 ----a-w- C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-07-09 23:08:51 C6F1BBB708D61DFF357E7D006A1612A3 3096 ----a-w- C:\Windows\system32\Tasks\RegClean Pro
2014-07-03 22:49:52 3FD725761E7F1E509104322A44AFBC35 2950 ----a-w- C:\Windows\system32\Tasks\{670A0151-7FBB-460E-AD81-B6CD27625B13}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-07-09 23:26:16 -------- d-----w- C:\Program Files\NetCrawl
2014-07-09 23:23:17 -------- d-----w- C:\Program Files\SupTab
2014-07-09 23:19:12 -------- d-----w- C:\Program Files\RelevantKnowledge
2014-07-09 23:17:06 -------- d-----w- C:\Program Files\Optimizer Pro
2014-07-09 23:08:03 -------- d-----w- C:\Program Files\RegClean Pro
2014-07-09 23:04:40 -------- d-----w- C:\Program Files\focusbase
2014-07-09 23:02:21 -------- d-----w- C:\Program Files\SearchProtect
2014-07-04 00:22:18 -------- d-----w- C:\Program Files\Steinberg
2014-07-04 00:04:08 -------- d-----w- C:\Program Files\Common Files\Digidesign
2014-07-03 20:43:32 -------- d-----w- C:\Program Files\ASIO4ALL v2
2014-07-03 20:43:14 -------- d-----w- C:\Program Files\VstPlugins
2014-07-03 20:40:16 -------- d-----w- C:\Program Files\DSPRobotics
2014-07-03 20:27:40 -------- d-----w- C:\Program Files\Image-Line
2014-06-30 20:30:36 -------- d-----w- C:\Program Files\iPod
======= C: =====
====== C:\Users\-LUKE-\AppData\Roaming ======
2014-07-09 23:26:49 -------- d-----w- C:\Users\-LUKE-\AppData\Local\playnowradio
2014-07-09 23:26:49 -------- d-----w- C:\Users\-LUKE-\AppData\Local\playnowradio
2014-07-09 23:23:55 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Optimizer Pro
2014-07-09 23:23:55 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Optimizer Pro
2014-07-09 23:23:45 192CFDE319BA24C73A3CCBEFD20AF46A 314 ----a-w- C:\Users\-LUKE-\AppData\Roaming\aps.uninstall.scan.results
2014-07-09 23:23:45 192CFDE319BA24C73A3CCBEFD20AF46A 314 ----a-w- C:\Users\-LUKE-\AppData\Roaming\aps.uninstall.scan.results
2014-07-09 23:21:39 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\v9
2014-07-09 23:21:39 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\v9
2014-07-09 23:21:06 -------- d-----w- C:\Users\-LUKE-\AppData\Local\StormFall
2014-07-09 23:21:06 -------- d-----w- C:\Users\-LUKE-\AppData\Local\StormFall
2014-07-09 23:15:18 -------- d-----w- C:\Users\-LUKE-\AppData\Local\buenosearch
2014-07-09 23:15:18 -------- d-----w- C:\Users\-LUKE-\AppData\Local\buenosearch
2014-07-09 23:09:05 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\VOPackage
2014-07-09 23:09:05 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\VOPackage
2014-07-09 23:08:43 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Systweak
2014-07-09 23:08:43 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Systweak
2014-07-09 23:02:58 -------- d-----w- C:\Users\-LUKE-\AppData\Local\SearchProtect
2014-07-09 23:02:58 -------- d-----w- C:\Users\-LUKE-\AppData\Local\SearchProtect
2014-07-06 01:34:37 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\VS Revo Group
2014-07-06 01:34:37 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\VS Revo Group
2014-07-03 20:43:33 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-07-03 20:43:33 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-07-03 20:41:40 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Image-Line
2014-07-03 20:41:40 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Image-Line
2014-07-03 20:41:39 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-07-03 20:41:39 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-07-03 20:40:18 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\FlowStone
2014-07-03 20:40:18 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\FlowStone
2014-06-30 21:46:58 -------- d-----w- C:\Users\-LUKE-\AppData\Local\pangu
2014-06-30 21:46:58 -------- d-----w- C:\Users\-LUKE-\AppData\Local\pangu
2014-06-22 15:18:09 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Media Player Classic
2014-06-22 15:18:09 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Media Player Classic
====== C:\Users\-LUKE- ======
2014-07-10 12:45:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
2014-07-09 23:25:19 -------- d-----w- C:\ProgramData\IePluginServices
2014-07-09 23:17:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2014-07-09 23:08:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2014-07-04 00:22:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2014-07-04 00:04:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX
2014-06-30 20:34:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-30 20:29:30 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
 
====== C: exe-files ==
2014-07-10 12:36:22 CF809C98567EA0A627B1CEC03AC28CBF 543520 ----a-w- C:\Program Files\focusbase\focusbaseUn.exe
2014-07-10 12:30:54 8B5C64A8638AAC9167ED08EF1133C904 96544 ----a-w- C:\Program Files\focusbase\bin\focusbase.BrowserAdapter.exe
2014-07-10 12:30:53 5B8F12D69F1704D78D13B6313FCB571A 239392 ----a-w- C:\Program Files\focusbase\bin\focusbase.PurBrowse.exe
2014-07-10 12:28:46 C92F316A76924FBA76133214641BFD3C 319264 ----a-w- C:\Program Files\focusbase\bin\utilfocusbase.exe
2014-07-09 23:05:08 77A0EF99E710BC5FF5BF1BB72DC5E7B4 240146 ----a-w- C:\Program Files\focusbase\focusbaseUninstall.exe
2014-07-09 19:07:12 C92F316A76924FBA76133214641BFD3C 319264 ----a-w- C:\Program Files\focusbase\updatefocusbase.exe
2014-07-03 20:43:33 C6DB64994C5644040774BB378B84B802 44712 ----a-w- C:\Program Files\ASIO4ALL v2\uninstall.exe
2014-07-03 20:41:37 4A6879519157F4B81C77E11CE3989B3D 427017 ----a-w- C:\Program Files\Image-Line\Downloader\Uninstall.exe
2014-07-03 20:40:31 E9CF575B0550D74BAA52733A9C2154B5 721220 ----a-w- C:\Program Files\Image-Line\FL Studio 11\Uninstall.exe
2014-07-03 20:40:20 967CA03D349C4ECE12B8597EFAC46080 61799 ----a-w- C:\Program Files\DSPRobotics\FlowStone\uninstall fl version.exe
=== C: other files ==
2014-07-10 12:30:53 D38327CBD17EFAEB29FD087BF91E3C96 372384 ----a-w- C:\Program Files\focusbase\bin\focusbase.PurBrowse.zip
2014-07-10 12:29:23 74AD084A6F1448B83A8C7346FE02FF27 6121 ----a-w- C:\Program Files\RelevantKnowledge\rlcm.crx
 
==== Startup Registry Enabled ======================
 
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"
 
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"
 
[HKEY_USERS\S-1-5-21-114143902-2153543805-3046081360-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"buenosearch"="C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2\buenosearch.exe"
"Optimizer Pro"="C:\Program Files\Optimizer Pro\OptProLauncher.exe"
"playnowradio"="C:\Users\-LUKE-\AppData\Local\playnowradio\playnowradio\1.3.4.1\playnowradio.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"Hercules DJ Series"="C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot"
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"
"AnyProtect Scanner"="C:\Program Files\AnyProtectEx\AnyProtect.exe"
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"buenosearch"="C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2\buenosearch.exe"
"Optimizer Pro"="C:\Program Files\Optimizer Pro\OptProLauncher.exe"
"playnowradio"="C:\Users\-LUKE-\AppData\Local\playnowradio\playnowradio\1.3.4.1\playnowradio.exe"
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~1\\SupTab\\SEARCH~1.DLL"
 
==== Startup Registry Disabled ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""
 
 
==== Task Scheduler Jobs ======================
 
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [08/07/2014 21:06]
C:\Windows\tasks\APSnotifierPP1.job --a------ C:\Program Files\AnyProtectEx\AnyProtect.exe []
C:\Windows\tasks\APSnotifierPP2.job --a------ C:\Program Files\AnyProtectEx\AnyProtect.exe []
C:\Windows\tasks\APSnotifierPP3.job --a------ C:\Program Files\AnyProtectEx\AnyProtect.exe []
C:\Windows\tasks\FreeFileViewerUpdateChecker.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf5e455071bfa0.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28/10/2013 17:09]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28/10/2013 17:09]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-114143902-2153543805-3046081360-1000Core.job --a------ C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-114143902-2153543805-3046081360-1000UA.job --a------ C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\MySearchDial.job --a------ C:\Users\-LUKE-\AppData\Roaming\MYSEAR1\UPDATE1\UPDATE1.exe []
C:\Windows\tasks\RegClean Pro_DEFAULT.job --a------ C:\Program Files\RegClean Pro\RegCleanPro.exe [22/08/2013 18:36]
C:\Windows\tasks\RegClean Pro_UPDATES.job --a------ C:\Program Files\RegClean Pro\RegCleanPro.exe [22/08/2013 18:36]
C:\Windows\tasks\User_Feed_Synchronization-{44D07C0B-BFB6-482D-8043-004548F37FC4}.job --ah----- C:\Windows\system32\msfeedssync.exe [28/05/2014 17:29]
 
==== Other Scheduled Tasks ======================
 
"C:\Windows\system32\tasks\0" [c:\program files\internet explorer\iexplore.exe]
"C:\Windows\system32\tasks\4576" [wscript.exe C:\Users\-LUKE-\AppData\Local\Temp\launchie.vbs //B]
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\Advanced System Protector" ["C:\Program Files\RegClean Pro\SystweakASP.exe"]
"C:\Windows\system32\tasks\APSnotifierPP1" [C:\Program Files\AnyProtectEx\AnyProtect.exe]
"C:\Windows\system32\tasks\APSnotifierPP2" [C:\Program Files\AnyProtectEx\AnyProtect.exe]
"C:\Windows\system32\tasks\APSnotifierPP3" [C:\Program Files\AnyProtectEx\AnyProtect.exe]
"C:\Windows\system32\tasks\Buenosearch" [C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2\buenosearch.exe]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\FreeFileViewerUpdateChecker" [C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1cf5e455071bfa0" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-114143902-2153543805-3046081360-1000Core" [C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-114143902-2153543805-3046081360-1000UA" [C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\MySearchDial" [C:\Users\-LUKE-\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE]
"C:\Windows\system32\tasks\Optimizer Pro Schedule" ["C:\Program Files\Optimizer Pro\OptProLauncher.exe"]
"C:\Windows\system32\tasks\Play Now Radio" [C:\Users\-LUKE-\AppData\Local\playnowradio\playnowradio\1.3.4.1\playnowradio.exe]
"C:\Windows\system32\tasks\RegClean Pro" [C:\Program Files\RegClean Pro\RegCleanPro.exe]
"C:\Windows\system32\tasks\RegClean Pro_DEFAULT" [C:\Program Files\RegClean Pro\RegCleanPro.exe]
"C:\Windows\system32\tasks\RegClean Pro_UPDATES" [C:\Program Files\RegClean Pro\RegCleanPro.exe]
"C:\Windows\system32\tasks\TidyNetwork Update" [C:\Users\-LUKE-\AppData\Local\TidyNetwork.com\tidy2update.exe]
"C:\Windows\system32\tasks\Total Domination W1" [C:\Program Files\Google\Chrome\Application\chrome.exe]
"C:\Windows\system32\tasks\Total Domination W2" [C:\Program Files\Google\Chrome\Application\chrome.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{44D07C0B-BFB6-482D-8043-004548F37FC4}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}"="C:\Program Files\RelevantKnowledge\firefox" [10/07/2014 13:29]
 
==== Firefox Extensions ======================
 
==== Firefox Plugins ======================
 
 
==== Chrome Look ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bakijjialdiiboeaknfpmflphhmljfkd - No path found[]
iagcajndpnfncplednpbnkahadegklfa - C:\Users\-LUKE-\AppData\Local\speedial.crx[24/04/2014 11:52]
mkndcbhcgphcfkkddanakjiepeknbgle - C:\Program Files\RelevantKnowledge\rlcm.crx[10/04/2014 16:37]
 
Save Me - -LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - -LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - -LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - -LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - -LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - -LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - -LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - -LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Google Voice Search Hotword (Beta) - -LUKE-\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
RelevantKnowledge - -LUKE-\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle
Google Wallet - -LUKE-\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Save Me - -LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - -LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - -LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - -LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - -LUKE-\AppData\Local\Torch\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - -LUKE-\AppData\Local\Torch\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - -LUKE-\AppData\Local\Torch\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - -LUKE-\AppData\Local\Torch\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - Administrator\AppData\Local\Torch\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - Administrator\AppData\Local\Torch\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Administrator\AppData\Local\Torch\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Administrator\AppData\Local\Torch\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Google Docs - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Save Me - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
Google Search - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
SNT - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Show-Password - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\logekkkdbdidmmcgkonmmonclldogceg
Google Wallet - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Save Me - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - Guest\AppData\Local\Torch\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - Guest\AppData\Local\Torch\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Guest\AppData\Local\Torch\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Guest\AppData\Local\Torch\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - -LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - -LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - -LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - -LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - -LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - -LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - -LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - -LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Google Voice Search Hotword (Beta) - -LUKE-\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
RelevantKnowledge - -LUKE-\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle
Google Wallet - -LUKE-\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Save Me - -LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - -LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - -LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - -LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - -LUKE-\AppData\Local\Torch\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - -LUKE-\AppData\Local\Torch\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - -LUKE-\AppData\Local\Torch\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - -LUKE-\AppData\Local\Torch\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
 
==== IE Start and Search Settings ======================
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{006ee092-9658-4fd6-bd8e-a21a348e59f5} Web Search Url="http://feed.helperba...13&type=hp1000"
{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Trovi search Url="http://www.trovi.com...chTerms}&SSPV="
{04E130A2-D61C-4AD2-BB80-1771BF51DC8D} Mysearchdial  Url="http://start.mysearc...2132588496&ir="
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512  Url="http://www.bing.com/...s}&FORM=IE8SRC"
{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Bueno Search Url="http://www.buenosear...28518&tsp=5303"
{31090377-0740-419E-BEFC-A56E50500D5B} Speedial  Url="http://speedial.com/...=524036662&ir="
{33BB0A4E-99AF-4226-BDF6-49120163DE86} v9  Url="http://search.v9.com...={searchTerms}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} @ieframe.dll,-12512  Url="http://www.bing.com/...s}&FORM=IE8SRC"
{77AA745B-F4F8-45DA-9B14-61D2D95054C8} Yahoo  Url="http://uk.search.yah...={searchTerms}"
{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} WebSearch  Url="http://websearch.fas...cc=GB&unqvl=55"
{BF58E937-14DE-4C90-A675-7562F7BF3B51} Search The Web (buenosearch) Url="http://www.buenosear...chTerms}&r=842"
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=0 folders=0 0 bytes)
 
==== EOF on 10/07/2014 at 14:37:56.26 ======================

  • 0

#4
djmarzy
Posted 10 July 2014 - 11:17 AM

djmarzy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

will it be easier to save wanted files to external memory and fresh install windows ?


  • 0

#5
Naathim
Posted 10 July 2014 - 12:08 PM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts
This is your call. There isn't anything very severe here (at first sight), cleaning shouldn't be very long nor difficult, but I need to sit down to my computer, what will happen in about 3 hours or so.
I'm on my mobile now, if you wish to continue with my assistance please be patient. I will be back as soon as possible :)
  • 0

#6
djmarzy
Posted 10 July 2014 - 12:23 PM

djmarzy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts
No problem, i spoke to a friend who does all my software installations, he said he could fresh install windows for me which would solve the problems, but if this is a simple process then this will obviously save time in the long run from having to get all my software reinstalled..
Thanks again naat and ill speek with you later :)
  • 0

#7
Naathim
Posted 10 July 2014 - 03:28 PM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi :)

How can I call you?

Now, regarding to your machine's state... there's plenty of junk here. Let's get to work :)



51a612a8b27e2-Zoek.png Scan with ZOEK

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    ca82e1a5;s
c:\Program Files\Optimizer Pro;fs
IePluginServices;s
C:\ProgramData\IePluginServices;fs
RelevantKnowledge;s
C:\Program Files\RelevantKnowledge;fs
Update NetCrawl;s
C:\Program Files\NetCrawl;fs
Util focusbase;s
C:\Program Files\focusbase;fs
VOsrv;s
c:\Users\-LUKE-\AppData\Roaming\VOPackage;fs
yewimmxqbs32;s
C:\Program Files\002;fs
Update focusbase;fs
C:\Windows\System32\rlls.dll;f
c:\Windows\System32\roboot.exe;f
{2b929fe1-284b-4766-afb9-19b0915b99b0}t;s
C:\Windows\System32\drivers\{2b929fe1-284b-4766-afb9-19b0915b99b0}t.sys;f
C:\Windows\system32\Tasks\{670A0151-7FBB-460E-AD81-B6CD27625B13};f
C:\Users\-LUKE-\AppData\Local\playnowradio;fs
C:\Users\-LUKE-\AppData\Roaming\Optimizer Pro;fs
C:\Users\-LUKE-\AppData\Roaming\aps.uninstall.scan.results;f
C:\Users\-LUKE-\AppData\Roaming\v9;fs
C:\Users\-LUKE-\AppData\Local\StormFall;fs
c:\Users\-LUKE-\AppData\Local\buenosearch;fs
C:\Users\-LUKE-\AppData\Roaming\VOPackage;fs
C:\Users\-LUKE-\AppData\Roaming\Systweak;fs
C:\Users\-LUKE-\AppData\Local\SearchProtect;fs
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge;fs
C:\ProgramData\IePluginServices;fs
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2;fs
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro;fs
C:\Program Files\focusbase;fs
C:\Program Files\RelevantKnowledge\rlcm.crx;f 
[HKEY_USERS\S-1-5-21-114143902-2153543805-3046081360-1001\Software\Microsoft\Windows\CurrentVersion\Run];r
"buenosearch"=-;r
"Optimizer Pro"=-;r
"playnowradio"=-;r
C:\Users\-LUKE-\AppData\Local\buenosearch;fs
C:\Users\-LUKE-\AppData\Local\playnowradio;fs
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
"AnyProtect Scanner"=-;r
"C:\Program Files\AnyProtectEx";fs
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
"buenosearch"=-;r
"Optimizer Pro"=-;r
"playnowradio"=-;r
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows];r
"AppInit_DLLs"="";r
"C:\\PROGRA~1\\SupTab";fs
C:\Windows\tasks\APSnotifierPP1.job;f
C:\Windows\tasks\APSnotifierPP2.job;f
C:\Windows\tasks\APSnotifierPP3.job;f
C:\Windows\tasks\FreeFileViewerUpdateChecker.job;f
C:\Windows\tasks\MySearchDial.job;f
C:\Users\-LUKE-\AppData\Roaming\MYSEAR1;fs
C:\Windows\tasks\RegClean Pro_DEFAULT.job;f
C:\Program Files\RegClean Pro;fs
C:\Windows\tasks\RegClean Pro_UPDATES.job;f
"C:\Windows\system32\tasks\0";f
"C:\Windows\system32\tasks\4576";f
C:\Users\-LUKE-\AppData\Local\Temp\launchie.vbs;f
"C:\Windows\system32\tasks\Advanced System Protector";fs
"C:\Windows\system32\tasks\APSnotifierPP1";fs
"C:\Windows\system32\tasks\APSnotifierPP2";fs
"C:\Windows\system32\tasks\APSnotifierPP3";fs
"C:\Windows\system32\tasks\Buenosearch";fs
C:\Users\-LUKE-\AppData\Local\buenosearch;fs
"C:\Windows\system32\tasks\FreeFileViewerUpdateChecker";fs
C:\Program Files\FreeFileViewer;fs
"C:\Windows\system32\tasks\MySearchDial";fs 
"C:\Windows\system32\tasks\Optimizer Pro Schedule";fs
"C:\Windows\system32\tasks\Play Now Radio";fs 
"C:\Windows\system32\tasks\RegClean Pro";fs 
"C:\Windows\system32\tasks\RegClean Pro_DEFAULT";fs
"C:\Windows\system32\tasks\RegClean Pro_UPDATES";fs 
"C:\Windows\system32\tasks\TidyNetwork Update";fs 
C:\Users\-LUKE-\AppData\Local\TidyNetwork.com;fs
"C:\Windows\system32\tasks\Total Domination W1";f
"C:\Windows\system32\tasks\Total Domination W2";f
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions];r
"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}"=-;r
{C7AE725D-FA5C-4027-BB4C-787EF9F8248A};c
{C7AE725D-FA5C-4027-BB4C-787EF9F8248A};ff
bakijjialdiiboeaknfpmflphhmljfkd;chr
iagcajndpnfncplednpbnkahadegklfa;chr
C:\Users\-LUKE-\AppData\Local\speedial.crx;f
mkndcbhcgphcfkkddanakjiepeknbgle;chr
boemmnepglcoinjcdlfcpcbmhiecichi;chr
gocodaaboaaffamokoninjpcnliipdgj;chr
kdnkkenodhmikkcaacgkelhjipchmcpn;chr
lhbgbhhfnmedmdcpghjhdecidongnajg;chr
{33BB0A4E-99AF-4226-BDF6-49120163DE86};c
{006ee092-9658-4fd6-bd8e-a21a348e59f5};c
{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9};c 
{04E130A2-D61C-4AD2-BB80-1771BF51DC8D};c 
{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9};c
{31090377-0740-419E-BEFC-A56E50500D5B};c 
{33BB0A4E-99AF-4226-BDF6-49120163DE86};c 
{BB74DE59-BC4C-4172-9AC4-73315F71CFFE};c
{BF58E937-14DE-4C90-A675-7562F7BF3B51};c
reboot;
resethosts;
autoclean;
process;
services-list;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;
uninstall-list;
systemspecs;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.




adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[S*].txt) will open.

Please include the contents of that file in your reply.




JRTbythisisu.png Fix with Junkware Removal Tool

Please download JRT by Thisisu and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on JRTbythisisu.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.

Please include the contents of that file in your reply.

Do not forget to re-enable your previously switched off protection software!
Please also manually reboot your machine after this procedure.

 

 


I'm signing off for tonight - I will be back here tomorrow. After these fixes your machine should bo running alot better, but please come back here - there will be still more work to do.


Cheers,
Naat :)


  • 0

#8
djmarzy
Posted 10 July 2014 - 03:50 PM

djmarzy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts
Hey again naat, sorry call me luke :)
Fallowing tour next step now post the results soon.
  • 0

#9
djmarzy
Posted 10 July 2014 - 04:32 PM

djmarzy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

zoek results

 

 
Zoek.exe v5.0.0.0 Updated 05-July-2014
Tool run by -LUKE- on 10/07/2014 at 22:36:48.87.
Microsoft® Windows Vista™ Home Basic  6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\-LUKE-\Desktop\zoek.exe [Scan all users] [Script inserted] 
 
==== Older Logs ======================
 
C:\zoek-results2014-07-10-133756.log 48211 bytes
 
==== Reset Hosts File ======================
 
# Copyright © 1993-2006 Microsoft Corp. 
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 
# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 
# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 
# For example: 
#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
127.0.0.1       localhost 
::1             localhost 
 
==== Deleting CLSID Registry Keys ======================
 
HKEY_USERS\S-1-5-21-114143902-2153543805-3046081360-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_USERS\S-1-5-21-114143902-2153543805-3046081360-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully
HKEY_USERS\S-1-5-21-114143902-2153543805-3046081360-1001\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully
HKEY_USERS\S-1-5-21-114143902-2153543805-3046081360-1001\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully
HKEY_USERS\S-1-5-21-114143902-2153543805-3046081360-1001\Software\Microsoft\Internet Explorer\SearchScopes\{04E130A2-D61C-4AD2-BB80-1771BF51DC8D} deleted successfully
HKEY_USERS\S-1-5-21-114143902-2153543805-3046081360-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-114143902-2153543805-3046081360-1001\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B} deleted successfully
HKEY_USERS\S-1-5-21-114143902-2153543805-3046081360-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully
HKEY_USERS\S-1-5-21-114143902-2153543805-3046081360-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BF58E937-14DE-4C90-A675-7562F7BF3B51} deleted successfully
HKEY_USERS\S-1-5-21-114143902-2153543805-3046081360-1001\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
 
==== Deleting CLSID Registry Values ======================
 
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{C7AE725D-FA5C-4027-BB4C-787EF9F8248A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
 
==== Running Processes ======================
 
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\SLsvc.exe
C:\ProgramData\IePluginServices\PluginService.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\RelevantKnowledge\rlservice.exe
C:\Program Files\NetCrawl\updateNetCrawl.exe
C:\Users\-LUKE-\AppData\Roaming\VOPackage\VOsrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\002\yewimmxqbs32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\focusbase\bin\utilfocusbase.exe
C:\Program Files\focusbase\bin\focusbase.PurBrowse.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\RelevantKnowledge\rlvknlg.exe
C:\PROGRA~1\RELEVA~1\rlvknlg32.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2\buenosearch.exe
C:\Users\-LUKE-\AppData\Local\playnowradio\playnowradio\1.3.4.1\playnowradio.exe
C:\Program Files\focusbase\bin\focusbase.BrowserAdapter.exe
C:\Users\-LUKE-\Desktop\zoek.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
 
==== Services (whitelist) ======================
Powered by E Dev
 
R2 - [IePluginServices] - IePlugin Services - C:\ProgramData\IePluginServices\PluginService.exe -service
R2 - [MsMpSvc] - Microsoft Antimalware Service - "c:\Program Files\Microsoft Security Client\MsMpEng.exe"
R2 - [RelevantKnowledge] - RelevantKnowledge - C:\Program Files\RelevantKnowledge\rlservice.exe /service
R2 - [slsvc] - Software Licensing - C:\Windows\system32\SLsvc.exe
R2 - [Update NetCrawl] - Update NetCrawl - "C:\Program Files\NetCrawl\updateNetCrawl.exe"
R2 - [Util focusbase] - Util focusbase - "C:\Program Files\focusbase\bin\utilfocusbase.exe"
R2 - [VOsrv] - Service Component of VO - C:\Users\-LUKE-\AppData\Roaming\VOPackage\VOsrv.exe
R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - "C:\Program Files\Windows Media Player\wmpnetwk.exe"
R2 - [WSearch] - Windows Search - C:\Windows\system32\SearchIndexer.exe /Embedding
R2 - [yewimmxqbs32] - yewimmxqbs32 - C:\Program Files\002\yewimmxqbs32.exe run options=01100010020000000000000000000000 sourceguid=39FABFBE-5A1E-4B00-ADC5-E8C0D0701167
S2 - [ca82e1a5] - Optimizer Pro Crash Monitor - "C:\Windows\system32\rundll32.exe" "c:\Program Files\Optimizer Pro\OptProCrash.dll",ServiceMain
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 - [Update focusbase] - Update focusbase - "C:\Program Files\focusbase\updatefocusbase.exe"
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
S3 - [ALG] - Application Layer Gateway Service - C:\Windows\System32\alg.exe
S3 - [aspnet_state] - ASP.NET State Service - C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
S3 - [COMSysApp] - COM+ System Application - C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 - [DFSR] - DFS Replication - C:\Windows\system32\DFSR.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
S3 - [gupdatem] - Google Update Service (gupdatem) - "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc
S3 - [IDriverT] - InstallDriver Table Manager - "C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"
S3 - [iPod Service] - iPod Service - "C:\Program Files\iPod\bin\iPodService.exe"
S3 - [MSDTC] - Distributed Transaction Coordinator - C:\Windows\System32\msdtc.exe
S3 - [msiserver] - Windows Installer - C:\Windows\system32\msiexec /V
S3 - [NisSrv] - Microsoft Network Inspection - "c:\Program Files\Microsoft Security Client\NisSrv.exe"
S3 - [NMIndexingService] - NMIndexingService - "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe"
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - C:\Windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - C:\Windows\System32\snmptrap.exe
S3 - [TrustedInstaller] - Windows Modules Installer - C:\Windows\servicing\TrustedInstaller.exe
S3 - [vds] - Virtual Disk - C:\Windows\System32\vds.exe
S3 - [VSS] - Volume Shadow Copy - C:\Windows\system32\vssvc.exe
S3 - [wmiApSrv] - WMI Performance Adapter - C:\Windows\system32\wbem\WmiApSrv.exe
S3 - [WPFFontCache_v0400] - Windows Presentation Foundation Font Cache 4.0.0.0 - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
S4 - [AdobeARMservice] - Adobe Acrobat Update Service - "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe"
S4 - [Apple Mobile Device] - Apple Mobile Device - "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
S4 - [Bonjour Service] - Bonjour Service - "C:\Program Files\Bonjour\mDNSResponder.exe"
S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
S4 - [eDataSecurity Service] - eDataSecurity Service - "C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe"
S4 - [eRecoveryService] - eRecovery Service - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
S4 - [eSettingsService] - eSettings Service - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
S4 - [gupdate] - Google Update Service (gupdate) - "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
S4 - [HerculesDJControlMP3] - Hercules DJ Control MP3 - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\x86\HerculesDJControlMP3.EXE
 
==== Deleting Services ======================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ca82e1a5 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ca82e1a5 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RelevantKnowledge deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\RelevantKnowledge deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update NetCrawl deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update NetCrawl deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\Update NetCrawl deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Update NetCrawl deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util focusbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util focusbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VOsrv deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\VOsrv deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\yewimmxqbs32 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\yewimmxqbs32 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{2b929fe1-284b-4766-afb9-19b0915b99b0}t deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update focusbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update focusbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\Update focusbase deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Update focusbase deleted successfully
 
==== FireFox Fix ======================
 
ProfilePath: C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\3ixstoay.default
 
user.js not found
---- FireFox user.js and prefs.js backups ---- 
 
prefs_072014_2308_.backup
 
==== Registry Fix Code ======================
 
Windows Registry Editor Version 5.00
 
[HKEY_USERS\S-1-5-21-114143902-2153543805-3046081360-1001\Software\Microsoft\Windows\CurrentVersion\Run] 
"buenosearch"=- 
"Optimizer Pro"=- 
"playnowradio"=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
"AnyProtect Scanner"=- 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
"buenosearch"=- 
"Optimizer Pro"=- 
"playnowradio"=- 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"="" 
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] 
"{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}"=- 
 
==== Deleting Files \ Folders ======================
 
"C:\Program Files\AnyProtectEx" not found
C:\Users\-LUKE-\AppData\Roaming\MYSEAR1 not found
C:\Users\-LUKE-\AppData\Local\TidyNetwork.com not found
"C:\Users\-LUKE-\AppData\Local\Temp\launchie.vbs" not found
c:\Program Files\Optimizer Pro deleted
C:\ProgramData\IePluginServices deleted
c:\Users\-LUKE-\AppData\Roaming\VOPackage deleted
C:\Program Files\002 deleted
C:\Users\-LUKE-\AppData\Roaming\Optimizer Pro deleted
C:\Users\-LUKE-\AppData\Roaming\v9 deleted
C:\Users\-LUKE-\AppData\Local\StormFall deleted
C:\Users\-LUKE-\AppData\Roaming\Systweak deleted
C:\Users\-LUKE-\AppData\Local\SearchProtect deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 deleted
c:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro deleted
"C:\\PROGRA~1\\SupTab" deleted
C:\Program Files\RegClean Pro deleted
"C:\Windows\system32\tasks\APSnotifierPP1" deleted
"C:\Windows\system32\tasks\APSnotifierPP2" deleted
"C:\Windows\system32\tasks\APSnotifierPP3" deleted
"C:\Windows\system32\tasks\Buenosearch" deleted
"C:\Windows\system32\tasks\FreeFileViewerUpdateChecker" deleted
C:\Program Files\FreeFileViewer deleted
"C:\Windows\system32\tasks\MySearchDial" deleted
C:\Program Files\Mysearchdial deleted
C:\Program Files\SearchProtect deleted
C:\Users\-LUKE-\AppData\Roaming\aps.uninstall.scan.results deleted
C:\Users\-LUKE-\AppData\Roaming\PC Speed Maximizer deleted
C:\Users\-LUKE-\AppData\Roaming\mysearchdial deleted
C:\Users\-LUKE-\AppData\Roaming\OpenCandy deleted
C:\PROGRA~2\InstallMate deleted
C:\Users\-LUKE-\AppData\Local\speedial.crx deleted
C:\Users\-LUKE-\AppData\Local\Updater26766 deleted
C:\Users\-LUKE-\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle deleted
C:\Windows\Tasks\MySearchDial.job deleted
C:\Users\-LUKE-\Searches deleted
C:\Users\-LUKE-\AppData\LocalLow\DataMngr deleted
C:\Users\Guest\AppData\LocalLow\searchquband deleted
C:\Users\Guest\AppData\LocalLow\searchqutoolbar deleted
C:\Users\Guest\AppData\LocalLow\DataMngr deleted
C:\AI_RecycleBin deleted
C:\Windows\tasks\FreeFileViewerUpdateChecker.job deleted
C:\Windows\system32\Tasks\Advanced System Protector deleted
C:\Windows\tasks\APSnotifierPP1.job deleted
C:\Windows\tasks\APSnotifierPP2.job deleted
C:\Windows\tasks\APSnotifierPP3.job deleted
C:\Windows\system32\tasks\TidyNetwork Update deleted
C:\Windows\system32\tasks\Total Domination W1 deleted
C:\Windows\system32\tasks\Total Domination W2 deleted
C:\Windows\system32\tasks\Play Now Radio deleted
C:\Windows\system32\tasks\RegClean Pro deleted
C:\Windows\system32\tasks\RegClean Pro_DEFAULT deleted
C:\Windows\system32\tasks\RegClean Pro_UPDATES deleted
C:\Windows\tasks\RegClean Pro_DEFAULT.job deleted
C:\Windows\tasks\RegClean Pro_UPDATES.job deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Windows\system32\roboot.exe deleted
C:\Windows\System32\AI_RecycleBin deleted
C:\Users\-LUKE-\Documents\Optimizer Pro deleted
C:\Users\-LUKE-\Desktop\Optimizer Pro.lnk deleted
C:\Users\-LUKE-\Desktop\Continue VuuPC Installation.lnk deleted
C:\Users\-LUKE-\Desktop\Configure VO Package.lnk deleted
C:\Users\-LUKE-\AppData\Local\AnyProtectScannerSetup.exe deleted
"C:\Windows\System32\rlls.dll" deleted
"C:\Windows\System32\drivers\{2b929fe1-284b-4766-afb9-19b0915b99b0}t.sys" deleted
"C:\Windows\system32\Tasks\{670A0151-7FBB-460E-AD81-B6CD27625B13}" deleted
"C:\Windows\Installer\4bd35e.msi" deleted
"C:\Windows\system32\rlls.dll" deleted
"C:\PROGRA~2\199a7c46162a4405\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted
"C:\PROGRA~2\199a7c46162a4405\{681002C6-5019-81A2-7871-A43754F71E56}" deleted
"C:\PROGRA~2\199a7c46162a4405\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}" deleted
"C:\PROGRA~2\199a7c46162a4405\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}" deleted
"C:\Program Files\RelevantKnowledge\rlvknlg.exe" deleted
"C:\Program Files\RelevantKnowledge\rlvknlg32.exe" deleted
"C:\Program Files\NetCrawl\updateNetCrawl.exe" deleted
"C:\Program Files\NetCrawl\updateNetCrawl.exe" deleted
"C:\Program Files\RelevantKnowledge\rlvknlg.exe" deleted
"C:\Program Files\RelevantKnowledge\rlvknlg32.exe" deleted
"C:\Program Files\focusbase\bin\focusbase.BrowserAdapter.exe" deleted
"C:\Program Files\focusbase\bin\focusbase.PurBrowse.exe" deleted
"C:\Program Files\focusbase\bin\utilfocusbase.exe" deleted
"C:\Users\-LUKE-\AppData\Local\playnowradio\playnowradio\1.3.4.1\playnowradio.exe" deleted
"c:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2\buenosearch.exe" deleted
"c:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2\sqlite.dll" deleted
"C:\Program Files\focusbase\bin\focusbase.BrowserAdapter.exe" deleted
"C:\Program Files\focusbase\bin\focusbase.PurBrowse.exe" deleted
"C:\Program Files\focusbase\bin\utilfocusbase.exe" deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2\buenosearch.exe" deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2\sqlite.dll" deleted
"C:\Users\-LUKE-\AppData\Local\playnowradio\playnowradio\1.3.4.1\playnowradio.exe" deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2\buenosearch.exe" deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2\sqlite.dll" deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2\buenosearch.exe" deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2\sqlite.dll" deleted
"C:\Users\-LUKE-\AppData\Local\playnowradio\playnowradio\1.3.4.1\playnowradio.exe" deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2\buenosearch.exe" deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2\sqlite.dll" deleted
"C:\Users\-LUKE-\AppData\Local\playnowradio\playnowradio\1.3.4.1\playnowradio.exe" deleted
"C:\Program Files\focusbase\bin\focusbase.BrowserAdapter.exe" deleted
"C:\Program Files\focusbase\bin\focusbase.PurBrowse.exe" deleted
"C:\Program Files\focusbase\bin\utilfocusbase.exe" deleted
"C:\PROGRA~2\199a7c46162a4405" deleted
"C:\Program Files\RelevantKnowledge" deleted
"C:\Program Files\NetCrawl" not deleted
"C:\Program Files\focusbase" not deleted
"C:\Users\-LUKE-\AppData\Local\playnowradio" deleted
"c:\Users\-LUKE-\AppData\Local\buenosearch" deleted
"C:\Program Files\focusbase" not deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch" deleted
"C:\Users\-LUKE-\AppData\Local\playnowradio" deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch" deleted
"C:\Program Files\NetCrawl" not deleted
"C:\Program Files\RelevantKnowledge" deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch" deleted
"C:\Users\-LUKE-\AppData\Local\playnowradio" deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch" deleted
"C:\Users\-LUKE-\AppData\Local\playnowradio" deleted
"C:\Program Files\focusbase" not deleted
"C:\Program Files\focusbase\bin" not deleted
"C:\Users\-LUKE-\AppData\Local\playnowradio\playnowradio" deleted
"C:\Users\-LUKE-\AppData\Local\playnowradio\playnowradio\1.3.4.1" deleted
"c:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch" deleted
"c:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2" deleted
"C:\Program Files\focusbase\bin" not deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch" deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2" deleted
"C:\Users\-LUKE-\AppData\Local\playnowradio\playnowradio" deleted
"C:\Users\-LUKE-\AppData\Local\playnowradio\playnowradio\1.3.4.1" deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch" deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2" deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch" deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2" deleted
"C:\Users\-LUKE-\AppData\Local\playnowradio\playnowradio" deleted
"C:\Users\-LUKE-\AppData\Local\playnowradio\playnowradio\1.3.4.1" deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch" deleted
"C:\Users\-LUKE-\AppData\Local\buenosearch\buenosearch\1.3.8.2" deleted
"C:\Users\-LUKE-\AppData\Local\playnowradio\playnowradio" deleted
"C:\Users\-LUKE-\AppData\Local\playnowradio\playnowradio\1.3.4.1" deleted
"C:\Program Files\focusbase\bin" not deleted
 
==== System Specs ======================
 
Operating System: Microsoft® Windows Vista™ Home Basic  6.0.6002 Service Pack 2 32-bit
Manufacturer: Acer            - Model: Aspire 4315                    
Install Date: 22/01/2006 20:32:23
Last Boot: 10/07/2014 13:24:39
Processor: Intel® Celeron® CPU          530  @ 1.73GHz
Number of Processors: 1
Work Station
Bootmode: Normal boot
Total RAM: 1013 MB (free 342 MB - 33)
Computername: OWNER-PC
Domain: WORKGROUP
User: -LUKE- (Non-Administrator account)
Local Disk:        C:\ - NTFS - 64 GB (free 5 GB)
CD \ DVD Drive:    D:\ 
Bootdevice: \Device\HarddiskVolume2
Windows update: 2014-06-23 12:57:53
Country: United Kingdom 
Language: ENG 
 
==== System Specs (Software) ======================
 
Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Default Browser: Google Chrome 35.0.1916.153
Internet Explorer Version: 9.0.8112.16421 
Google Chrome version: 35.0.1916.153
Sun Java version: 1.7.0_55 (32-bit) 
Flash Player version: 14.0.0.145
Shockwave Player version: 11.5.9r620
 
==== Files Recently Created / Modified ======================
 
====== C:\Windows ====
====== C:\Users\-LUKE-\AppData\Local\Temp ====
2014-07-10 09:47:34 C9B0E5CAB733D9B9FBB851A85DDE0299 576083 ------w- C:\Users\-LUKE-\AppData\Local\Temp\is45637729\1989389_stp\AnyProtectScannerSetup.exe
2014-07-10 09:47:34 C9B0E5CAB733D9B9FBB851A85DDE0299 576083 ------w- C:\Users\-LUKE-\AppData\Local\Temp\is45637729\1989389_stp\AnyProtectScannerSetup.exe
2014-07-09 23:16:52 EF8F8F959C53163555B7AF0F33DC5CB9 6884024 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\optprosetup.exe
2014-07-09 23:16:52 EF8F8F959C53163555B7AF0F33DC5CB9 6884024 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\optprosetup.exe
2014-07-09 23:13:38 2AFA8A9E0B307688BE29917D22E3B9D2 786640 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\107201401337\Uninstall Bubble Dock.exe
2014-07-09 23:13:38 2AFA8A9E0B307688BE29917D22E3B9D2 786640 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\107201401337\Uninstall Bubble Dock.exe
2014-07-09 23:05:14 A4B34F21548FFD7E9AADE1B56630AB3B 372832 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\AVBD.exe
2014-07-09 23:05:14 A4B34F21548FFD7E9AADE1B56630AB3B 372832 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\AVBD.exe
2014-07-09 23:01:10 9FB9D49C2DB7EDD1084AB765D619F5C6 66368 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\SearchProtectINT.exe
2014-07-09 23:01:10 9FB9D49C2DB7EDD1084AB765D619F5C6 66368 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\SearchProtectINT.exe
2014-07-09 10:36:08 C9B0E5CAB733D9B9FBB851A85DDE0299 576083 ------w- C:\Users\-LUKE-\AppData\Local\Temp\is45637729\30415327_stp\AnyProtectScannerSetup.exe
2014-07-09 10:36:08 C9B0E5CAB733D9B9FBB851A85DDE0299 576083 ------w- C:\Users\-LUKE-\AppData\Local\Temp\is45637729\30415327_stp\AnyProtectScannerSetup.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsv2B37.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsv2B37.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsq6C08.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsq6C08.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsq4A2D.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsq4A2D.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsl7424.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsl7424.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsg5BEA.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsg5BEA.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsa7C20.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsa7C20.exe
2014-07-03 22:35:32 13A09BECABCE7CE7DE02D42D9C00A250 38456 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\bitool.dll
2014-07-03 22:35:32 13A09BECABCE7CE7DE02D42D9C00A250 38456 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\bitool.dll
====== Java Cache =====
====== C:\Windows\system32 =====
2014-07-09 23:19:34 EEA80AB2D477D2CA04A4AE395CFEE1EC 660760 ----a-w- C:\Windows\System32\rllsearch
2014-07-03 20:40:41 9033DAF3277F0498BC86C8D4566C25CE 1554944 ----a-w- C:\Windows\System32\vorbis.acm
====== C:\Windows\system32\drivers =====
2014-07-09 23:03:03 637318A990CCFB83C5FD40BDBB19E81B 18360 ----a-w- C:\Windows\System32\drivers\SPPD.sys
2014-07-03 23:33:49 CBEAEA2729985BFB260641AB424E0166 320120 ----a-w- C:\Windows\System32\drivers\sptd.sys
2014-06-12 17:12:37 A4196D394207369E1431E8681B373312 915392 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-06-12 17:12:37 95389980F70FC4990A4395A0B8BBE1D6 31232 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
====== C:\Windows\Tasks ======
2014-07-09 23:24:02 7B6627B2B3CBF604F240A0064C8F1D5E 3236 ----a-w- C:\Windows\system32\Tasks\Optimizer Pro Schedule
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-07-09 23:26:16 -------- d-----w- C:\Program Files\NetCrawl
2014-07-09 23:04:40 -------- d-----w- C:\Program Files\focusbase
2014-07-04 00:22:18 -------- d-----w- C:\Program Files\Steinberg
2014-07-04 00:04:08 -------- d-----w- C:\Program Files\Common Files\Digidesign
2014-07-03 20:43:32 -------- d-----w- C:\Program Files\ASIO4ALL v2
2014-07-03 20:43:14 -------- d-----w- C:\Program Files\VstPlugins
2014-07-03 20:40:16 -------- d-----w- C:\Program Files\DSPRobotics
2014-07-03 20:27:40 -------- d-----w- C:\Program Files\Image-Line
2014-06-30 20:30:36 -------- d-----w- C:\Program Files\iPod
======= C: =====
====== C:\Users\-LUKE-\AppData\Roaming ======
2014-07-06 01:34:37 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\VS Revo Group
2014-07-06 01:34:37 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\VS Revo Group
2014-07-03 20:43:33 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-07-03 20:43:33 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-07-03 20:41:40 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Image-Line
2014-07-03 20:41:40 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Image-Line
2014-07-03 20:41:39 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-07-03 20:41:39 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-07-03 20:40:18 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\FlowStone
2014-07-03 20:40:18 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\FlowStone
2014-06-30 21:46:58 -------- d-----w- C:\Users\-LUKE-\AppData\Local\pangu
2014-06-30 21:46:58 -------- d-----w- C:\Users\-LUKE-\AppData\Local\pangu
2014-06-22 15:18:09 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Media Player Classic
2014-06-22 15:18:09 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Media Player Classic
====== C:\Users\-LUKE- ======
2014-07-04 00:22:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2014-07-04 00:04:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX
2014-06-30 20:34:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-30 20:29:30 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
 
====== C: exe-files ==
2014-07-10 12:57:27 3EAEAFE0404C7CAAB9CBA686EE765FE0 590642 ----a-w- C:\Users\-LUKE-\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SUNUQ39B\Setup[1].exe
2014-07-10 12:30:54 E1A5604940E9C59A661FFA0D61C76A2E 96544 ----a-w- C:\Program Files\focusbase\bin\focusbase.BrowserAdapter.exe
2014-07-10 09:47:34 C9B0E5CAB733D9B9FBB851A85DDE0299 576083 ------w- C:\Users\-LUKE-\AppData\Local\Temp\is45637729\1989389_stp\AnyProtectScannerSetup.exe
2014-07-09 23:16:52 EF8F8F959C53163555B7AF0F33DC5CB9 6884024 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\optprosetup.exe
2014-07-09 23:13:38 2AFA8A9E0B307688BE29917D22E3B9D2 786640 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\107201401337\Uninstall Bubble Dock.exe
2014-07-09 23:05:14 A4B34F21548FFD7E9AADE1B56630AB3B 372832 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\AVBD.exe
2014-07-09 23:01:10 9FB9D49C2DB7EDD1084AB765D619F5C6 66368 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\SearchProtectINT.exe
2014-07-09 10:36:08 C9B0E5CAB733D9B9FBB851A85DDE0299 576083 ------w- C:\Users\-LUKE-\AppData\Local\Temp\is45637729\30415327_stp\AnyProtectScannerSetup.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsv2B37.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsq6C08.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsq4A2D.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsl7424.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsg5BEA.exe
2014-07-07 16:47:16 02C162FD7706E887624DFCC410979355 156061 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\nsa7C20.exe
2014-07-05 14:47:23 FB44E4C071B537EC3F2AF07C245E2973 695578 ----a-w- C:\Program Files\Image-Line\FL Studio 11\Plugins\VST\VSTPlugins\Sylenth1\unins000.exe
2014-07-04 00:22:18 FB44E4C071B537EC3F2AF07C245E2973 695578 ----a-w- C:\Program Files\Steinberg\VSTPlugins\Sylenth1\unins000.exe
2014-07-04 00:21:07 8ED0317918789449516F3745DFA00E17 5579791 ----a-w- C:\Users\-LUKE-\Desktop\Sylenth1 VST v2.2\Sylenth VSTi v2.2 [64Bit].exe
2014-07-04 00:20:44 1CF3CEBF4E003F0EA36A8215EF402CE2 5498815 ----a-w- C:\Users\-LUKE-\Desktop\Sylenth1 VST v2.2\Sylenth VSTi v2.2 [32Bit].exe
2014-07-04 00:04:06 A580EC2233328B11F2FCB99BBE3E4A46 695674 ----a-w- C:\Program Files\VstPlugins\Uninstall Nexus\unins000.exe
2014-07-04 00:03:12 9D3515D804748C2291C5025D0606C647 15363384 ----a-w- C:\Users\-LUKE-\Desktop\NEXUS 2 VST\Nexus 2 Setup.exe
2014-07-04 00:03:09 65A8E159C87834C135275332CD99600F 120128 ----a-w- C:\Users\-LUKE-\Desktop\NEXUS 2 VST\Autorun.exe
=== C: other files ==
2014-07-10 22:11:42 B197C419377979D19ADFE7CCFB3BA4AE 65536 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\sysspec\SysSpec.zip
2014-07-10 12:36:55 74AD084A6F1448B83A8C7346FE02FF27 6121 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\scoped_dir_4724_30469\rlcm.crx
2014-07-10 12:32:45 74AD084A6F1448B83A8C7346FE02FF27 6121 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\scoped_dir_5888_23491\rlcm.crx
2014-07-09 23:03:03 637318A990CCFB83C5FD40BDBB19E81B 18360 ----a-w- C:\Windows\System32\drivers\SPPD.sys
2014-07-08 19:24:09 D7C414D4517212709B258F61F33DCE9C 5001 ----a-w- C:\Users\-LUKE-\Downloads\Proxy Chord Leads.zip
2014-07-05 15:29:25 561C7E42010B469640B60CC8DEA64744 19221903 ----a-w- C:\Users\-LUKE-\Downloads\3.0.0.106__Compressor DeEsser.zip
2014-07-04 03:56:38 0D4C3073A1210F7A4CF51F00AC00CAB2 11856963 ----a-w- C:\Users\-LUKE-\Downloads\Titanium my [bleep] about.zip
2014-07-04 00:17:58 81A71DCD73A623DED387332BEB9F138D 14890573 ----a-w- C:\Users\-LUKE-\Downloads\Sylenth VSTi v2.2 [PC 32&64Bit] #MrAcapellaRelease.zip
2014-07-04 00:09:37 0ADDEA43B247471571C73417C48F96FC 11962938 ----a-w- C:\Users\-LUKE-\Downloads\Titanium 2.zip
2014-07-03 23:33:49 CBEAEA2729985BFB260641AB424E0166 320120 ----a-w- C:\Windows\System32\drivers\sptd.sys
 
==== Startup Registry Enabled ======================
 
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"
 
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"Hercules DJ Series"="C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot"
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"
 
==== Startup Registry Disabled ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""
 
 
==== Task Scheduler Jobs ======================
 
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [08/07/2014 21:06]
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf5e455071bfa0.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28/10/2013 17:09]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-114143902-2153543805-3046081360-1000Core.job --a------ C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\User_Feed_Synchronization-{44D07C0B-BFB6-482D-8043-004548F37FC4}.job --ah----- C:\Windows\system32\msfeedssync.exe [28/05/2014 17:29]
 
==== Other Scheduled Tasks ======================
 
"C:\Windows\system32\tasks\0" [c:\program files\internet explorer\iexplore.exe]
"C:\Windows\system32\tasks\4576" [wscript.exe C:\Users\-LUKE-\AppData\Local\Temp\launchie.vbs //B]
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1cf5e455071bfa0" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-114143902-2153543805-3046081360-1000Core" [C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-114143902-2153543805-3046081360-1000UA" [C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\Optimizer Pro Schedule" ["C:\Program Files\Optimizer Pro\OptProLauncher.exe"]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{44D07C0B-BFB6-482D-8043-004548F37FC4}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [29/11/2013 15:33]
 
==== Firefox Extensions ======================
 
==== Firefox Plugins ======================
 
 
==== Chrome Look ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bakijjialdiiboeaknfpmflphhmljfkd - No path found[]
iagcajndpnfncplednpbnkahadegklfa - C:\Users\-LUKE-\AppData\Local\speedial.crx[]
mkndcbhcgphcfkkddanakjiepeknbgle - C:\Program Files\RelevantKnowledge\rlcm.crx[]
 
Save Me - -LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - -LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - -LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - -LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - -LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - -LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - -LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - -LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Google Voice Search Hotword (Beta) - -LUKE-\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Google Wallet - -LUKE-\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Save Me - -LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - -LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - -LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - -LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - -LUKE-\AppData\Local\Torch\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - -LUKE-\AppData\Local\Torch\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - -LUKE-\AppData\Local\Torch\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - -LUKE-\AppData\Local\Torch\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - Administrator\AppData\Local\Torch\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - Administrator\AppData\Local\Torch\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Administrator\AppData\Local\Torch\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Administrator\AppData\Local\Torch\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Google Docs - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Save Me - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
Google Search - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
SNT - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Show-Password - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\logekkkdbdidmmcgkonmmonclldogceg
Google Wallet - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Save Me - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - Guest\AppData\Local\Torch\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - Guest\AppData\Local\Torch\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - Guest\AppData\Local\Torch\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - Guest\AppData\Local\Torch\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - -LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - -LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - -LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - -LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - -LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - -LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - -LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - -LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Google Voice Search Hotword (Beta) - -LUKE-\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Google Wallet - -LUKE-\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Save Me - -LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - -LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - -LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - -LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
Save Me - -LUKE-\AppData\Local\Torch\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi
SNT - -LUKE-\AppData\Local\Torch\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj
VauDix - -LUKE-\AppData\Local\Torch\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn
YoutubeAdblocker - -LUKE-\AppData\Local\Torch\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg
 
==== Chrome Fix ======================
 
C:\Users\-LUKE-\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\-LUKE-\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\-LUKE-\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\-LUKE-\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\-LUKE-\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.buenosearch.com_0.localstorage deleted successfully
C:\Users\-LUKE-\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.buenosearch.com_0.localstorage-journal deleted successfully
C:\Users\-LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi deleted successfully
C:\Users\-LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi deleted successfully
C:\Users\-LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi deleted successfully
C:\Users\-LUKE-\AppData\Local\Torch\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi deleted successfully
C:\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi deleted successfully
C:\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi deleted successfully
C:\Users\-LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj deleted successfully
C:\Users\-LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj deleted successfully
C:\Users\-LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj deleted successfully
C:\Users\-LUKE-\AppData\Local\Torch\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj deleted successfully
C:\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj deleted successfully
C:\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\gocodaaboaaffamokoninjpcnliipdgj deleted successfully
C:\Users\-LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn deleted successfully
C:\Users\-LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn deleted successfully
C:\Users\-LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn deleted successfully
C:\Users\-LUKE-\AppData\Local\Torch\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn deleted successfully
C:\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn deleted successfully
C:\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\kdnkkenodhmikkcaacgkelhjipchmcpn deleted successfully
C:\Users\-LUKE-\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg deleted successfully
C:\Users\-LUKE-\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg deleted successfully
C:\Users\-LUKE-\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg deleted successfully
C:\Users\-LUKE-\AppData\Local\Torch\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg deleted successfully
C:\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg deleted successfully
C:\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\lhbgbhhfnmedmdcpghjhdecidongnajg deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\logekkkdbdidmmcgkonmmonclldogceg deleted successfully
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512  Url="http://www.bing.com/...s}&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.co...ge={startPage}"
 
==== Deleting CLSID Registry Keys ======================
 
HKEY_USERS\S-1-5-21-114143902-2153543805-3046081360-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{769a91da-209f-47fe-88b9-b0321b0982c8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{769a91da-209f-47fe-88b9-b0321b0982c8} deleted successfully
 
==== Deleting CLSID Registry Values ======================
 
 
==== Uninstall List x86 ======================
 
æTorrent  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent]
Acer eDataSecurity Management [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A5633652-3795-4829-BB0B-644F0279E279}]
Acer Empowering Technology [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AB6097D9-D722-4987-BD9E-A076E2848EE2}]
Acer ePresentation Management [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BF839132-BD43-4056-ACBF-4377F4A88E2A}]
Acer eSettings Management [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CE65A9A0-9686-45C6-9098-3C9543A412F0}]
Adobe AIR [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{47FA2C44-D148-4DBC-AF60-B91934AA4842}]
Adobe AIR [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe AIR]
Adobe Download Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}]
Adobe Flash Player 14 ActiveX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX]
Adobe Flash Player 14 Plugin [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin]
Adobe Reader X (10.1.1) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-AA1000000001}]
Adobe Shockwave Player 11.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Shockwave Player]
Apple Application Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D9DAD0FF-495A-472B-9F10-BAE430A26682}]
Apple Mobile Device Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18D47FA1-0440-48D3-A7E0-DA09537FF471}]
Apple Software Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}]
ASIO4ALL  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ASIO4ALL]
Atheros Driver Installation Program [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{28006915-2739-4EBE-B5E8-49B25D32EB33}]
Bonjour  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79155F2B-9895-49D7-8612-D92580E0DE5B}]
Broadcom Driver v4.170.25.19_Foxconn Installation Program [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{88410D8F-8529-492B-B556-2394A29B811B}]
Buenosearch  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\buenosearch]
Buzzdock  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ac225167-00fc-452d-94c5-bb93600e7d9a}]
FL Studio 11 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\FL Studio 11]
FlowStone FL 3.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\FlowStone]
focusbase  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\focusbase]
Free File Viewer 2014 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\FreeFileViewer_is1]
GEAR 32bit Driver Installer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E89B484C-B913-49A0-959B-89E836001658}]
Google Chrome [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]
Google Update Helper [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]
Hercules DJ Products Series drivers [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{33999F1F-EA46-4E55-A239-1BA803235396}]
High-Definition Video Playback [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}]
iCloud  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}]
iFunbox (v2.8.2414.748), iFunbox DevTeam [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\iFunbox_is1]
IL Download Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\IL Download Manager]
IL Shared Libraries [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\IL Shared Libraries]
ImgBurn  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ImgBurn]
Intel® Graphics Media Accelerator Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HDMI]
iTunes  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0718A90E-93AA-49AF-A4FE-0165ACD91DF0}]
Java 7 Update 55 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217055FF}]
Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}]
Java DB 10.6.2.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{73EC658D-A1C6-40CA-8E86-E05821BAACE7}]
Java™ SE Development Kit 6 Update 24 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{32A3A4F4-B792-11D6-A78A-00B0D0160240}]
JavaFX 2.1.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1111706F-666A-4037-7777-211328764D10}]
K-Lite Codec Pack 5.2.0 (Full) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\KLiteCodecPack_is1]
Malwarebytes Anti-Malware version 1.75.0.1300 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1]
Microsoft .NET Framework 3.5 SP1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}]
Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4903D172-DCCB-392F-93A3-34CA9D47FE3D}]
Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033]
Microsoft Security Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{36A345C9-0691-45A1-AEEF-29ECEC8B5014}]
Microsoft Security Essentials [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Security Client]
Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{770657D0-A123-3C07-8E44-1C83EC895118}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}]
Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}]
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]
Microsoft Windows Media Center SDK 5.3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7FE2549F-361D-4F9F-BB3E-75D08EFEB313}]
Microsoft_VC80_ATL_x86  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}]
Microsoft_VC80_CRT_x86  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}]
Microsoft_VC80_MFC_x86  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D1A19B02-817E-4296-A45B-07853FD74D57}]
Microsoft_VC80_MFCLOC_x86  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}]
Microsoft_VC90_ATL_x86  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}]
Microsoft_VC90_CRT_x86  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{08D2E121-7F6A-43EB-97FD-629B44903403}]
Microsoft_VC90_MFC_x86  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}]
MSXML 4.0 SP2 (KB927978) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}]
MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}]
MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}]
MSXML 4.0 SP3 Parser (KB2721691) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}]
MSXML 4.0 SP3 Parser (KB2758694) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}]
MSXML 4.0 SP3 Parser (KB973685) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}]
MSXML 4.0 SP3 Parser [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{196467F1-C11F-4F76-858B-5812ADC83B94}]
Nero 10 Menu TemplatePack Basic [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{63AA3EAB-23BB-48B2-9AD0-44F878075604}]
Nero 10 Movie ThemePack Basic [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}]
Nero BackItUp 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}]
Nero BurningROM 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}]
Nero BurnRights 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{555868C6-49FB-484F-BB43-8980651A1B00}]
Nero Control Center 10 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6DFB899F-17A2-48F0-A533-ED8D6866CF38}]
Nero ControlCenter 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}]
Nero Core Components 10 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}]
Nero CoverDesigner 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C3273C55-E1E4-41FF-8D69-0158090DB8D8}]
Nero DiscCopyGadget 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F548A02-80BC-404D-BAE6-F05F9BF6B449}]
Nero DiscSpeed 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C18A0418-442A-4186-AF98-D08F5054A2FC}]
Nero Dolby Files 10 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C3580AC4-C827-4332-B935-9A282ED5BB97}]
Nero Express 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{33643918-7957-4839-92C7-EA96CB621A98}]
Nero InfoTool 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{66049135-9659-4AAD-9169-9CCA269EBB3E}]
Nero Recode 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}]
Nero RescueAgent 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92E25238-61A3-4ACD-A407-3C480EEF47A7}]
Nero SoundTrax 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{16987E99-C95C-4513-9239-7B44A0A71DB5}]
Nero StartSmart 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}]
Nero Vision 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{329411A0-19F3-4740-874F-17400B126F27}]
Nero WaveEditor 10 Help (CHM) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7A295D8F-484B-4FFB-89AB-C1FD497591FE}]
NeroKwikMedia Help (CHM) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{02FCAA8F-59D3-4198-822E-135C61EE4F0B}]
neroxml  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}]
Optimizer Pro v3.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1]
Play Now Radio [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\playnowradio]
QuickTime 7 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}]
reFX Nexus VSTi RTAS v2.2.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\reFX Nexus_is1]
RegClean Pro [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1]
RelevantKnowledge  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831}]
Revo Uninstaller Pro 3.0.8 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1]
Search Protect [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect]
Sylenth1 v2.20 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Sylenth1_is1]
TuneUp Utilities Language Pack (en-GB) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F3ED01FE-B62F-4CA4-BACA-822369BC0FB7}]
v9 uninstall [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\v9 uninstall]
VirtualDJ PRO Full [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EDA76D78-8C23-4245-A4B1-4A9217AC9CF3}]
VLC media player 1.1.8 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player]
VO Package [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage]
Windows Media Player Firefox Plugin [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}]
WinRAR archiver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]
 
==== Deleting Registry Keys ======================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ffb2585d-b4ca-4350-a331-62327912f0aa deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully
 
==== Empty IE Cache ======================
 
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\-LUKE-\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\-LUKE-\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
 
==== Empty FireFox Cache ======================
 
No FireFox Cache found
 
==== Empty Chrome Cache ======================
 
C:\Users\-LUKE-\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\-LUKE-\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
Flash Cache Emptied Successfully
 
==== Empty All Java Cache ======================
 
Java Cache cleared successfully
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=1220 folders=329 236194569 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\-LUKE-\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\-LUKE-\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\Windows\Temp successfully emptied
C:\Users\-LUKE-\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== Deleting Files / Folders ======================
 
"C:\Users\-LUKE-\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\-LUKE-\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Program Files\NetCrawl"  not found
"C:\Program Files\focusbase"  not found
"C:\Program Files\focusbase"  not found
"C:\Program Files\NetCrawl"  not found
"C:\Program Files\focusbase"  not found
 
==== EOF on 10/07/2014 at 23:30:02.54 ======================

  • 0

#10
djmarzy
Posted 10 July 2014 - 04:41 PM

djmarzy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

adwcleaner results

 

 # AdwCleaner v3.215 - Report created 10/07/2014 at 23:37:46

# Updated 09/07/2014 by Xplode
# Operating System : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# Username : -LUKE- - OWNER-PC
# Running from : C:\Users\-LUKE-\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : tStLibG
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\-LUKE-\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\-LUKE-\AppData\Local\torch
Folder Deleted : C:\Users\-LUKE-\Documents\PC Cleaner
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
File Deleted : C:\Users\Public\Desktop\RegClean Pro.lnk
File Deleted : C:\Windows\system32\drivers\tStLibG.sys
File Deleted : C:\Users\-LUKE-\AppData\Roaming\Bubble Dock.boostrap.log
File Deleted : C:\Users\-LUKE-\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\-LUKE-\AppData\Roaming\regsvr32.exe_log.txt
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B5BCF24C-B6C6-488F-AF1E-4140AE8EDE25}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5BCF24C-B6C6-488F-AF1E-4140AE8EDE25}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{76539690-E8CA-4BC6-8D6D-15830D903C80}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76539690-E8CA-4BC6-8D6D-15830D903C80}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C23AE9D-797D-402C-AB51-4D849AFD427A}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C23AE9D-797D-402C-AB51-4D849AFD427A}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C60F406D-11A5-4D7F-BF40-464989863686}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C60F406D-11A5-4D7F-BF40-464989863686}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40C5B76F-CAF7-4D82-8AFD-CB04C9D275F4}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40C5B76F-CAF7-4D82-8AFD-CB04C9D275F4}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{93C37901-DFA5-457E-9696-8021A8D7795B}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93C37901-DFA5-457E-9696-8021A8D7795B}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE7F28DA-48E2-462B-B6DC-440B1CB10451}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5580A63-F39C-43AE-B9FB-1D701C34835C}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F5580A63-F39C-43AE-B9FB-1D701C34835C}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE7F28DA-48E2-462B-B6DC-440B1CB10451}
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10AD2C61-0898-4348-8600-14A342F22AC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\mysearchdial
Key Deleted : HKCU\Software\NetCrawl
Key Deleted : HKCU\Software\Nosibay
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\SearchProtectINT
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKCU\Software\AppDataLow\Software\Rr Savings
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\Software\LevelQualityWatcher
Key Deleted : HKLM\Software\NetCrawl
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\SupDp
Key Deleted : HKLM\Software\SupTab
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\V9Software
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\buenosearch
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16555
 
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\-LUKE-\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://www.buenosearch.com/?babsrc=SP_kms&tt=na&mntrId=0faf4573b19c07edb96894cf713477da&affID=128518&tsp=5303&q={searchTerms}
Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3323910&octid=EB_ORIGINAL_CTID&ISID=MC3429CD3-9B06-4EE4-8686-B6F97BDB49A0&SearchSource=58&CUI=&UM=6&UP=SP12E58EF4-CA30-41FF-816A-DC80F164B071&q={searchTerms}&SSPV=
Deleted [Search Provider] : hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=DEDE0017C408070F&affID=128518&tsp=5303
Deleted [Startup_urls] : hxxp://www.v9.com/?type=hp&ts=1404948098&from=cor&uid=TOSHIBAXMK8037GSX_77RJF874SXX77RJF874S&i=psd&t=3456a111b
Deleted [Homepage] : hxxp://www.v9.com/?type=hp&ts=1404948098&from=cor&uid=TOSHIBAXMK8037GSX_77RJF874SXX77RJF874S&i=psd&t=3456a111b
Deleted [Extension] : bakijjialdiiboeaknfpmflphhmljfkd
Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
Deleted [Extension] : iagcajndpnfncplednpbnkahadegklfa
 
[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1QzutDtDtCyB0CyEtDzztDyBtD0FyByDzz0DtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0B0AtCyBzyyCyDtGzzyB0DyCtG0CzyzyzztGtBtAyBzztGyD0EtB0FzzyDtC0A0Bzz0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DyE0EtD0D0BtCtG0CyCyDtAtGtAzzyCyBtGzyyDyByEtGyB0ByDtCtByDtCyByDzz0FyE2Q&cr=2132588496&ir=
Deleted [Search Provider] : hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_cmi_14_22_ch&cd=2XzuyEtN2Y1L1QzutDtDtCyB0CyEtDzztDyBtD0FyByDzz0DtN0D0Tzu0SzzzztCtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0D0AyDyByDyCyCtGtB0F0FzztG0EtByE0EtG0A0CyEzztGtB0D0A0CyB0C0CyE0CyD0ByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DyE0EtD0D0BtCtG0CyCyDtAtGtAzzyCyBtGzyyDyByEtGyB0ByDtCtByDtCyByDzz0FyE2Q&cr=524036662&ir=
Deleted [Startup_urls] : hxxp://speedial.com/?f=1&a=spd_cmi_14_22_ch&cd=2XzuyEtN2Y1L1QzutDtDtCyB0CyEtDzztDyBtD0FyByDzz0DtN0D0Tzu0SzzzztCtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0D0AyDyByDyCyCtGtB0F0FzztG0EtByE0EtG0A0CyEzztGtB0D0A0CyB0C0CyE0CyD0ByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DyE0EtD0D0BtCtG0CyCyDtAtGtAzzyCyBtGzyyDyByEtGyB0ByDtCtByDtCyByDzz0FyE2Q&cr=524036662&ir=
Deleted [Startup_urls] : hxxp://start.mysearchdial.com/?f=1&a=ir_14_17_ch&cd=2XzuyEtN2Y1L1QzutDtDtCyB0CyEtDzztDyBtD0FyByDzz0DtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0B0AtCyBzyyCyDtGzzyB0DyCtG0CzyzyzztGtBtAyBzztGyD0EtB0FzzyDtC0A0Bzz0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DyE0EtD0D0BtCtG0CyCyDtAtGtAzzyCyBtGzyyDyByEtGyB0ByDtCtByDtCyByDzz0FyE2Q&cr=2132588496&ir=
Deleted [Homepage] : hxxp://speedial.com/?f=1&a=spd_cmi_14_22_ch&cd=2XzuyEtN2Y1L1QzutDtDtCyB0CyEtDzztDyBtD0FyByDzz0DtN0D0Tzu0SzzzztCtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0D0AyDyByDyCyCtGtB0F0FzztG0EtByE0EtG0A0CyEzztGtB0D0A0CyB0C0CyE0CyD0ByB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0DyE0EtD0D0BtCtG0CyCyDtAtGtAzzyCyBtGzyyDyByEtGyB0ByDtCtByDtCyByDzz0FyE2Q&cr=524036662&ir=
Deleted [Extension] : bakijjialdiiboeaknfpmflphhmljfkd
Deleted [Extension] : iagcajndpnfncplednpbnkahadegklfa
Deleted [Extension] : logekkkdbdidmmcgkonmmonclldogceg
 
*************************
 
AdwCleaner[R0].txt - [10435 octets] - [10/07/2014 23:34:21]
AdwCleaner[S0].txt - [10278 octets] - [10/07/2014 23:37:46]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10339 octets] ##########

  • 0

Advertisements

#11
djmarzy
Posted 10 July 2014 - 04:50 PM

djmarzy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

jre results

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista ™ Home Basic x86
Ran by -LUKE- on 10/07/2014 at 23:44:08.15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/07/2014 at 23:48:34.26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • 0

#12
Naathim
Posted 11 July 2014 - 05:16 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi Luke :)


First of all, I'd like to give you some reading about bundled software installations. Be careful what and how you download.

Yep, those fixes made the great part of the work. So for now let's get me some fresh scans to determine if it's all clean now.
 

 

aswMBR.png Scan with aswMBR

Please download aswMBR by Avast! & Gmer and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on the aswMBR.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Allow virtualisation if offered.
  • If you are prompted to download the latest anti-virus definitions from avast!, click Yes.
  • Click the AV Scan: drop down box and select C:\.
  • Select scan.
  • Upon completion, you will see Scan finished successfully. Click Save log.

Do NOT click Fix or FixMBR!
A file (MBR.dat) will be created on your desktop. Do NOT click or delete it!

Copy the contents of the logfile ans paste in into your next reply.
Do not forget to re-enable your previously switched-off protection software!



51a612a8b27e2-Zoek.png Scan with ZOEK

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;
process;
services-list;
systemspecs;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;
installedprogs;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.



Cheers,
Naat :)


  • 0

#13
djmarzy
Posted 11 July 2014 - 08:10 AM

djmarzy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts
Hi naat aswmbr been runing over 2 hrs will post once compleat, laptop still seems to abit sluggish and slow although all the adware has gone.
  • 0

#14
Naathim
Posted 11 July 2014 - 09:38 AM

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

I am aware that this scan may take some time. Please allow it to complete, I want to be sure that there isn't anything lurking :)


  • 0

#15
djmarzy
Posted 11 July 2014 - 02:51 PM

djmarzy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

hey naat sorry for the late reply ive had a few problems, during first scan with aswmbr i left my computer as it was taking a while my computer decided to install windows updates and reboot so i had to start the test again when i returned, then when i came to this forum i was having problems my browser screen decided it didnt want to show me the contents of the web page it was just gray but i could see the search bar (google chrome) it had been like this for the past hour but it ok now. it was only on my topic :S

 

aswmbr results

 

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-07-11 17:34:59
-----------------------------
17:34:59.263    OS Version: Windows 6.0.6002 Service Pack 2
17:34:59.263    Number of processors: 1 586 0x1601
17:34:59.264    ComputerName: OWNER-PC  UserName: -LUKE-
17:35:20.188    Initialize success
17:35:20.288    VM: initialized successfully
17:35:20.355    VM: Intel CPU virtualization not supported 
17:37:18.793    AVAST engine defs: 14071100
17:37:31.240    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
17:37:31.264    Disk 0 Vendor: TOSHIBA_MK8037GSX DL250J Size: 76319MB BusType: 3
17:37:31.302    Disk 0 MBR read successfully
17:37:31.306    Disk 0 MBR scan
17:37:34.153    Disk 0 Windows VISTA default MBR code
17:37:34.178    Disk 0 Partition 1 00     27 Hidden NTFS WinRE MSDOS5.0    10000 MB offset 2048
17:37:34.606    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        66317 MB offset 20482048
17:37:35.936    Disk 0 scanning sectors +156299264
17:37:36.813    Disk 0 scanning C:\Windows\system32\drivers
17:38:18.454    Service scanning
17:40:30.751    Modules scanning
17:41:07.768    Disk 0 trace - called modules:
17:41:07.815    ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x84a901f8]<<
17:41:07.823    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x850a3ac8]
17:41:07.830    3 CLASSPNP.SYS[86ba38b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x8416c390]
17:41:07.837    \Driver\atapi[0x84134848] -> IRP_MJ_CREATE -> 0x84a901f8
17:41:10.616    AVAST engine scan C:\
20:37:26.800    Scan finished successfully
21:42:24.450    Disk 0 MBR has been saved successfully to "C:\Users\-LUKE-\Desktop\MBR.dat"
21:42:24.656    The log file has been saved successfully to "C:\Users\-LUKE-\Desktop\aswMBR.txt"
 
 

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: viruses, adware, optimizer pro, reg clean pro, buenosearch

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP