Welcome to WindowsInstructed Forums

Welcome to the WindowsInstructed Forums

Sign-up for an account today to receive free malware removal help. Personal Windows help and much more. Or continue as a guest and ask any question you would like to ask us! Please do remember that being a member you get advantages like notifications of replies and faster replies from most members. Also members don't see ads ;) 

We hope to help you with your issues.

The WindowsInstructed Forums Staff

WowAmazeName

solved Internet connection on computer staggers. Wifi is 100% fine

54 posts in this topic

Hi there. I'm cross posting this from Reddit since a user from their told me the people here are really helpful. So, I'm sorry if I'm intruding.

 

 For whatever reason, my wired connection of my computer seems to always stagger from my normal speed of a few mb/s to a slow bit-rate, but it does not disconnect from what I am seeing. My cousin implemented a new router about a week ago but I am guessing it is irrelevant to my problem as I started having this issue yesterday.

From what I mean about a slow bit-rate is that my connection to watching streams or loading Youtube videos constantly never load at times, and Google searches being iffy. And I've never been able to properly connect to Overwatch's servers in-game, thought I can still log in. During this time, however, my load time for Reddit loads normally so I suppose my speed drops real big since Reddit does not take too much data too load.

 

Any kind of suggestions is welcome.

Kris likes this

Share this post


Link to post
Share on other sites

@WowAmazeName Welcome to the forum. :)

 

Zoek Scan

Disable your antivirus prior to this scan.
Download Zoek
Save the file to your desktop.
Right click Zoek.exe and run as administrator. (Xp Users double click)
Copy and paste the items in red below and paste them into Zoek.       

                                                                                                        

createsrpoint;
emptyfolderscheck;delete
emptyclsid;
emptyalltemp;
ipconfig /flushdns;b
ResetHosts;

autoclean;

 


 

Now hit the run script button.
The log will appear after a reboot, also you can find it on the C: drive.
Post the log in your next reply.

 

MiniToolBox Scan.

 

 

Please download MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

Share this post


Link to post
Share on other sites
1 minute ago, WowAmazeName said:

Actually, no thank you :)

 

? Is there an issue with any of the instructions> Without logs, I have no idea what is going on with your machine....

 

I did write a guide if you want to go that route. It explains how to optimize your machine, and there is an internet guide up in this one as well. Click here for guide.

 

 

Share this post


Link to post
Share on other sites

These tools are used in many many forums... You can google Zoek and Minitoolbox, these are tools used to repair a machine.... Your choice if you think I am "Baiting" you whatever that means, when you discover that this forum indeed has no malicious intent then you are free to come back and continue this thread. Have a nice day. :)

Share this post


Link to post
Share on other sites

I do have to apologize as it does seem legitimate after some research. I was just under the assumption that you were a bot or a persuader trying to take control or host others systems. Once again, sorry for my paranoia.

Share this post


Link to post
Share on other sites

No worries.  Continue if you wish, I am here to help.  I do understand, as people often ask me why I do this sort of thing for free... If you do not want help, then have a nice day - night where ever you are in the world. :)

WowAmazeName likes this

Share this post


Link to post
Share on other sites

Zoek:

 


Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by **** on 06/26/2016 Sun at 18:41:35.50.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: E:\Users\Chi\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

6/26/2016 6:43:13 PM Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 

# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 

# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 

# For example: 

#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
# localhost name resolution is handled within DNS itself. 
127.0.0.1       localhost 
::1             localhost 

==== Empty Folders Check ======================

C:\PROGRA~2\SNT deleted successfully
C:\PROGRA~2\WbSvCouponApp deleted successfully
C:\PROGRA~2\YoutubeAdblocker deleted successfully
C:\PROGRA~2\COMMON~1\COMODO deleted successfully
C:\Program Files\AVAST Software deleted successfully
C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\greattseAveR deleted successfully
C:\PROGRA~3\SNT deleted successfully
C:\PROGRA~3\WbSvCouponApp deleted successfully
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully
C:\Users\ANDREW 2014\AppData\Roaming\AVAST Software deleted successfully
C:\Users\ANDREW 2014\AppData\Roaming\Awesomium deleted successfully
C:\Users\ANDREW 2014\AppData\Local\PACE Anti-Piracy deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2034708905-2678556690-501098093-1003\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} deleted successfully
HKEY_USERS\S-1-5-21-2034708905-2678556690-501098093-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-2034708905-2678556690-501098093-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
 

Share this post


Link to post
Share on other sites

MiniToolBox

 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Antony (administrator) on 26-06-2016 at 19:05:05
Running from "E:\Users\chi\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Model: System Product Name Manufacturer: System manufacturer
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================

Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration

Windows IP Configuration

   Host Name . . . . . . . . . . . . : ANDREW2014-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller
   Physical Address. . . . . . . . . : F4-6D-04-44-8F-BA
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::2178:a5a3:7818:504d%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, June 26, 2016 3:28:41 PM
   Lease Expires . . . . . . . . . . : Monday, June 27, 2016 4:10:26 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 250899716
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-6F-94-C8-F4-6D-04-44-8F-BA
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{911923BA-2B96-45C2-B50F-EEE73491B929}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4007:806::200e
      216.58.219.14


Pinging google.com [216.58.219.14] with 32 bytes of data:
Reply from 216.58.219.14: bytes=32 time=13ms TTL=54
Reply from 216.58.219.14: bytes=32 time=14ms TTL=54

Ping statistics for 216.58.219.14:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 13ms, Maximum = 14ms, Average = 13ms
Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
      2001:4998:44:204::a7
      2001:4998:c:a06::2:4008
      98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=48ms TTL=47
Reply from 206.190.36.45: bytes=32 time=45ms TTL=47

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 45ms, Maximum = 48ms, Average = 46ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...f4 6d 04 44 8f ba ......Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.100     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.100    276
    192.168.1.100  255.255.255.255         On-link     192.168.1.100    276
    192.168.1.255  255.255.255.255         On-link     192.168.1.100    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.100    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.100    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    276 fe80::/64                On-link
 11    276 fe80::2178:a5a3:7818:504d/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/26/2016 03:30:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/26/2016 01:14:39 AM) (Source: .NET Runtime) (User: )
Description: Application: RzStats.Manager.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 19000019
Stack:

Error: (06/25/2016 04:54:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8018

Error: (06/25/2016 04:54:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8018

Error: (06/25/2016 04:54:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/25/2016 04:54:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7004

Error: (06/25/2016 04:54:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7004

Error: (06/25/2016 04:54:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/25/2016 04:54:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6006

Error: (06/25/2016 04:54:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6006


System errors:
=============
Error: (06/26/2016 03:28:46 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom

Error: (06/26/2016 03:28:43 PM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.2.0 service failed to start due to the following error: 
%%3 = The system cannot find the path specified.


Error: (06/26/2016 03:28:41 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{31c0b70f-0dbd-11e6-9fa2-806e6f6e6963} cannot be read.

Error: (06/26/2016 03:28:41 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{31c0b70e-0dbd-11e6-9fa2-806e6f6e6963} cannot be read.

Error: (06/26/2016 03:28:41 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{31c0b70c-0dbd-11e6-9fa2-806e6f6e6963} cannot be read.

Error: (06/25/2016 12:29:33 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated with the following error: 
%%16405

Error: (06/25/2016 12:29:32 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom

Error: (06/25/2016 12:29:29 PM) (Source: Service Control Manager) (User: )
Description: The AODDriver4.2.0 service failed to start due to the following error: 
%%3 = The system cannot find the path specified.


Error: (06/25/2016 12:29:28 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{31c0b70f-0dbd-11e6-9fa2-806e6f6e6963} cannot be read.

Error: (06/25/2016 12:29:28 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on \\?\Volume{31c0b70e-0dbd-11e6-9fa2-806e6f6e6963} cannot be read.


Microsoft Office Sessions:
=========================
Error: (06/26/2016 03:30:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/26/2016 01:14:39 AM) (Source: .NET Runtime)(User: )
Description: Application: RzStats.Manager.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 19000019
Stack:

Error: (06/25/2016 04:54:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8018

Error: (06/25/2016 04:54:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8018

Error: (06/25/2016 04:54:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/25/2016 04:54:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7004

Error: (06/25/2016 04:54:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7004

Error: (06/25/2016 04:54:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/25/2016 04:54:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6006

Error: (06/25/2016 04:54:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6006


CodeIntegrity Errors:
===================================
  Date: 2016-06-26 19:03:18.479
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\VMWRP64.DLL because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-26 19:03:18.445
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\VMWRP64.DLL because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-26 19:03:05.323
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\VMWRP64.DLL because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-26 19:03:05.289
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\VMWRP64.DLL because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-26 19:02:02.572
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\VMWRP64.DLL because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-26 19:02:02.536
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\VMWRP64.DLL because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-26 19:01:15.963
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\VMWRP64.DLL because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-26 19:01:15.929
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\VMWRP64.DLL because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-26 19:00:02.702
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\VMWRP64.DLL because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-26 19:00:02.667
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\System32\VMWRP64.DLL because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.16) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Autodesk FBX Converter x64 2013.2 (HKLM-x32\...\Autodesk FBX Converter x64 2013.2) (Version:  - Autodesk)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Blade & Soul Closed Beta Test (HKLM-x32\...\{F7DBB870-787A-4B0E-A314-C931522A5859}) (Version: 4.0.0.6 - NC Interactive, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Ultra (HKLM-x32\...\DAEMON Tools Ultra) (Version: 2.1.0.0187 - Disc Soft Ltd)
DragonNest (HKLM-x32\...\DragonNest) (Version:  - )
Epic Games Launcher (HKLM-x32\...\{F9E7706A-FCFE-40D2-9B58-45567B3E1F3F}) (Version: 1.1.69.0 - Epic Games, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Evolve (HKLM-x32\...\Steam App 273350) (Version:  - Turtle Rock Studios)
Express Burn (HKLM-x32\...\ExpressBurn) (Version:  - NCH Software)
FabFilter TotalBundle VST RTAS v1.3 (HKLM-x32\...\FabFilter TotalBundle x86_is1) (Version:  - )
FileMind QuickFix (HKLM-x32\...\{92789900-80D0-4B61-B742-7897964A69AB}_is1) (Version: Build 4184 - Metability Software)
Final Fantasy X X-2 HD Remaster (HKLM-x32\...\Final Fantasy X X-2 HD Remaster_is1) (Version:  - )
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
Free Audio Converter version 5.0.52.1122 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.52.1122 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.49.1111 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1111 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Gyazo 3.2.1 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{79BF4901-1EC4-4726-B3C2-A7859706C6E7}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
LIMBO (HKLM\...\Steam App 48000) (Version:  - Playdead)
LOOT version 0.8.1 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.8.1 - LOOT Team)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Metal Gear Solid V Phantom Pain version 1.0.5.0 (HKLM-x32\...\Metal Gear Solid V Phantom Pain_is1) (Version: 1.0.5.0 - Mr DJ)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
MusicLab RealGuitar (HKLM\...\{1864B4F0-8888-5A57-9930-C2B307597966}) (Version: 3.0 - MusicLab, Inc.)
MusicLab Virtual MIDI Driver (HKLM\...\{A30B7FD7-04A1-46e1-ABDF-FD592C113253}) (Version: 2.0.1.0 - MusicLab, Inc.)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NEKOPALIVE (HKLM\...\Steam App 469990) (Version:  - NEKO WORKs)
NetBalancer (HKLM\...\NetBalancer_is1) (Version:  - SeriousBit)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.23 - Black Tree Gaming)
Origin (HKLM-x32\...\Origin) (Version: 9.12.2.60376 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
PhotoME Beta-Release (HKLM-x32\...\PhotoME Beta-Release_is1) (Version: 0.8ß2 - Jens Duttke)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.5 - Power Software Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2607 - )
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.2.4 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.28188 - Razer Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
RPG Maker VX RTP (HKLM-x32\...\RPG Maker VX RTP_is1) (Version: 1.02 - Enterbrain)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Sonic Charge Synplant 1.0 (HKLM-x32\...\Sonic Charge Synplant_is1) (Version:  - )
Source Filmmaker (HKLM\...\Steam App 1840) (Version:  - Valve)
Starbound - Unstable (HKLM\...\Steam App 367540) (Version:  - )
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Staxel (HKLM-x32\...\Plukit Staxel) (Version: 1.1.1 - Plukit)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text Build 3083 (HKLM-x32\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
TERA (HKLM-x32\...\Steam App 323370) (Version:  - En Masse Entertainment)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3 - Wild Hunt (HKLM-x32\...\The Witcher 3 - Wild Hunt_is1) (Version:  - )
TSEV Skyrim LE (HKLM-x32\...\TSEV Skyrim LE_is1) (Version: 2.0.0.0 - )
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Vyzex MAX49 (HKLM-x32\...\{B35A4E5E-DAA8-4A0B-95A1-D3EE244EF933}_is1) (Version: Vyzex MAX49 1.02 - Psicraft Designs, Inc.)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 0.3.0.6 - Wrye & Wrye Bash Development Team)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

========================= Devices: ================================

Name: AODDriver4.2.0
Description: AODDriver4.2.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AODDriver4.2.0
Device ID: ROOT\LEGACY_AODDRIVER4.2.0\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: HP Officejet Pro 8620
Description: HP Officejet Pro 8620
Class Guid: 
Manufacturer: 
Service: 
Device ID: USB\VID_03F0&PID_7012&MI_04\6&2BB18748&0&0004
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 66%
Total physical RAM: 8190.18 MB
Available physical RAM: 2746.42 MB
Total Virtual: 16378.54 MB
Available Virtual: 9978.13 MB

========================= Partitions: =====================================

1 Drive c: (OS 7) (Fixed) (Total:59.53 GB) (Free:5.74 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:368.1 GB) (Free:66.49 GB) NTFS
3 Drive e: (OLD DATA) (Fixed) (Total:919.53 GB) (Free:90.58 GB) NTFS
4 Drive f: (RECOVERY OS 7 DO NOT FORMAT.) (Fixed) (Total:97.66 GB) (Free:87.28 GB) NTFS

========================= Users: ========================================

User accounts for \\ANDREW2014-PC

Administrator            ANDREW 2014              Antony                   
Guest                    


**** End of log ****
 

Share this post


Link to post
Share on other sites

The Zoek log is incomplete, if you were not asked to reboot your machine then Zoek did not complete. Anyhow, it seems that there was some adware removed by Zoek. So lets check and make sure that there is nothing else lurking with a couple other tools.

 

Adware Cleaner Scan.

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

 

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.
  •  

Adware Removal Tool Scan.

 

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

 

 

LOr0Gd7.png

 

Hit Ok.

 

sYFsqHx.png

 

Hit next make sure to leave all items checked, for removal.

 

8NcZjGc.png

 

 

The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

 

ZHP Scan.

Please download Zhp Cleaner  to your desktop.  Right Click the icon and select run as administrator.

http://ccm.net/download/download-24750-zhpcleaner

 

 

2. Once you have started the program, you will need to click the scanner button.

EgsT69u.png

The program will close all open browsers!

3. Once the scan is completed, the you will want to click the Repair button.

6QJjV50.png

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 Zemana Scan

 

 

Run a full scan with Zemana AntiMalware!

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply

Share this post


Link to post
Share on other sites

Thanks again even if my issue is solved or not. Do you have a Patreon or something of that sort?

 

One last apology for accusations :lol:. Your profile image just reminded me of Onionib and all that shady stuff which was a huge flag alert at first

Kris likes this

Share this post


Link to post
Share on other sites

Remove the programs below with D-Uninstaller. If you have issues removing with D-uninstaller then use Geek Uninstaller.

 

Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
Free Audio Converter version 5.0.52.1122 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.52.1122 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.49.1111 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1111 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)

2 minutes ago, WowAmazeName said:

 

One last apology for accusations :lol:. Your profile image just reminded me of Onionib and all that shady stuff which was a huge flag alert at first

 

 

Lol, I had to Google Onionib...  I just like the idea of the Avatar, like when a human cuts an onion it makes them cry. The Avatar is supposed to be ironic.

 

1 minute ago, WowAmazeName said:

Thanks again even if my issue is solved or not. Do you have a Patreon or something of that sort?

 

 

No, this site is free. There are ads that pay for the site, but I just help the owner here. I make nothing, not really needed as I make plenty of money with my job. I just enjoy doing this. Some people have their crossword puzzles some people game, I like to do this. Every thread here is a learning experience. I do however charge people in real life. I usually will charge a person a case of premium beer to fix a computer since my job is more than enough to pay the bills. :)

Share this post


Link to post
Share on other sites

Also, your C: drive is almost full.  1 Drive c: (OS 7) (Fixed) (Total:59.53 GB) (Free:5.74 GB) NTFS 

 

I would certainly clean up some temp files, and reduce the startup load etc...

 

Ccleaner To disable Useless Startups.

 

Go ahead and install ccleaner Now that you have the program installed go ahead and run the cleaner function.

CCleaner - Free Download - Piriform
[IMG]

Now that you have cleaned out some temp files, lets go ahead and disable all of the items starting up with your machine except your antivirus. To do this you will need to click on tools then start up then under the Windows Tab select each item then disable. Also under the scheduled task tab, you are safe to disable all task. Only disable items under the windows tab and scheduled task tab!

[IMG]

Now that you have disabled those un-needed start ups lets go into the settings, we will have Ccleaner run when your machine boots, so that you will never have to worry about cleaning temp files again.

To do this:

 

  • Hit options.
  • Settings.
  • Place a tick to run Ccleaner when the computer starts.

[IMG]

Now go to the advanced tab, and select close program after cleaning, now run the cleaner again this will close Ccleaner.

[IMG]

Reboot the machine after.

 

Share this post


Link to post
Share on other sites

I will leave you with this to do since I have to get up at 4:30 am. Just do these instructions when you have completed everything else above. I have to go to sleep, and I will check on you after I return from work tomorrow.

 

 

First run a speed test then upload the results to imgur.com and post the link here. When you have completed the steps below, please re-run speed test, and post the new link here as well. :)

 

 

 

 

Disable IPV6

 

https://support.microsoft.com/en-us/kb/929852

 

 

Reset Host File

 

 

  • Click here to download RstHosts v2.0
  • Save the file to your desktop.
  • Right Click and Run as Administrator.
  • Click on Restaurer, then click OK at the prompt.
  • This will restore the default host file.
  • Next Click on Creer Un Rapport.
  • This will open a logfile, post that in your next reply.




 

Change some settings.



Use this tool to remove the Tunnel adapters.





Disable Computer Browser Service



1. Press the Windows + R key at the same time, a Run Window will appear

2. Type or copy and paste Services.msc hit enter.

3. Scroll to the Computer Browser Service

4. Right-Click Computer Browser Service and choose Stop the service.

5. Right Click Computer Browser Service again select Properties.

6. Change the Startup type to disabled.

8cPC1j3.png
7. Hit Apply then Ok.





Uninstall Netbt Driver.



1. Press the Windows + R key at the same time, a Run Window will appear.

2. Now enter or copy and paste devmgmt.msc in the Run Window and click on OK

3. Click on View and select Show Hidden Devices

Crp3oNM.png



4. Then click on and unfold Non-Plug and Play Driver

27sS1dS.png




5. Then find NET BT, Right-click the device and choose to Uninstall the Driver.

6. Reboot your device when asked.





Hit enter after each command.




1. Open Start and type cmd, then right-click Command Prompt and choose Run as Administrator

2. Once Command Prompt has started enter the following command. nbtstat -R

3. Wait for that command to complete, a new line will appear, now enter the following command. nbtstat -RR

4 Wait for that command to complete, a new line will appear, now enter the following command. Shutdown – R


Disable netbios over tcpip.

 

 

Windows key & r at the same time.
Type or copy and paste ncpa.cpl hit enter.
Right click your connection hit properties.
Select internet protocol version 4 then properties.
Select Advanced, then Wins tab.
Put a tick next to Disable Net Bios over TCPIP.

 

 

 

Use DNS Jumper to set your dns to google dns.

 

http://www.sordum.org/7952/dns-jumper-v2-0/

 

 

Please post a fresh minitoolbox log after this.

 

Share this post


Link to post
Share on other sites

Download progress for ADWCleaner kept freezing even though its a few megabytes so this is taking me a while. Also, whenever I am trying to close Zoek, it keeps popping up.

zoek3.png

Share this post


Link to post
Share on other sites

No big deal, Zoek can take an hour or more to complete. Best to just allow it to do its thing. It will need to reboot when it is done, if it takes more than an hour, just reboot your machine and run it before you sleep or something. It will continue to popup when you try and close it, this is how it protects its self from malware trying to close it...

Share this post


Link to post
Share on other sites

# AdwCleaner v5.200 - Logfile created 26/06/2016 at 19:40:59
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-26.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (X64)
# Username : Antony - ANDREW2014-PC
# Running from : E:\Users\chi\Downloads\adwcleaner_5.200.exe
# Option : Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\ProgramData\SetApp
[-] Folder Deleted : C:\ProgramData\speedypc software
[#] Folder Deleted : C:\ProgramData\SpeedyPC Software
[-] Folder Deleted : C:\ProgramData\fb6fa848bf2eaf98
[#] Folder Deleted : C:\ProgramData\Application Data\AVG Security Toolbar
[#] Folder Deleted : C:\ProgramData\Application Data\SetApp
[#] Folder Deleted : C:\ProgramData\Application Data\speedypc software
[#] Folder Deleted : C:\ProgramData\Application Data\SpeedyPC Software
[#] Folder Deleted : C:\ProgramData\Application Data\fb6fa848bf2eaf98
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
[-] Folder Deleted : C:\Users\ANDREW 2014\AppData\Local\torch
[-] Folder Deleted : C:\Users\ANDREW 2014\AppData\LocalLow\avg web tuneup
[-] Folder Deleted : C:\Users\ANDREW 2014\AppData\Roaming\DriverCure
[-] Folder Deleted : C:\Users\ANDREW 2014\AppData\Roaming\speedypc software
[#] Folder Deleted : C:\Users\ANDREW 2014\AppData\Roaming\SpeedyPC Software

***** [ Files ] *****

[-] File Deleted : C:\END
[-] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
[-] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
[-] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
[-] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
[-] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mysearch.avg.com_0.localstorage
[-] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mysearch.avg.com_0.localstorage-journal
[-] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_websearch.searchinweb.info_0.localstorage
[-] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_websearch.searchinweb.info_0.localstorage-journal
[-] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
[-] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
[-] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
[-] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
[-] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.hiphopmyway.com_0.localstorage
[-] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.hiphopmyway.com_0.localstorage-journal
[-] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
[-] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
[#] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[#] File Deleted : C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] File Deleted : C:\Users\Antony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\Antony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] File Deleted : C:\Users\Antony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_animeshow.tv_0.localstorage
[-] File Deleted : C:\Users\Antony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_animeshow.tv_0.localstorage-journal
[-] File Deleted : C:\Users\Antony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_dailyrevshare.com_0.localstorage
[-] File Deleted : C:\Users\Antony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_dailyrevshare.com_0.localstorage-journal
[#] File Deleted : C:\Users\Antony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[#] File Deleted : C:\Users\Antony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : 0915tbUpdateInfo
[-] Task Deleted : 0915tbUpdateInfo

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKCU\Software\csastats
[-] Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\speedypc software
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-2034708905-2678556690-501098093-1003\Software\Microsoft\Internet Explorer\Main [Start Page]

***** [ Web browsers ] *****

[-] [C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : mysearch.avg.com
[-] [C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxps://mysearch.avg.com?cid={E8604B98-96F8-421F-B6AC-89B69C7AF801}&mid=5484cbce881c47d290a4252442a06649-fb08f210a35ce15ed5adfc77be4038b2d25f64cb&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-04-08 09:48:51&v=3.1.0.7&pid=wtu&sg=&sap=hp
[-] [C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\ANDREW 2014\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : flpcjncodpafbgdpnkljologafpionhb
[-] [C:\Users\Antony\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Antony\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [8303 bytes] - [26/06/2016 19:40:59]
C:\AdwCleaner\AdwCleaner[S1].txt - [10356 bytes] - [26/06/2016 19:36:02]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8450 bytes] ##########
 

Kris likes this

Share this post


Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Professional x64 
Ran by Antony (Administrator) on 06/26/2016 Sun at 19:52:17.63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 48 

Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4SPSVPEM (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4W1DQX1N (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5WI1BAIO (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8KRZWU4B (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8NVTD1NF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4X31F1N (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BXBB6RNW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CV34SQKF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGD7E5HS (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IW6PWD5A (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KZQ76CL3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L5B8SP61 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NMOPUCAX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PRSEND58 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PWN4BI81 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QK71B9AH (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TGIMQHPX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XL8QI6DP (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3F62O3H (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Antony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHFSXUMA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4SPSVPEM (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4W1DQX1N (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5WI1BAIO (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8KRZWU4B (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8NVTD1NF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B4X31F1N (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BXBB6RNW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CV34SQKF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FGD7E5HS (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IW6PWD5A (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KZQ76CL3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L5B8SP61 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NMOPUCAX (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PRSEND58 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PWN4BI81 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QK71B9AH (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TGIMQHPX (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XL8QI6DP (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z3F62O3H (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHFSXUMA (Temporary Internet Files Folder) 

Registry: 0 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06/26/2016 Sun at 19:53:47.47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Kris likes this

Share this post


Link to post
Share on other sites

I do not think I have recorded Adware removal Tool's log correctly, but this is what I have saved.

 

[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Google\Chrome
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
[-] Deleted ->> Registry Key ->> HKEY_CLASSES_ROOT\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}

Kris likes this

Share this post


Link to post
Share on other sites

Was just checking this before I lay down for the night, seems that there is an abundance of adware type malware on this machine. When you have completed all other steps then lets see what else may be hiding. When I am off work tomorrow I will have a look at everything..,.:)

 

Run this tool when all else is complete.

 

Please download and save FRST 64bit or FRST 32 bit to your DESKTOP.

CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.

x3KSmSt.jpg

  1. Make sure that Addition option is checked.
  2. Press Scan button.

kf4A5XR.jpg

  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste contents of the log back here.
  • The first time the tool is run, or Additions.txt is selected in the options it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste contents of that log along with the FRST.txt into your reply.

Share this post


Link to post
Share on other sites
Guest
You are commenting as a guest. If you have an account, please sign in.
Reply to this topic...

×   You have pasted content with formatting.   Remove formatting

×   Your link has been automatically embedded.   Display as a link instead

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

WindowsInstructed Forums

Welcome on the WindowsInstructed Forums. If you have any Windows question or Malware related question then this is the place to be. All your connections are securely encrypted with our server so your privacy is protected as well!