Jump to content

Change Mode

FACEBOOK


Recommended Posts

this is the only one i can find is this it?

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016

Ran by Happymackem (administrator) on HAPPYMACKEM-PC (12-05-2016 07:45:55)

Running from D:\my downloads

Loaded Profiles: Happymackem (Available Profiles: Happymackem)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal



==================== Processes (Whitelisted) =================


(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)


(Microsoft Corporation) C:\Windows\System32\wisptis.exe

(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe

(Microsoft Corporation) C:\Windows\System32\wisptis.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Kingsoft Corporation) C:\Program Files (x86)\cmcm\Clean Master\cmcore.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(SUPERAntiSpyware.com) D:\SASCore64.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe

(Garmin Ltd. or its subsidiaries) D:\New folder (2)\Garmin\Device Interaction Service\GarminService.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe

(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Farbar) D:\my downloads\FRST64 (4).exe



==================== Registry (Whitelisted) ===========================


(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)


HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-04-25] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-04-25] (Realtek Semiconductor)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7391632 2016-05-04] (AVAST Software)

HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134792 2015-11-07] (Check Point Software Technologies Ltd.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0

HKLM\...\Policies\Explorer: [NoResolveSearch] 1

HKU\S-1-5-21-1419099797-2151659610-1227748186-1000\...\Policies\Explorer: [NoInstrumentation] 0

HKU\S-1-5-21-1419099797-2151659610-1227748186-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

HKU\S-1-5-21-1419099797-2151659610-1227748186-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->

HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => D:\New folder (2)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-04] (AVAST Software)

ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => No File

ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => No File

BootExecute: autocheck autochk * bootdelete


==================== Internet (Whitelisted) ====================


(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)


Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File

Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File

Tcpip\Parameters: [DhcpNameServer] 192.168.200.60

Tcpip\..\Interfaces\{0CC8D7AA-6208-42C7-97F1-BC4CB62CD7EE}: [DhcpNameServer] 192.168.200.60


Internet Explorer:

==================

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKU\S-1-5-21-1419099797-2151659610-1227748186-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com

HKU\S-1-5-21-1419099797-2151659610-1227748186-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com

URLSearchHook: HKLM-x32 - (No Name) - {4a6e1b85-1193-4a2a-aab8-7417f275f18a} - No File

URLSearchHook: HKU\S-1-5-21-1419099797-2151659610-1227748186-1000 - (No Name) - {4a6e1b85-1193-4a2a-aab8-7417f275f18a} - No File

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-21-1419099797-2151659610-1227748186-1000 -> {131D3AD8-516A-4BCC-8CC5-11F20EEACCB9} URL = hxxp://aolbroadband.search.aol.co.uk/aol/search?s_it=tb50-ie-aolbb-chromesbox-en-uk&q=

BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-05-04] (AVAST Software)

BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-30] (Oracle Corporation)

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-04] (AVAST Software)

BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-30] (Oracle Corporation)

Toolbar: HKLM-x32 - No Name - {e6ed7f95-e571-4f81-8757-5eb11252703d} - No File

Toolbar: HKU\S-1-5-21-1419099797-2151659610-1227748186-1000 -> No Name - {E6ED7F95-E571-4F81-8757-5EB11252703D} - No File

DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/Select/asusTek_sys_ctrl3.cab

DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab

Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2015-08-05] (Belarc, Inc.)

Handler: livecall - No CLSID Value

Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll No File

Handler: msnim - No CLSID Value

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)

Handler: wlmailhtml - No CLSID Value

Handler: wlpg - No CLSID Value

Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL No File


FireFox:

========

FF ProfilePath: C:\Users\Happymackem\AppData\Roaming\Mozilla\Firefox\Profiles\ba82rn2h.default

FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006

FF SearchEngineOrder.1: Google (avast)

FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-30] ()

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-30] ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.)

FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-30] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-30] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)

FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Happymackem\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-06-16] (RocketLife, LLP)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Happymackem\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [No File]

FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Happymackem\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [No File]

FF Plugin HKU\S-1-5-21-1419099797-2151659610-1227748186-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Happymackem\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)

FF Plugin HKU\S-1-5-21-1419099797-2151659610-1227748186-1000: @talk.google.com/O1DPlugin -> C:\Users\Happymackem\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)

FF Plugin HKU\S-1-5-21-1419099797-2151659610-1227748186-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Happymackem\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)

FF Plugin HKU\S-1-5-21-1419099797-2151659610-1227748186-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Happymackem\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)

FF Plugin HKU\S-1-5-21-1419099797-2151659610-1227748186-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Happymackem\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-01-26] (Unity Technologies ApS)

FF Plugin ProgramFiles/Appdata: C:\Users\Happymackem\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\Happymackem\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

FF Extension: No Name - C:\Users\Happymackem\AppData\Roaming\Mozilla\Firefox\Profiles\ba82rn2h.default\extensions\iobitascsurfingprotection@iobit.com [not found]

FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-04]

FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension

FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2014-11-13] [not signed]

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-04]


Chrome:

=======

CHR HomePage: Default -> hxxp://websearch.just-browse.info/

CHR StartupUrls: Default -> "hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-559&v=n9396-118&t=4","hxxp://www.default-search.net?sid=476&aid=104&itype=n&ver=11471&tm=297&src=hmp","hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-04-28&ent=hp&u=6C60B53ABD8AEB7DB3E6C7535E303E84","hxxp://www.default-search.net?sid=476&aid=104&itype=a&ver=12521&tm=297&src=hmp","hxxp://www.default-search.net?sid=476&aid=104&itype=a&ver=12791&tm=297&src=hmp","hxxp://isearch.omiga-plus.com/?type=hp&ts=1422442990&from=obw&uid=ST2000DL003-9VT166_6YD1CER9XXXX6YD1CER9"

CHR DefaultSearchKeyword: Default -> crazy bowling

CHR Session Restore: Default -> is enabled.

CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll => No File

CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll => No File

CHR Plugin: (MetaStream 3 Plugin) - C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll => No File

CHR Plugin: (RocketLife Secure Plug-In Layer) - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)

CHR Profile: C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Translate) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-17]

CHR Extension: (Google Docs) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-17]

CHR Extension: (Google Drive) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-17]

CHR Extension: (Crazy Bowling) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgbpemimbhkalbfekfigapjmjmkianje [2015-11-17]

CHR Extension: (Dominoes) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\bomhoanbpkeifgklbpebekfgblgficjn [2016-04-12]

CHR Extension: (Adblock Plus) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-10]

CHR Extension: (Google Search) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-17]

CHR Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2016-03-09]

CHR Extension: (Booking.com for Chrome™) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgkeilefmpmbamgcejhjpiecahcbipip [2015-11-17]

CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2016-04-25]

CHR Extension: (Browsec) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gempbdjfkfdjnhgegbeflniialeifcaj [2015-11-17]

CHR Extension: (Google Docs Offline) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]

CHR Extension: (Google Calendar (by Google)) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2016-02-06]

CHR Extension: (Avast Online Security) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-04]

CHR Extension: (Google Play Music) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-11-17]

CHR Extension: (Office Apps) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdbcdbdkiaadpbkggggekjcpmgjekkke [2015-11-17]

CHR Extension: (FlyOrDie Checkers) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcgdaiakbmmipflbenhfdbmdnlamodbo [2015-11-17]

CHR Extension: (Popup Blocker Pro) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiodaajmphnkcajieajajinghpejdjai [2015-11-17]

CHR Extension: (google search..) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lenhepdkokhgidgdainbdoeklmgbeclk [2016-05-11]

CHR Extension: (Office Apps, Tools) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgihphdkmadmphphiokjaoehgpgaiikn [2015-11-17]

CHR Extension: (Skype) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-09]

CHR Extension: (UK Television) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\llajcohelileinkolfpkmkjjlkkdekja [2015-11-17]

CHR Extension: (Google Maps) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-11-17]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-13]

CHR Extension: (BBC iPlayer Proxy) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjjcnhdfjhfmkpilggjhhkgafmflld [2016-01-13]

CHR Extension: (Browsec VPN - Privacy and Security Online) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2016-04-25]

CHR Extension: (Gmail) - C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-17]

CHR HKLM-x32\...\Chrome\Extension: [fooihgffjknjfdidhkpgeibbipkjlhpn] - <no Path/update_url>

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-05-04]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-04-29]


==================== Services (Whitelisted) ========================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


R2 !SASCORE; D:\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-04] (AVAST Software)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-04-29] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-04-29] (Microsoft Corporation)

R2 cmcore; c:\program files (x86)\cmcm\Clean Master\cmcore.exe [315208 2015-04-15] (Kingsoft Corporation)

S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-12-09] (Freemake) [File not signed]

R2 Garmin Device Interaction Service; D:\New folder (2)\Garmin\Device Interaction Service\GarminService.exe [792592 2016-04-08] (Garmin Ltd. or its subsidiaries)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)

S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625648 2015-06-08] (Lenovo)

S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-04-21] (IObit)

S3 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]

R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [581568 2016-04-25] (RealNetworks, Inc.)

S3 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]

R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)

R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)

R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3722912 2015-11-07] (Check Point Software Technologies Ltd.)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-11-13] (Microsoft Corporation)

R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2015-10-19] (Check Point Software Technologies, Ltd.)

S2 HPSLPSVC; C:\Users\HAPPYM~1\AppData\Local\Temp\7zS4237\hpslpsvc64.dll [X]

S3 odserv; "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" [X]

S3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X]


===================== Drivers (Whitelisted) ==========================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] ()

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-04] (AVAST Software)

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-04] (AVAST Software)

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-04] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-04] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-04] (AVAST Software)

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-04] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-04] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-04] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-04] (AVAST Software)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-09-28] (AVG Technologies)

S3 DptfDevPch; C:\Windows\System32\DRIVERS\DptfDevPch.sys [116752 2015-01-12] (Intel Corporation)

S3 dptf_pch; C:\Windows\System32\DRIVERS\dptf_pch.sys [52184 2015-12-30] (Intel Corporation)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)

S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2016-01-20] ()

S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2016-01-20] ()

S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-01-20] ()

S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2016-01-20] ()

S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [49584 2016-05-11] ()

R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-12] (REALiX)

R3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [56680 2015-01-12] (Kingsoft Corporation)

R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-12] (CACE Technologies, Inc.)

R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)

S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()

S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()

S3 rspRegMon; C:\Windows\System32\DRIVERS\rspRegMon64.sys [26880 2015-12-01] (Resplendence Software Projects Sp.)

R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [9113304 2015-12-30] (Realtek Semiconductor Corp.)

R1 SASDIFSV; D:\\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; D:\\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

U5 SDBus; C:\Windows\System32\Drivers\SDBus.sys [109056 2010-11-21] (Microsoft Corporation)

R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [462304 2016-02-15] (Check Point Software Technologies Ltd.)

S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]


==================== NetSvcs (Whitelisted) ===================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)



==================== One Month Created files and folders ========


(If an entry is included in the fixlist, the file/folder will be moved.)


2016-05-11 21:39 - 2016-05-12 07:45 - 00000000 ____D C:\FRST

2016-05-11 20:14 - 2016-05-11 21:11 - 00002928 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Happymackem

2016-05-11 20:14 - 2016-05-11 20:18 - 00000000 ____D C:\ProgramData\ProductData

2016-05-11 20:14 - 2016-05-11 20:14 - 00000000 ___DC C:\Users\Happymackem\AppData\Roaming\ProductData

2016-05-11 19:57 - 2016-05-11 21:13 - 00000000 ___DC C:\Users\Happymackem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RegHunter

2016-05-11 19:57 - 2016-05-11 19:57 - 00001086 ____C C:\Users\Happymackem\Desktop\RegHunter.lnk

2016-05-11 19:00 - 2016-05-11 19:00 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys

2016-05-11 18:41 - 2016-05-11 18:41 - 00006495 ____C C:\Users\Happymackem\Desktop\JRT.txt

2016-05-11 18:29 - 2016-05-11 18:29 - 00049584 _____ C:\Windows\system32\Drivers\hitmanpro37.sys

2016-05-11 18:27 - 2016-05-11 18:27 - 00027698 _____ C:\Windows\system32\.crusader

2016-05-11 18:20 - 2016-05-11 18:28 - 00000000 ____D C:\ProgramData\HitmanPro

2016-05-11 15:45 - 2016-05-11 15:45 - 00560963 _____ C:\Users\Happymackem\AppData\Local\census.cache

2016-05-11 15:44 - 2016-05-11 15:44 - 00619925 _____ C:\Users\Happymackem\AppData\Local\ars.cache

2016-05-11 15:22 - 2016-05-11 20:43 - 00000010 _____ C:\Users\Happymackem\AppData\Local\sponge.last.runtime.cache

2016-05-11 15:15 - 2016-05-11 15:15 - 00000036 _____ C:\Users\Happymackem\AppData\Local\housecall.guid.cache

2016-05-11 15:15 - 2015-05-29 10:43 - 00307352 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys

2016-05-11 12:18 - 2016-05-11 13:52 - 00000000 ____D C:\ProgramData\F-Secure

2016-05-11 12:18 - 2016-05-11 12:18 - 00000000 ____D C:\Users\Happymackem\AppData\Local\F-Secure

2016-05-11 12:18 - 2016-05-11 12:18 - 00000000 ____D C:\Users\Happymackem\AppData\Local\FSDART

2016-05-11 07:44 - 2016-05-11 07:45 - 00312752 _____ C:\Windows\system32\FNTCACHE.DAT

2016-05-10 22:15 - 2016-05-10 22:15 - 00072896 _____ C:\Users\Happymackem\AppData\Local\GDIPFONTCACHEV1.DAT

2016-05-10 20:33 - 2016-05-10 20:33 - 00000492 ____C C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

2016-05-10 20:33 - 2016-05-10 20:33 - 00000000 ___DC C:\Users\Happymackem\AppData\Roaming\SUPERAntiSpyware.com

2016-05-10 20:33 - 2016-05-10 20:33 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

2016-05-10 20:33 - 2016-05-10 20:33 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com

2016-05-10 20:29 - 2016-05-10 20:29 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}

2016-05-10 18:25 - 2016-05-10 18:25 - 00000000 ___DC C:\Program Files (x86)\ESET

2016-05-08 19:02 - 2016-05-08 19:03 - 00001500 ____H C:\Windows\EPMBatch.ept

2016-05-07 13:12 - 2016-05-11 14:56 - 00000000 _____ C:\Windows\SysWOW64\last.dump

2016-05-07 11:26 - 2016-05-07 11:26 - 00000000 ___DC C:\Users\Happymackem\AppData\Roaming\epm

2016-05-07 09:01 - 2016-05-08 19:01 - 00000000 _____ C:\Windows\BcdLog.txt

2016-05-07 08:59 - 2016-05-07 08:59 - 00000891 ____C C:\Users\Public\Desktop\EaseUS Partition Master 11.0.lnk

2016-05-07 08:59 - 2016-05-07 08:59 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 11.0

2016-05-07 08:59 - 2016-04-26 01:29 - 03563712 _____ C:\Windows\system32\BootMan.exe

2016-05-07 08:59 - 2016-04-26 01:29 - 02662592 _____ C:\Windows\SysWOW64\BootMan.exe

2016-05-07 08:59 - 2016-01-20 12:07 - 00101984 _____ C:\Windows\system32\setupempdrvx64.exe

2016-05-07 08:59 - 2016-01-20 12:07 - 00088160 _____ C:\Windows\SysWOW64\setupempdrv03.exe

2016-05-07 08:59 - 2016-01-20 12:07 - 00018528 _____ C:\Windows\system32\epmntdrv.sys

2016-05-07 08:59 - 2016-01-20 12:07 - 00014944 _____ C:\Windows\SysWOW64\epmntdrv.sys

2016-05-07 08:59 - 2016-01-20 12:07 - 00010848 _____ C:\Windows\system32\EuGdiDrv.sys

2016-05-07 08:59 - 2016-01-20 12:07 - 00010208 _____ C:\Windows\SysWOW64\EuGdiDrv.sys

2016-05-07 08:59 - 2014-11-18 14:46 - 00021088 _____ C:\Windows\SysWOW64\EuEpmGdi.dll

2016-05-07 08:59 - 2014-11-18 14:46 - 00017504 _____ C:\Windows\system32\EuEpmGdi.dll

2016-05-06 20:49 - 2016-05-09 17:33 - 00000000 ___DC C:\Program Files\Macrium

2016-05-06 20:39 - 2016-05-09 17:33 - 00000000 ____D C:\ProgramData\Macrium

2016-05-06 12:40 - 2016-05-08 18:39 - 00001024 ____H C:\AMTAG.BIN

2016-05-04 17:10 - 2016-05-04 17:10 - 00003902 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1462370998

2016-05-04 17:09 - 2016-05-04 17:09 - 00001041 ____C C:\Users\Public\Desktop\Avast SafeZone Browser.lnk

2016-05-04 17:09 - 2016-05-04 17:09 - 00001041 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk

2016-05-04 17:04 - 2016-05-04 17:04 - 00001357 ____C C:\Users\Public\Desktop\iTunes.lnk

2016-05-04 17:04 - 2016-05-04 17:04 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2016-05-04 17:04 - 2016-05-04 17:04 - 00000000 ___DC C:\Program Files\iPod

2016-05-04 17:04 - 2016-05-04 17:04 - 00000000 ___DC C:\Program Files (x86)\iTunes

2016-05-04 16:29 - 2016-05-04 16:28 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys

2016-05-04 16:28 - 2016-05-04 16:28 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2016-05-04 16:28 - 2016-05-04 16:28 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr

2016-05-02 15:36 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll

2016-05-02 15:36 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll

2016-05-02 15:36 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll

2016-05-02 15:36 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll

2016-05-02 15:36 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll

2016-05-02 15:36 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll

2016-05-02 15:35 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll

2016-05-02 15:35 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll

2016-05-02 15:35 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll

2016-05-02 15:35 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll

2016-05-02 15:35 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll

2016-05-02 15:35 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll

2016-05-02 15:35 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll

2016-05-02 15:35 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll

2016-05-02 15:35 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll

2016-05-02 15:35 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll

2016-05-02 15:35 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll

2016-05-02 15:35 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll

2016-05-02 15:35 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll

2016-05-02 15:35 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll

2016-05-02 15:35 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll

2016-05-02 15:35 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll

2016-05-02 15:35 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll

2016-05-02 15:35 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll

2016-05-02 15:35 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll

2016-05-02 15:35 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll

2016-05-02 15:35 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll

2016-05-02 15:35 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll

2016-05-02 15:35 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll

2016-05-02 15:35 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll

2016-05-02 15:35 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll

2016-05-02 15:35 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll

2016-05-02 15:35 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll

2016-05-02 15:35 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll

2016-05-02 15:35 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll

2016-05-02 15:35 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll

2016-05-02 15:35 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll

2016-05-02 15:35 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll

2016-05-02 15:35 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll

2016-05-02 15:35 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll

2016-05-02 15:35 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll

2016-05-02 15:35 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll

2016-05-02 15:35 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll

2016-04-30 14:47 - 2016-04-30 14:47 - 00000000 ____D C:\Windows\System32\Tasks\Auslogics

2016-04-30 14:36 - 2016-04-30 14:36 - 00000000 ___DC C:\Users\Happymackem\AppData\Roaming\Microsoft\Windows\Start Menu\DevID

2016-04-28 21:48 - 2016-04-28 21:48 - 00000751 ____C C:\Users\Happymackem\Desktop\AnVir Task Manager Free.lnk

2016-04-28 21:48 - 2016-04-28 21:48 - 00000751 ____C C:\Users\Happymackem\AppData\Roaming\Microsoft\Windows\Start Menu\AnVir Task Manager Free.lnk

2016-04-28 21:48 - 2016-04-28 21:48 - 00000000 ___DC C:\Users\Happymackem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager Free

2016-04-28 21:48 - 2016-04-28 21:48 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnVir Task Manager Free

2016-04-28 21:47 - 2016-04-28 21:49 - 00000000 ____D C:\Users\Happymackem\AppData\Local\AnVir

2016-04-27 08:38 - 2016-04-27 08:38 - 00001646 ____C C:\Users\Public\Desktop\Garmin Express.lnk

2016-04-27 08:38 - 2016-04-27 08:38 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin

2016-04-25 18:49 - 2016-04-25 18:49 - 00000000 ____D C:\Windows\IObit

2016-04-25 13:10 - 2016-04-25 13:10 - 01027840 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys

2016-04-25 13:10 - 2016-04-25 13:10 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 72203792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat

2016-04-25 12:57 - 2016-04-25 12:57 - 05576400 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT

2016-04-25 12:57 - 2016-04-25 12:57 - 04803840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys

2016-04-25 12:57 - 2016-04-25 12:57 - 03283248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 03282032 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 03198720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 03081808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 02894976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl

2016-04-25 12:57 - 2016-04-25 12:57 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 02049664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 01356512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00708320 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00678192 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00677680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00445408 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00253872 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00221976 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00192992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00190552 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFProc64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00096064 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFComm64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00093504 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFSAPO64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00092480 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFHAPO64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00092480 _____ (Sonic Focus, Inc.) C:\Windows\system32\SFDAPO64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00088328 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll

2016-04-25 12:57 - 2016-04-25 12:57 - 00023704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll

2016-04-25 12:46 - 2016-04-25 12:46 - 00019066 _____ C:\Windows\system32\AmUStor.ini

2016-04-25 12:46 - 2016-04-25 12:46 - 00000008 _____ C:\Windows\system32\CardDetect6420.bin

2016-04-25 12:46 - 2016-04-25 12:46 - 00000008 _____ C:\Windows\system32\CardDetect6366.bin

2016-04-25 12:46 - 2016-04-25 12:46 - 00000008 _____ C:\Windows\system32\CardDetect6362.bin

2016-04-25 12:46 - 2016-04-25 12:46 - 00000008 _____ C:\Windows\system32\CardDetect6361.bin

2016-04-19 15:47 - 2016-04-19 15:47 - 00001849 ____C C:\Users\Public\Desktop\QuickTime Player.lnk

2016-04-19 15:47 - 2016-04-19 15:47 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

2016-04-19 15:47 - 2016-04-19 15:47 - 00000000 ___DC C:\Program Files (x86)\QuickTime

2016-04-19 15:42 - 2016-04-19 15:42 - 00000000 ___DC C:\Program Files (x86)\Apple Software Update

2016-04-19 15:42 - 2016-04-19 15:42 - 00000000 ____D C:\Windows\System32\Tasks\Apple

2016-04-12 20:29 - 2016-04-12 20:29 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point

2016-04-12 20:08 - 2016-02-09 09:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2016-04-12 20:08 - 2016-02-09 09:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2016-04-12 20:08 - 2016-02-09 00:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2016-04-12 20:08 - 2016-02-08 23:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2016-04-12 20:08 - 2016-02-08 23:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2016-04-12 20:08 - 2016-02-08 23:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2016-04-12 20:08 - 2016-02-08 23:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2016-04-12 20:08 - 2016-02-08 23:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2016-04-12 20:08 - 2016-02-08 23:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2016-04-12 20:08 - 2016-02-08 23:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2016-04-12 20:08 - 2016-02-08 23:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2016-04-12 20:08 - 2016-02-08 23:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2016-04-12 20:08 - 2016-02-08 23:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2016-04-12 20:08 - 2016-02-08 23:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2016-04-12 20:08 - 2016-02-08 23:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2016-04-12 20:08 - 2016-02-08 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2016-04-12 20:08 - 2016-02-08 23:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2016-04-12 20:08 - 2016-02-08 23:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2016-04-12 20:08 - 2016-02-08 23:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2016-04-12 20:08 - 2016-02-08 23:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2016-04-12 20:08 - 2016-02-08 23:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2016-04-12 20:08 - 2016-02-08 23:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2016-04-12 20:08 - 2016-02-08 23:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2016-04-12 20:08 - 2016-02-08 23:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2016-04-12 20:08 - 2016-02-08 23:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2016-04-12 20:08 - 2016-02-08 23:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2016-04-12 20:08 - 2016-02-08 23:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2016-04-12 20:08 - 2016-02-08 23:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2016-04-12 20:08 - 2016-02-08 23:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2016-04-12 20:08 - 2016-02-08 23:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2016-04-12 20:08 - 2016-02-08 22:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2016-04-12 20:08 - 2016-02-08 22:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2016-04-12 20:08 - 2016-02-08 22:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2016-04-12 20:08 - 2016-02-08 21:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2016-04-12 20:08 - 2016-02-08 21:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2016-04-12 20:08 - 2016-02-08 21:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2016-04-12 20:08 - 2016-02-08 21:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2016-04-12 20:08 - 2016-02-08 21:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2016-04-12 20:08 - 2016-02-08 21:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2016-04-12 20:08 - 2016-02-08 21:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2016-04-12 20:08 - 2016-02-08 21:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2016-04-12 20:08 - 2016-02-08 21:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2016-04-12 20:08 - 2016-02-08 21:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2016-04-12 20:08 - 2016-02-08 21:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2016-04-12 20:08 - 2016-02-08 21:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2016-04-12 20:08 - 2016-02-08 21:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2016-04-12 20:08 - 2016-02-08 21:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2016-04-12 20:08 - 2016-02-08 21:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2016-04-12 20:08 - 2016-02-08 21:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2016-04-12 20:08 - 2016-02-08 21:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2016-04-12 20:08 - 2016-02-08 21:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2016-04-12 20:08 - 2016-02-08 20:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2016-04-12 20:08 - 2016-02-08 20:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2016-04-12 20:08 - 2016-02-08 20:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2016-04-12 20:08 - 2016-02-08 20:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2016-04-12 20:08 - 2016-02-08 20:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2016-04-12 20:08 - 2016-02-08 20:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2016-04-12 20:08 - 2016-02-08 20:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2016-04-12 20:08 - 2016-02-08 20:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2016-04-12 20:08 - 2016-02-08 20:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2016-04-12 20:08 - 2016-02-08 20:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2016-04-12 20:08 - 2016-02-08 20:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2016-04-12 20:08 - 2016-02-08 20:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2016-04-12 20:08 - 2016-02-08 20:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2016-04-12 20:08 - 2016-02-08 20:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2016-04-12 20:08 - 2016-02-08 19:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2016-04-12 20:08 - 2016-02-05 21:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2016-04-12 20:08 - 2016-02-05 21:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2016-04-12 20:08 - 2016-02-05 21:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2016-04-12 20:08 - 2016-02-05 21:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2016-04-12 20:08 - 2016-02-05 21:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2016-04-12 20:08 - 2016-02-05 21:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2016-04-12 20:08 - 2016-02-05 21:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2016-04-12 20:08 - 2016-02-05 20:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2016-04-12 20:08 - 2016-02-05 20:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2016-04-12 20:08 - 2016-02-05 20:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2016-04-12 20:07 - 2016-02-12 21:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2016-04-12 20:07 - 2016-02-12 21:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2016-04-12 20:07 - 2016-02-12 21:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2016-04-12 20:07 - 2016-02-12 21:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2016-04-12 20:07 - 2016-02-12 21:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2016-04-12 20:07 - 2016-02-12 21:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2016-04-12 20:07 - 2016-02-12 21:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2016-04-12 20:07 - 2016-02-12 21:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2016-04-12 20:07 - 2016-02-12 21:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2016-04-12 20:07 - 2016-02-12 21:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2016-04-12 20:07 - 2016-02-12 21:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2016-04-12 20:07 - 2016-02-12 21:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

2016-04-12 20:07 - 2016-02-12 21:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2016-04-12 20:07 - 2016-02-12 21:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2016-04-12 20:07 - 2016-02-12 21:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2016-04-12 20:07 - 2016-02-12 21:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2016-04-12 20:07 - 2016-02-11 21:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2016-04-12 20:07 - 2016-02-11 21:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2016-04-12 20:07 - 2016-02-11 21:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2016-04-12 20:07 - 2016-02-11 21:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2016-04-12 20:07 - 2016-02-11 21:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2016-04-12 20:07 - 2016-02-11 21:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2016-04-12 20:07 - 2016-02-11 21:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2016-04-12 20:07 - 2016-02-11 21:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2016-04-12 20:07 - 2016-02-11 21:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2016-04-12 20:07 - 2016-02-11 21:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2016-04-12 20:07 - 2016-02-11 21:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2016-04-12 20:07 - 2016-02-11 21:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2016-04-12 20:07 - 2016-02-11 21:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2016-04-12 20:07 - 2016-02-11 21:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2016-04-12 20:07 - 2016-02-11 21:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2016-04-12 20:07 - 2016-02-11 21:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2016-04-12 20:07 - 2016-02-11 21:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2016-04-12 20:07 - 2016-02-11 21:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2016-04-12 20:07 - 2016-02-11 21:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2016-04-12 20:07 - 2016-02-11 21:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2016-04-12 20:07 - 2016-02-11 21:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2016-04-12 20:07 - 2016-02-11 21:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2016-04-12 20:07 - 2016-02-11 21:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2016-04-12 20:07 - 2016-02-11 21:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2016-04-12 20:07 - 2016-02-11 21:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2016-04-12 20:07 - 2016-02-11 21:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2016-04-12 20:07 - 2016-02-11 21:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2016-04-12 20:07 - 2016-02-11 21:44 - 004
Link to comment
Share on other sites

  • Replies 100
  • Created
  • Last Reply

Top Posters In This Topic

AdwCleaner v5.116 - Logfile created 12/05/2016 at 18:53:22

# Updated 09/05/2016 by Xplode

# Database : 2016-05-09.1 [server]

# Operating system : Windows 7 Home Premium Service Pack 1 (X64)

# Username : Happymackem - HAPPYMACKEM-PC

# Running from : D:\my downloads\AdwCleaner.exe

# Option : Clean



***** [ Services ] *****



***** [ Folders ] *****


[-] Folder Deleted : C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lenhepdkokhgidgdainbdoeklmgbeclk


***** [ Files ] *****



***** [ DLLs ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled tasks ] *****



***** [ Registry ] *****


[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}


***** [ Web browsers ] *****


[-] [C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [startup_URLs] Deleted : hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-559&v=n9396-118&t=4

[-] [C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [startup_URLs] Deleted : hxxp://www.default-search.net?sid=476&aid=104&itype=n&ver=11471&tm=297&src=hmp

[-] [C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [startup_URLs] Deleted : hxxp://www.default-search.net?sid=476&aid=104&itype=a&ver=12521&tm=297&src=hmp

[-] [C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [startup_URLs] Deleted : hxxp://www.default-search.net?sid=476&aid=104&itype=a&ver=12791&tm=297&src=hmp

[-] [C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [startup_URLs] Deleted : hxxp://isearch.omiga-plus.com/?type=hp&ts=1422442990&from=obw&uid=ST2000DL003-9VT166_6YD1CER9XXXX6YD1CER9

[-] [C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lenhepdkokhgidgdainbdoeklmgbeclk

[-] [C:\Users\Happymackem\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://websearch.just-browse.info/


*************************


:: "Tracing" keys deleted

:: Winsock settings cleared


*************************


C:\AdwCleaner\AdwCleaner[C1].txt - [6400 bytes] - [11/05/2016 18:08:40]

C:\AdwCleaner\AdwCleaner[C2].txt - [2663 bytes] - [11/05/2016 20:58:57]

C:\AdwCleaner\AdwCleaner[C3].txt - [2428 bytes] - [12/05/2016 18:53:22]

C:\AdwCleaner\AdwCleaner[s1].txt - [6473 bytes] - [11/05/2016 18:06:42]

C:\AdwCleaner\AdwCleaner[s2].txt - [2447 bytes] - [11/05/2016 20:56:47]

C:\AdwCleaner\AdwCleaner[s3].txt - [2583 bytes] - [12/05/2016 18:50:18]


########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2720 bytes] ##########
Link to comment
Share on other sites

Fix result of Farbar Recovery Scan Tool (x64) Version:09-05-2016

Ran by Happymackem (2016-05-12 19:15:18) Run:1

Running from D:\Users\Happymackem\Desktop

Loaded Profiles: Happymackem (Available Profiles: Happymackem)

Boot Mode: Normal

==============================================


fixlist content:

*****************

start

CreateRestorePoint:

CloseProcesses:

Task: {80DF06E4-32E5-4275-A0FD-B6CA217410F8} - \SidebarExecute -> No File <==== ATTENTION

Task: {975AFF3D-60F7-42CA-9819-E15C7E3A8982} - System32\Tasks\{13C5D470-6291-4A3F-A1AD-6DC6A1EB71FD} => pcalua.exe -a "c:\program files (x86)\relevantknowledge\rlvknlg.exe" -c -bootremove -uninst:RelevantKnowledge

Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION

Task: {B4858726-DF66-4DC6-B66A-2B3530768E8F} - System32\Tasks\NetworkUtilit => C:\Program Files (x86)\PIXELA\Network Utility\NWLaunch.bat <==== ATTENTION

Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION

Task: C:\Windows\Tasks\NetworkUtilit.job => C:\Program Files (x86)\PIXELA\Network Utility\NWLaunch.bat <==== ATTENTION

HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0

HKLM\...\Policies\Explorer: [NoResolveSearch] 1

HKU\S-1-5-21-1419099797-2151659610-1227748186-1000\...\Policies\Explorer: [NoInstrumentation] 0

HKU\S-1-5-21-1419099797-2151659610-1227748186-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => No File

ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => No File

Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File

Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKU\S-1-5-21-1419099797-2151659610-1227748186-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

URLSearchHook: HKLM-x32 - (No Name) - {4a6e1b85-1193-4a2a-aab8-7417f275f18a} - No File

URLSearchHook: HKU\S-1-5-21-1419099797-2151659610-1227748186-1000 - (No Name) - {4a6e1b85-1193-4a2a-aab8-7417f275f18a} - No File

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File

BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File

Toolbar: HKLM-x32 - No Name - {e6ed7f95-e571-4f81-8757-5eb11252703d} - No File

Toolbar: HKU\S-1-5-21-1419099797-2151659610-1227748186-1000 -> No Name - {E6ED7F95-E571-4F81-8757-5EB11252703D} - No File

Handler: livecall - No CLSID Value

Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll No File

Handler: msnim - No CLSID Value

Handler: wlmailhtml - No CLSID Value

Handler: wlpg - No CLSID Value

Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL No File

FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006

FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006

FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Happymackem\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [No File]

FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Happymackem\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [No File]

FF Extension: No Name - C:\Users\Happymackem\AppData\Roaming\Mozilla\Firefox\Profiles\ba82rn2h.default\extensions\iobitascsurfingprotection@iobit.com [not found]

CHR HomePage: Default -> hxxp://websearch.just-browse.info/

CHR StartupUrls: Default -> "hxxp://www.search.ask.com/?o=APN10645A&gct=hp&d=406-559&v=n9396-118&t=4","hxxp://www.default-search.net?sid=476&aid=104&itype=n&ver=11471&tm=297&src=hmp","hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-04-28&ent=hp&u=6C60B53ABD8AEB7DB3E6C7535E303E84","hxxp://www.default-search.net?sid=476&aid=104&itype=a&ver=12521&tm=297&src=hmp","hxxp://www.default-search.net?sid=476&aid=104&itype=a&ver=12791&tm=297&src=hmp","hxxp://isearch.omiga-plus.com/?type=hp&ts=1422442990&from=obw&uid=ST2000DL003-9VT166_6YD1CER9XXXX6YD1CER9"

CHR HKLM-x32\...\Chrome\Extension: [fooihgffjknjfdidhkpgeibbipkjlhpn] - <no Path/update_url>

CMD: ipconfig /flushdns

CMD: netsh winsock reset all

CMD: netsh int ipv4 reset

CMD: netsh int ipv6 reset

Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f


Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

EmptyTemp:

Hosts:

End

*****************


Restore point was successfully created.

Processes closed successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80DF06E4-32E5-4275-A0FD-B6CA217410F8}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80DF06E4-32E5-4275-A0FD-B6CA217410F8}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SidebarExecute" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{975AFF3D-60F7-42CA-9819-E15C7E3A8982}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{975AFF3D-60F7-42CA-9819-E15C7E3A8982}" => key removed successfully

C:\Windows\System32\Tasks\{13C5D470-6291-4A3F-A1AD-6DC6A1EB71FD} => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{13C5D470-6291-4A3F-A1AD-6DC6A1EB71FD}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4858726-DF66-4DC6-B66A-2B3530768E8F}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4858726-DF66-4DC6-B66A-2B3530768E8F}" => key removed successfully

C:\Windows\System32\Tasks\NetworkUtilit => not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NetworkUtilit => key not found.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector" => key removed successfully

C:\Windows\Tasks\NetworkUtilit.job => not found.

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\LinkResolveIgnoreLinkInfo => value removed successfully

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value removed successfully

HKU\S-1-5-21-1419099797-2151659610-1227748186-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInstrumentation => value removed successfully

HKU\S-1-5-21-1419099797-2151659610-1227748186-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => value removed successfully

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\AsusWSShellExt_B" => key removed successfully

HKCR\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190} => key not found.

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\AsusWSShellExt_O" => key removed successfully

HKCR\CLSID\{64174815-8D98-4CE6-8646-4C039977D808} => key not found.

"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000008" => key removed successfully

"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000009" => key removed successfully

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully

"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully

"HKU\S-1-5-21-1419099797-2151659610-1227748186-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{4a6e1b85-1193-4a2a-aab8-7417f275f18a} => value removed successfully

HKU\S-1-5-21-1419099797-2151659610-1227748186-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{4a6e1b85-1193-4a2a-aab8-7417f275f18a} => value removed successfully

HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully

HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => key removed successfully

HKCR\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => key not found.

"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => key removed successfully

HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => key not found.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{e6ed7f95-e571-4f81-8757-5eb11252703d} => value removed successfully

HKCR\Wow6432Node\CLSID\{e6ed7f95-e571-4f81-8757-5eb11252703d} => key not found.

HKU\S-1-5-21-1419099797-2151659610-1227748186-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E6ED7F95-E571-4F81-8757-5EB11252703D} => value removed successfully

HKCR\CLSID\{E6ED7F95-E571-4F81-8757-5EB11252703D} => key not found.

"HKCR\PROTOCOLS\Handler\livecall" => key removed successfully

"HKCR\PROTOCOLS\Handler\ms-help" => key removed successfully

HKCR\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294} => key not found.

"HKCR\PROTOCOLS\Handler\msnim" => key removed successfully

"HKCR\PROTOCOLS\Handler\wlmailhtml" => key removed successfully

"HKCR\PROTOCOLS\Handler\wlpg" => key removed successfully

"HKCR\PROTOCOLS\Filter\text/xml" => key removed successfully

"HKCR\CLSID\{807563E5-5146-11D5-A672-00B0D022E945}" => key removed successfully

Firefox DefaultSearchUrl removed successfully

Firefox "Keyword.URL" removed successfully

"HKU\.DEFAULT\Software\MozillaPlugins\@hola.org/FlashPlayer" => key removed successfully

C:\Users\Happymackem\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll => not found.

"HKU\.DEFAULT\Software\MozillaPlugins\@hola.org/vlc" => key removed successfully

C:\Users\Happymackem\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll => not found.

C:\Users\Happymackem\AppData\Roaming\Mozilla\Firefox\Profiles\ba82rn2h.default\extensions\iobitascsurfingprotection@iobit.com => path removed successfully

Chrome HomePage => removed successfully

Chrome StartupUrls => removed successfully

"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fooihgffjknjfdidhkpgeibbipkjlhpn" => key removed successfully


========= ipconfig /flushdns =========



Windows IP Configuration


Successfully flushed the DNS Resolver Cache.


========= End of CMD: =========



========= netsh winsock reset all =========


Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 11003


Sucessfully reset the Winsock Catalog.

You must restart the computer in order to complete the reset.



========= End of CMD: =========



========= netsh int ipv4 reset =========


Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 11003

Reseting Global, OK!

Reseting Interface, OK!

Restart the computer to complete this action.



========= End of CMD: =========



========= netsh int ipv6 reset =========


Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 11003

There's no user specified settings to be reset.



========= End of CMD: =========



========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========


The operation completed successfully.




========= End of Reg: =========



========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========


The operation completed successfully.




========= End of Reg: =========



========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========


The operation completed successfully.




========= End of Reg: =========



========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========


The operation completed successfully.




========= End of Reg: =========


C:\Windows\System32\Drivers\etc\hosts => moved successfully

Hosts restored successfully.

EmptyTemp: => 575 MB temporary data Removed.



The system needed a reboot.


==== End of Fixlog 19:17:45 ====

Link to comment
Share on other sites

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.0.6 (04.25.2016)

Operating System: Windows 7 Home Premium x64

Ran by Happymackem (Administrator) on 12/05/2016 at 19:41:50.09

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





File System: 4


Successfully deleted: C:\ProgramData\productdata (Folder)

Successfully deleted: C:\Users\Happymackem\AppData\Roaming\productdata (Folder)

Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_Happymackem (Task)

Successfully deleted: C:\Program Files (x86)\iobit\driver booster (Folder)




Registry: 1


Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 12/05/2016 at 19:45:43.34

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to comment
Share on other sites

Good job, I see you did very well.

What I would like for you to do now is:

  • Open Malwarebytes Anti-Malware .
  • On the Dashboard click on Update Now
  • Go to the Setting Tab
  • Under Setting go to Detection and Protection
  • Under PUP and PUM make sure both are set to show Treat Detections as Malware
  • Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
  • Then on the Dashboard click on Scan
  • Make sure to select THREAT SCAN
  • Then click on Scan
  • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards.
  • If threats are detected, click Remove Selected. If you are prompted to reboot, click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs, followed by the first Scan Log.
  • Click Export, followed by Copy to Clipboard. Paste the log in your next reply.

*******************
What we can do now is run an online scan with Eset, a good trusted scanner, reliable and thorough.
The settings I suggest will show us items located in quarantine folders so don't be alarmed with this, also, in case of a false positive I ask that you not allow it to delete what it does find.
This scanner can take quite a bit of time to run, depending of course how full your computer is.



GzlsbnV.pngESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

  • Please download ESET Online Scan and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Double-click esetsmartinstaller_enu.exe to run the programme.
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click esetListThreats.png. If no threats were found, skip the next two bullet points.
  • Click esetExport.png and save the file to your Desktop, naming it something such as "MyEsetScan".
  • Push the Back button.
  • Place a checkmark next to KN1w2nv.png and click SzOC1p0.png.
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.

****
Please post these 2 logs along with comments on how the computer is doing now.

 

 

 

i would like to delete iorbit

 

We can. Start by going to add/remove programs list and uninstall from there.

 

Later, after you have run the above scans we'll check for remnants to remove.

Edited by Juliet
typo
Link to comment
Share on other sites

Malwarebytes Anti-Malware

www.malwarebytes.org


Scan Date: 12/05/2016

Scan Time: 21:47

Logfile: first one.txt

Administrator: Yes


Version: 2.2.1.1043

Malware Database: v2016.05.12.06

Rootkit Database: v2016.05.06.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled


OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Happymackem


Scan Type: Threat Scan

Result: Completed

Objects Scanned: 352118

Time Elapsed: 18 min, 36 sec


Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled


Processes: 0

(No malicious items detected)


Modules: 0

(No malicious items detected)


Registry Keys: 0

(No malicious items detected)


Registry Values: 0

(No malicious items detected)


Registry Data: 0

(No malicious items detected)


Folders: 0

(No malicious items detected)


Files: 0

(No malicious items detected)


Physical Sectors: 0

(No malicious items detected)



(end)

Link to comment
Share on other sites

result

C:\AdwCleaner\Quarantine\C\Users\Happymackem\AppData\Local\Mobogenie\Version\CacheVersion\Mobogenie2.1.36.zip.vir a variant of Win32/Adware.Mobogenie.A application
C:\Users\Happymackem\AppData\Roaming\BitTorrent\updates\7.9.2_37755.exe a variant of Win32/OpenCandy.A potentially unsafe application
C:\Users\Happymackem\AppData\Roaming\BitTorrent\updates\7.9.2_38914.exe a variant of Win32/OpenCandy.A potentially unsafe application
D:\ccsetup318.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application
G:\FoxitReader531.0606_enu_Setup.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 1.zip Win32/Bundled.Toolbar.Google.E potentially unsafe application
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 37.zip a variant of Win32/SoftonicDownloader.I potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 38.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 39.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 64.zip a variant of Win32/InstalleRex.T potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 71.zip a variant of Win32/Amonetize.CK potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 88.zip a variant of Win32/AdkDLLWrapper.A potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-06-08 075701\Backup files 1.zip a variant of Win32/InstallCore.ACZ potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 1.zip Win32/Bundled.Toolbar.Google.E potentially unsafe application
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 37.zip a variant of Win32/SoftonicDownloader.I potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 38.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 39.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 65.zip a variant of Win32/InstalleRex.T potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 72.zip a variant of Win32/Amonetize.CK potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 89.zip a variant of Win32/AdkDLLWrapper.A potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-07-13 071349\Backup Files 2015-07-13 071349\Backup files 1.zip Win32/Bundled.Toolbar.Google.E potentially unsafe application
G:\HAPPYMACKEM-PC\Backup Set 2015-07-13 071349\Backup Files 2015-07-13 071349\Backup files 37.zip a variant of Win32/SoftonicDownloader.I potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-07-13 071349\Backup Files 2015-07-13 071349\Backup files 38.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-07-13 071349\Backup Files 2015-07-13 071349\Backup files 39.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-07-13 071349\Backup Files 2015-07-13 071349\Backup files 66.zip a variant of Win32/InstalleRex.T potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-07-13 071349\Backup Files 2015-07-13 071349\Backup files 91.zip a variant of Win32/AdkDLLWrapper.A potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-08-02 190001\Backup Files 2015-08-02 190001\Backup files 1.zip Win32/Bundled.Toolbar.Google.E potentially unsafe application
G:\HAPPYMACKEM-PC\Backup Set 2015-08-02 190001\Backup Files 2015-08-02 190001\Backup files 37.zip a variant of Win32/SoftonicDownloader.I potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-08-02 190001\Backup Files 2015-08-02 190001\Backup files 38.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-08-02 190001\Backup Files 2015-08-02 190001\Backup files 39.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-08-02 190001\Backup Files 2015-08-02 190001\Backup files 66.zip a variant of Win32/InstalleRex.T potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-08-02 190001\Backup Files 2015-08-02 190001\Backup files 92.zip a variant of Win32/AdkDLLWrapper.A potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 1.zip Win32/Bundled.Toolbar.Google.E potentially unsafe application
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 29.zip a variant of Win32/SoftonicDownloader.I potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 31.zip a variant of Win32/Toolbar.BitCocktail.B potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 32.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 36.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 50.zip a variant of Win32/InstalleRex.T potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 74.zip a variant of Win32/AdkDLLWrapper.A potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-23 190001\Backup files 1.zip a variant of Win32/InstallCore.ABY potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-31 074045\Backup files 22.zip a variant of Win32/AdkDLLWrapper.A potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 1.zip Win32/Bundled.Toolbar.Google.E potentially unsafe application
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 29.zip Win32/Bundled.Toolbar.Google.D potentially unsafe application
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 30.zip a variant of Win32/SoftonicDownloader.I potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 32.zip a variant of Win32/Toolbar.BitCocktail.B potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 33.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 37.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 53.zip a variant of Win32/InstalleRex.T potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 74.zip a variant of Win32/AdkDLLWrapper.A potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-27 190002\Backup files 1.zip Win32/Bundled.Toolbar.Google.D potentially unsafe application
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-10-21 073459\Backup files 1.zip Win32/Bundled.Toolbar.Google.E potentially unsafe application
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-10-21 073459\Backup files 29.zip Win32/Bundled.Toolbar.Google.D potentially unsafe application
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-10-21 073459\Backup files 30.zip a variant of Win32/SoftonicDownloader.I potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-10-21 073459\Backup files 32.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-10-21 073459\Backup files 33.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-10-21 073459\Backup files 36.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-11-01 195211\Backup files 18.zip a variant of Win32/InstalleRex.T potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-11-01 195211\Backup files 41.zip a variant of Win32/AdkDLLWrapper.A potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-22 203510\Backup files 1.zip Win32/Bundled.Toolbar.Google.E potentially unsafe application
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-22 203510\Backup files 30.zip a variant of Win32/SoftonicDownloader.I potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-22 203510\Backup files 33.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-22 203510\Backup files 34.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-29 190001\Backup files 18.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-29 190001\Backup files 51.zip a variant of Win32/InstalleRex.T potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-29 190001\Backup files 73.zip a variant of Win32/AdkDLLWrapper.A potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-14 073652\Backup files 1.zip Win32/Bundled.Toolbar.Google.E potentially unsafe application
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-14 073652\Backup files 42.zip a variant of Win32/SoftonicDownloader.I potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-14 073652\Backup files 44.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-14 073652\Backup files 45.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-14 073652\Backup files 48.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-21 075128\Backup files 25.zip a variant of Win32/InstalleRex.T potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-21 075128\Backup files 46.zip a variant of Win32/AdkDLLWrapper.A potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2016-01-10 190002\Backup Files 2016-01-10 190002\Backup files 1.zip Win32/Bundled.Toolbar.Google.E potentially unsafe application
G:\HAPPYMACKEM-PC\Backup Set 2016-01-10 190002\Backup Files 2016-01-10 190002\Backup files 40.zip a variant of Win32/SoftonicDownloader.I potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2016-01-10 190002\Backup Files 2016-01-10 190002\Backup files 41.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2016-01-10 190002\Backup Files 2016-01-10 190002\Backup files 45.zip multiple threats
G:\HAPPYMACKEM-PC\Backup Set 2016-01-10 190002\Backup Files 2016-01-10 190002\Backup files 71.zip a variant of Win32/InstalleRex.T potentially unwanted application
G:\HAPPYMACKEM-PC\Backup Set 2016-01-10 190002\Backup Files 2016-01-10 190002\Backup files 94.zip a variant of Win32/AdkDLLWrapper.A potentially unwanted application
G:\Web Assistant\source.crx Win32/Toolbar.Perion.K potentially unwanted application
Link to comment
Share on other sites

just noticed my anti virus must have come back on during test is that a problem??

I don't think so.

 

Does this happen on all browsers or just 1?

 

I'm going to download and place a fixlist here on this topic for you to run. Because unicode characters are in it wont work if I don't do it this way.

 

Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:

To do this highlight the contents of the box and right click on it and select copy.

Paste this into the open notepad. save it to the Desktop as fixlist.txt

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)

 

 

Open FRST/FRST64 and press the > Fix < button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

fixlist.txt

Link to comment
Share on other sites

bullseye_zpse9eaf36e.gifMalwarebytes Anti-Rootkit
  • Download Malwarebytes Anti-Rootkit
  • Once the file has been downloaded, right click on the downloaded file and select the Extract all menu option.
  • Follow the instructions to extract the ZIP file to a folder called mbar-versionnumber on your desktop.
  • Once the ZIP file has been extracted, open the folder and when that folder opens, double-click on the mbar folder.
  • Double-click on the mbar.exe file to launch Malwarebytes Anti-Rootkit.
  • After you double-click on the mbar.exe file, you may receive a User Account Control (UAC) message if you are sure you wish to allow the program to run. Please allow to start Malwarebytes Anti-Rootkit correctly.
  • Malwarebytes Anti-Rootkit will now install necessary drivers that are required for the program to operate correctly.
  • If you receive a DDA driver message like could not load DDA driver, click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer and will start automatically.
MBAMAnti-Rootkit1_zps4613be8c.png
  • Please click by the introduction screen on the Next button to continue.
MBAMAnti-Rootkit2update_zpsf85fca28.png
  • Next you will see the Update Database screen.
  • Click on the Update button so Malwarebytes Anti-Rootkit can download the latest definition updates.
MBAMAnti-Rootkitupdatecomplete_zpscf9f4c
  • When the update has finished, click on the Next button.
MBAMAnti-Rootkitscan_zps9b346fe7.png
  • Next you can select some basic scanning options. Make sure the Drivers, Sectors, and System scan targets are selected before you click on the Scan button.
  • Malwarebytes Anti-Rootkit will now start scanning your computer for rootkits. This scan can take some time, so please be patient.
MBAMAnti-Rootkitscan-results_zps9f0fdf8e
  • When the scan with Malwarebytes Anti-Rootkit is finished, the program will display a screen with the results from the scan.
  • Make sure everything is selected and that the option to create a restore point is checked.
  • Next click on the Cleanup button. Malwarebytes Anti-Rootkit will then prompt you to reboot your computer.
  • Click on Yes button to restart your computer.
  • There will now be two log files created in the mbar folder called system-log.txt and one that starts with mbar-log.
  • The mbar-log file will always start with mbar-log, but the rest will be named using a timestamp indicating the time it was run.
    • For example, mbar-log-2012-11-12 (19-13-32).txt corresponds to mbar-log-year-month-day (hour-minute-second).txt.
  • The system-log.txt contains information about each time you have run MBAR and contains diagnostic information from the program.
Link to comment
Share on other sites

fixlog txt result

Fix result of Farbar Recovery Scan Tool (x64) Version:09-05-2016
Ran by Happymackem (2016-05-13 20:31:47) Run:2
Running from D:\Users\Happymackem\Desktop
Loaded Profiles: Happymackem (Available Profiles: Happymackem)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
Task: {B4858726-DF66-4DC6-B66A-2B3530768E8F} - System32\Tasks\NetworkUtility起動 => C:\Program Files (x86)\PIXELA\Network Utility\NWLaunch.bat <==== ATTENTION
Task: C:\Windows\Tasks\NetworkUtility起動.job => C:\Program Files (x86)\PIXELA\Network Utility\NWLaunch.bat <==== ATTENTION
C:\Users\Happymackem\AppData\Roaming\BitTorrent\updates\7.9.2_37755.exe
C:\Users\Happymackem\AppData\Roaming\BitTorrent\updates\7.9.2_38914.exe
D:\ccsetup318.exe
G:\FoxitReader531.0606_enu_Setup.exe
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 1.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 37.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 38.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 39.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 64.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 71.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 88.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-06-08 075701\Backup files 1.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 1.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 37.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 38.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 39.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 65.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 72.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 89.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-07-13 071349\Backup Files 2015-07-13 071349\Backup files 1.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-07-13 071349\Backup Files 2015-07-13 071349\Backup files 37.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-07-13 071349\Backup Files 2015-07-13 071349\Backup files 38.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-07-13 071349\Backup Files 2015-07-13 071349\Backup files 39.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-07-13 071349\Backup Files 2015-07-13 071349\Backup files 66.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-07-13 071349\Backup Files 2015-07-13 071349\Backup files 91.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-08-02 190001\Backup Files 2015-08-02 190001\Backup files 1.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-08-02 190001\Backup Files 2015-08-02 190001\Backup files 37.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-08-02 190001\Backup Files 2015-08-02 190001\Backup files 38.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-08-02 190001\Backup Files 2015-08-02 190001\Backup files 39.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-08-02 190001\Backup Files 2015-08-02 190001\Backup files 66.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-08-02 190001\Backup Files 2015-08-02 190001\Backup files 92.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 1.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 29.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 31.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 32.
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 36.
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 50.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 74.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-23 190001\Backup files 1.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-31 074045\Backup files 22.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 1.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 29.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 30.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 32.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 33.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 37.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 53.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 74.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-27 190002\Backup files 1.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-10-21 073459\Backup files 1.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-10-21 073459\Backup files 29.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-10-21 073459\Backup files 30.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-10-21 073459\Backup files 32.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-10-21 073459\Backup files 33.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-10-21 073459\Backup files 36.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-11-01 195211\Backup files 18.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-11-01 195211\Backup files 41.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-22 203510\Backup files 1.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-22 203510\Backup files 30.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-22 203510\Backup files 33.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-22 203510\Backup files 34.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-29 190001\Backup files 18.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-29 190001\Backup files 51.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-29 190001\Backup files 73.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-14 073652\Backup files 1.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-14 073652\Backup files 42.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-14 073652\Backup files 44.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-14 073652\Backup files 45.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-14 073652\Backup files 48.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-21 075128\Backup files 25.zip
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-21 075128\Backup files 46.zip
G:\HAPPYMACKEM-PC\Backup Set 2016-01-10 190002\Backup Files 2016-01-10 190002\Backup files 1.zip
G:\HAPPYMACKEM-PC\Backup Set 2016-01-10 190002\Backup Files 2016-01-10 190002\Backup files 40.zip
G:\HAPPYMACKEM-PC\Backup Set 2016-01-10 190002\Backup Files 2016-01-10 190002\Backup files 41.zip
G:\HAPPYMACKEM-PC\Backup Set 2016-01-10 190002\Backup Files 2016-01-10 190002\Backup files 45.zip
G:\HAPPYMACKEM-PC\Backup Set 2016-01-10 190002\Backup Files 2016-01-10 190002\Backup files 71.zip
G:\HAPPYMACKEM-PC\Backup Set 2016-01-10 190002\Backup Files 2016-01-10 190002\Backup files 94.zip
G:\Web Assistant\source.crx
EmptyTemp:
Hosts:
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4858726-DF66-4DC6-B66A-2B3530768E8F} => key not found.
C:\Windows\System32\Tasks\NetworkUtility起動 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NetworkUtility起動" => key removed successfully
C:\Windows\Tasks\NetworkUtility起動.job => moved successfully
C:\Users\Happymackem\AppData\Roaming\BitTorrent\updates\7.9.2_37755.exe => moved successfully
C:\Users\Happymackem\AppData\Roaming\BitTorrent\updates\7.9.2_38914.exe => moved successfully
D:\ccsetup318.exe => moved successfully
G:\FoxitReader531.0606_enu_Setup.exe => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 1.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 37.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 38.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 39.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 64.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 71.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-05-30 094201\Backup files 88.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-05-30 094201\Backup Files 2015-06-08 075701\Backup files 1.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 1.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 37.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 38.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 39.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 65.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 72.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-06-14 190000\Backup Files 2015-06-14 190000\Backup files 89.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-07-13 071349\Backup Files 2015-07-13 071349\Backup files 1.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-07-13 071349\Backup Files 2015-07-13 071349\Backup files 37.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-07-13 071349\Backup Files 2015-07-13 071349\Backup files 38.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-07-13 071349\Backup Files 2015-07-13 071349\Backup files 39.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-07-13 071349\Backup Files 2015-07-13 071349\Backup files 66.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-07-13 071349\Backup Files 2015-07-13 071349\Backup files 91.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-08-02 190001\Backup Files 2015-08-02 190001\Backup files 1.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-08-02 190001\Backup Files 2015-08-02 190001\Backup files 37.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-08-02 190001\Backup Files 2015-08-02 190001\Backup files 38.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-08-02 190001\Backup Files 2015-08-02 190001\Backup files 39.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-08-02 190001\Backup Files 2015-08-02 190001\Backup files 66.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-08-02 190001\Backup Files 2015-08-02 190001\Backup files 92.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 1.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 29.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 31.zip => moved successfully
"G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 32." => not found.
"G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 36." => not found.
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 50.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-19 131603\Backup files 74.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-23 190001\Backup files 1.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-08-19 131603\Backup Files 2015-08-31 074045\Backup files 22.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 1.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 29.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 30.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 32.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 33.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 37.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 53.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-13 190002\Backup files 74.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-09-13 190002\Backup Files 2015-09-27 190002\Backup files 1.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-10-21 073459\Backup files 1.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-10-21 073459\Backup files 29.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-10-21 073459\Backup files 30.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-10-21 073459\Backup files 32.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-10-21 073459\Backup files 33.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-10-21 073459\Backup files 36.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-11-01 195211\Backup files 18.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-10-21 073459\Backup Files 2015-11-01 195211\Backup files 41.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-22 203510\Backup files 1.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-22 203510\Backup files 30.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-22 203510\Backup files 33.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-22 203510\Backup files 34.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-29 190001\Backup files 18.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-29 190001\Backup files 51.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-11-22 203510\Backup Files 2015-11-29 190001\Backup files 73.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-14 073652\Backup files 1.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-14 073652\Backup files 42.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-14 073652\Backup files 44.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-14 073652\Backup files 45.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-14 073652\Backup files 48.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-21 075128\Backup files 25.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2015-12-14 073652\Backup Files 2015-12-21 075128\Backup files 46.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2016-01-10 190002\Backup Files 2016-01-10 190002\Backup files 1.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2016-01-10 190002\Backup Files 2016-01-10 190002\Backup files 40.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2016-01-10 190002\Backup Files 2016-01-10 190002\Backup files 41.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2016-01-10 190002\Backup Files 2016-01-10 190002\Backup files 45.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2016-01-10 190002\Backup Files 2016-01-10 190002\Backup files 71.zip => moved successfully
G:\HAPPYMACKEM-PC\Backup Set 2016-01-10 190002\Backup Files 2016-01-10 190002\Backup files 94.zip => moved successfully
G:\Web Assistant\source.crx => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 230.7 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 20:40:03 ====
Link to comment
Share on other sites

I want you go into your setting in chrome and click show advance settings and at the bottom of the page, reset to default button.

 

Delete your cache, history, and other browser data

bullseye_zpse9eaf36e.gifDelete cache and other browser data in Chrome

  • Select Tools.
  • Select Clear browsing data.
  • In the dialogue that appears, select the highlighted check-boxes for the types of information that you want to remove.
  • Clear browsing history
  • Clear download history
  • Empty the cache
  • Delete cookies and other site and plug-in data
  • Clear saved passwords
  • Clear saved Auto-fill form data
  • Clear data from hosted apps
  • De-authorize content licenses
  • Use the menu at the top to select the amount of data that you want to delete. Select beginning of time to delete everything.
  • Click Clear browsing data.
~~~~~~

 

bullseye_zpse9eaf36e.gifFlush the FireFox Cache

(these directions are specific to Firefox 19, if you have a different version the exact steps might be slightly different)

  • In Firefox, Options
  • Select Options
  • Select Privacy tab
  • Find the section that reads: You might want to clear your recent history or remove individual cookies
  • Select clear your recent history
  • Click the Details drop-down arrow
  • Make sure a check mark is placed in the following boxes:
  • Cookies
  • Cache
  • Next select the Time Range to Clear drop-down menu
  • Select Everything (this will only delete all the cookies and cache, and will save the other items not selected)
  • Click Clear Now
~~~~~~~~

 

Clear Browser Cache in IE11

  • Close all Internet Explorer and Windows Explorer windows that are currently open.
  • Open Internet Explorer.
  • Click the Tools button ietoolsbutton.jpg, and then select theGeneral tab, then select Browsing history select the Delete button.
  • Select the check box next to each of the following categories.
  • Temporary Internet files and website files
  • Cookies and website data
  • History
  • Click Delete
******

Do the above and try to sign in again.

 

Let me know how that works out.

 

~~~~~~~~~~~~~

Read over these articles, see if something in there clicks.

facebook malware

http://www.bleepingcomputer.com/forums/t/582238/facebook-malware/

 

Some are saying This is legit ,some people being suspicious and trying everything else clicked on the download although it was taking forever, then canceled the download, then went back later and was given another download option and it worked no problem. hope this helps

Link to comment
Share on other sites

i must be going daft

I'm going to join you.

 

Have you in the past signed into Facebook using other devices like iPhone, Android, things other then your personal computer to connect?

I read an article at the Facebook community forum that this was a signal Facebook uses to alert to suspicious activity.

 

Here's how it will work when we detect that a device interacting with Facebook is behaving in a suspicious way that we believe is related to a malware infection:

https://www.facebook.com/notes/facebook-security/making-malware-cleanup-easier/10152050305685766/

 

 

 

facebook malware

http://www.bleepingcomputer.com/forums/t/582238/facebook-malware/

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share


×
×
  • Create New...