Malware or Possible Trogen Issue

Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.

If you are unsure if your operating system is 32 or 64 Bit please go HERE.

Once downloaded right click the FRST desktop icon and select “Run as administrator” from the menu"



If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
FRST will open with two dialogue boxes, accept the disclaimer.


[ol]
[li]Accept the default whitelist options,[/li][li]If the additions.txt options box is not checked please select it. [/li]
[li]Then select Scan[/li][/ol]



Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.



Please Copy and Paste the contents of these logs in your next post for review

[HEADING=1]Thanks for your Reply.
Here are the scans you requested.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2016
Ran by CEP Local 440 (23-11-2016 22:19:15)
Running from C:\Users\CEP Local 440\Downloads
Windows 10 Home (X64) (2015-10-25 14:38:35)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================

Administrator (S-1-5-21-1124643268-3595298339-4084894015-500 - Administrator - Disabled)
CEP Local 440 (S-1-5-21-1124643268-3595298339-4084894015-1000 - Administrator - Enabled) => C:\Users\CEP Local 440
DefaultAccount (S-1-5-21-1124643268-3595298339-4084894015-503 - Limited - Disabled)
Guest (S-1-5-21-1124643268-3595298339-4084894015-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1124643268-3595298339-4084894015-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
7-Zip 16.02 (HKLM-x32...{23170F69-40C1-2701-1602-000001000000}) (Version: 16.02.00.0 - Igor Pavlov)
7-Zip 16.02 (HKLM-x32...\7-Zip) (Version: 16.02 - Igor Pavlov)
Acrobat.com (HKLM-x32...{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32...{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32...{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.2 (HKLM-x32...{C1F3739C-D31D-4062-8788-29261C4A2A68}) (Version: 12.2.4.194 - Adobe Systems, Inc)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32...{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM...{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM...{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32...{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft Panorama Maker 6 (HKLM-x32...{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}) (Version: 6.0.8.85 - ArcSoft)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Bonjour (HKLM...{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bus Driver (x32 Version: 2.2.0.82 - WildTangent) Hidden
Canon Easy-WebPrint EX (HKLM-x32...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MX450 series MP Drivers (HKLM...{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}Canon_MX450_series) (Version: 1.00 - Canon Inc.)
Canon MX450 series On-screen Manual (HKLM-x32...\Canon MX450 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Canon Speed Dial Utility (HKLM-x32...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32...{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32...{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32...{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32...{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertXtoDVD 3.3.4.106e (HKLM-x32...{76C24F39-B161-498F-BD8B-C64789812D13}is1) (Version: 3.3.4.106e - )
CyberLink DVD Suite (HKLM-x32...\InstallShield{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2216 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32...\InstallShield{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3419 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM-x32...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.1.1110 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAP Plug-in for 64 Bit IE (HKLM...{E06AF9BE-E1D6-4867-8DBF-74E4BA32BBB3}) (Version: 9606.0.30 - SpeedBit)
DivX Setup (HKLM-x32...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Dora’s Carnival Adventure (x32 Version: 2.2.0.82 - WildTangent) Hidden
Download Accelerator Plus (DAP) (HKLM-x32...\Download Accelerator Plus (DAP)) (Version: 10050 (Build 2519) - Speedbit Ltd.)
Elevated Installerhttps://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32...{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Faerie Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.82 - WildTangent) Hidden
Garmin Communicator Plugin x64 (HKLM...{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32...{2639b4f0-83b4-4f3d-942f-e4ba22a40b9b}) (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Lifetime Updater (HKLM-x32...{9AAD03E8-4F65-4DE2-8F6C-1B079C0C8521}) (Version: 2.1.11 - Garmin)
GenuTax Standard (HKLM-x32...{C558F931-FCAD-4252-909F-D736DF679567}) (Version: 1.45 - GenuSource Consulting Inc)
Google Chrome (HKLM-x32...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Earth (HKLM-x32...{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hola™ 1.18.524 - Better Internet (HKLM...\Hola) (Version: 1.18.524 - Hola Networks Ltd.) <==== ATTENTION
HP Advisor (HKLM-x32...{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Games (HKLM-x32...\WildTangent hp Master Uninstallhttps://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png) (Version: 1.0.0.80 - WildTangent)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP LaserJet Professional M1210 MFP Series Fax Installer (HKLM...{E65099C4-9110-4C31-BD03-5C17EFB5FE92}) (Version: 1.1.0 - HP)
HP Quick Launch (HKLM...{10F539B1-31AF-43BF-9F0C-0EB66E918922}) (Version: 1.0.18 - Hewlett-Packard)
HP Setup (HKLM-x32...{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing (HKLM-x32...\HP Smart Web Printing) (Version: 131.1.35898 - Hewlett-Packard)
HP Software Framework (HKLM-x32...{97174E88-52F9-445A-A28E-704A45332D19}) (Version: 4.0.108.1 - Hewlett-Packard Company)
HP Update (HKLM-x32...{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0183 (HKLM-x32...{BC146E5F-A2B0-40DB-90E7-2833807E98DF}) (Version: 1.01.0001 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32...{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
iCloud (HKLM...{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
iLivid (x32 Version: 1.92.0.118480 - Bandoo Media Inc.) Hidden <==== ATTENTION
InstaCodecs (HKLM-x32...\InstaCodecs_is1) (Version: 1.0 - )
InstallConverter (HKLM-x32...\InstallConverter) (Version: 1.0 - InstallConverter)
Intel(R) Chipset Device Software (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden
Intel(R) Control Center (HKLM-x32...{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32...{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32...{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
iTunes (HKLM...{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 11 (HKLM-x32...{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.110 - Oracle)
Java™ 6 Update 17 (64-bit) (HKLM...{26A24AE4-039D-4CA4-87B4-2F86416017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM-x32...{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Questhttps://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Security Scan (HKLM-x32...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 16.0.0.1344 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 16.0.0.1344 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32...\InstallWIX_{94C8D443-1D07-4E6D-A9EB-FDBA45A839D8}) (Version: 1.5.2.228 - Kaspersky Lab)
Kaspersky Software Updater Beta (x32 Version: 1.5.2.228 - Kaspersky Lab) Hidden
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
LabelPrint (HKLM-x32...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2215 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2215 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32...{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}) (Version: 1.18.12.1 - LightScribe)
Logitech SetPoint (HKLM-x32...{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
LSI HDA Modem (HKLM...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Malwarebytes Anti-Malwarehttps://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png version 2.1.6.1022 (HKLM-x32... Malwarebyteshttps://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebyteshttps://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png Corporation)
MaxiLink (HKLM-x32...{3F1420A7-FF17-40F0-B4FE-3481B8D10081}) (Version: 1.08 - Autel)
McAfee Agent (HKLM-x32...{2AAB21C2-4CDA-4189-A0EC-5ED666113F84}) (Version: 4.5.0.1810 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM...\McAfee Security Scan) (Version: 3.11.427.2 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft Live Search Toolbar (HKLM-x32...{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Office File Validation Add-In (HKLM-x32...{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32...{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32...{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM-x32...{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM...{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32...{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM...{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32...{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM...{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM...{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32...{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32...{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32...{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
muvee Reveal (HKLM-x32...{DE626616-D7C4-4F00-7E0B-EAF26FA65749}) (Version: 7.0.43.12698 - muvee Technologies Pte Ltd)
ObjectDock Free (HKLM-x32...\ObjectDock Free) (Version: 2.0 - Stardock Corporation)
ObjectDock Free (x32 Version: 2.0 - Stardock Corporation) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Power2Go (HKLM-x32...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3415 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3415 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3420 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3420 - CyberLink Corp.) Hidden
RealDownloader (x32 Version: 18.1.4.137 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.4.144 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32...\RealPlayer 18.1) (Version: 18.1.4 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32...{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32...{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7427 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32...{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32...{901F0D4C-009D-1112-8DE4-03599E7B0C5C}) (Version: 1.00.10.0104 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.2214 - CyberLink Corp.) Hidden
Revo Uninstaller 1.94 (HKLM-x32...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
RtVOsd (HKLM...{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)
Scan To (HKLM...{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
SlimDrivers (HKLM-x32...{3CF3DEF4-ED15-4F7B-9320-C3E1081EA4DA}) (Version: 2.2.30877 - SlimWare Utilities, Inc.)
Smart Defrag 3 (HKLM-x32...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
SpeedBit Video Accelerator (HKLM-x32...\SpeedBit Video Accelerator) (Version: 3370(build_3043) - SpeedBit Ltd.)
SpeedBit Video Downloader (HKLM-x32...\SpeedBit Video Downloader) (Version: 1154(build_488) - SPEEDbit Ltd.)
SUPERAntiSpyware (HKLM...{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
TurboTax Free version 1.0.1 (HKLM-x32...{EF63699B-79A1-4A7D-B02D-AD5976701864}_is1) (Version: 1.0.1 - Intuit Canada)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VaudiX (HKLM...{6C7F523F-A2A9-AE9E-4C75-EA8BB79C70C9}) (Version: 1.0 - )
vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Downloader (x32 Version: 1.2.0 - RealNetworks) Hidden
Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden
Vuze (HKLM-x32...\8461-7759-5462-8226) (Version: 5.7.0.0 - Azureus Software, Inc.)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32...{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32...{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinZip 20.5 (HKLM...{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}) (Version: 20.5.12118 - WinZip Computing, S.L. )
Wise Care 365 3.96 (HKLM-x32...\Wise Care 365_is1) (Version: 3.96 - WiseCleaner.com, Inc.)
Wise Care 365 version 2.44 (HKLM-x32...{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 2.44 - WiseCleaner.com, Inc.)
Wise Registry Cleaner 8.81 (HKLM-x32...\Wise Registry Cleaner_is1) (Version: 8.81 - WiseCleaner.com, Inc.)
Xvid Video Codec (HKLM-x32...\Xvid Video Codec 1.3.1) (Version: 1.3.2 - Xvid Team)
Yahoo! Detect (HKLM-x32...\YTdetect) (Version: - )
Zuma’s Revenge (x32 Version: 2.2.0.82 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08C18A8D-A2BD-4774-9120-78A4A4FC9E76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {0BF52ED3-1BB6-4841-9EEF-4ADFA8C01E62} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0DAC725D-0371-4133-8AF6-D148198B0D4A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-04-08] ()
Task: {105CBCC4-5BD4-47EC-919F-698174BE6C5E} - System32\Tasks\SBWUpdateTask_Logon_d4e02148-1C659D0430C4 => C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2013-01-19] (Speedbit Ltd.) <==== ATTENTION
Task: {1627C880-15CC-4527-9FE1-5EBA43DD41D7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {18853C6D-A3C5-431B-83DB-B7E51B6D1A9A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1BC14874-2285-41BC-9C22-9381D778C8C7} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {24FF0670-A2EE-4FE7-9ADC-55ECDCC4A9E1} - System32\Tasks\SBWUpdateTask_Time_d4e02148-1C659D0430C4 => C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2013-01-19] (Speedbit Ltd.) <==== ATTENTION
Task: {25554AD1-5548-49F0-8550-EC465DD19366} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent → No File <==== ATTENTION
Task: {27A76811-8CAB-4FB0-8E58-AE2F14D3523B} - System32\Tasks\RealDownloaderRealUpgradeScheduledT askS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {27CCF768-AFC7-4E08-BE16-845098F6E1C9} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2D23301A-268D-4133-A615-B5D3B6436506} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {30426D06-7CE3-404A-89C2-7A4DA66DBA3D} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {350B0464-18D2-43E5-98C5-C3267B33837D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess → No File <==== ATTENTION
Task: {3B460780-4ABB-499A-A302-4CCCF74FF5C7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3E67C9DA-3818-4D54-937E-0B0166CD4C2A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {4295A246-F1FA-4C92-B703-C98313A8B679} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {45EACAAD-C12E-45DB-A0B7-C6968C44E73B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandco ntent → No File <==== ATTENTION
Task: {462BC8C7-51E1-48D0-A779-3A14AC6127C0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {4862D3F8-2130-4C97-A2A3-B139E5650AB7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {48ACB946-9171-45B5-875C-A86E243BEEC3} - System32\Tasks\Uninstaller_SkipUac_CEP_Local_440 => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {49FDBA15-93C4-4369-B2AC-DC67D65D4F29} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {56F97E84-3191-45C9-A635-67E8EB4B5A12} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd → No File <==== ATTENTION
Task: {57668D48-BB12-44DA-9C67-A3B46E8D44CB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5D8FF8E9-CE26-4891-955E-92566A4AE49F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {63AA4B71-0FB7-4900-ABCD-1A1044042157} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6809B9EF-F2FC-4B51-9FA3-9AA2FD514EF2} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {689603CA-2D8F-42B1-8DFB-CEC176524B4B} - System32\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5} => C:\ProgramData\Premium\VaudiX\VaudiX.exe [2012-09-19] () <==== ATTENTION
Task: {6A1D0173-5E64-47B4-ABF4-B0905C3E7446} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {6A547488-E31C-4C6E-8EED-B98D6A8EE4DE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d → No File <==== ATTENTION
Task: {78E36EFE-EDDE-417C-8CD5-5338C87D4A89} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d → No File <==== ATTENTION
Task: {7C025B81-7511-44C3-9832-4DED87E013CB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {881641BF-0BE6-43B4-8EC8-60F5117C11FA} - System32\Tasks\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2015-10-27] (WiseCleaner.com)
Task: {8B2BDB30-21E5-4EAB-876D-714AA59072D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d → No File <==== ATTENTION
Task: {8F63C092-CD98-4DEF-91B5-ABF2B708ECD7} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2016-04-28] (WinZip Computing, S.L.)
Task: {91775A97-F1FA-4406-8BFE-B175EB66B61F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {93D595F8-B5CF-441B-A5C1-202DDF53EE6C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {96A4AA20-AD60-4CDD-818D-CEEF996CE643} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {9AEF5C9B-DF21-4B95-BEF3-83AC6146D0AF} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9F98CCE2-E3BC-4C34-89FD-890FD85D2403} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2016-01-19] (WiseCleaner.COM)
Task: {A2829269-0700-45E1-BF90-7C8200090DB8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {A34CE245-50BC-4CCC-B4C5-C2D2EFB50957} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A66798D4-C70C-475F-9B74-49D08E192BF5} - System32\Tasks{298B2E4F-B19F-479B-A158-24E952B262D7} => pcalua.exe -a F:\setup.exe -d F:
Task: {AAAA528F-472D-41BD-A91A-EA77D7428CC4} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B9AEA5BF-FEB4-4F9D-99D1-32044FA58E69} - no filepath
Task: {C0CE097B-D8A2-4DE3-A7B5-5181B2628640} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {C10DF3FC-8775-4BE6-B0D5-A1044AC4C417} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C2311C6E-8DAA-4CBA-A2A9-C3D2DF6BE404} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2016-01-19] (WiseCleaner.COM)
Task: {C2ECE9AB-A485-4CFD-9141-3028BC823A8C} - System32\Tasks{BF9EF130-FE70-4432-88EC-F3B7132270EA} => pcalua.exe -a G:\internalsw.exe -d G:
Task: {E73ACD4C-1F44-4639-BA0D-B9E074AE8FB2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E9CEC2AE-59CB-4E77-9459-C3A97851374F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ HB => C:\WINDOWS\system32\MRT.exe [2016-05-23] (Microsoft Corporation)
Task: {E9E97BFB-E139-4DB2-A978-802F63DA9BC3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ECB00934-BB76-4164-BD18-F1F1D6B0BC50} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EE5786B3-871D-461C-A5B4-CE59F65A6910} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company)
Task: {EEB67E49-8B2B-4DF3-928D-5ADF90CE6D9B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EFF885BD-E49F-4288-B019-FFDE6C4A683F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d → No File <==== ATTENTION
Task: {F6F549D5-4559-4DED-AFAB-9D5782549FD7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d → No File <==== ATTENTION
Task: {F87AD7FC-295C-4D22-9010-0A9584303B21} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F8E99B3B-8FF9-44C4-AE06-046AAAD78217} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {F91C1C31-1776-45E9-8818-F155E0BB2786} - System32\Tasks\ASC9_SkipUac_CEP Local 440 => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {FA184C91-C5EF-4764-BAF0-F6D3FBE5E08A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig → No File <==== ATTENTION
Task: {FDA0C9D7-4161-40A6-81E3-C046B91E75F7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {FF901301-441E-45AC-BDA9-F12D966A5533} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {FF9ACA87-4767-430C-861B-1D1765C88317} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxcon fig-B → No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
Task: C:\WINDOWS\Tasks\ASC9_SkipUac_CEP Local 440.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForCEP Local 440.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_CEP_Local_440 .job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5}.job => C:\ProgramData\Premium\VaudiX\VaudiX.exeC/schedule /profilepath C:\ProgramData\Premium\VaudiX\profile.ini <==== ATTENTION
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\CEP Local 440\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk → hxxp://www.msnusers.com

ShortcutWithArgument: C:\Users\CEP Local 440\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\217f6a27d9c55787\Chrom ium.lnk → C:\Program Files\Hola\app\chromium\hola_cr.exe (The Chromium Authors) → --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2014-03-19 15:14 - 2012-09-29 12:25 - 00409088 _____ () C:\WINDOWS\System32\HPM1210LM.DLL
2012-02-05 09:28 - 2012-09-29 12:25 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.d ll
2015-09-10 01:08 - 2015-09-10 01:08 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2010-01-18 18:04 - 2010-01-18 18:04 - 00020480 _____ () C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
2013-12-27 20:15 - 2012-03-28 08:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2010-04-22 14:42 - 2009-07-06 15:20 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-05-13 14:13 - 2016-05-13 14:13 - 00032544 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2016-04-23 19:58 - 2016-03-16 00:55 - 02495768 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-23 19:58 - 2016-03-16 00:55 - 02495768 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-22 00:08 - 2016-04-22 00:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 00:08 - 2016-04-22 00:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2007-04-18 18:30 - 2007-04-18 18:30 - 00393216 _____ () C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll
2007-04-18 18:30 - 2007-04-18 18:30 - 00471040 _____ () C:\Program Files (x86)\McAfee\Common Framework\ccme_base.dll
2011-01-12 15:05 - 2011-01-12 15:05 - 00065536 _____ () C:\Program Files (x86)\McAfee\Common Framework\boost_thread-vc80-mt-1_32.dll
2014-10-15 19:30 - 2015-12-28 12:49 - 00629536 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-12-15 12:38 - 2015-12-15 12:38 - 00326112 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\dblite.dll
2015-10-27 15:44 - 2015-10-27 15:44 - 00404952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\ipm_service.dll
2016-05-13 14:13 - 2016-05-13 14:13 - 00037688 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2016-05-13 14:13 - 2016-05-13 14:13 - 00039224 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugi n.dll
2016-05-13 14:13 - 2016-05-13 14:13 - 00037192 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2016-11-14 18:45 - 2016-11-08 16:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libgl esv2.dll
2016-11-14 18:45 - 2016-11-08 16:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libeg l.dll
2016-06-02 17:06 - 2016-06-02 17:06 - 45077376 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libcef.dll
2016-06-02 17:06 - 2016-06-02 17:06 - 01650560 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libglesv2.dll
2016-06-02 17:06 - 2016-06-02 17:06 - 00082304 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libegl.dll
2016-11-08 19:09 - 2016-11-08 19:09 - 17772736 _____ () C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.207\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720 [134]
AlternateDataStreams: C:\ProgramData\Temp:553CA6CA [110]
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [128]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\hola.org → hxxp://hola.org
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\008i.com → 008i.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\008k.com → 008k.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\00hq.com → 00hq.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\0190-dialers.com → 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\01i.info → 01i.info
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\02pmnzy5eo29bfk4.com → 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\05p.com → 05p.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\07ic5do2myz3vzpk.com → 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\08nigbmwk43i01y6.com → 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\093qpeuqpmz6ebfa.com → 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\0calories.net → 0calories.net
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\0cj.net → 0cj.net
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\0scan.com → 0scan.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\1-britney-spears-nude.com → 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\1-domains-registrations.com → 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\1-se.com → 1-se.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\1001movie.com → 1001movie.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\1001night.biz → 1001night.biz
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\100gal.net → 100gal.net
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\100sexlinks.com → 100sexlinks.com

There are 4791 more sites.

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2016-10-23 17:06 - 00000869 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Control Panel\Desktop\Wallpaper → c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM...\StartupApproved\StartupFolder: => “Kaspersky Software Updater Beta.lnk”
HKLM...\StartupApproved\StartupFolder: => “RealTimes.lnk”
HKLM...\StartupApproved\StartupFolder: => “WinZip Preloader.lnk”
HKLM...\StartupApproved\Run: => “hola”
HKLM...\StartupApproved\Run32: => “RealDownloader”
HKLM...\StartupApproved\Run32: => “TkBellExe”
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\StartupApproved\Run: => “uTorrent”
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\StartupApproved\Run: => “GarminExpressTrayApp”
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\StartupApproved\Run: => “iCloudDrive”
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\StartupApproved\Run: => “iCloudPhotos”
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\StartupApproved\Run: => “iCloudServices”
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\StartupApproved\Run: => “KSS”
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\StartupApproved\Run: => “SUPERAntiSpyware”

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{1F11BD5D-9CDA-4136-BB17-11759FEB6D09}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DA625BC8-20DA-4F96-B47A-3616BB97937C}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8C644734-5475-4DA6-B672-08496CD515EA}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6C306E7E-FA6E-4246-91D6-00F5ED2544EC}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7593305D-BBBF-4CCE-926B-B048B7563B94}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2D6CE001-C5BD-4ED4-9DD1-E5AE42D4EFB3}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1E296F81-475A-4BB6-BA2E-DB4CB7AA6E7E}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{CA213376-A484-48F7-800D-ACFB65B59F38}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A2F0F85D-ABFA-4002-BAEB-643936EF6E3F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B70DB332-4B6A-4D53-B69A-F7B07D80039F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6FDDDBCD-9E24-4FBA-89D2-A19271B06C67}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{E20FD543-C6C3-4313-9131-0D733A66F843}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [TCP Query User{1E47DBAC-AE53-474F-8254-E53AADA79E6E}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [{CF80B1C2-A556-4548-981C-06CBE3BB5EAF}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{4860E4E0-5D78-4517-A910-FAB62566D6FA}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{22655ABE-CC52-4BC1-9919-CE7010DD4740}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{0684BDD1-D04E-4DA9-9F57-AB8E9C43EB36}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{14305EE3-7585-4DBD-AFF1-CB41A6B30E8E}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{F30B66CF-ACBA-491F-A35F-E0D2C839AE9B}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{EA7E075A-7AD9-486D-936D-C5A008E4AEF0}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{955BF8E2-0107-430E-ACB3-EA1866B2188D}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{7F3B0884-9A74-4A23-A815-94DF09E8E16E}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{CC100D2B-0F25-44A6-8E18-B9D4213C2E18}] => (Allow) LPort=1900
FirewallRules: [{E3362B78-8937-4E14-96DB-A506F6A42DA6}] => (Allow) LPort=2869
FirewallRules: [{899C2BF5-FADA-4254-B801-49E186B090BF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6DABA61E-382F-4B73-9DCC-BF32E3072340}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{A7F9DF2C-1E41-44AC-B3F4-F1606E77B575}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{07F2AA3A-367C-418F-A447-4B15FD899263}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{A4B4C1FA-409F-4ED6-B7D6-9A0AB374593D}] => (Allow) svchost.exe
FirewallRules: [{6731B3C1-FA7E-4A09-82A7-E3FD48CE65B7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{26CB7901-2FC7-48BF-BCF9-B49DB4E705BC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [{A78F4198-025D-4135-B3D3-B93DDADC77F2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{CBDE96F0-6E14-4BF7-AFC6-241703E7FC90}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{E8F72EA0-BA09-4CBA-9F61-538AA9DBD4B9}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{70C3739A-C243-426D-913D-42C43F5D23AA}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{62769754-BDCC-4FC4-92A8-03FD784D2AA6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

06-11-2016 20:40:59 Removed iTunes

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
[HEADING=1]Application errors:[/HEADING]
Error: (11/23/2016 10:15:58 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.

Error: (11/23/2016 10:15:58 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - The configuration registry database is corrupt.
for C:\Users\CEP Local 440\AppData\Local\Microsoft\Windows\UsrClass.dat

Error: (11/23/2016 10:15:58 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.

Error: (11/23/2016 10:15:58 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - The configuration registry database is corrupt.
for C:\Users\CEP Local 440\AppData\Local\Microsoft\Windows\UsrClass.dat

Error: (11/23/2016 07:54:26 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.

Error: (11/23/2016 07:54:26 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - The configuration registry database is corrupt.
for C:\Users\CEP Local 440\AppData\Local\Microsoft\Windows\UsrClass.dat

Error: (11/23/2016 07:54:26 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.

Error: (11/23/2016 07:54:26 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - The configuration registry database is corrupt.
for C:\Users\CEP Local 440\AppData\Local\Microsoft\Windows\UsrClass.dat

Error: (11/23/2016 07:05:45 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.

Error: (11/23/2016 07:05:45 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - The configuration registry database is corrupt.
for C:\Users\CEP Local 440\AppData\Local\Microsoft\Windows\UsrClass.dat
[HEADING=1]System errors:[/HEADING]
Error: (11/22/2016 09:04:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (11/22/2016 07:56:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf9: Windows Alarms & Clock.

Error: (11/22/2016 07:50:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070490: Windows Alarms & Clock.

Error: (11/22/2016 07:50:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf9: Windows Alarms & Clock.

Error: (11/22/2016 07:50:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070490: Windows Alarms & Clock.

Error: (11/22/2016 07:49:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf9: Windows Alarms & Clock.

Error: (11/22/2016 07:49:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070490: Windows Alarms & Clock.

Error: (11/22/2016 07:49:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf9: Windows Alarms & Clock.

Error: (11/22/2016 07:49:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070490: Windows Alarms & Clock.

Error: (11/22/2016 07:49:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf9: Windows Alarms & Clock.
[HEADING=1]CodeIntegrity:[/HEADING]
Date: 2016-11-23 22:12:22.004
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-23 22:12:21.975
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-23 22:12:21.944
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-23 22:12:12.003
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-23 22:12:11.901
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-23 19:14:23.641
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-23 19:14:23.605
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-23 19:14:23.564
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-23 19:14:18.397
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-23 19:14:18.299
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
Percentage of memory in use: 50%
Total physical RAM: 3998.92 MB
Available physical RAM: 1962.66 MB
Total Virtual: 4254.92 MB
Available Virtual: 1725.93 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:450.94 GB) (Free:306.05 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:14.53 GB) (Free:2.39 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================
…And here is the second one;
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2016
Ran by CEP Local 440 (administrator) on CEPLOCAL440-PC (23-11-2016 22:16:49)
Running from C:\Users\CEP Local 440\Downloads
Loaded Profiles: CEP Local 440 (Available Profiles: CEP Local 440 & DefaultAppPool)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_updater.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_svc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(McAfee, Inc.) C:\WINDOWS\System32\mfevtps.exe
(Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.ex e
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64. exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Microsoft Corporation) C:\WINDOWS\System32\InstallAgent.exe
(Microsoft Corporation) C:\WINDOWS\System32\wuapihost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM...\Run: [Kernel and Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM...\Run: [RtkOSD] => C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [995840 2010-01-12] (Realtek Semiconductor Corp.)
HKLM...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe
HKLM...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8446832 2015-04-06] (Realtek Semiconductor)
HKLM...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2015-04-06] (Realtek Semiconductor)
HKLM...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2166376 2016-11-02] (Hola Networks Ltd.) <===== ATTENTION
HKLM...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-25] (Synaptics Incorporated)
HKLM-x32...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32...\Run: [McAfeeUpdaterUI] => C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [161088 2011-01-12] (McAfee, Inc.)
HKLM-x32...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [293768 2016-07-16] (RealNetworks, Inc.)
HKLM-x32...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] ()
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-10-25] (SUPERAntiSpyware)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\Run: [uTorrent] => C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe [2530304 2016-07-16] (BitTorrent Inc.)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64 Loader.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] → {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] → {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] → {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] → {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] → {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] → {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] → {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] → {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] → {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] → {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-07-16]
ShortcutTarget: FAH.lnk → C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2016-07-16]
ShortcutTarget: Kaspersky Software Updater Beta.lnk → C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (AO Kaspersky Lab)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2011-10-05]
ShortcutTarget: Logitech SetPoint.lnk → C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-10-23]
ShortcutTarget: McAfee Security Scan Plus.lnk → C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-07-16]
ShortcutTarget: RealTimes.lnk → C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-07-16]
ShortcutTarget: Update Notifier.lnk → C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-07-16]
ShortcutTarget: WinZip Preloader.lnk → C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 01 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 02 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 03 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 04 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 05 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 06 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 07 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 08 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 09 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip..\Interfaces{7aacf0c7-f777-451d-935f-0dff73e93a81}: [DhcpNameServer] 192.168.2.1 192.168.2.1
ManualProxies:
[HEADING=1]Internet Explorer:[/HEADING]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON/4
SearchScopes: HKLM → DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM → {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpl
SearchScopes: HKLM → {4AF4DA01-B858-4617-AC1C-0E06F377629C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 → DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL =
SearchScopes: HKLM-x32 → {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://search.imgag.com/?appid=wsdt&component=&c=GNWDO59900&sbs=2&sc=2&f=w eb&vernum=3.1.5.7620&uid=0&did=%7b35a80c04-0e82-4769-ab2e-d57b98cb7e3a%7d&q={searchTerms}
SearchScopes: HKLM-x32 → {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpl
SearchScopes: HKLM-x32 → {4AF4DA01-B858-4617-AC1C-0E06F377629C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU.DEFAULT → DefaultScope {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU.DEFAULT → {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU.DEFAULT → {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL =
SearchScopes: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 → {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://search.imgag.com/?appid=wsdt&component=&c=GNWDO59900&sbs=2&sc=2&f=w eb&vernum=3.1.5.7620&uid=0&did=%7b35a80c04-0e82-4769-ab2e-d57b98cb7e3a%7d&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 → {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpl
SearchScopes: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 → {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer → {3049C3E9-B461-4BC5-8870-4C09146192CA} → C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\I E\rndlbrowserrecordplugin64.dll [2016-05-13] (RealDownloader)
BHO: Canon Easy-WebPrint EX BHO → {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} → C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2013-11-28] (CANON INC.)
BHO: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-22] (Sun Microsystems, Inc.)
BHO: No Name → {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} → No File
BHO: Download Accelerator Plus Integration → {FF6C3CF0-4B15-11D1-ABED-709549C10000} → C:\Program Files (x86)\DAP\DAPIELoader64.dll [2011-03-24] (SpeedBit Ltd.)
BHO-x32: No Name → {02478D38-C3F9-4efb-9B51-7695ECA05670} → No File
BHO-x32: HP Print Enhancer → {0347C33E-8762-4905-BF09-768834316C61} → C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-06-30] (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer → {3049C3E9-B461-4BC5-8870-4C09146192CA} → C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\I E\rndlbrowserrecordplugin.dll [2016-05-13] (RealDownloader)
BHO-x32: Canon Easy-WebPrint EX BHO → {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} → C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28] (CANON INC.)
BHO-x32: No Name → {669E08DA-2172-5F0B-4DEE-CFA670E3BC84} → No File
BHO-x32: Java™ Plug-In SSV Helper → {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} → C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04] (Oracle Corporation)
BHO-x32: Windows Live Messenger Companion Helper → {9FDDE16B-836F-4806-AB1F-1455CBEFF289} → C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Microsoft Live Search Toolbar Helper → {d2ce3e00-f94a-4740-988e-03dc2f38c34f} → c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
BHO-x32: SpeedBit Link Verification Helper → {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} → C:\Program Files (x86)\DAP\LinkVerifier.dll [2012-12-10] (Speedbit Ltd.)
BHO-x32: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04] (Oracle Corporation)
BHO-x32: HP Network Check Helper → {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} → C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckP lugin.dll [2012-07-09] (Hewlett-Packard)
BHO-x32: GrabberObj Class → {FF7C3CF0-4B15-11D1-ABED-709549C10000} → C:\Program Files (x86)\SpeedBit Video Downloader\TBU3C\grabber.dll [2012-06-07] (SpeedBit)
BHO-x32: HP Smart BHO Class → {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} → C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-06-30] (Hewlett-Packard Co.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (CANON INC.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28] (CANON INC.)
Toolbar: HKU.DEFAULT → No Name - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No File
Toolbar: HKU.DEFAULT → No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU.DEFAULT → No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 → No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 → No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 → No Name - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No File
Toolbar: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 → Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (CANON INC.)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
[HEADING=1]FireFox:[/HEADING]
FF HKLM-x32...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\Browser Plugins\Firefox\Ext => not found
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 → C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 → c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer → C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2016-02-18] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 → C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-12-18] ()
FF Plugin-x32: @canon.com/EPPEX → C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 → C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 → C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-12-27] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin → C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 → C:\WINDOWS\SysWOW64\npdeployJava1.dll [2012-05-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin → C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [2012-05-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 → C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [2012-05-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 → c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 → C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 → C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 → C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 → C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.4.135 → C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2016-07-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.4.135 → C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-07-16] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: Adobe Reader → C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin HKU.DEFAULT: @hola.org/FlashPlayer → C:\Users\CEP Local 440\AppData\Local\Hola\firefox_hola\app\flash\NPSW F32_18_0_0_232.dll [2016-04-09] ()
FF Plugin HKU.DEFAULT: @hola.org/vlc → C:\Users\CEP Local 440\AppData\Local\Hola\firefox_hola\app\vlc\npvlc. dll [2016-04-09] (Hola)
FF Plugin HKU\S-1-5-21-1124643268-3595298339-4084894015-1000: @hola.org/FlashPlayer → C:\Users\CEP Local 440\AppData\Local\Hola\firefox_hola\app\flash\NPSW F32_18_0_0_232.dll [2016-04-09] ()
FF Plugin HKU\S-1-5-21-1124643268-3595298339-4084894015-1000: @hola.org/vlc → C:\Users\CEP Local 440\AppData\Local\Hola\firefox_hola\app\vlc\npvlc. dll [2016-04-09] (Hola)
[HEADING=1]Chrome:[/HEADING]
CHR DefaultProfile: Default
CHR HomePage: Default → hxxp://search.conduit.com/?ctid=CT3319613&octid=EB_ORIGINAL_CTID&SearchSourc e=55&CUI=&UM=4&UP=SP8759D25A-7352-4FC4-8764-92A112E26A02&SSPV=
CHR StartupUrls: Default → “hxxp://search.conduit.com/?ctid=CT3319613&octid=EB_ORIGINAL_CTID&SearchSourc e=55&CUI=&UM=4&UP=SP8759D25A-7352-4FC4-8764-92A112E26A02&SSPV=”
CHR DefaultSearchURL: Default → hxxps://search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=994519&p={searchTerms}
CHR DefaultSearchKeyword: Default → yahoo.com search
CHR DefaultSuggestURL: Default → hxxps://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Profile: C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default [2016-11-23]
CHR Extension: (Download Accelerator Plus (DAP)) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnkn jcpbjb [2013-10-15] [UpdateUrl: hxxps://secure.speedbit.com/chrome/DAP/DAPChromeUpdate6.xml] <==== ATTENTION
CHR Extension: (AdBlock) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbi glidom [2016-11-23]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfb nlmeio [2016-11-17]
CHR Extension: (Towns) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpicpeahbmmbigocblndhdmgp kcggpk [2016-10-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2016-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2016-10-23]
CHR HKLM-x32...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Program Files (x86)\DAP\DAPChrome\DAPChrome6.crx [2011-07-13]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-09-01] (SUPERAntiSpyware.com)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [792592 2016-04-08] (Garmin Ltd. or its subsidiaries)
R2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [5622376 2016-11-02] (Hola Networks Ltd.) <==== ATTENTION
R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [8104576 2015-11-01] (Hola Networks Ltd.) <==== ATTENTION
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
S3 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [362296 2010-05-11] (HP)
S3 HPSIService; C:\Windows\SysWOW64\HPSIsvc.exe [0 2013-11-06] () <==== ATTENTION (zero byte File/Folder)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] () [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-02-22] (Hewlett-Packard Company) [File not signed]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [120128 2011-01-12] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe [329480 2016-10-13] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [158832 2012-01-22] (McAfee, Inc.)
R2 mfevtp; C:\Windows\SysWOW64\mfevtps.exe [0 2013-11-06] () <==== ATTENTION (zero byte File/Folder)
R2 REALPLAYERUPDATESVC; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-05-13] ()
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1095440 2016-07-16] (RealNetworks, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [293080 2015-04-06] (Realtek Semiconductor)
R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed]
R2 SamSs; C:\WINDOWS\SysWOW64\lsass.exe [0 2013-11-06] () <==== ATTENTION (zero byte File/Folder)
R2 Spooler; C:\WINDOWS\SysWOW64\spoolsv.exe [0 2013-11-06] () <==== ATTENTION (zero byte File/Folder)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-25] (Synaptics Incorporated)
S3 VideoAcceleratorService; C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe [277744 2013-01-19] (SpeedBit Ltd.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [579832 2016-01-19] (WiseCleaner.com)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [158712 2012-01-22] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [228752 2012-01-22] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [642952 2012-01-22] (McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [100904 2012-01-22] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [283744 2012-01-22] (McAfee, Inc.)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-22] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-07-28] (Realtek )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-25] (Synaptics Incorporated)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [16152 2016-10-25] ()
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [44032 2015-07-09] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 WiseHDInfo; C:\Program Files (x86)\Wise\Wise Care 365\WiseHDInfo64.dll [11304 2014-06-04] (wisecleaner.com) [File not signed]
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-23 22:16 - 2016-11-23 22:18 - 00031334 _____ C:\Users\CEP Local 440\Downloads\FRST.txt
2016-11-23 22:16 - 2016-11-23 22:16 - 00000000 ____D C:\FRST
2016-11-23 22:11 - 2016-11-23 22:14 - 00001598 _____ C:\Users\CEP Local 440\Desktop\FRST64 - Shortcut.lnk
2016-11-23 22:09 - 2016-11-23 22:15 - 02412032 _____ (Farbar) C:\Users\CEP Local 440\Downloads\FRST64.exe
2016-11-23 22:05 - 2016-11-23 22:05 - 00016148 _____ C:\WINDOWS\system32\CEPLOCAL440-PC_CEP Local 440_HistoryPrediction.bin
2016-11-23 19:54 - 2016-11-23 19:54 - 00128628 _____ C:\Users\CEP Local 440\Desktop\PC Help Forum.html
2016-11-23 19:54 - 2016-11-23 19:54 - 00000000 ____D C:\Users\CEP Local 440\Desktop\PC Help Forum_files
2016-11-19 19:24 - 2016-11-19 19:25 - 00268880 _____ C:\TDSSKiller.3.1.0.12_19.11.2016_19.24.07_log.txt
2016-11-19 19:23 - 2016-11-19 19:23 - 04747704 _____ (AO Kaspersky Lab) C:\Users\CEP Local 440\Downloads\tdsskiller (1).exe
2016-11-19 19:07 - 2016-11-19 19:10 - 00532114 _____ C:\TDSSKiller.3.1.0.12_19.11.2016_19.07.45_log.txt
2016-11-19 19:07 - 2016-11-19 19:07 - 04747704 _____ (AO Kaspersky Lab) C:\Users\CEP Local 440\Downloads\tdsskiller.exe
2016-11-19 19:01 - 2016-11-19 19:01 - 02622304 _____ (Kaspersky Lab) C:\Users\CEP Local 440\Downloads\kss16.0.0.1344en_9702.exe
2016-11-18 15:56 - 2016-11-18 15:56 - 00127637 _____ C:\Users\CEP Local 440\Desktop\how to remove Heur_Exploit.Script.Generic - Yahoo Search Results.html
2016-11-18 15:56 - 2016-11-18 15:56 - 00000000 ____D C:\Users\CEP Local 440\Desktop\how to remove Heur_Exploit.Script.Generic - Yahoo Search Results_files
2016-11-18 13:25 - 2012-05-04 18:29 - 00227720 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2016-11-15 19:46 - 2016-11-15 19:46 - 00132859 _____ C:\Users\CEP Local 440\Desktop\Watch Westworld (2016) Online Free - PrimeWire _ 1Channel.html
2016-11-15 19:46 - 2016-11-15 19:46 - 00000000 ____D C:\Users\CEP Local 440\Desktop\Watch Westworld (2016) Online Free - PrimeWire _ 1Channel_files
2016-11-14 21:09 - 2016-11-14 21:09 - 00085387 _____ C:\Users\CEP Local 440\Desktop\Watch Britain’s Got Talent - PrimeWire _ 1Channel _ LetMeWatchThis - Watch TV Shows Online Free - Just Added.html
2016-11-14 21:09 - 2016-11-14 21:09 - 00000000 ____D C:\Users\CEP Local 440\Desktop\Watch Britain’s Got Talent - PrimeWire _ 1Channel _ LetMeWatchThis - Watch TV Shows Online Free - Just Added_files
2016-11-06 20:55 - 2016-11-06 20:55 - 00124328 _____ C:\Users\CEP Local 440\Desktop\Watch Britain’s Got Talent.html
2016-11-06 20:54 - 2016-11-06 20:54 - 00000000 ____D C:\Users\CEP Local 440\Desktop\Watch Britain’s Got Talent_files
2016-11-03 19:17 - 2016-11-03 19:17 - 00002542 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_CEP_ Local_440
2016-11-03 19:17 - 2016-11-03 19:17 - 00000324 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_CEP_Local_440 .job
2016-11-03 19:17 - 2016-11-03 19:17 - 00000000 ____D C:\ProgramData{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-11-03 19:16 - 2016-11-03 19:16 - 00002488 _____ C:\WINDOWS\System32\Tasks\ASC9_SkipUac_CEP Local 440
2016-11-03 19:16 - 2016-11-03 19:16 - 00000284 _____ C:\WINDOWS\Tasks\ASC9_SkipUac_CEP Local 440.job
2016-11-02 22:32 - 2016-11-02 22:32 - 00127538 _____ C:\Users\CEP Local 440\Desktop\WestJet.html
2016-11-02 22:32 - 2016-11-02 22:32 - 00000000 ____D C:\Users\CEP Local 440\Desktop\WestJet_files
2016-11-01 18:23 - 2016-11-01 18:23 - 00002221 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-11-01 18:23 - 2016-11-01 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-10-29 19:19 - 2016-10-29 19:19 - 00124315 _____ C:\Users\CEP Local 440\Desktop\Britian got talent season-10-episode-1.htm

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-23 20:45 - 2013-05-11 20:33 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-23 19:41 - 2015-07-30 18:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-23 19:07 - 2015-10-24 07:16 - 01005598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-23 19:07 - 2015-07-30 18:40 - 00000000 ____D C:\WINDOWS\INF
2016-11-23 19:05 - 2012-12-31 23:09 - 00000386 ____H C:\WINDOWS\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5}.job
2016-11-22 19:56 - 2015-10-25 10:39 - 00000000 ____D C:\Users\CEP Local 440\AppData\Local\Packages
2016-11-22 19:49 - 2015-07-30 18:42 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-22 18:22 - 2013-01-28 19:48 - 00000000 ____D C:\Users\CEP Local 440\AppData\Roaming\Wise Care 365
2016-11-22 18:21 - 2015-07-30 17:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-20 23:19 - 2015-10-24 07:18 - 00000000 ____D C:\Users\CEP Local 440
2016-11-19 12:36 - 2014-10-15 19:30 - 00000000 ____D C:\ProgramData\ProductData
2016-11-18 13:25 - 2012-06-13 20:08 - 00000000 ____D C:\Program Files (x86)\Java
2016-11-17 21:37 - 2010-10-12 20:18 - 00000000 ____D C:\Program Files (x86)\IObit
2016-11-14 18:45 - 2012-12-31 20:36 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-06 17:47 - 2015-11-03 18:07 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-03 19:18 - 2010-10-12 20:18 - 00000000 ____D C:\Users\CEP Local 440\AppData\Roaming\IObit
2016-11-03 19:17 - 2014-10-15 19:30 - 00000000 ____D C:\Users\CEP Local 440\AppData\LocalLow\IObit
2016-11-03 19:17 - 2011-03-21 18:31 - 00000000 ____D C:\ProgramData\IObit
2016-11-01 21:08 - 2015-07-10 05:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-11-01 18:35 - 2010-10-11 20:27 - 00000000 ____D C:\Users\CEP Local 440\AppData\Local\Google
2016-11-01 18:23 - 2010-10-11 20:26 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-27 21:22 - 2010-10-12 21:36 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-10-25 20:36 - 2015-07-30 18:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-25 20:36 - 2014-03-30 10:59 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-10-25 18:39 - 2014-08-11 05:23 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-25 18:30 - 2012-12-31 21:05 - 00016152 _____ C:\WINDOWS\system32\Drivers\SWDUMon.sys

==================== Files in the root of some directories =======

2011-07-13 07:34 - 2011-07-13 07:34 - 0099384 _____ () C:\Users\CEP Local 440\AppData\Roaming\inst.exe
2011-07-13 07:34 - 2011-07-13 07:34 - 0007859 _____ () C:\Users\CEP Local 440\AppData\Roaming\pcouffin.cat
2011-07-13 07:34 - 2011-07-13 07:34 - 0001167 _____ () C:\Users\CEP Local 440\AppData\Roaming\pcouffin.inf
2011-07-13 07:35 - 2015-02-16 16:26 - 0000033 _____ () C:\Users\CEP Local 440\AppData\Roaming\pcouffin.log
2011-07-13 07:34 - 2011-07-13 07:34 - 0082816 _____ (VSO Software) C:\Users\CEP Local 440\AppData\Roaming\pcouffin.sys
2011-07-13 07:35 - 2011-07-14 11:58 - 0000671 _____ () C:\Users\CEP Local 440\AppData\Roaming\vso_ts_preview.xml
2010-10-13 04:39 - 2010-10-13 04:39 - 0000000 _____ () C:\Users\CEP Local 440\AppData\Roaming\wklnhst.dat
2013-11-06 16:18 - 2015-11-12 22:49 - 0123531 _____ () C:\Users\CEP Local 440\AppData\Local\ars.cache
2013-11-06 16:19 - 2015-11-12 22:49 - 1188256 _____ () C:\Users\CEP Local 440\AppData\Local\census.cache
2013-11-06 15:44 - 2013-11-06 15:44 - 0000036 _____ () C:\Users\CEP Local 440\AppData\Local\housecall.guid.cache
2015-11-12 23:40 - 2015-11-12 23:40 - 0000010 _____ () C:\Users\CEP Local 440\AppData\Local\sponge.last.runtime.cache
2010-09-17 06:11 - 2015-10-10 18:12 - 0000361 _____ () C:\ProgramData\HPWALog.txt
2010-07-08 04:40 - 2010-07-08 04:40 - 0000032 _____ () C:\ProgramData{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-04-22 14:43 - 2010-04-22 14:43 - 0000109 _____ () C:\ProgramData{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-07-08 04:40 - 2010-07-08 04:40 - 0000032 _____ () C:\ProgramData{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2010-04-22 14:37 - 2010-04-22 14:38 - 0000105 _____ () C:\ProgramData{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-07-08 04:39 - 2010-07-08 04:39 - 0000032 _____ () C:\ProgramData{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-07-08 04:40 - 2010-07-08 04:40 - 0000032 _____ () C:\ProgramData{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-04-22 14:37 - 2010-04-22 14:37 - 0000107 _____ () C:\ProgramData{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-04-22 14:38 - 2010-04-22 14:42 - 0000110 _____ () C:\ProgramData{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-07-08 04:40 - 2010-07-08 04:40 - 0000105 _____ () C:\ProgramData{d36dd326-7280-11d8-97c8-000129760cbe}.log
[HEADING=1]Files to move or delete:[/HEADING]
C:\Program Files\Hola\app\hola.exe
[HEADING=1]Some files in TEMP:[/HEADING]
C:\Users\CEP Local 440\AppData\Local\Temp\dl496E0711-22AA-A942-9FCF-CF4B73F6E484.exe
C:\Users\CEP Local 440\AppData\Local\Temp\dl74710E02-F14B-BA4E-9871-B134BC7EBF34.exe
C:\Users\CEP Local 440\AppData\Local\Temp\dlA4455746-8CF2-4243-B1DD-CB8214B3943A.exe
C:\Users\CEP Local 440\AppData\Local\Temp\jre-8u112-windows-i586.exe
[HEADING=1]Some zero byte size files/folders:[/HEADING]
C:\Windows\SysWOW64\conhost.exe
C:\Windows\SysWOW64\csrss.exe
C:\Windows\SysWOW64\dwm.exe
C:\Windows\SysWOW64\hkcmd.exe
C:\Windows\SysWOW64\HPSIsvc.exe
C:\Windows\SysWOW64\igfxpers.exe
C:\Windows\SysWOW64\igfxtray.exe
C:\Windows\SysWOW64\lsass.exe
C:\Windows\SysWOW64\lsm.exe
C:\Windows\SysWOW64\mfevtps.exe
C:\Windows\SysWOW64\services.exe
C:\Windows\SysWOW64\smss.exe
C:\Windows\SysWOW64\spoolsv.exe
C:\Windows\SysWOW64\taskhost.exe
C:\Windows\SysWOW64\winlogon.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-06-03 20:36

==================== End of FRST.txt ============================
Thanks again for your assistance.

P2P Program installed: I must warn you that this type of program is of the highest nature that infections are invited into your Computer. I suggest that you remove it through your Control Panel. Though the programs themselves are not malicious, the chance of downloading a malicious file is like playing russian roullette. Any file could be the one that will turn your computer into a very expensive door stop.

We would like to ask that you refrain from using U-torrent while we are helping you here. Better that you uninstall it, if you wish to keep it then please refrain from using the software.

While I make a fix with FRST – please run the following tool…

Zemana Deep Scan.

[ul]
[li]Right click on Zemana and run as admin.[/li][li]Click the Cog/Sproket Wheel, at the top right of Zemana[/li]
[li]Select Advanced - I have read the warning and wish to proceed.[/li][li]Place a tick next to Detect Suspicious (Root CA) Certificates.[/li][li]Then click the house icon in Zemana.[/li][li]Then hit your start button at the lower left hand corner of your desktop.[/li]
[li]Then left click on Computer.[/li][li]Drag Local Disk C: Into the area of Zemana that reads Drag and drop files here to scan them.[/li][li]http://i.imgur.com/bOVO6lY.png[/li][li]Once the scan has completed click graph icon on the top right of the programs User interface.[/li][li]Double click to open the latest log-file.[/li][li]Copy it to your clipboard.[/li]
[li]Post the log here in your next reply.[/li][/ul]

After the Zemana scan, please remove these items below with Geek Uninstaller.

Download Accelerator Plus (DAP) (HKLM-x32...\Download Accelerator Plus (DAP)) (Version: 10050 (Build 2519) - Speedbit Ltd.)
Hola™ 1.18.524 - Better Internet (HKLM...\Hola) (Version: 1.18.524 - Hola Networks Ltd.) <==== ATTENTION
HP Advisor (HKLM-x32...{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Games (HKLM-x32...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent)
HP Update (HKLM-x32...{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0183 (HKLM-x32...{BC146E5F-A2B0-40DB-90E7-2833807E98DF}) (Version: 1.01.0001 - Hewlett-Packard)
iLivid (x32 Version: 1.92.0.118480 - Bandoo Media Inc.) Hidden <==== ATTENTION
Java 7 Update 11 (HKLM-x32...{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.110 - Oracle)
Java™ 6 Update 17 (64-bit) (HKLM...{26A24AE4-039D-4CA4-87B4-2F86416017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM-x32...{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Kaspersky Security Scan (HKLM-x32...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 16.0.0.1344 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 16.0.0.1344 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32...\InstallWIX_{94C8D443-1D07-4E6D-A9EB-FDBA45A839D8}) (Version: 1.5.2.228 - Kaspersky Lab)
LightScribe System Software (HKLM-x32...{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}) (Version: 1.18.12.1 - LightScribe)
McAfee Security Scan Plus (HKLM...\McAfee Security Scan) (Version: 3.11.427.2 - McAfee, Inc.)
Microsoft Live Search Toolbar (HKLM-x32...{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
SpeedBit Video Accelerator (HKLM-x32...\SpeedBit Video Accelerator) (Version: 3370(build_3043) - SpeedBit Ltd.)
SpeedBit Video Downloader (HKLM-x32...\SpeedBit Video Downloader) (Version: 1154(build_488) - SPEEDbit Ltd.)
SUPERAntiSpyware (HKLM...{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
Vuze (HKLM-x32...\8461-7759-5462-8226) (Version: 5.7.0.0 - Azureus Software, Inc.)
Wise Care 365 3.96 (HKLM-x32...\Wise Care 365_is1) (Version: 3.96 - WiseCleaner.com, Inc.)
Wise Care 365 version 2.44 (HKLM-x32...{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 2.44 - WiseCleaner.com, Inc.)
Wise Registry Cleaner 8.81 (HKLM-x32...\Wise Registry Cleaner_is1) (Version: 8.81 - WiseCleaner.com, Inc.)
Yahoo! Detect (HKLM-x32...\YTdetect) (Version: - )

Hello:
Thanks for your reply.
I uninstalled the UTorrent program but I didn’t see the P2P program to uninstall. Might it be called something else?
I may have went to far with the Zemara program and quarantined some files, if I did, I am sorry.
Here is the log;

[spoiler]
Zemana AntiMalware 2.60.2.1 (Installed)

---

Scan Result : Completed
Scan Date : 2016/11/24
Operating System : Windows 10 64-bit
Processor : 2X Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
BIOS Mode : Legacy
CUID : 1255A017722963428A3D5D
Scan Type : Custom Scan
Duration : 144m 20s
Scanned Objects : 364581
Detected Objects : 138
Excluded Objects : 0
Read Level : Normal
Auto Upload : Enabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2
[HEADING=1]Detected Objects[/HEADING]
EasyHook64.dll
Status : Scanned
Object : %systemroot%\syswow64\easyhook64.dll
MD5 : 47344CA16097E6ADC726F415582BA92B
Publisher : Speed-Bit LTD
Size : 109216
Version : -
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %systemroot%\syswow64\easyhook64.dll

EasyHook32.dll
Status : Scanned
Object : %systemroot%\syswow64\easyhook32.dll
MD5 : 478063C6D3E9D25ACD3C59782B82E307
Publisher : Speed-Bit LTD
Size : 90784
Version : -
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %systemroot%\syswow64\easyhook32.dll

roboot64.exe
Status : Scanned
Object : %systemroot%\system32\roboot64.exe
MD5 : 21FF16580CD3A827C2D24E58EE0D8558
Publisher : WinZip Computing
Size : 18760
Version : 1.0.0.0
Detection : Scareware:Win32/FakeOptimizer
Cleaning Action : Quarantine
Related Objects :
File - %systemroot%\system32\roboot64.exe

SWDUMon.sys
Status : Scanned
Object : %systemroot%\system32\drivers\swdumon.sys
MD5 : D53CAB3ADAE01DDF71999042C0FED2D4
Publisher : Slimware Utilities, Inc.
Size : 16152
Version : -
Detection : Scareware:Win32/FakeOptimizer!Ep
Cleaning Action : Quarantine
Related Objects :
File - %systemroot%\system32\drivers\swdumon.sys

ARPPRODUCTICON.exe
Status : Scanned
Object : %systemroot%\installer{e06af9be-e1d6-4867-8dbf-74e4ba32bbb3}\arpproducticon.exe
MD5 : 1099C8D6549B14F74E4EC72C5C8DCA46
Publisher : Speed-Bit LTD
Size : 59552
Version : 16.0.0.328
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %systemroot%\installer{e06af9be-e1d6-4867-8dbf-74e4ba32bbb3}\arpproducticon.exe

ask
Status : Scanned
Object : NE->c:\programdata\ask
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/AskToolbar.G!Neng
Cleaning Action : Quarantine
Related Objects :
(null) - (null)

VuuPCBaseSetup.exe
Status : Scanned
Object : %userprofile%\downloads\vuupcbasesetup.exe
MD5 : 3F8866DA6842C0D21B75AEFEA97B57B4
Publisher : ClickMeIn Limited
Size : 295728
Version : 1.0.0.265
Detection : Adware:Win32/ClickMeIn!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\downloads\vuupcbasesetup.exe

VaudiX.exe
Status : Scanned
Object : %userprofile%\downloads\vaudix.exe
MD5 : B296048205FAA1E4E95C5CC94065B64A
Publisher : Shlomy Golani
Size : 307784
Version : 2012.12.31.1118
Detection : Adware:Win32/OutBrowse!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\downloads\vaudix.exe

SoftonicDownloader_for_johns-background-switcher.exe
Status : Scanned
Object : %userprofile%\downloads\softonicdownloader_for_joh ns-background-switcher.exe
MD5 : B91EFA9F8E0D4A2724AB98DC1A965EB5
Publisher : Softonic International
Size : 293176
Version : -
Detection : Adware:Win32/SoftonicBundle!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\downloads\softonicdownloader_for_joh ns-background-switcher.exe

slimdrivers-setup (1).exe
Status : Scanned
Object : %userprofile%\downloads\slimdrivers-setup (1).exe
MD5 : 79C7C6BFAD45ECD9ECA8CA592B723D72
Publisher : Slimware Utilities, Inc.
Size : 670016
Version : 1.3.0.0
Detection : Scareware:Win32/FakeOptimizer!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\downloads\slimdrivers-setup (1).exe

slimdrivers-setup.exe
Status : Scanned
Object : %userprofile%\downloads\slimdrivers-setup.exe
MD5 : 8CC245595C63DBBAB0F6F54A9EF70B9B
Publisher : SlimWare Utilities Inc.
Size : 632704
Version : 1.2.5.0
Detection : Scareware:Win32/FakeOptimizer!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\downloads\slimdrivers-setup.exe

slimdrivers-setup (3).exe
Status : Scanned
Object : %userprofile%\downloads\slimdrivers-setup (3).exe
MD5 : E2CE6F3338ADD7161C73AA6D6111A71C
Publisher : Slimware Utilities, Inc.
Size : 698688
Version : 1.3.0.0
Detection : Scareware:Win32/FakeOptimizer!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\downloads\slimdrivers-setup (3).exe

slimdrivers-setup (2).exe
Status : Scanned
Object : %userprofile%\downloads\slimdrivers-setup (2).exe
MD5 : E2CE6F3338ADD7161C73AA6D6111A71C
Publisher : Slimware Utilities, Inc.
Size : 698688
Version : 1.3.0.0
Detection : Scareware:Win32/FakeOptimizer!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\downloads\slimdrivers-setup (2).exe

revo uninstaller.exe
Status : Scanned
Object : %userprofile%\downloads\revo uninstaller.exe
MD5 : 5387067F81FB640DD31DE9DCB16BBE24
Publisher : Solimba Aplicaciones S.L.
Size : 176680
Version : 2.2.46.0
Detection : Adware:Win32/Solimba!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\downloads\revo uninstaller.exe

revo uninstaller(1).exe
Status : Scanned
Object : %userprofile%\downloads\revo uninstaller(1).exe
MD5 : 5387067F81FB640DD31DE9DCB16BBE24
Publisher : Solimba Aplicaciones S.L.
Size : 176680
Version : 2.2.46.0
Detection : Adware:Win32/Solimba!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\downloads\revo uninstaller(1).exe

DownloadSetup (6).exe
Status : Scanned
Object : %userprofile%\downloads\downloadsetup (6).exe
MD5 : BAFA536B3E28741F23431EADB12CFA99
Publisher : Artua Vladislav
Size : 245816
Version : 2011.12.20.1229
Detection : Adware:Win32/BulkHeur.a867ba!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\downloads\downloadsetup (6).exe

DownloadSetup (59).exe
Status : Scanned
Object : %userprofile%\downloads\downloadsetup (59).exe
MD5 : D894F2BC6C498C19BC9964F08673A5F4
Publisher : Artua Vladislav
Size : 228920
Version : 2011.11.27.1312
Detection : Adware:Win32/BulkHeur.a867ba!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\downloads\downloadsetup (59).exe

dap97_brosp.exe
Status : Scanned
Object : %userprofile%\downloads\dap97_brosp.exe
MD5 : F4434A28A021E3E360820C52480BFD8B
Publisher : Speed-Bit LTD
Size : 12296704
Version : 9704.4455.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\downloads\dap97_brosp.exe

va33.exe
Status : Scanned
Object : %userprofile%\documents\my dap downloads\va33.exe
MD5 : 226439B5D23EDD7EAF6F5FCDCB700E22
Publisher : Speed-Bit LTD
Size : 3366632
Version : 3370.4455.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\documents\my dap downloads\va33.exe

va33_affad.exe
Status : Scanned
Object : %userprofile%\documents\my dap downloads\va33_affad.exe
MD5 : D5B5275D079B2BC1FC483543C7D0F88D
Publisher : Speed-Bit LTD
Size : 2257200
Version : -
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\documents\my dap downloads\va33_affad.exe

slimdrivers-setup.exe
Status : Scanned
Object : %userprofile%\documents\my dap downloads\slimdrivers-setup.exe
MD5 : 8CC245595C63DBBAB0F6F54A9EF70B9B
Publisher : SlimWare Utilities Inc.
Size : 632704
Version : 1.2.5.0
Detection : Scareware:Win32/FakeOptimizer!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\documents\my dap downloads\slimdrivers-setup.exe

Setup v2 1.exe.dap
Status : Scanned
Object : %userprofile%\documents\my dap downloads\setup v2 1.exe.dap
MD5 : C856276E26ACF214DA0793EE4D077267
Publisher : -
Size : 790888
Version : -
Detection : Malware:Win32/Normian.A!Tkak
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\documents\my dap downloads\setup v2 1.exe.dap

cnet_EClea2_0_exe.exe
Status : Scanned
Object : %userprofile%\documents\my dap downloads\cnet_eclea2_0_exe.exe
MD5 : EAAE272D20D7867B617295D0DE87B572
Publisher : CBS Interactive, Inc.
Size : 454120
Version : 1.2.3.0
Detection : Adware:Win32/CNETBundle!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\documents\my dap downloads\cnet_eclea2_0_exe.exe

dap10.exe
Status : Scanned
Object : %userprofile%\documents\my dap downloads\dap10.exe
MD5 : EEE0E05FB866ED6DB09044DF75B5C1B3
Publisher : Speed-Bit LTD
Size : 10284272
Version : 10030.4455.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\documents\my dap downloads\dap10.exe

dap10_1.exe
Status : Scanned
Object : %userprofile%\documents\my dap downloads\dap10_1.exe
MD5 : 4AB67E24379F0C2D90AA45431B93FCB2
Publisher : Speed-Bit LTD
Size : 10354928
Version : 10036.4455.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\documents\my dap downloads\dap10_1.exe

dap10_2.exe
Status : Scanned
Object : %userprofile%\documents\my dap downloads\dap10_2.exe
MD5 : EF9302CCD68C3C8315EAEC73C4662AFA
Publisher : Speed-Bit LTD
Size : 11250688
Version : 10050.4455.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %userprofile%\documents\my dap downloads\dap10_2.exe

Converter.exe
Status : Scanned
Object : %programfiles%\speedbit video downloader\converter.exe
MD5 : 3A8D6E14F52008EE4FAC1BF2078E962D
Publisher : Speed-Bit LTD
Size : 2255072
Version : 3.3.0.7
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\converter.exe
Reference - C:\Users\CEP Local 440\Desktop\New folder\SPEEDbit Video Downloader.lnk

VideoAccelerator.exe
Status : Scanned
Object : %programfiles%\speedbit video accelerator\videoaccelerator.exe
MD5 : 77D8FF6765F0D9D0141DB2A5E86D811A
Publisher : Speed-Bit LTD
Size : 1517296
Version : 3.3.7.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video accelerator\videoaccelerator.exe
Reference - C:\Users\CEP Local 440\Desktop\New folder\SpeedBit Video Accelerator.lnk

DAP.exe
Status : Scanned
Object : %programfiles%\dap\dap.exe
MD5 : 75121F725ED39F2E4FB918EC298E820D
Publisher : Speed-Bit LTD
Size : 3811544
Version : 10.0.5.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dap.exe
Reference - C:\Users\CEP Local 440\Desktop\New folder\Download Accelerator Plus (DAP).lnk

FreeAppsSetup.exe
Status : Scanned
Object : %appdata%\microsoft\windows\templates\freeappssetu p.exe
MD5 : E89EF00F23DFC0F0BF1F21C08D7DA81E
Publisher : Cheng Du VTools Information Technology
Size : 814496
Version : 1.4.1.1
Detection : Adware:Win32/Quarand!Ekea
Cleaning Action : Quarantine
Related Objects :
File - %appdata%\microsoft\windows\templates\freeappssetu p.exe

npdapchrome.dll
Status : Scanned
Object : %localappdata%\google\chrome\user data\default\extensions\ffdcfjdljhbehggjdkdioajnkn jcpbjb\2.0.11_1\lib\npdapchrome.dll
MD5 : 098E0842B7816C097BF08931602030E8
Publisher : Speed-Bit LTD
Size : 157912
Version : 9.7.0.6
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %localappdata%\google\chrome\user data\default\extensions\ffdcfjdljhbehggjdkdioajnkn jcpbjb\2.0.11_1\lib\npdapchrome.dll

npdapchrome.dll
Status : Scanned
Object : %localappdata%\chromium\user data\default\extensions\ffdcfjdljhbehggjdkdioajnkn jcpbjb\2.0.11_0\lib\npdapchrome.dll
MD5 : 098E0842B7816C097BF08931602030E8
Publisher : Speed-Bit LTD
Size : 157912
Version : 9.7.0.6
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %localappdata%\chromium\user data\default\extensions\ffdcfjdljhbehggjdkdioajnkn jcpbjb\2.0.11_0\lib\npdapchrome.dll

DapRemoteControlPlugin.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins_old\b775a1d0-4882-4577-b251-0dac64a08e40\1.0.4.2_0\dapremotecontrolplugin.dll
MD5 : CDB4E959B09198B6CC205EDA91E4C5EF
Publisher : Speed-Bit LTD
Size : 543944
Version : 1.0.4.2
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins_old\b775a1d0-4882-4577-b251-0dac64a08e40\1.0.4.2_0\dapremotecontrolplugin.dll

SDCondition.dll
Status : Scanned
Object : %programdata%\speedbit\dap\sdcondition.dll
MD5 : B42D07D326E0C048429283308837B453
Publisher : Speed-Bit LTD
Size : 44688
Version : 1.0.4.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\sdcondition.dll

DapLinkCheckerPlugin.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins_old\b0fe9480-9e77-4c65-bf2f-855f9d750418\1.0.0.2_0\daplinkcheckerplugin.dll
MD5 : FDAD829079BEB72E29DCE721B53E98D7
Publisher : Speed-Bit LTD
Size : 408776
Version : 1.0.0.2
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins_old\b0fe9480-9e77-4c65-bf2f-855f9d750418\1.0.0.2_0\daplinkcheckerplugin.dll

ZipPreview.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins_old\af98251c-b46e-4803-86b9-4cf410e0b652\1.0.0.2_0\zippreview.dll
MD5 : 217C6378F2AE4286B05F1B619CED2479
Publisher : Speed-Bit LTD
Size : 574664
Version : 1.0.0.2
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins_old\af98251c-b46e-4803-86b9-4cf410e0b652\1.0.0.2_0\zippreview.dll

DapInternetTab.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins_old\211a24a5-08e2-4413-8bff-c16f80ccb537\1.0.0.0_0\dapinternettab.dll
MD5 : 8DDAF3761904822CE4373C4F23777D3C
Publisher : Speed-Bit LTD
Size : 754888
Version : 1.0.0.1
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins_old\211a24a5-08e2-4413-8bff-c16f80ccb537\1.0.0.0_0\dapinternettab.dll

DapsterTools.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins_old\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.0_0\dapstertools.dll
MD5 : 747522B27BBBFC12B62C71F4623C011D
Publisher : Speed-Bit LTD
Size : 55480
Version : 1.0.0.8
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins_old\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.0_0\dapstertools.dll

DapLinkCheckerPlugin.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins\b0fe9480-9e77-4c65-bf2f-855f9d750418\1.0.0.3_1\daplinkcheckerplugin.dll
MD5 : 95D4C8D84F98017817FF3FBF730B848C
Publisher : Speed-Bit LTD
Size : 433864
Version : 1.0.0.3
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins\b0fe9480-9e77-4c65-bf2f-855f9d750418\1.0.0.3_1\daplinkcheckerplugin.dll

DapRemoteControlPlugin.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins\b775a1d0-4882-4577-b251-0dac64a08e40\1.0.5.0_0\dapremotecontrolplugin.dll
MD5 : 61398A7AFD68B987E9C00EB31C8FF1F4
Publisher : Speed-Bit LTD
Size : 568520
Version : 1.0.5.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins\b775a1d0-4882-4577-b251-0dac64a08e40\1.0.5.0_0\dapremotecontrolplugin.dll

DapRemoteControlPlugin.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins\b775a1d0-4882-4577-b251-0dac64a08e40\1.0.4.4_0\dapremotecontrolplugin.dll
MD5 : A11941E085139A63778F4FDAF0A36FFA
Publisher : Speed-Bit LTD
Size : 557768
Version : 1.0.4.4
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins\b775a1d0-4882-4577-b251-0dac64a08e40\1.0.4.4_0\dapremotecontrolplugin.dll

DapsterHelper_Comp.exe
Status : Scanned
Object : %programdata%\speedbit\dap\plugins_old\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.0_0\dapsterhelper_comp.exe
MD5 : 9165DD02F7D146DDAF449C1761448FED
Publisher : Speed-Bit LTD
Size : 20168
Version : 1.0.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins_old\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.0_0\dapsterhelper_comp.exe

DapsterHelper.exe
Status : Scanned
Object : %programdata%\speedbit\dap\plugins_old\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.0_0\dapsterhelper.exe
MD5 : 9165DD02F7D146DDAF449C1761448FED
Publisher : Speed-Bit LTD
Size : 20168
Version : 1.0.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins_old\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.0_0\dapsterhelper.exe

CSharpDapsters.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins_old\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.0_0\csharpdapsters.dll
MD5 : 30BF636842A14D158D287530C68E4E01
Publisher : Speed-Bit LTD
Size : 255672
Version : 1.0.1.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins_old\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.0_0\csharpdapsters.dll

MediaPreview.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins_old\08d29c25-8256-4454-9e93-a39dcafb043d\1.0.0.3_0\mediapreview.dll
MD5 : 1A8C6B3E26A942DF4D12F7B6CBFD45F5
Publisher : Speed-Bit LTD
Size : 135880
Version : 1.0.0.3
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins_old\08d29c25-8256-4454-9e93-a39dcafb043d\1.0.0.3_0\mediapreview.dll

DapLinkCheckerPlugin.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins\b0fe9480-9e77-4c65-bf2f-855f9d750418\1.0.0.3_0\daplinkcheckerplugin.dll
MD5 : CC4A86810EFF290571903852E84889F9
Publisher : Speed-Bit LTD
Size : 433864
Version : 1.0.0.3
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins\b0fe9480-9e77-4c65-bf2f-855f9d750418\1.0.0.3_0\daplinkcheckerplugin.dll

DapInternetTab.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins\211a24a5-08e2-4413-8bff-c16f80ccb537\1.0.0.0_1\dapinternettab.dll
MD5 : 13E7CDFA9218A7877D0504B96269F0D7
Publisher : Speed-Bit LTD
Size : 754888
Version : 1.0.0.1
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins\211a24a5-08e2-4413-8bff-c16f80ccb537\1.0.0.0_1\dapinternettab.dll

ZipPreview.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins\af98251c-b46e-4803-86b9-4cf410e0b652\1.0.0.2_0\zippreview.dll
MD5 : FA610DCFCCA51120E4054347C8BD6F28
Publisher : Speed-Bit LTD
Size : 574152
Version : 1.0.0.2
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins\af98251c-b46e-4803-86b9-4cf410e0b652\1.0.0.2_0\zippreview.dll

DapInternetTab.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins\211a24a5-08e2-4413-8bff-c16f80ccb537\1.0.0.0_0\dapinternettab.dll
MD5 : A4B299B25DF0A8AC9B6F35757787FFDB
Publisher : Speed-Bit LTD
Size : 754888
Version : 1.0.0.1
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins\211a24a5-08e2-4413-8bff-c16f80ccb537\1.0.0.0_0\dapinternettab.dll

CSharpDapsters.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.3_0\csharpdapsters.dll
MD5 : 8DCE287E5694806BA9C75F6464041CC2
Publisher : Speed-Bit LTD
Size : 255672
Version : 1.0.1.3
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.3_0\csharpdapsters.dll

DapsterTools.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.3_0\dapstertools.dll
MD5 : 5A8B8F41008F234BC8C3312157D521F5
Publisher : Speed-Bit LTD
Size : 57016
Version : 1.0.1.4
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.3_0\dapstertools.dll

DapsterHelper_Comp.exe
Status : Scanned
Object : %programdata%\speedbit\dap\plugins\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.3_0\dapsterhelper_comp.exe
MD5 : 88B3EFBB272AF4D8B3D4258EFDE3FF00
Publisher : Speed-Bit LTD
Size : 20168
Version : 1.0.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.3_0\dapsterhelper_comp.exe

DapsterHelper.exe
Status : Scanned
Object : %programdata%\speedbit\dap\plugins\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.3_0\dapsterhelper.exe
MD5 : 88B3EFBB272AF4D8B3D4258EFDE3FF00
Publisher : Speed-Bit LTD
Size : 20168
Version : 1.0.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.3_0\dapsterhelper.exe

DapsterTools.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.2_0\dapstertools.dll
MD5 : 881652C58042B4B64F3664AECEE9E30A
Publisher : Speed-Bit LTD
Size : 55992
Version : 1.0.1.1
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.2_0\dapstertools.dll

dap64plugin.exe
Status : Scanned
Object : %programdata%\speedbit\dap\offers\dap64plugin.exe
MD5 : FD124D44DD604E323B421A4C94499FCB
Publisher : Speed-Bit LTD
Size : 4076352
Version : 16.0.0.400
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\offers\dap64plugin.exe

dap97upg.exe
Status : Scanned
Object : %programdata%\speedbit\dap\dap97upg.exe
MD5 : B0227A29FA7046EE3DEBBA05E47F784E
Publisher : Speed-Bit LTD
Size : 7479496
Version : 9707.4455.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\dap97upg.exe

DapsterHelper_Comp.exe
Status : Scanned
Object : %programdata%\speedbit\dap\plugins\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.2_0\dapsterhelper_comp.exe
MD5 : 713DC541DD8DBBDAF819877A89316DA2
Publisher : Speed-Bit LTD
Size : 20168
Version : 1.0.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.2_0\dapsterhelper_comp.exe

DapsterHelper.exe
Status : Scanned
Object : %programdata%\speedbit\dap\plugins\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.2_0\dapsterhelper.exe
MD5 : 713DC541DD8DBBDAF819877A89316DA2
Publisher : Speed-Bit LTD
Size : 20168
Version : 1.0.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.2_0\dapsterhelper.exe

MediaPreview.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins\08d29c25-8256-4454-9e93-a39dcafb043d\1.0.0.4_1\mediapreview.dll
MD5 : A9C8799152FDE4984A3124B044C0E304
Publisher : Speed-Bit LTD
Size : 135880
Version : 1.0.0.4
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins\08d29c25-8256-4454-9e93-a39dcafb043d\1.0.0.4_1\mediapreview.dll

CSharpDapsters.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.2_0\csharpdapsters.dll
MD5 : 872265FFC27B4987562021293A8641DA
Publisher : Speed-Bit LTD
Size : 255672
Version : 1.0.1.2
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins\189ae673-13c1-4133-a470-8c4ddd1acb8c\1.0.1.2_0\csharpdapsters.dll

MediaPreview.dll
Status : Scanned
Object : %programdata%\speedbit\dap\plugins\08d29c25-8256-4454-9e93-a39dcafb043d\1.0.0.4_0\mediapreview.dll
MD5 : 28C2C27B41327A0FF225436812E7A3F3
Publisher : Speed-Bit LTD
Size : 135880
Version : 1.0.0.4
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\plugins\08d29c25-8256-4454-9e93-a39dcafb043d\1.0.0.4_0\mediapreview.dll

VA32_DapSo.exe
Status : Scanned
Object : %programdata%\speedbit\dap\offers\va32_dapso.exe
MD5 : B72B278BD0BC299C6D815233325317AC
Publisher : Speed-Bit LTD
Size : 5143752
Version : 3300.4455.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\offers\va32_dapso.exe

speedupmypc.exe
Status : Scanned
Object : %programdata%\speedbit\dap\offers\speedupmypc.exe
MD5 : D3CA1A306ADA473FD667EFCD61AA0966
Publisher : Uniblue Systems
Size : 6161120
Version : 5.3.3.0
Detection : Scareware:Win32/NonBeneficialWindowsOptimizer!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\speedbit\dap\offers\speedupmypc.exe

VaudiX.exe
Status : Scanned
Object : %programdata%\premium\vaudix\vaudix.exe
MD5 : CA52AB39FC6EB75C519C77CE07104C6F
Publisher : -
Size : 233472
Version : 1.5.0.0
Detection : Adware:Win32/Fooster.A!Meei
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\premium\vaudix\vaudix.exe

dapupd.exe
Status : Scanned
Object : %programfiles%\dap\dapupd.exe
MD5 : 0324F6F931097192F31EB932A0D1F587
Publisher : Speed-Bit LTD
Size : 366824
Version : 9.6.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dapupd.exe
Reference - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download Accelerator Plus (DAP)\DAP Update.lnk

_Setupx.dll
Status : Scanned
Object : %programdata%\installmate{6c7f523f-a2a9-ae9e-4c75-ea8bb79c70c9}_setupx.dll
MD5 : 66E0D3CB3825B658880BE576875795BC
Publisher : -
Size : 43520
Version : -
Detection : Adware:Win32/InstalleRex
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\installmate{6c7f523f-a2a9-ae9e-4c75-ea8bb79c70c9}_setupx.dll

_Setupx.dll
Status : Scanned
Object : %programdata%\installmate\vaudix_setupx.dll
MD5 : 66E0D3CB3825B658880BE576875795BC
Publisher : -
Size : 43520
Version : -
Detection : Adware:Win32/InstalleRex
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\installmate\vaudix_setupx.dll

_Setupx.dll
Status : Scanned
Object : %programdata%\installmate{0d74d3aa-3d86-45a8-a743-75a4d697f15c}_setupx.dll
MD5 : C215B7A537C3D78B84542841AB0D2B12
Publisher : -
Size : 44032
Version : -
Detection : Adware:Win32/InstalleRex
Cleaning Action : Quarantine
Related Objects :
File - %programdata%\installmate{0d74d3aa-3d86-45a8-a743-75a4d697f15c}_setupx.dll

update.exe
Status : Scanned
Object : %programfiles%\speedbit video downloader\toolbar\update.exe
MD5 : 3BAA383E48EEE0A7DEFCD1179C49F0AD
Publisher : Speed-Bit LTD
Size : 76976
Version : 4.2.0.75
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\toolbar\update.exe

uninstall.exe
Status : Scanned
Object : %programfiles%\speedbit video downloader\toolbar\uninstall.exe
MD5 : BA92690A83953B99D24E298E07D96F7F
Publisher : Speed-Bit LTD
Size : 48816
Version : 4.2.0.75
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\toolbar\uninstall.exe

uninstall.exe
Status : Scanned
Object : %programfiles%\speedbit video downloader\tbu3c\uninstall.exe
MD5 : BA92690A83953B99D24E298E07D96F7F
Publisher : Speed-Bit LTD
Size : 48816
Version : 4.2.0.75
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\tbu3c\uninstall.exe

update.exe
Status : Scanned
Object : %programfiles%\speedbit video downloader\tbu3c\update.exe
MD5 : 3BAA383E48EEE0A7DEFCD1179C49F0AD
Publisher : Speed-Bit LTD
Size : 76976
Version : 4.2.0.75
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\tbu3c\update.exe

tbhelper.dll
Status : Scanned
Object : %programfiles%\speedbit video downloader\toolbar\tbhelper.dll
MD5 : 6F04124A66B392EEF6C57D49CC5C4F6F
Publisher : Speed-Bit LTD
Size : 311472
Version : 4.2.0.75
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\toolbar\tbhelper.dll

TbHelper2.exe
Status : Scanned
Object : %programfiles%\speedbit video downloader\toolbar\tbhelper2.exe
MD5 : 91272DFACD84F8A08343CFB249653AD0
Publisher : Speed-Bit LTD
Size : 203952
Version : 4.2.0.75
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\toolbar\tbhelper2.exe

TbHelper2.exe
Status : Scanned
Object : %programfiles%\speedbit video downloader\tbu3c\tbhelper2.exe
MD5 : 91272DFACD84F8A08343CFB249653AD0
Publisher : Speed-Bit LTD
Size : 203952
Version : 4.2.0.75
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\tbu3c\tbhelper2.exe

tbcore3.dll
Status : Scanned
Object : %programfiles%\speedbit video downloader\toolbar\tbcore3.dll
MD5 : BA117114BF4B094718BA561117F16445
Publisher : Speed-Bit LTD
Size : 2660016
Version : 4.2.0.75
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\toolbar\tbcore3.dll

TbCommonUtils.dll
Status : Scanned
Object : %programfiles%\speedbit video downloader\toolbar\tbcommonutils.dll
MD5 : 5D1404ED62418B108DA75F0D6E5CE130
Publisher : Speed-Bit LTD
Size : 120496
Version : 4.2.0.75
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\toolbar\tbcommonutils.dll

suggestion_plugin.dll
Status : Scanned
Object : %programfiles%\speedbit video downloader\toolbar\suggestion_plugin.dll
MD5 : F5B3844401720D06AEA26B57C95A76DB
Publisher : Speed-Bit LTD
Size : 268960
Version : 4.0.2.59
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\toolbar\suggestion_plugin.dll

SpeedBitVideoDownloader.dll
Status : Scanned
Object : %programfiles%\speedbit video downloader\toolbar\speedbitvideodownloader.dll
MD5 : D15649EAC4517BE939826594C8F16099
Publisher : Speed-Bit LTD
Size : 48304
Version : -
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\toolbar\speedbitvideodownloader.dll

Grabber_pluginU.dll
Status : Scanned
Object : %programfiles%\speedbit video downloader\toolbar\grabber_pluginu.dll
MD5 : 6F810D8A521F03654E9C671B47576C06
Publisher : Speed-Bit LTD
Size : 628920
Version : 1.1.5.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\toolbar\grabber_pluginu.dll

Grabber.dll
Status : Scanned
Object : %programfiles%\speedbit video downloader\toolbar\grabber.dll
MD5 : 175C8B9CBEFC7F2FC1CEB420D3B80BDE
Publisher : Speed-Bit LTD
Size : 356024
Version : 1.1.5.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\toolbar\grabber.dll

BrowserSet.dll
Status : Scanned
Object : %programfiles%\speedbit video downloader\toolbar\browserset.dll
MD5 : 2427CF6B4F0C1E54F0559FD725372ED0
Publisher : Speed-Bit LTD
Size : 100512
Version : 1.1.2.3
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\toolbar\browserset.dll

SpeedBitVideoDownloader.dll
Status : Scanned
Object : %programfiles%\speedbit video downloader\tbu3c\speedbitvideodownloader.dll
MD5 : D15649EAC4517BE939826594C8F16099
Publisher : Speed-Bit LTD
Size : 48304
Version : -
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\tbu3c\speedbitvideodownloader.dll

suggestion_plugin.dll
Status : Scanned
Object : %programfiles%\speedbit video downloader\tbu3c\suggestion_plugin.dll
MD5 : F5B3844401720D06AEA26B57C95A76DB
Publisher : Speed-Bit LTD
Size : 268960
Version : 4.0.2.59
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\tbu3c\suggestion_plugin.dll

TbCommonUtils.dll
Status : Scanned
Object : %programfiles%\speedbit video downloader\tbu3c\tbcommonutils.dll
MD5 : 5D1404ED62418B108DA75F0D6E5CE130
Publisher : Speed-Bit LTD
Size : 120496
Version : 4.2.0.75
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\tbu3c\tbcommonutils.dll

Grabber.dll
Status : Scanned
Object : %programfiles%\speedbit video downloader\tbu3c\grabber.dll
MD5 : 820B9AA4223EB2D83D91F0485EAF3768
Publisher : Speed-Bit LTD
Size : 362720
Version : 1.1.5.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\tbu3c\grabber.dll

Grabber_pluginU.dll
Status : Scanned
Object : %programfiles%\speedbit video downloader\tbu3c\grabber_pluginu.dll
MD5 : 1690DBBDFBEF6201B6B5E18B559F0B74
Publisher : Speed-Bit LTD
Size : 637656
Version : 1.1.5.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\tbu3c\grabber_pluginu.dll

VAUninstall.exe
Status : Scanned
Object : %programfiles%\speedbit video accelerator\vauninstall.exe
MD5 : 00ABB58DF676F5A790D64ED9C297F87D
Publisher : Speed-Bit LTD
Size : 133360
Version : 10.0.4.8
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video accelerator\vauninstall.exe

VARes.dll
Status : Scanned
Object : %programfiles%\speedbit video accelerator\vares.dll
MD5 : 33AB5DA262147F4420DE4845F8966ECD
Publisher : Speed-Bit LTD
Size : 628976
Version : 3.2.2.8
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video accelerator\vares.dll

VARemove.exe
Status : Scanned
Object : %programfiles%\speedbit video accelerator\varemove.exe
MD5 : 52352E7C25C06B7E46CB0B5120A1F17A
Publisher : Speed-Bit LTD
Size : 173808
Version : 1.0.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video accelerator\varemove.exe

VACommTest.exe
Status : Scanned
Object : %programfiles%\speedbit video accelerator\vacommtest.exe
MD5 : F0D45E666A18C33ABD81B58FF1C4795D
Publisher : Speed-Bit LTD
Size : 223984
Version : 3.3.7.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video accelerator\vacommtest.exe

unelevate.exe
Status : Scanned
Object : %programfiles%\speedbit video accelerator\unelevate.exe
MD5 : A91466B2F222DFE1DDAFF6D022F5544A
Publisher : Speed-Bit LTD
Size : 94872
Version : -
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video accelerator\unelevate.exe

sblsp.dll
Status : Scanned
Object : %programfiles%\speedbit video accelerator\sblsp.dll
MD5 : F928E571FF9E09111F5F067BF2770B99
Publisher : Speed-Bit LTD
Size : 168136
Version : 3.2.2.4
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video accelerator\sblsp.dll

sblsp.dll
Status : Scanned
Object : %programfiles%\speedbit video accelerator\lsp3.3.6.3\sblsp.dll
MD5 : A63073DFD16E4EC8D96434F611C37ED7
Publisher : Speed-Bit LTD
Size : 174832
Version : 3.3.6.3
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video accelerator\lsp3.3.6.3\sblsp.dll

Instlsp.exe
Status : Scanned
Object : %programfiles%\speedbit video accelerator\instlsp.exe
MD5 : 8FFB7FF2832487DE2D8663B8D3FDD5D9
Publisher : Speed-Bit LTD
Size : 128240
Version : 3.2.1.6
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video accelerator\instlsp.exe

InstallVideoAccelerator.exe
Status : Scanned
Object : %programfiles%\speedbit video accelerator\installvideoaccelerator.exe
MD5 : 53BDCFCA256460FCB3E0949B3D4278A3
Publisher : Speed-Bit LTD
Size : 484592
Version : 1.0.0.3
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video accelerator\installvideoaccelerator.exe

ConfigDB.dll
Status : Scanned
Object : %programfiles%\speedbit video accelerator\dll3.3.6.9\configdb.dll
MD5 : B28C34137B2A901271F406E538F30618
Publisher : Speed-Bit LTD
Size : 189168
Version : 3.3.7.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video accelerator\dll3.3.6.9\configdb.dll

CommPipe.dll
Status : Scanned
Object : %programfiles%\speedbit video accelerator\dll3.3.6.9\commpipe.dll
MD5 : C160687EC690F90AE94601611F78E732
Publisher : Speed-Bit LTD
Size : 281840
Version : 3.3.7.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video accelerator\dll3.3.6.9\commpipe.dll

SpeedBitVideoDownloader.dll
Status : Scanned
Object : %programfiles%\speedbit video downloader\spfirefox\chrome\content\speedbitvideod ownloader\speedbitvideodownloader.dll
MD5 : 1A7C0C87E5006B43CCD22113F89EE46B
Publisher : Speed-Bit LTD
Size : 47616
Version : -
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\spfirefox\chrome\content\speedbitvideod ownloader\speedbitvideodownloader.dll

VideoAcceleratorService.exe
Status : Scanned
Object : %programfiles%\speedbit video accelerator\videoacceleratorservice.exe
MD5 : 1A6D5F883F73AA221405E1D3AE54456E
Publisher : Speed-Bit LTD
Size : 277744
Version : 3.3.7.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video accelerator\videoacceleratorservice.exe

GRRemove.exe
Status : Scanned
Object : %programfiles%\speedbit video downloader\grremove.exe
MD5 : E87CF155F1B82DE21367B45A3F59C674
Publisher : Speed-Bit LTD
Size : 173752
Version : 1.0.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video downloader\grremove.exe

Collector.dll
Status : Scanned
Object : %programfiles%\speedbit video accelerator\dll3.3.6.9\collector.dll
MD5 : 4CF923A3107C8B24E29A4D9645487792
Publisher : Speed-Bit LTD
Size : 197360
Version : 3.3.7.0
Detection : Adwarehttps://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video accelerator\dll3.3.6.9\collector.dll

Accelerator.dll
Status : Scanned
Object : %programfiles%\speedbit video accelerator\dll3.3.6.9\accelerator.dll
MD5 : 3736C1A932787FBA4A7BE91A49C969C1
Publisher : Speed-Bit LTD
Size : 2147568
Version : 3.3.6.9
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\speedbit video accelerator\dll3.3.6.9\accelerator.dll

unelevate.exe
Status : Scanned
Object : %programfiles%\dap\unelevate.exe
MD5 : A91466B2F222DFE1DDAFF6D022F5544A
Publisher : Speed-Bit LTD
Size : 94872
Version : -
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\unelevate.exe

RestartApp.exe
Status : Scanned
Object : %programfiles%\dap\restartapp.exe
MD5 : B073AD956F2A6A15F72FE9963328C8F0
Publisher : Speed-Bit LTD
Size : 48864
Version : 8.0.7.0
Detection : Adwarehttps://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\restartapp.exe

schedul.exe
Status : Scanned
Object : %programfiles%\dap\schedul.exe
MD5 : AC2A63515AEE2288F3DF0880916401D9
Publisher : Speed-Bit LTD
Size : 123104
Version : 1.0.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\schedul.exe

DAPTraceCleaner.exe
Status : Scanned
Object : %programfiles%\dap\privacy package\daptracecleaner.exe
MD5 : 2F3E5B8E43C354A41801D25489AACCD5
Publisher : Speed-Bit LTD
Size : 764064
Version : 9.5.0.3
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\privacy package\daptracecleaner.exe

DAPShred.exe
Status : Scanned
Object : %programfiles%\dap\privacy package\dapshred.exe
MD5 : 0196B7A90C8240EA2B684CF73AA779BF
Publisher : Speed-Bit LTD
Size : 911512
Version : 9.4.0.2
Detection : Adwarehttps://cdncache-a.akamaihd.net/items/it/img/arrow-10x10.png:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\privacy package\dapshred.exe

DAPCtxMenuShell.dll
Status : Scanned
Object : %programfiles%\dap\privacy package\dapctxmenushell.dll
MD5 : 171163C3BC0605688612754199D3DED6
Publisher : Speed-Bit LTD
Size : 55472
Version : 9.2.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\privacy package\dapctxmenushell.dll

CleanerIEMenu.dll
Status : Scanned
Object : %programfiles%\dap\privacy package\cleaneriemenu.dll
MD5 : DAE884CBE488F7B2BA8B06D20709BA1F
Publisher : Speed-Bit LTD
Size : 63752
Version : 8.5.0.1
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\privacy package\cleaneriemenu.dll

MCMgr.dll
Status : Scanned
Object : %programfiles%\dap\mcmgr.dll
MD5 : 05A0ED156E18146589D995FB15311614
Publisher : Speed-Bit LTD
Size : 211672
Version : 9.3.0.4
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\mcmgr.dll

DAPIEMonitor64.dll
Status : Scanned
Object : %programfiles%\dap\dapiemonitor64.dll
MD5 : 32B4726515F860AEBFA6F0C1CFC40D36
Publisher : Speed-Bit LTD
Size : 919736
Version : 9.6.0.4
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dapiemonitor64.dll

LinkVerifier.dll
Status : Scanned
Object : %programfiles%\dap\linkverifier.dll
MD5 : F38EF679E14D55805481733D0F0DC49E
Publisher : Speed-Bit LTD
Size : 431784
Version : 1.0.4.5
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\linkverifier.dll

dbghelp.dll
Status : Scanned
Object : %programfiles%\dap\dbghelp.dll
MD5 : 1843B36D69C70B5951E3EFAC1FBCE0E5
Publisher : Speed-Bit LTD
Size : 819936
Version : 6.2.13.1
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dbghelp.dll

dapxrpt.exe
Status : Scanned
Object : %programfiles%\dap\dapxrpt.exe
MD5 : 930045E813AA9D44520D696D4FBCA5B6
Publisher : Speed-Bit LTD
Size : 131808
Version : 1.0.0.3
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dapxrpt.exe

dexthlp64.dll
Status : Scanned
Object : %programfiles%\dap\dexthlp64.dll
MD5 : 8179376093E861B23A42C4E19A0B8406
Publisher : Speed-Bit LTD
Size : 275624
Version : 8.0.6.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dexthlp64.dll

dexthlp.dll
Status : Scanned
Object : %programfiles%\dap\dexthlp.dll
MD5 : 140F1923BDA5434D05B48BDECC8A5C10
Publisher : Speed-Bit LTD
Size : 34992
Version : 8.0.6.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dexthlp.dll

dapres.dll
Status : Scanned
Object : %programfiles%\dap\dapres.dll
MD5 : D285F6EACE1B53D11152E25849BFCB8F
Publisher : Speed-Bit LTD
Size : 215216
Version : 8.0.4.2
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dapres.dll

DapRemove.exe
Status : Scanned
Object : %programfiles%\dap\dapremove.exe
MD5 : 9E1B2C73176B88C4C6F362E371AF5563
Publisher : Speed-Bit LTD
Size : 133360
Version : 10.0.4.8
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dapremove.exe

dapop.dll
Status : Scanned
Object : %programfiles%\dap\dapop.dll
MD5 : 361EB7E3E724CD4B99F46489C0806B4F
Publisher : Speed-Bit LTD
Size : 265944
Version : 9.2.0.1
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dapop.dll

dapm_ftp.dll
Status : Scanned
Object : %programfiles%\dap\dapm_ftp.dll
MD5 : 0929837E7F28E5A7BD4BEEDB3D6DBEE1
Publisher : Speed-Bit LTD
Size : 448752
Version : 9.2.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dapm_ftp.dll

dapm_Context_search.dll
Status : Scanned
Object : %programfiles%\dap\dapm_context_search.dll
MD5 : 2844B27C141BB34680CDEA9457610346
Publisher : Speed-Bit LTD
Size : 301312
Version : 9.1.0.4
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dapm_context_search.dll

dapmm.dll
Status : Scanned
Object : %programfiles%\dap\dapmm.dll
MD5 : 0AF1440FE61F89B2B6915E30F28A2CA0
Publisher : Speed-Bit LTD
Size : 170216
Version : 9.2.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dapmm.dll

cabex.dll
Status : Scanned
Object : %programfiles%\dap\cabex.dll
MD5 : F62D64A8119994F0A8376298034DB948
Publisher : Speed-Bit LTD
Size : 104616
Version : -
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\cabex.dll

DAPIEMonitor.dll
Status : Scanned
Object : %programfiles%\dap\dapiemonitor.dll
MD5 : 0CD2E02B6970D87E459B07F8724CC452
Publisher : Speed-Bit LTD
Size : 76024
Version : 9.6.0.4
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dapiemonitor.dll

DAPIELoader64.dll
Status : Scanned
Object : %programfiles%\dap\dapieloader64.dll
MD5 : 20412F8FCC8F5E46DA2566473E8CA01C
Publisher : Speed-Bit LTD
Size : 398000
Version : 9.5.0.3
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dapieloader64.dll

DAPIEEngine64.dll
Status : Scanned
Object : %programfiles%\dap\dapieengine64.dll
MD5 : 87DCCA0510F841C68028D1EBF248A247
Publisher : Speed-Bit LTD
Size : 1214640
Version : 9.4.1.1
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dapieengine64.dll

DAPIEEngine.dll
Status : Scanned
Object : %programfiles%\dap\dapieengine.dll
MD5 : 11A2E28EC6B684636C04463CB95B6C34
Publisher : Speed-Bit LTD
Size : 252160
Version : 9.4.1.1
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dapieengine.dll

dapie64.dll
Status : Scanned
Object : %programfiles%\dap\dapie64.dll
MD5 : EC013B74FD69B242E785F936CE17F590
Publisher : Speed-Bit LTD
Size : 1026224
Version : 9.5.0.1
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dapie64.dll

dapie.dll
Status : Scanned
Object : %programfiles%\dap\dapie.dll
MD5 : 3473DAC2B964DF7E4218C14A35ADD9E4
Publisher : Speed-Bit LTD
Size : 133368
Version : 9.5.0.1
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dapie.dll

dapfirefox.exe
Status : Scanned
Object : %programfiles%\dap\dapfirefox.exe
MD5 : C161E4D9A5AB064CE0F1E6AB8E0023A7
Publisher : Speed-Bit LTD
Size : 105664
Version : 1.0.1.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dapfirefox.exe

DAPConf.exe
Status : Scanned
Object : %programfiles%\dap\dapconf.exe
MD5 : 787E08206E8946500F5A366095F13D7F
Publisher : Speed-Bit LTD
Size : 45808
Version : 1.0.0.1
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dapconf.exe

DAPFlock.dll
Status : Scanned
Object : %programfiles%\dap\dapflock\components\dapflock.dl l
MD5 : 46FD03E2D6E12307D072043D187C818F
Publisher : Speed-Bit LTD
Size : 137456
Version : 9.6.0.0
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %programfiles%\dap\dapflock\components\dapflock.dl l

SBupd64.dll
Status : Scanned
Object : %commonprogramfiles%\speedbit\sbupdate\sbupd64.dll
MD5 : 68E3A1ED5DC279DA957DF782BF7C3FAE
Publisher : Speed-Bit LTD
Size : 1453768
Version : 1.0.3.4
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %commonprogramfiles%\speedbit\sbupdate\sbupd64.dll

SBUpdate.exe
Status : Scanned
Object : %commonprogramfiles%\speedbit\sbupdate\sbupdate.ex e
MD5 : D34B62DCBBE0EEC4CC3328060A4E02C8
Publisher : Speed-Bit LTD
Size : 92360
Version : 1.0.3.4
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %commonprogramfiles%\speedbit\sbupdate\sbupdate.ex e

EasyHook64.dll
Status : Scanned
Object : %commonprogramfiles%\speedbit\sbupdate\easyhook64. dll
MD5 : 47344CA16097E6ADC726F415582BA92B
Publisher : Speed-Bit LTD
Size : 109216
Version : -
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %commonprogramfiles%\speedbit\sbupdate\easyhook64. dll

SBupd.dll
Status : Scanned
Object : %commonprogramfiles%\speedbit\sbupdate\sbupd.dll
MD5 : 4FCD8CAC310B503B685D3DD77891DB60
Publisher : Speed-Bit LTD
Size : 1143496
Version : 1.0.3.4
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %commonprogramfiles%\speedbit\sbupdate\sbupd.dll

hlp64.exe
Status : Scanned
Object : %commonprogramfiles%\speedbit\sbupdate\hlp64.exe
MD5 : E9013D25B82A5A2747401A34CBC13F0B
Publisher : Speed-Bit LTD
Size : 115872
Version : 1.0.3.1
Detection : Adware:Win32/Speedbit!Ep
Cleaning Action : Quarantine
Related Objects :
File - %commonprogramfiles%\speedbit\sbupdate\hlp64.exe[/spoiler]

Thanks

FRST Fix.

Download attached fixlist.txt file and save it to the Desktop. NOTE. It’s important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Please download AdwCleaner by Xplode onto your desktop.

[ul]
[li]Close all open programs and internet browsers.[/li][li]Double click on adwcleaner.exe to run the tool.[/li][li]Click on Scan button.[/li][li]When the scan has finished click on Clean button.[/li][li]Your computer will be rebooted automatically. A text file will open after the restart.[/li][li]Please post the contents of that logfile with your next reply.[/li][li]You can find the logfile at C:\AdwCleaner[S1].txt as well.[/li][/ul]

JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

[ul]
[li]Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.[/li][li]Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.[/li][li]The tool will open and start scanning your system.[/li][li]Please be patient as this can take a while to complete depending on your system’s specifications.[/li][li]On completion, a log is saved to your desktop and will automatically open.[/li][li]Please post the JRT log.[/li][/ul]

Hello:
Here is the file.
Thanks again.
CreateRestorePoint:
Task: {0DAC725D-0371-4133-8AF6-D148198B0D4A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-04-08] ()
Task: {105CBCC4-5BD4-47EC-919F-698174BE6C5E} - System32\Tasks\SBWUpdateTask_Logon_d4e02148-1C659D0430C4 => C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2013-01-19] (Speedbit Ltd.) <==== ATTENTION
C:\Program Files (x86)\Common Files\Speedbit
C:\ProgramData\Premium\VaudiX\VaudiX.exe
C:\ProgramData\Premium
HKLM...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2166376 2016-11-02] (Hola Networks Ltd.) <===== ATTENTION
C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
C:\Program Files (x86)\Kaspersky Lab
C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_CEP_ Local_440
C:\WINDOWS\Tasks\Uninstaller_SkipUac_CEP_Local_440 .job
C:\ProgramData{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
C:\WINDOWS\System32\Tasks\ASC9_SkipUac_CEP Local 440
C:\WINDOWS\Tasks\ASC9_SkipUac_CEP Local 440.job
C:\WINDOWS\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5}.job
C:\ProgramData{d36dd326-7280-11d8-97c8-000129760cbe}.log
C:\ProgramData{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
C:\ProgramData{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
C:\ProgramData{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
C:\ProgramData{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
C:\ProgramData{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
C:\ProgramData{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
C:\ProgramData{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
C:\ProgramData{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
FirewallRules: [{1F11BD5D-9CDA-4136-BB17-11759FEB6D09}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DA625BC8-20DA-4F96-B47A-3616BB97937C}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8C644734-5475-4DA6-B672-08496CD515EA}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6C306E7E-FA6E-4246-91D6-00F5ED2544EC}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7593305D-BBBF-4CCE-926B-B048B7563B94}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2D6CE001-C5BD-4ED4-9DD1-E5AE42D4EFB3}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CF80B1C2-A556-4548-981C-06CBE3BB5EAF}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{4860E4E0-5D78-4517-A910-FAB62566D6FA}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{CBDE96F0-6E14-4BF7-AFC6-241703E7FC90}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{E8F72EA0-BA09-4CBA-9F61-538AA9DBD4B9}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
HKLM-x32...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [293768 2016-07-16] (RealNetworks, Inc.)
Task: {1BC14874-2285-41BC-9C22-9381D778C8C7} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {24FF0670-A2EE-4FE7-9ADC-55ECDCC4A9E1} - System32\Tasks\SBWUpdateTask_Time_d4e02148-1C659D0430C4 => C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2013-01-19] (Speedbit Ltd.) <==== ATTENTION
Task: {25554AD1-5548-49F0-8550-EC465DD19366} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent → No File <==== ATTENTION
Task: {27A76811-8CAB-4FB0-8E58-AE2F14D3523B} - System32\Tasks\RealDownloaderRealUpgradeScheduledT askS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {2D23301A-268D-4133-A615-B5D3B6436506} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {350B0464-18D2-43E5-98C5-C3267B33837D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess → No File <==== ATTENTION
Task: {3E67C9DA-3818-4D54-937E-0B0166CD4C2A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {4295A246-F1FA-4C92-B703-C98313A8B679} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {45EACAAD-C12E-45DB-A0B7-C6968C44E73B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandco ntent → No File <==== ATTENTION
Task: {462BC8C7-51E1-48D0-A779-3A14AC6127C0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {48ACB946-9171-45B5-875C-A86E243BEEC3} - System32\Tasks\Uninstaller_SkipUac_CEP_Local_440 => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {56F97E84-3191-45C9-A635-67E8EB4B5A12} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd → No File <==== ATTENTION
Task: {689603CA-2D8F-42B1-8DFB-CEC176524B4B} - System32\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5} => C:\ProgramData\Premium\VaudiX\VaudiX.exe [2012-09-19] () <==== ATTENTION
Task: {6A1D0173-5E64-47B4-ABF4-B0905C3E7446} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {6A547488-E31C-4C6E-8EED-B98D6A8EE4DE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d → No File <==== ATTENTION
Task: {78E36EFE-EDDE-417C-8CD5-5338C87D4A89} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d → No File <==== ATTENTION
Task: {881641BF-0BE6-43B4-8EC8-60F5117C11FA} - System32\Tasks\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2015-10-27] (WiseCleaner.com)
Task: {8B2BDB30-21E5-4EAB-876D-714AA59072D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d → No File <==== ATTENTION
Task: {8F63C092-CD98-4DEF-91B5-ABF2B708ECD7} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2016-04-28] (WinZip Computing, S.L.)
Task: {9F98CCE2-E3BC-4C34-89FD-890FD85D2403} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2016-01-19] (WiseCleaner.COM)
Task: {A2829269-0700-45E1-BF90-7C8200090DB8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {C2311C6E-8DAA-4CBA-A2A9-C3D2DF6BE404} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2016-01-19] (WiseCleaner.COM)
Task: {E9CEC2AE-59CB-4E77-9459-C3A97851374F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ HB => C:\WINDOWS\system32\MRT.exe [2016-05-23] (Microsoft Corporation)
Task: {EFF885BD-E49F-4288-B019-FFDE6C4A683F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d → No File <==== ATTENTION
Task: {F6F549D5-4559-4DED-AFAB-9D5782549FD7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d → No File <==== ATTENTION
Task: {F8E99B3B-8FF9-44C4-AE06-046AAAD78217} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {F91C1C31-1776-45E9-8818-F155E0BB2786} - System32\Tasks\ASC9_SkipUac_CEP Local 440 => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {FA184C91-C5EF-4764-BAF0-F6D3FBE5E08A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig → No File <==== ATTENTION
Task: {FF901301-441E-45AC-BDA9-F12D966A5533} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {FF9ACA87-4767-430C-861B-1D1765C88317} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxcon fig-B → No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\ASC9_SkipUac_CEP Local 440.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_CEP_Local_440 .job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5}.job => C:\ProgramData\Premium\VaudiX\VaudiX.exeC/schedule /profilepath C:\ProgramData\Premium\VaudiX\profile.ini <==== ATTENTION
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
ShortcutWithArgument: C:\Users\CEP Local 440\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\217f6a27d9c55787\Chrom ium.lnk → C:\Program Files\Hola\app\chromium\hola_cr.exe (The Chromium Authors) → --profile-directory=Default
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [134]
AlternateDataStreams: C:\ProgramData\Temp:553CA6CA [110]
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [128]
HKU\S-1-5-18...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64 Loader.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] → {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] → {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] → {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] → {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] → {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] → {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] → {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] → {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] → {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] → {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
Winsock: Catalog9 01 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 02 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 03 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 04 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 05 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 06 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 07 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 08 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 09 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip..\Interfaces{7aacf0c7-f777-451d-935f-0dff73e93a81}: [DhcpNameServer] 192.168.2.1 192.168.2.1
ManualProxies:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON/4
SearchScopes: HKLM → DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM → {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpl
SearchScopes: HKLM → {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpl
SearchScopes: HKLM → {4AF4DA01-B858-4617-AC1C-0E06F377629C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 → DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL =
SearchScopes: HKLM-x32 → {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://search.imgag.com/?appid=wsdt&component=&c=GNWDO59900&sbs=2&sc=2&f=w eb&vernum=3.1.5.7620&uid=0&did=%7b35a80c04-0e82-4769-ab2e-d57b98cb7e3a%7d&q={searchTerms}
SearchScopes: HKLM-x32 → {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpl
SearchScopes: HKLM-x32 → {4AF4DA01-B858-4617-AC1C-0E06F377629C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU.DEFAULT → DefaultScope {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU.DEFAULT → {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU.DEFAULT → {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL =
SearchScopes: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 → {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://search.imgag.com/?appid=wsdt&component=&c=GNWDO59900&sbs=2&sc=2&f=w eb&vernum=3.1.5.7620&uid=0&did=%7b35a80c04-0e82-4769-ab2e-d57b98cb7e3a%7d&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 → {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpl
SearchScopes: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 → {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Download Accelerator Plus Integration → {FF6C3CF0-4B15-11D1-ABED-709549C10000} → C:\Program Files (x86)\DAP\DAPIELoader64.dll [2011-03-24] (SpeedBit Ltd.)
BHO-x32: No Name → {02478D38-C3F9-4efb-9B51-7695ECA05670} → No File
BHO-x32: No Name → {669E08DA-2172-5F0B-4DEE-CFA670E3BC84} → No File
BHO-x32: SpeedBit Link Verification Helper → {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} → C:\Program Files (x86)\DAP\LinkVerifier.dll [2012-12-10] (Speedbit Ltd.)
Toolbar: HKU.DEFAULT → No Name - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No File
Toolbar: HKU.DEFAULT → No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU.DEFAULT → No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 → No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 → No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 → No Name - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No File
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB
FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin HKU\S-1-5-21-1124643268-3595298339-4084894015-1000: @hola.org/vlc → C:\Users\CEP Local 440\AppData\Local\Hola\firefox_hola\app\vlc\npvlc. dll [2016-04-09] (Hola)
CHR HomePage: Default → hxxp://search.conduit.com/?ctid=CT3319613&octid=EB_ORIGINAL_CTID&SearchSourc e=55&CUI=&UM=4&UP=SP8759D25A-7352-4FC4-8764-92A112E26A02&SSPV=
CHR StartupUrls: Default → “hxxp://search.conduit.com/?ctid=CT3319613&octid=EB_ORIGINAL_CTID&SearchSourc e=55&CUI=&UM=4&UP=SP8759D25A-7352-4FC4-8764-92A112E26A02&SSPV=”
CHR DefaultSearchURL: Default → hxxps://search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=994519&p={searchTerms}
CHR DefaultSearchKeyword: Default → yahoo.com search
CHR DefaultSuggestURL: Default → hxxps://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Extension: (Download Accelerator Plus (DAP)) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnkn jcpbjb [2013-10-15] [UpdateUrl: hxxps://secure.speedbit.com/chrome/DAP/DAPChromeUpdate6.xml] <==== ATTENTION
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfb nlmeio [2016-11-17]
R2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [5622376 2016-11-02] (Hola Networks Ltd.) <==== ATTENTION
R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [8104576 2015-11-01] (Hola Networks Ltd.) <==== ATTENTION
R2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
S3 VideoAcceleratorService; C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe [277744 2013-01-19] (SpeedBit Ltd.)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys
U3 wpcsvc; no ImagePath
DisableService: Garmin Device Interaction Service
DisableService: HP Support Assistant Service
DisableService: LightScribeService
DisableService: LiveUpdateSvc
DisableService: REALPLAYERUPDATESVC
DisableService: RealTimes Desktop Service
DisableService: VideoAcceleratorService
2016-11-18 15:56 - 2016-11-18 15:56 - 00127637 _____ C:\Users\CEP Local 440\Desktop\how to remove Heur_Exploit.Script.Generic - Yahoo Search Results.html
2016-11-18 15:56 - 2016-11-18 15:56 - 00000000 ____D C:\Users\CEP Local 440\Desktop\how to remove Heur_Exploit.Script.Generic - Yahoo Search Results_files
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Pol icy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Pol icy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers

Thank Again.

Hello, did you run the fix as suggested? If so please post the log that shows that you have.

[ATTACH]904[/ATTACH]

[HEADING=1]AdwCleaner v6.030 - Logfile created 25/11/2016 at 12:04:25[/HEADING]
[HEADING=1]Updated on 19/10/2016 by Malwarebytes[/HEADING]
[HEADING=1]Database : 2016-11-25.2 [Server][/HEADING]
[HEADING=1]Operating System : Windows 10 Home (X64)[/HEADING]
[HEADING=1]Username : CEP Local 440 - CEPLOCAL440-PC[/HEADING]
[HEADING=1]Running from : C:\Users\CEP Local 440\Downloads\adwcleaner_6.030.exe[/HEADING]
[HEADING=1]Mode: Clean[/HEADING]
[HEADING=1]Support : hxxps://www.malwarebytes.com/support[/HEADING]
***** [ Services ] *****

[-] Service deleted: swdumon

***** [ Folders ] *****

[-] Folder deleted: C:\ProgramData\Veaudiox
[-] Folder deleted: C:\Users\CEP Local 440\AppData\Local\Bundled software uninstaller
[-] Folder deleted: C:\Users\CEP Local 440\AppData\Local\Hola
[-] Folder deleted: C:\Users\CEP Local 440\AppData\Local\Ilivid Player
[-] Folder deleted: C:\Users\CEP Local 440\AppData\Local\PackageAware
[-] Folder deleted: C:\Users\CEP Local 440\AppData\Local\PutLockerDownloader
[-] Folder deleted: C:\Users\CEP Local 440\AppData\LocalLow\AGI
[-] Folder deleted: C:\Users\CEP Local 440\AppData\LocalLow\HPAppData
[-] Folder deleted: C:\Users\CEP Local 440\AppData\LocalLow\Speedbit
[-] Folder deleted: C:\Users\CEP Local 440\AppData\LocalLow\Toolbar4
[-] Folder deleted: C:\Users\CEP Local 440\AppData\LocalLow\Yahoo!\Companion
[-] Folder deleted: C:\Users\CEP Local 440\AppData\Roaming\DriverCure
[-] Folder deleted: C:\Users\CEP Local 440\AppData\Roaming\Hola
[-] Folder deleted: C:\Users\CEP Local 440\AppData\Roaming\SpeedMaxPc
[-] Folder deleted: C:\Program Files\Hola
[-] Folder deleted: C:\SearchProtect
[-] Folder deleted: C:\ProgramData\AGI
[-] Folder deleted: C:\ProgramData\Driver Boost
[-] Folder deleted: C:\ProgramData\Speedbit
[-] Folder deleted: C:\ProgramData\SpeedMaxPc
[-] Folder deleted: C:\ProgramData\w3i
[#] Folder deleted on reboot: C:\ProgramData\Application Data\AGI
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Driver Boost
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Speedbit
[#] Folder deleted on reboot: C:\ProgramData\Application Data\SpeedMaxPc
[#] Folder deleted on reboot: C:\ProgramData\Application Data\w3i
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vaudix
[-] Folder deleted: C:\Users\Public\Documents\Speedbit
[-] Folder deleted: C:\Users\Public\Documents\Downloaded Installers
[-] Folder deleted: C:\Program Files (x86)\Conduit
[-] Folder deleted: C:\Program Files (x86)\w3i
[-] Folder deleted: C:\Program Files (x86)\Yahoo!\Companion
[-] Folder deleted: C:\extensions

***** [ Files ] *****

[-] File deleted: C:\Users\CEP Local 440\AppData\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.xml

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\Applications\iLividSetupV1 (1).exe
[-] Key deleted: HKLM\SOFTWARE\Classes\Applications\iLividSetupV1(1 1).exe
[-] Key deleted: HKLM\SOFTWARE\Classes\Applications\iLividSetupV1(1 2).exe
[-] Key deleted: HKLM\SOFTWARE\Classes\Applications\iLividSetupV1(6 ).exe
[-] Key deleted: HKLM\SOFTWARE\Classes\Applications\iLividSetupV1.e xe
[-] Key deleted: HKLM\SOFTWARE\Classes\Applications\iLividSetupV1_1 .exe
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{6E86BDDD-9038-4f12-8572-4A859C76F21F}
[-] Key deleted: HKLM\SOFTWARE\Classes\AniGIFCtrl.AniGIF
[-] Key deleted: HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
[-] Key deleted: HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
[-] Key deleted: HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2.1
[-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Key deleted: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Key deleted: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserTool bar
[-] Key deleted: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserTool bar.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AniGIFCtrl.AniGIF
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserTool bar
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserTool bar.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID{628F3201-34D0-49C0-BB9A-82A26AEFB291}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID{99066096-8989-4612-841F-621A01D54AD7}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID{FE9271F2-6EFD-44B0-A826-84C829536E93}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID{61AB12E1-A5FF-11D1-B2E9-444553540000}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID{82351441-9094-11D1-A24B-00A0C932C7DF}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID{6DC82D15-92F2-11D1-A255-00A0C932C7DF}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface{BB27DF2F-6F05-4A42-9FFD-14696D795750}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface{C00F4B2B-A33C-40FC-8E47-4D18DCD4B01E}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface{4B8E39FD-ED07-4A41-9681-3D78DAFCEE66}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib{1112F282-7099-4624-A439-DB29D6551552}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats{2FF49ED5-A3EF-410B-918E-97DECEB5996D}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved{2FF49ED5-A3EF-410B-918E-97DECEB5996D}
[-] Key deleted: HKU.DEFAULT\Software\Hola
[-] Key deleted: HKU.DEFAULT\Software\SpeedBit
[-] Key deleted: HKU.DEFAULT\Software\AppDataLow\Toolbar
[-] Key deleted: HKU.DEFAULT\Software\AppDataLow\Software\Conduit
[-] Key deleted: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\AGI
[-] Key deleted: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Conduit
[-] Key deleted: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Cr_Installer
[-] Key deleted: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\distromatic
[-] Key deleted: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Hola
[-] Key deleted: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\ilivid
[-] Key deleted: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\SpeedBit
[-] Key deleted: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\SpeedMaxPC
[-] Key deleted: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Yahoo\Companion
[-] Key deleted: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Yahoo\YFriendsBar
[-] Key deleted: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\YahooPartnerToolbar
[-] Key deleted: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\AppDataLow\Toolbar
[-] Key deleted: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\AppDataLow\Software\Conduit
[-] Key deleted: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\AppDataLow\Software\ShoppingReport2
[-] Key deleted: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\AppDataLow\Software\Yahoo\Companion
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\SBConvert
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\SpeedBit
[#] Key deleted on reboot: HKU\S-1-5-18\Software\Hola
[#] Key deleted on reboot: HKU\S-1-5-18\Software\SpeedBit
[#] Key deleted on reboot: HKU\S-1-5-18\Software\AppDataLow\Toolbar
[#] Key deleted on reboot: HKU\S-1-5-18\Software\AppDataLow\Software\Conduit
[#] Key deleted on reboot: HKCU\Software\AGI
[#] Key deleted on reboot: HKCU\Software\Conduit
[#] Key deleted on reboot: HKCU\Software\Cr_Installer
[#] Key deleted on reboot: HKCU\Software\distromatic
[#] Key deleted on reboot: HKCU\Software\Hola
[#] Key deleted on reboot: HKCU\Software\ilivid
[#] Key deleted on reboot: HKCU\Software\SpeedBit
[#] Key deleted on reboot: HKCU\Software\SpeedMaxPC
[#] Key deleted on reboot: HKCU\Software\Yahoo\Companion
[#] Key deleted on reboot: HKCU\Software\Yahoo\YFriendsBar
[#] Key deleted on reboot: HKCU\Software\YahooPartnerToolbar
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Toolbar
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\Conduit
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\ShoppingReport2
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Key deleted: HKLM\SOFTWARE\AGI
[-] Key deleted: HKLM\SOFTWARE\Conduit
[-] Key deleted: HKLM\SOFTWARE\SearchProtect
[-] Key deleted: HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key deleted: HKLM\SOFTWARE\SpeedBit
[-] Key deleted: HKLM\SOFTWARE\SpeedMaxPC
[-] Key deleted: HKLM\SOFTWARE\Uniblue
[#] Key deleted on reboot: HKLM\SOFTWARE\Uniblue\DriverScanner
[-] Key deleted: HKLM\SOFTWARE\W3I
[-] Key deleted: HKLM\SOFTWARE\Yahoo\Companion
[#] Key deleted on reboot: HKLM\SOFTWARE\SEARCHPROTECT
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\SBConvert
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\SpeedBit
[#] Key deleted on reboot: [x64] HKCU\Software\AGI
[#] Key deleted on reboot: [x64] HKCU\Software\Conduit
[#] Key deleted on reboot: [x64] HKCU\Software\Cr_Installer
[#] Key deleted on reboot: [x64] HKCU\Software\distromatic
[#] Key deleted on reboot: [x64] HKCU\Software\Hola
[#] Key deleted on reboot: [x64] HKCU\Software\ilivid
[#] Key deleted on reboot: [x64] HKCU\Software\SpeedBit
[#] Key deleted on reboot: [x64] HKCU\Software\SpeedMaxPC
[#] Key deleted on reboot: [x64] HKCU\Software\Yahoo\Companion
[#] Key deleted on reboot: [x64] HKCU\Software\Yahoo\YFriendsBar
[#] Key deleted on reboot: [x64] HKCU\Software\YahooPartnerToolbar
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Toolbar
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\Conduit
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\ShoppingReport2
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\Yahoo\Companion
[-] Key deleted: [x64] HKLM\SOFTWARE\Hola
[-] Key deleted: [x64] HKLM\SOFTWARE\SpeedBit
[-] Key deleted: [x64] HKLM\SOFTWARE\Tarma Installer
[-] Key deleted: HKLM\SOFTWARE\Classes\Installer\Features\2B1E51D87 B2D71A44BB42DDD5E894160
[-] Key deleted: HKLM\SOFTWARE\Classes\Installer\Products\2B1E51D87 B2D71A44BB42DDD5E894160
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Installer\Features\2B1E51D87 B2D71A44BB42DDD5E894160
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Installer\Products\2B1E51D87 B2D71A44BB42DDD5E894160
[-] Value deleted: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Value deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Value deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\speedbit.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\dealply.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\inbox.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\land.pckeeper.soft ware
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pckeeper.software
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search-results.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searchnu.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\smartsuggestor.net
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\speedbit.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\visualbee.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\vshare.eu
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\webcrawler.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\speedbit.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\dealply.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\inbox.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\land.pckeeper.soft ware
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pckeeper.software
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search-results.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searchnu.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\smartsuggestor.net
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\speedbit.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\visualbee.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\vshare.eu
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\webcrawler.com
[-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run [hola]
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\Activities\Search\ask.com
[-] Key deleted: HKCU\Software\MozillaPlugins@hola.org/FlashPlayer
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.e xe
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\ffdcfjdljhb ehggjdkdioajnknjcpbjb

***** [ Web browsers ] *****

[-] [C:\Users\CEP Local 440\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\CEP Local 440\AppData\Local\Chromium\User Data\Default] [extension] Deleted: ffdcfjdljhbehggjdkdioajnknjcpbjb
[-] [C:\Users\CEP Local 440\AppData\Local\Chromium\User Data\Default] [extension] Deleted: pnknnijoleibcpmkdcooclmnjmmdhgbg
[-] [C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: bopakagnckmlgajfccecajhnimjiiedh
[-] [C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: flpcjncodpafbgdpnkljologafpionhb

---

:: “Tracing” keys deleted
:: Winsock settings cleared

---

C:\AdwCleaner\AdwCleaner[C0].txt - [17834 Bytes] - [25/11/2016 12:04:25]
C:\AdwCleaner\AdwCleaner[S0].txt - [16564 Bytes] - [25/11/2016 11:30:33]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [17982 Bytes] ##########

Sorry for the delay.
I am trying to fit the forum in around the chores on the Farm.
P

[ul]
[li]Ok, I need you to re-run the FRST fix, you posted the content of the fixlist. [/li][li]You need to save the fixlist.txt to your desktop, make sure you have FRST.exe program on desktop as well.[/li][li]Right Click FRST64.exe Riun as Administrator.[/li][li]Once the program is open.[/li][li]Click the fix button – Wait for your machine to reboot.[/li][li]Once machine reboots, a fixlog.txt will open, copy and paste that here in your next reply.[/li][/ul]

Hello:
Hopefully I attached the proper scan this time.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2016
Ran by CEP Local 440 (administrator) on CEPLOCAL440-PC (25-11-2016 14:37:53)
Running from C:\Users\CEP Local 440\Downloads
Loaded Profiles: CEP Local 440 (Available Profiles: CEP Local 440 & DefaultAppPool)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(McAfee, Inc.) C:\WINDOWS\System32\mfevtps.exe
(Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.ex e
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64. exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\WINDOWS\System32\InstallAgent.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZUpdateNotifier.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\McTray.exe
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM...\Run: [Kernel and Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM...\Run: [RtkOSD] => C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [995840 2010-01-12] (Realtek Semiconductor Corp.)
HKLM...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe
HKLM...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8446832 2015-04-06] (Realtek Semiconductor)
HKLM...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2015-04-06] (Realtek Semiconductor)
HKLM...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-25] (Synaptics Incorporated)
HKLM...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13900016 2016-11-09] (Zemana Ltd.)
HKLM-x32...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32...\Run: [McAfeeUpdaterUI] => C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [161088 2011-01-12] (McAfee, Inc.)
HKLM-x32...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] ()
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-07-16]
ShortcutTarget: FAH.lnk → C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2011-10-05]
ShortcutTarget: Logitech SetPoint.lnk → C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-07-16]
ShortcutTarget: RealTimes.lnk → C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-07-16]
ShortcutTarget: Update Notifier.lnk → C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-07-16]
ShortcutTarget: WinZip Preloader.lnk → C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip..\Interfaces{7aacf0c7-f777-451d-935f-0dff73e93a81}: [DhcpNameServer] 192.168.2.1 192.168.2.1
[HEADING=1]Internet Explorer:[/HEADING]
BHO: RealNetworks Download and Record Plugin for Internet Explorer → {3049C3E9-B461-4BC5-8870-4C09146192CA} → C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\I E\rndlbrowserrecordplugin64.dll [2016-05-13] (RealDownloader)
BHO: Canon Easy-WebPrint EX BHO → {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} → C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2013-11-28] (CANON INC.)
BHO: Java™ Plug-In 2 SSV Helper → {DBC80044-A445-435b-BC74-9C25C1C588A9} → C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO: No Name → {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} → No File
BHO-x32: HP Print Enhancer → {0347C33E-8762-4905-BF09-768834316C61} → C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-06-30] (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer → {3049C3E9-B461-4BC5-8870-4C09146192CA} → C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\I E\rndlbrowserrecordplugin.dll [2016-05-13] (RealDownloader)
BHO-x32: Canon Easy-WebPrint EX BHO → {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} → C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28] (CANON INC.)
BHO-x32: Windows Live Messenger Companion Helper → {9FDDE16B-836F-4806-AB1F-1455CBEFF289} → C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: HP Network Check Helper → {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} → C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckP lugin.dll [2012-07-09] (Hewlett-Packard)
BHO-x32: HP Smart BHO Class → {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} → C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-06-30] (Hewlett-Packard Co.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28] (CANON INC.)
Toolbar: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 → Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (CANON INC.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
[HEADING=1]FireFox:[/HEADING]
FF HKLM-x32...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\Browser Plugins\Firefox\Ext => not found
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 → C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 → c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer → C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2016-02-18] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 → C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-12-18] ()
FF Plugin-x32: @canon.com/EPPEX → C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 → C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 → C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2013-12-27] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin → C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.11.2 → C:\WINDOWS\SysWOW64\npDeployJava1.dll [2013-01-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 → c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 → C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 → C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 → C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 → C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.4.135 → C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2016-07-16] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.4.135 → C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-07-16] (RealPlayer)
FF Plugin-x32: Adobe Reader → C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin HKU.DEFAULT: @hola.org/FlashPlayer → C:\Users\CEP Local 440\AppData\Local\Hola\firefox_hola\app\flash\NPSW F32_18_0_0_232.dll [No File]
FF Plugin HKU.DEFAULT: @hola.org/vlc → C:\Users\CEP Local 440\AppData\Local\Hola\firefox_hola\app\vlc\npvlc. dll [No File]
[HEADING=1]Chrome:[/HEADING]
CHR DefaultProfile: Default
CHR Profile: C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default [2016-11-25]
CHR Extension: (AdBlock) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbi glidom [2016-11-24]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfb nlmeio [2016-11-25]
CHR Extension: (Towns) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpicpeahbmmbigocblndhdmgp kcggpk [2016-10-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2016-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2016-10-23]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [792592 2016-04-08] (Garmin Ltd. or its subsidiaries)
S4 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
S3 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [362296 2010-05-11] (HP)
S3 HPSIService; C:\Windows\SysWOW64\HPSIsvc.exe [0 2013-11-06] () <==== ATTENTION (zero byte File/Folder)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] () [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [120128 2011-01-12] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [158832 2012-01-22] (McAfee, Inc.)
R2 mfevtp; C:\Windows\SysWOW64\mfevtps.exe [0 2013-11-06] () <==== ATTENTION (zero byte File/Folder)
S4 REALPLAYERUPDATESVC; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-05-13] ()
S4 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1095440 2016-07-16] (RealNetworks, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [293080 2015-04-06] (Realtek Semiconductor)
R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed]
R2 SamSs; C:\WINDOWS\SysWOW64\lsass.exe [0 2013-11-06] () <==== ATTENTION (zero byte File/Folder)
R2 Spooler; C:\WINDOWS\SysWOW64\spoolsv.exe [0 2013-11-06] () <==== ATTENTION (zero byte File/Folder)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-25] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13900016 2016-11-09] (Zemana Ltd.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [158712 2012-01-22] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [228752 2012-01-22] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [642952 2012-01-22] (McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [100904 2012-01-22] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [283744 2012-01-22] (McAfee, Inc.)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-22] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-07-28] (Realtek )
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-25] (Synaptics Incorporated)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [44032 2015-07-09] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2016-11-24] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-11-24] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-25 14:31 - 2016-11-25 14:31 - 00016148 _____ C:\WINDOWS\system32\CEPLOCAL440-PC_CEP Local 440_HistoryPrediction.bin
2016-11-25 12:29 - 2016-11-25 14:36 - 02412032 _____ (Farbar) C:\Users\CEP Local 440\Downloads\FRST64 (1).exe
2016-11-25 11:24 - 2016-11-25 11:25 - 03910208 _____ C:\Users\CEP Local 440\Downloads\adwcleaner_6.030 (2).exe
2016-11-25 11:11 - 2016-11-25 11:11 - 00035882 _____ C:\Users\CEP Local 440\Desktop\Adwcleaner.htm
2016-11-25 11:08 - 2016-11-25 11:09 - 03910208 _____ C:\Users\CEP Local 440\Downloads\adwcleaner_6.030 (1).exe
2016-11-25 11:08 - 2016-11-25 11:08 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\CEP Local 440\Downloads\SpyHunter-Installer.exe
2016-11-25 11:07 - 2016-11-25 11:07 - 00167467 _____ C:\Users\CEP Local 440\Desktop\download.htm
2016-11-25 11:06 - 2016-11-25 12:04 - 00000000 ____D C:\AdwCleaner
2016-11-25 11:05 - 2016-11-25 11:05 - 03910208 _____ C:\Users\CEP Local 440\Downloads\adwcleaner_6.030.exe
2016-11-25 09:20 - 2016-11-25 09:20 - 00018582 _____ C:\Users\CEP Local 440\Downloads\fixlist (2).txt
2016-11-25 09:16 - 2016-11-25 09:17 - 00018582 _____ C:\Users\CEP Local 440\Downloads\fixlist.txt
2016-11-25 09:10 - 2016-11-25 09:10 - 00003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-11-25 09:08 - 2016-11-25 09:08 - 00000000 ____D C:\Users\CEP Local 440\AppData\Roaming\Skype
2016-11-25 08:44 - 2016-11-25 08:49 - 00056842 _____ C:\Users\CEP Local 440\Downloads\Fixlog.txt
2016-11-25 08:43 - 2016-11-25 08:43 - 00018582 _____ C:\Users\CEP Local 440\Desktop\fixlist (1).txt
2016-11-25 08:42 - 2016-11-25 08:42 - 00018582 _____ C:\Users\CEP Local 440\Downloads\fixlist (1).txt
2016-11-24 20:18 - 2016-11-24 20:18 - 00685752 _____ (WinZip Computing, S.L.) C:\Users\CEP Local 440\Downloads\winzip20-cnet (1).exe
2016-11-24 20:15 - 2016-11-24 20:15 - 01962408 _____ C:\Users\CEP Local 440\Downloads\wrar540.exe
2016-11-24 20:09 - 2016-11-24 20:10 - 05834344 _____ C:\Users\CEP Local 440\Downloads\winzip100.exe
2016-11-24 20:03 - 2016-11-24 20:04 - 00685752 _____ (WinZip Computing, S.L.) C:\Users\CEP Local 440\Downloads\winzip20-cnet.exe
2016-11-24 19:40 - 2016-11-24 19:40 - 00000000 ____D C:\ProgramData\UniqueId
2016-11-24 19:39 - 2016-11-24 19:40 - 02790842 _____ C:\Users\CEP Local 440\Downloads\geek.zip
2016-11-24 11:42 - 2016-11-24 11:42 - 12296704 _____ C:\Users\CEP Local 440\Downloads\dap97_brosp.exe
2016-11-24 11:42 - 2016-11-24 11:42 - 00698688 _____ (SlimWare Utilities, Inc.) C:\Users\CEP Local 440\Downloads\slimdrivers-setup (3).exe
2016-11-24 11:42 - 2016-11-24 11:42 - 00698688 _____ (SlimWare Utilities, Inc.) C:\Users\CEP Local 440\Downloads\slimdrivers-setup (2).exe
2016-11-24 11:42 - 2016-11-24 11:42 - 00670016 _____ (SlimWare Utilities, Inc.) C:\Users\CEP Local 440\Downloads\slimdrivers-setup (1).exe
2016-11-24 11:42 - 2016-11-24 11:42 - 00632704 _____ (SlimWare Utilities, Inc.) C:\Users\CEP Local 440\Downloads\slimdrivers-setup.exe
2016-11-24 11:42 - 2016-11-24 11:42 - 00307784 _____ (WoW Worldwide Software LTD) C:\Users\CEP Local 440\Downloads\VaudiX.exe
2016-11-24 11:42 - 2016-11-24 11:42 - 00295728 _____ (VuuPC Limited) C:\Users\CEP Local 440\Downloads\VuuPCBaseSetup.exe
2016-11-24 11:42 - 2016-11-24 11:42 - 00293176 _____ C:\Users\CEP Local 440\Downloads\SoftonicDownloader_for_johns-background-switcher.exe
2016-11-24 11:42 - 2016-11-24 11:42 - 00245816 _____ (Premium) C:\Users\CEP Local 440\Downloads\DownloadSetup (6).exe
2016-11-24 11:42 - 2016-11-24 11:42 - 00228920 _____ (Premium) C:\Users\CEP Local 440\Downloads\DownloadSetup (59).exe
2016-11-24 11:42 - 2016-11-24 11:42 - 00176680 _____ C:\Users\CEP Local 440\Downloads\revo uninstaller.exe
2016-11-24 11:42 - 2016-11-24 11:42 - 00176680 _____ C:\Users\CEP Local 440\Downloads\revo uninstaller(1).exe
2016-11-24 08:10 - 2016-11-25 14:38 - 00528477 _____ C:\WINDOWS\ZAM.krnl.trace
2016-11-24 08:10 - 2016-11-25 14:38 - 00081546 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2016-11-24 08:10 - 2016-11-24 08:10 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2016-11-24 08:10 - 2016-11-24 08:10 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2016-11-24 08:10 - 2016-11-24 08:10 - 00001221 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2016-11-24 08:10 - 2016-11-24 08:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-11-24 08:10 - 2016-11-24 08:10 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-11-24 08:07 - 2016-11-24 08:07 - 05426600 _____ ( ) C:\Users\CEP Local 440\Downloads\Zemana.AntiMalware.Setup.exe
2016-11-24 08:07 - 2016-11-24 08:07 - 00000000 ____D C:\Users\CEP Local 440\AppData\Local\Zemana
2016-11-23 22:19 - 2016-11-23 22:21 - 00055825 _____ C:\Users\CEP Local 440\Downloads\Addition.txt
2016-11-23 22:16 - 2016-11-25 14:38 - 00020005 _____ C:\Users\CEP Local 440\Downloads\FRST.txt
2016-11-23 22:16 - 2016-11-25 14:37 - 00000000 ____D C:\FRST
2016-11-23 22:11 - 2016-11-25 14:37 - 00001598 _____ C:\Users\CEP Local 440\Desktop\FRST64 - Shortcut.lnk
2016-11-23 22:09 - 2016-11-23 22:15 - 02412032 _____ (Farbar) C:\Users\CEP Local 440\Downloads\FRST64.exe
2016-11-23 19:54 - 2016-11-23 19:54 - 00128628 _____ C:\Users\CEP Local 440\Desktop\PC Help Forum.html
2016-11-23 19:54 - 2016-11-23 19:54 - 00000000 ____D C:\Users\CEP Local 440\Desktop\PC Help Forum_files
2016-11-19 19:24 - 2016-11-19 19:25 - 00268880 _____ C:\TDSSKiller.3.1.0.12_19.11.2016_19.24.07_log.txt
2016-11-19 19:23 - 2016-11-19 19:23 - 04747704 _____ (AO Kaspersky Lab) C:\Users\CEP Local 440\Downloads\tdsskiller (1).exe
2016-11-19 19:07 - 2016-11-19 19:10 - 00532114 _____ C:\TDSSKiller.3.1.0.12_19.11.2016_19.07.45_log.txt
2016-11-19 19:07 - 2016-11-19 19:07 - 04747704 _____ (AO Kaspersky Lab) C:\Users\CEP Local 440\Downloads\tdsskiller.exe
2016-11-19 19:01 - 2016-11-19 19:01 - 02622304 _____ (Kaspersky Lab) C:\Users\CEP Local 440\Downloads\kss16.0.0.1344en_9702.exe
2016-11-15 19:46 - 2016-11-15 19:46 - 00132859 _____ C:\Users\CEP Local 440\Desktop\Watch Westworld (2016) Online Free - PrimeWire _ 1Channel.html
2016-11-15 19:46 - 2016-11-15 19:46 - 00000000 ____D C:\Users\CEP Local 440\Desktop\Watch Westworld (2016) Online Free - PrimeWire _ 1Channel_files
2016-11-14 21:09 - 2016-11-14 21:09 - 00085387 _____ C:\Users\CEP Local 440\Desktop\Watch Britain’s Got Talent - PrimeWire _ 1Channel _ LetMeWatchThis - Watch TV Shows Online Free - Just Added.html
2016-11-14 21:09 - 2016-11-14 21:09 - 00000000 ____D C:\Users\CEP Local 440\Desktop\Watch Britain’s Got Talent - PrimeWire _ 1Channel _ LetMeWatchThis - Watch TV Shows Online Free - Just Added_files
2016-11-06 20:55 - 2016-11-06 20:55 - 00124328 _____ C:\Users\CEP Local 440\Desktop\Watch Britain’s Got Talent.html
2016-11-06 20:54 - 2016-11-06 20:54 - 00000000 ____D C:\Users\CEP Local 440\Desktop\Watch Britain’s Got Talent_files
2016-11-02 22:32 - 2016-11-02 22:32 - 00127538 _____ C:\Users\CEP Local 440\Desktop\WestJet.html
2016-11-02 22:32 - 2016-11-02 22:32 - 00000000 ____D C:\Users\CEP Local 440\Desktop\WestJet_files
2016-11-01 18:23 - 2016-11-01 18:23 - 00002221 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-11-01 18:23 - 2016-11-01 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-10-29 19:19 - 2016-10-29 19:19 - 00124315 _____ C:\Users\CEP Local 440\Desktop\Britian got talent season-10-episode-1.htm

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-25 13:27 - 2015-07-30 18:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-25 13:22 - 2015-10-25 10:39 - 00000000 ____D C:\Users\CEP Local 440\AppData\Local\Packages
2016-11-25 12:15 - 2015-10-24 07:16 - 01005598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-25 12:15 - 2015-07-30 18:40 - 00000000 ____D C:\WINDOWS\INF
2016-11-25 12:11 - 2015-10-24 07:18 - 00000000 ____D C:\Users\CEP Local 440
2016-11-25 12:08 - 2015-07-30 17:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-25 12:08 - 2013-05-11 20:33 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-25 12:07 - 2015-07-10 05:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-11-25 12:03 - 2011-10-24 22:52 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2016-11-25 12:02 - 2011-10-24 22:52 - 00000000 ____D C:\Users\CEP Local 440\AppData\LocalLow\Yahoo!
2016-11-25 11:57 - 2015-07-30 18:42 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-25 11:02 - 2012-02-05 09:24 - 00000000 ____D C:\Users\CEP Local 440\Desktop\New folder
2016-11-25 11:01 - 2014-03-30 10:59 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-11-25 10:55 - 2009-07-14 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-11-25 10:49 - 2010-10-08 05:24 - 00000000 ____D C:\Users\CEP Local 440\AppData\Roaming\HpUpdate
2016-11-25 10:05 - 2010-04-22 14:54 - 00000000 ____D C:\Program Files (x86)\HP
2016-11-25 10:05 - 2010-04-22 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-11-25 09:37 - 2010-04-22 13:13 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-11-25 09:10 - 2015-10-25 10:43 - 00002435 _____ C:\Users\CEP Local 440\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-11-25 09:10 - 2015-10-25 10:43 - 00000000 ___RD C:\Users\CEP Local 440\OneDrive
2016-11-25 09:03 - 2011-07-13 06:57 - 00000000 ____D C:\Program Files (x86)\SpeedBit Video Accelerator
2016-11-25 08:47 - 2010-10-20 07:37 - 00000000 ___SD C:\Users\CEP Local 440\AppData\LocalLow\Temp
2016-11-24 23:17 - 2012-06-13 20:08 - 00000000 ____D C:\Program Files (x86)\Java
2016-11-24 23:04 - 2016-07-16 12:50 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-11-24 23:03 - 2009-07-13 23:20 - 00000000 ____D C:\Users\Default.migrated
2016-11-24 22:47 - 2013-01-28 19:43 - 00000000 ____D C:\Program Files (x86)\Wise
2016-11-24 19:40 - 2016-07-16 14:25 - 00000000 ____D C:\Users\CEP Local 440\AppData\Local\WinZip
2016-11-24 19:40 - 2011-07-13 07:40 - 00000000 ____D C:\ProgramData\WinZip
2016-11-24 11:42 - 2011-07-13 06:49 - 00000000 ____D C:\Users\CEP Local 440\Documents\My DAP Downloads
2016-11-24 11:30 - 2015-07-30 18:42 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-11-19 12:36 - 2014-10-15 19:30 - 00000000 ____D C:\ProgramData\ProductData
2016-11-17 21:37 - 2010-10-12 20:18 - 00000000 ____D C:\Program Files (x86)\IObit
2016-11-14 18:45 - 2012-12-31 20:36 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-06 17:47 - 2015-11-03 18:07 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-03 19:18 - 2010-10-12 20:18 - 00000000 ____D C:\Users\CEP Local 440\AppData\Roaming\IObit
2016-11-03 19:17 - 2014-10-15 19:30 - 00000000 ____D C:\Users\CEP Local 440\AppData\LocalLow\IObit
2016-11-03 19:17 - 2011-03-21 18:31 - 00000000 ____D C:\ProgramData\IObit
2016-11-01 18:35 - 2010-10-11 20:27 - 00000000 ____D C:\Users\CEP Local 440\AppData\Local\Google
2016-11-01 18:23 - 2010-10-11 20:26 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-27 21:22 - 2010-10-12 21:36 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2011-07-13 07:34 - 2011-07-13 07:34 - 0099384 _____ () C:\Users\CEP Local 440\AppData\Roaming\inst.exe
2011-07-13 07:34 - 2011-07-13 07:34 - 0007859 _____ () C:\Users\CEP Local 440\AppData\Roaming\pcouffin.cat
2011-07-13 07:34 - 2011-07-13 07:34 - 0001167 _____ () C:\Users\CEP Local 440\AppData\Roaming\pcouffin.inf
2011-07-13 07:35 - 2015-02-16 16:26 - 0000033 _____ () C:\Users\CEP Local 440\AppData\Roaming\pcouffin.log
2011-07-13 07:34 - 2011-07-13 07:34 - 0082816 _____ (VSO Software) C:\Users\CEP Local 440\AppData\Roaming\pcouffin.sys
2011-07-13 07:35 - 2011-07-14 11:58 - 0000671 _____ () C:\Users\CEP Local 440\AppData\Roaming\vso_ts_preview.xml
2010-10-13 04:39 - 2010-10-13 04:39 - 0000000 _____ () C:\Users\CEP Local 440\AppData\Roaming\wklnhst.dat
2013-11-06 16:18 - 2015-11-12 22:49 - 0123531 _____ () C:\Users\CEP Local 440\AppData\Local\ars.cache
2013-11-06 16:19 - 2015-11-12 22:49 - 1188256 _____ () C:\Users\CEP Local 440\AppData\Local\census.cache
2013-11-06 15:44 - 2013-11-06 15:44 - 0000036 _____ () C:\Users\CEP Local 440\AppData\Local\housecall.guid.cache
2015-11-12 23:40 - 2015-11-12 23:40 - 0000010 _____ () C:\Users\CEP Local 440\AppData\Local\sponge.last.runtime.cache
2010-09-17 06:11 - 2015-10-10 18:12 - 0000361 _____ () C:\ProgramData\HPWALog.txt
[HEADING=1]Some files in TEMP:[/HEADING]
C:\Users\CEP Local 440\AppData\Local\Temp\libeay32.dll
C:\Users\CEP Local 440\AppData\Local\Temp\msvcr120.dll
C:\Users\CEP Local 440\AppData\Local\Temp\sqlite3.dll
[HEADING=1]Some zero byte size files/folders:[/HEADING]
C:\Windows\SysWOW64\conhost.exe
C:\Windows\SysWOW64\csrss.exe
C:\Windows\SysWOW64\dwm.exe
C:\Windows\SysWOW64\hkcmd.exe
C:\Windows\SysWOW64\HPSIsvc.exe
C:\Windows\SysWOW64\igfxpers.exe
C:\Windows\SysWOW64\igfxtray.exe
C:\Windows\SysWOW64\lsass.exe
C:\Windows\SysWOW64\lsm.exe
C:\Windows\SysWOW64\mfevtps.exe
C:\Windows\SysWOW64\services.exe
C:\Windows\SysWOW64\smss.exe
C:\Windows\SysWOW64\spoolsv.exe
C:\Windows\SysWOW64\taskhost.exe
C:\Windows\SysWOW64\winlogon.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-06-03 20:36

==================== End of FRST.txt ============================

..And here is the second one.
[HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2016
Ran by CEP Local 440 (25-11-2016 14:40:14)
Running from C:\Users\CEP Local 440\Downloads
Windows 10 Home (X64) (2015-10-25 14:38:35)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================

Administrator (S-1-5-21-1124643268-3595298339-4084894015-500 - Administrator - Disabled)
CEP Local 440 (S-1-5-21-1124643268-3595298339-4084894015-1000 - Administrator - Enabled) => C:\Users\CEP Local 440
DefaultAccount (S-1-5-21-1124643268-3595298339-4084894015-503 - Limited - Disabled)
Guest (S-1-5-21-1124643268-3595298339-4084894015-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1124643268-3595298339-4084894015-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.02 (HKLM-x32...{23170F69-40C1-2701-1602-000001000000}) (Version: 16.02.00.0 - Igor Pavlov)
7-Zip 16.02 (HKLM-x32...\7-Zip) (Version: 16.02 - Igor Pavlov)
Acrobat.com (HKLM-x32...{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32...{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32...{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.2 (HKLM-x32...{C1F3739C-D31D-4062-8788-29261C4A2A68}) (Version: 12.2.4.194 - Adobe Systems, Inc)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32...{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM...{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM...{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32...{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft Panorama Maker 6 (HKLM-x32...{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}) (Version: 6.0.8.85 - ArcSoft)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Bonjour (HKLM...{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bus Driver (x32 Version: 2.2.0.82 - WildTangent) Hidden
Canon Easy-WebPrint EX (HKLM-x32...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MX450 series MP Drivers (HKLM...{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}Canon_MX450_series) (Version: 1.00 - Canon Inc.)
Canon MX450 series On-screen Manual (HKLM-x32...\Canon MX450 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Canon Speed Dial Utility (HKLM-x32...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32...{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32...{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32...{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32...{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertXtoDVD 3.3.4.106e (HKLM-x32...{76C24F39-B161-498F-BD8B-C64789812D13}is1) (Version: 3.3.4.106e - )
CyberLink DVD Suite (HKLM-x32...\InstallShield{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2216 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32...\InstallShield{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3419 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM-x32...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.1.1110 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAP Plug-in for 64 Bit IE (HKLM...{E06AF9BE-E1D6-4867-8DBF-74E4BA32BBB3}) (Version: 9606.0.30 - SpeedBit)
DivX Setup (HKLM-x32...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Dora’s Carnival Adventure (x32 Version: 2.2.0.82 - WildTangent) Hidden
Elevated Installer (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.82 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32...{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Faerie Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.82 - WildTangent) Hidden
Garmin Communicator Plugin x64 (HKLM...{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32...{2639b4f0-83b4-4f3d-942f-e4ba22a40b9b}) (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Lifetime Updater (HKLM-x32...{9AAD03E8-4F65-4DE2-8F6C-1B079C0C8521}) (Version: 2.1.11 - Garmin)
GenuTax Standard (HKLM-x32...{C558F931-FCAD-4252-909F-D736DF679567}) (Version: 1.45 - GenuSource Consulting Inc)
Google Chrome (HKLM-x32...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Earth (HKLM-x32...{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP LaserJet Professional M1130-M1210 MFP Series (HKLM...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP LaserJet Professional M1210 MFP Series Fax Installer (HKLM...{E65099C4-9110-4C31-BD03-5C17EFB5FE92}) (Version: 1.1.0 - HP)
HP Quick Launch (HKLM...{10F539B1-31AF-43BF-9F0C-0EB66E918922}) (Version: 1.0.18 - Hewlett-Packard)
HP Setup (HKLM-x32...{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing (HKLM-x32...\HP Smart Web Printing) (Version: 131.1.35898 - Hewlett-Packard)
HP Software Framework (HKLM-x32...{97174E88-52F9-445A-A28E-704A45332D19}) (Version: 4.0.108.1 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM-x32...{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
iCloud (HKLM...{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
InstaCodecs (HKLM-x32...\InstaCodecs_is1) (Version: 1.0 - )
InstallConverter (HKLM-x32...\InstallConverter) (Version: 1.0 - InstallConverter)
Intel(R) Chipset Device Software (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden
Intel(R) Control Center (HKLM-x32...{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32...{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32...{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
iTunes (HKLM...{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
Jewel Quest 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
LabelPrint (HKLM-x32...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2215 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2215 - CyberLink Corp.) Hidden
Logitech SetPoint (HKLM-x32...{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
LSI HDA Modem (HKLM...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MaxiLink (HKLM-x32...{3F1420A7-FF17-40F0-B4FE-3481B8D10081}) (Version: 1.08 - Autel)
McAfee Agent (HKLM-x32...{2AAB21C2-4CDA-4189-A0EC-5ED666113F84}) (Version: 4.5.0.1810 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32...{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32...{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32...{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM-x32...{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM...{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32...{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM...{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32...{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM...{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM...{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32...{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32...{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32...{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
muvee Reveal (HKLM-x32...{DE626616-D7C4-4F00-7E0B-EAF26FA65749}) (Version: 7.0.43.12698 - muvee Technologies Pte Ltd)
ObjectDock Free (HKLM-x32...\ObjectDock Free) (Version: 2.0 - Stardock Corporation)
ObjectDock Free (x32 Version: 2.0 - Stardock Corporation) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
Power2Go (HKLM-x32...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3415 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3415 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3420 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3420 - CyberLink Corp.) Hidden
RealDownloader (x32 Version: 18.1.4.137 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.4.144 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32...\RealPlayer 18.1) (Version: 18.1.4 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32...{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.3.723.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32...{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7427 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32...{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32...{901F0D4C-009D-1112-8DE4-03599E7B0C5C}) (Version: 1.00.10.0104 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.2214 - CyberLink Corp.) Hidden
Revo Uninstaller 1.94 (HKLM-x32...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
RtVOsd (HKLM...{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)
Scan To (HKLM...{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
SlimDrivers (HKLM-x32...{3CF3DEF4-ED15-4F7B-9320-C3E1081EA4DA}) (Version: 2.2.30877 - SlimWare Utilities, Inc.)
Smart Defrag 3 (HKLM-x32...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
Synaptics Pointing Device Driver (HKLM...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
TurboTax Free version 1.0.1 (HKLM-x32...{EF63699B-79A1-4A7D-B02D-AD5976701864}_is1) (Version: 1.0.1 - Intuit Canada)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VaudiX (HKLM...{6C7F523F-A2A9-AE9E-4C75-EA8BB79C70C9}) (Version: 1.0 - )
vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Downloader (x32 Version: 1.2.0 - RealNetworks) Hidden
Virtual Families (x32 Version: 2.2.0.82 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32...{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32...{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinZip 20.5 (HKLM...{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}) (Version: 20.5.12118 - WinZip Computing, S.L. )
Xvid Video Codec (HKLM-x32...\Xvid Video Codec 1.3.1) (Version: 1.3.2 - Xvid Team)
Yahoo! Detect (HKLM-x32...\YTdetect) (Version: - )
Zemana AntiMalware (HKLM-x32...{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.60.1 - Zemana Ltd.)
Zuma’s Revenge (x32 Version: 2.2.0.82 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08C18A8D-A2BD-4774-9120-78A4A4FC9E76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {0BF52ED3-1BB6-4841-9EEF-4ADFA8C01E62} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1627C880-15CC-4527-9FE1-5EBA43DD41D7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {18853C6D-A3C5-431B-83DB-B7E51B6D1A9A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {27CCF768-AFC7-4E08-BE16-845098F6E1C9} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {30426D06-7CE3-404A-89C2-7A4DA66DBA3D} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {3B460780-4ABB-499A-A302-4CCCF74FF5C7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4862D3F8-2130-4C97-A2A3-B139E5650AB7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {49FDBA15-93C4-4369-B2AC-DC67D65D4F29} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {57668D48-BB12-44DA-9C67-A3B46E8D44CB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5D8FF8E9-CE26-4891-955E-92566A4AE49F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {63AA4B71-0FB7-4900-ABCD-1A1044042157} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6809B9EF-F2FC-4B51-9FA3-9AA2FD514EF2} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7C025B81-7511-44C3-9832-4DED87E013CB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {91775A97-F1FA-4406-8BFE-B175EB66B61F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {93D595F8-B5CF-441B-A5C1-202DDF53EE6C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {96A4AA20-AD60-4CDD-818D-CEEF996CE643} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {9AEF5C9B-DF21-4B95-BEF3-83AC6146D0AF} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A34CE245-50BC-4CCC-B4C5-C2D2EFB50957} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A66798D4-C70C-475F-9B74-49D08E192BF5} - System32\Tasks{298B2E4F-B19F-479B-A158-24E952B262D7} => pcalua.exe -a F:\setup.exe -d F:
Task: {AAAA528F-472D-41BD-A91A-EA77D7428CC4} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B9AEA5BF-FEB4-4F9D-99D1-32044FA58E69} - no filepath
Task: {C0CE097B-D8A2-4DE3-A7B5-5181B2628640} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {C10DF3FC-8775-4BE6-B0D5-A1044AC4C417} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C2ECE9AB-A485-4CFD-9141-3028BC823A8C} - System32\Tasks{BF9EF130-FE70-4432-88EC-F3B7132270EA} => pcalua.exe -a G:\internalsw.exe -d G:
Task: {E73ACD4C-1F44-4639-BA0D-B9E074AE8FB2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E9E97BFB-E139-4DB2-A978-802F63DA9BC3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ECB00934-BB76-4164-BD18-F1F1D6B0BC50} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EE5786B3-871D-461C-A5B4-CE59F65A6910} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company)
Task: {EEB67E49-8B2B-4DF3-928D-5ADF90CE6D9B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F87AD7FC-295C-4D22-9010-0A9584303B21} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FDA0C9D7-4161-40A6-81E3-C046B91E75F7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForCEP Local 440.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\CEP Local 440\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk → hxxp://www.msnusers.com

==================== Loaded Modules (Whitelisted) ==============

2014-03-19 15:14 - 2012-09-29 12:25 - 00409088 _____ () C:\WINDOWS\System32\HPM1210LM.DLL
2012-02-05 09:28 - 2012-09-29 12:25 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.d ll
2015-09-10 01:08 - 2015-09-10 01:08 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2013-12-27 20:15 - 2012-03-28 08:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2010-01-18 18:04 - 2010-01-18 18:04 - 00020480 _____ () C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
2010-04-22 14:42 - 2009-07-06 15:20 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-04-23 19:58 - 2016-03-16 00:55 - 02495768 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-23 19:58 - 2016-03-16 00:55 - 02495768 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-11-24 08:10 - 2016-11-24 08:10 - 00152944 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2011-10-05 12:52 - 2009-07-20 11:35 - 00018960 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
2011-10-05 12:52 - 2009-07-20 03:00 - 00077824 _____ () C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
2009-07-01 18:44 - 2009-07-01 18:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2007-04-18 18:30 - 2007-04-18 18:30 - 00393216 _____ () C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll
2007-04-18 18:30 - 2007-04-18 18:30 - 00471040 _____ () C:\Program Files (x86)\McAfee\Common Framework\ccme_base.dll
2011-01-12 15:05 - 2011-01-12 15:05 - 00065536 _____ () C:\Program Files (x86)\McAfee\Common Framework\boost_thread-vc80-mt-1_32.dll
2016-04-22 00:08 - 2016-04-22 00:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 00:08 - 2016-04-22 00:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-11-25 09:08 - 2016-11-25 09:08 - 01383616 _____ () C:\Users\CEP Local 440\AppData\Local\Microsoft\OneDrive\17.3.6517.080 9\ClientTelemetry.dll
2016-11-25 09:08 - 2016-11-25 09:08 - 00118976 _____ () C:\Users\CEP Local 440\AppData\Local\Microsoft\OneDrive\17.3.6517.080 9\FileSyncViews.dll
2016-11-14 18:45 - 2016-11-08 16:29 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libgl esv2.dll
2016-11-14 18:45 - 2016-11-08 16:29 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.99\libeg l.dll
2016-11-08 19:09 - 2016-11-08 19:09 - 17772736 _____ () C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.207\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\hola.org → hxxp://hola.org
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\008i.com → 008i.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\008k.com → 008k.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\00hq.com → 00hq.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\0190-dialers.com → 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\01i.info → 01i.info
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\02pmnzy5eo29bfk4.com → 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\05p.com → 05p.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\07ic5do2myz3vzpk.com → 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\08nigbmwk43i01y6.com → 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\093qpeuqpmz6ebfa.com → 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\0calories.net → 0calories.net
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\0cj.net → 0cj.net
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\0scan.com → 0scan.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\1-britney-spears-nude.com → 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\1-domains-registrations.com → 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\1-se.com → 1-se.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\1001movie.com → 1001movie.com
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\1001night.biz → 1001night.biz
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\100gal.net → 100gal.net
IE restricted site: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\100sexlinks.com → 100sexlinks.com

There are 4791 more sites.

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2016-11-25 14:31 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Control Panel\Desktop\Wallpaper → c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM...\StartupApproved\StartupFolder: => “Kaspersky Software Updater Beta.lnk”
HKLM...\StartupApproved\StartupFolder: => “RealTimes.lnk”
HKLM...\StartupApproved\StartupFolder: => “WinZip Preloader.lnk”
HKLM...\StartupApproved\Run32: => “RealDownloader”
HKLM...\StartupApproved\Run32: => “TkBellExe”
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\StartupApproved\Run: => “uTorrent”
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\StartupApproved\Run: => “GarminExpressTrayApp”
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\StartupApproved\Run: => “iCloudDrive”
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\StartupApproved\Run: => “iCloudPhotos”
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\StartupApproved\Run: => “iCloudServices”
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\StartupApproved\Run: => “KSS”
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000...\StartupApproved\Run: => “SUPERAntiSpyware”

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{483ED197-8AB6-4AF4-9AFE-3DC4FAD93582}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{5B2D2D63-01D4-4FA9-BC8C-0BE0A0DC812E}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{CB914520-5A46-4907-9942-ED61292744C0}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{803A7873-08D7-4C40-A594-ECC9F64AE1D8}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [TCP Query User{7014818C-9C00-4B49-BF51-6ADB5CD69CBA}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{3E804D65-72FE-48D4-9D4B-F92386C49512}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe

==================== Restore Points =========================

06-11-2016 20:40:59 Removed iTunes
24-11-2016 20:25:12 Revo Uninstaller’s restore point - Download Accelerator Plus (DAP)
24-11-2016 20:33:04 Revo Uninstaller’s restore point - HP Advisor
24-11-2016 20:33:47 Removed HP Advisor.
24-11-2016 22:42:32 Revo Uninstaller’s restore point - Wise Registry Cleaner 8.81
24-11-2016 22:46:05 Revo Uninstaller’s restore point - Wise Care 365 version 2.44
24-11-2016 22:48:25 Revo Uninstaller’s restore point - Wise Care 365 3.96
24-11-2016 22:50:13 Revo Uninstaller’s restore point - WinRAR 5.40 (32-bit)
24-11-2016 22:52:36 Revo Uninstaller’s restore point - Vuze
24-11-2016 22:56:07 Revo Uninstaller’s restore point - SpeedBit Video Downloader
24-11-2016 22:58:12 Revo Uninstaller’s restore point - SpeedBit Video Accelerator
24-11-2016 23:00:18 Revo Uninstaller’s restore point - Microsoft Live Search Toolbar
24-11-2016 23:02:24 Revo Uninstaller’s restore point - Kaspersky Security Scan
24-11-2016 23:06:00 Revo Uninstaller’s restore point - Kaspersky Software Updater Beta
24-11-2016 23:08:02 Revo Uninstaller’s restore point - LightScribe System Software
24-11-2016 23:08:50 Removed LightScribe System Software.
24-11-2016 23:10:47 Revo Uninstaller’s restore point - JavaFX 2.1.1
24-11-2016 23:11:25 Removed JavaFX 2.1.1
24-11-2016 23:13:15 Revo Uninstaller’s restore point - Java 7 Update 11
24-11-2016 23:14:52 Removed Java 7 Update 11
25-11-2016 08:44:55 Restore Point Created by FRST
25-11-2016 09:30:29 Revo Uninstaller’s restore point - HP User Guides 0183
25-11-2016 09:31:58 Removed HP User Guides 0183
25-11-2016 09:48:00 Revo Uninstaller’s restore point - HP Update
25-11-2016 10:04:40 Removed HP Update
25-11-2016 10:50:19 Revo Uninstaller’s restore point - HP Games
25-11-2016 10:57:55 Removed Java™ 6 Update 17 (64-bit)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
[HEADING=1]Application errors:[/HEADING]
Error: (11/25/2016 02:37:40 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.

Error: (11/25/2016 02:37:40 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - The configuration registry database is corrupt.
for C:\Users\CEP Local 440\AppData\Local\Microsoft\Windows\UsrClass.dat

Error: (11/25/2016 02:37:40 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.

Error: (11/25/2016 02:37:40 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - The configuration registry database is corrupt.
for C:\Users\CEP Local 440\AppData\Local\Microsoft\Windows\UsrClass.dat

Error: (11/25/2016 02:36:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.

Error: (11/25/2016 02:36:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - The configuration registry database is corrupt.
for C:\Users\CEP Local 440\AppData\Local\Microsoft\Windows\UsrClass.dat

Error: (11/25/2016 02:36:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.

Error: (11/25/2016 02:36:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - The configuration registry database is corrupt.
for C:\Users\CEP Local 440\AppData\Local\Microsoft\Windows\UsrClass.dat

Error: (11/25/2016 01:06:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - The configuration registry database is corrupt.

Error: (11/25/2016 01:06:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - The configuration registry database is corrupt.
for C:\Users\CEP Local 440\AppData\Local\Microsoft\Windows\UsrClass.dat
[HEADING=1]System errors:[/HEADING]
Error: (11/25/2016 01:22:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070002: PlayReady Blue.

Error: (11/25/2016 01:22:45 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf9: PlayReady Blue.

Error: (11/25/2016 01:22:45 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070002: PlayReady Blue.

Error: (11/25/2016 01:22:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070002: WindowsPreview Kinect Blue.

Error: (11/25/2016 01:22:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf9: WindowsPreview Kinect Blue.

Error: (11/25/2016 01:22:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070002: WindowsPreview Kinect Blue.

Error: (11/25/2016 01:22:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf9: WindowsPreview Kinect Blue.

Error: (11/25/2016 01:22:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070002: WindowsPreview Kinect Blue.

Error: (11/25/2016 01:22:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070490: Xbox.

Error: (11/25/2016 01:22:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf9: Xbox.
[HEADING=1]CodeIntegrity:[/HEADING]
Date: 2016-11-25 08:42:39.151
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-25 08:42:39.125
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-25 08:42:39.094
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-25 08:42:31.459
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-25 08:42:31.374
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-24 19:36:01.661
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-24 19:36:01.619
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-24 19:36:01.584
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-24 19:35:55.915
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-11-24 19:35:55.822
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
Percentage of memory in use: 52%
Total physical RAM: 3998.92 MB
Available physical RAM: 1891.38 MB
Total Virtual: 4254.92 MB
Available Virtual: 1767.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:450.94 GB) (Free:328.09 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:14.53 GB) (Free:2.39 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (Size: 465.8 GB) (Disk ID: CF8A2BCB)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End of Addition.txt ============================

Thank You

[ul]
[li]Please post the Junkware Removal Tool Log… [/li]
[li]Uninstall the software below.[/li][/ul]

VaudiX (HKLM...{6C7F523F-A2A9-AE9E-4C75-EA8BB79C70C9}) (Version: 1.0 - )
McAfee Agent (HKLM-x32...{2AAB21C2-4CDA-4189-A0EC-5ED666113F84}) (Version: 4.5.0.1810 - McAfee, Inc.)

Update your software with Patch My PC
Run the Mcafee Removal Tool : Then Reboot computer.

Security Check Scan.

[ul]
[li]Download Security Check to your desktop.[/li][li]Right click it run as administrator.[/li][li]When the program completes, the tool will automatically open a log file.[/li][li]Please post that log here in your next post.[/li][/ul]

What issues remain the machine at this point?