Solved Malware or Possible Trogen Issue

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-11-2016
Ran by CEP Local 440 (25-11-2016 20:00:35) Run:3
Running from C:\Users\CEP Local 440\Desktop
Loaded Profiles: CEP Local 440 (Available Profiles: CEP Local 440 & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
Task: {0DAC725D-0371-4133-8AF6-D148198B0D4A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-04-08] ()
Task: {105CBCC4-5BD4-47EC-919F-698174BE6C5E} - System32\Tasks\SBWUpdateTask_Logon_d4e02148-1C659D0430C4 => C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2013-01-19] (Speedbit Ltd.) <==== ATTENTION
C:\Program Files (x86)\Common Files\Speedbit
C:\ProgramData\Premium\VaudiX\VaudiX.exe
C:\ProgramData\Premium
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2166376 2016-11-02] (Hola Networks Ltd.) <===== ATTENTION
C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
C:\Program Files (x86)\Kaspersky Lab
C: WINDOWS\System32\Tasks\Uninstaller_SkipUac_CEP_Local_440
C:\WINDOWS\Tasks\Uninstaller_SkipUac_CEP_Local_440.job
C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
C:\WINDOWS\System32\Tasks\ASC9_SkipUac_CEP Local 440
C:\WINDOWS\Tasks\ASC9_SkipUac_CEP Local 440.job
C:\WINDOWS\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5}.job
C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
FirewallRules: [{1F11BD5D-9CDA-4136-BB17-11759FEB6D09}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DA625BC8-20DA-4F96-B47A-3616BB97937C}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8C644734-5475-4DA6-B672-08496CD515EA}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6C306E7E-FA6E-4246-91D6-00F5ED2544EC}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7593305D-BBBF-4CCE-926B-B048B7563B94}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2D6CE001-C5BD-4ED4-9DD1-E5AE42D4EFB3}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CF80B1C2-A556-4548-981C-06CBE3BB5EAF}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{4860E4E0-5D78-4517-A910-FAB62566D6FA}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{CBDE96F0-6E14-4BF7-AFC6-241703E7FC90}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{E8F72EA0-BA09-4CBA-9F61-538AA9DBD4B9}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [293768 2016-07-16] (RealNetworks, Inc.)
Task: {1BC14874-2285-41BC-9C22-9381D778C8C7} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {24FF0670-A2EE-4FE7-9ADC-55ECDCC4A9E1} - System32\Tasks\SBWUpdateTask_Time_d4e02148-1C659D0430C4 => C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2013-01-19] (Speedbit Ltd.) <==== ATTENTION
Task: {25554AD1-5548-49F0-8550-EC465DD19366} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {27A76811-8CAB-4FB0-8E58-AE2F14D3523B} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {2D23301A-268D-4133-A615-B5D3B6436506} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {350B0464-18D2-43E5-98C5-C3267B33837D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {3E67C9DA-3818-4D54-937E-0B0166CD4C2A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {4295A246-F1FA-4C92-B703-C98313A8B679} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {45EACAAD-C12E-45DB-A0B7-C6968C44E73B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {462BC8C7-51E1-48D0-A779-3A14AC6127C0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {48ACB946-9171-45B5-875C-A86E243BEEC3} - System32\Tasks\Uninstaller_SkipUac_CEP_Local_440 => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {56F97E84-3191-45C9-A635-67E8EB4B5A12} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {689603CA-2D8F-42B1-8DFB-CEC176524B4B} - System32\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5} => C:\ProgramData\Premium\VaudiX\VaudiX.exe [2012-09-19] () <==== ATTENTION
Task: {6A1D0173-5E64-47B4-ABF4-B0905C3E7446} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {6A547488-E31C-4C6E-8EED-B98D6A8EE4DE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {78E36EFE-EDDE-417C-8CD5-5338C87D4A89} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {881641BF-0BE6-43B4-8EC8-60F5117C11FA} - System32\Tasks\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2015-10-27] (WiseCleaner.com)
Task: {8B2BDB30-21E5-4EAB-876D-714AA59072D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8F63C092-CD98-4DEF-91B5-ABF2B708ECD7} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2016-04-28] (WinZip Computing, S.L.)
Task: {9F98CCE2-E3BC-4C34-89FD-890FD85D2403} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2016-01-19] (WiseCleaner.COM)
Task: {A2829269-0700-45E1-BF90-7C8200090DB8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {C2311C6E-8DAA-4CBA-A2A9-C3D2DF6BE404} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2016-01-19] (WiseCleaner.COM)
Task: {E9CEC2AE-59CB-4E77-9459-C3A97851374F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-23] (Microsoft Corporation)
Task: {EFF885BD-E49F-4288-B019-FFDE6C4A683F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F6F549D5-4559-4DED-AFAB-9D5782549FD7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F8E99B3B-8FF9-44C4-AE06-046AAAD78217} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {F91C1C31-1776-45E9-8818-F155E0BB2786} - System32\Tasks\ASC9_SkipUac_CEP Local 440 => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {FA184C91-C5EF-4764-BAF0-F6D3FBE5E08A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {FF901301-441E-45AC-BDA9-F12D966A5533} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {FF9ACA87-4767-430C-861B-1D1765C88317} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\ASC9_SkipUac_CEP Local 440.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_CEP_Local_440.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5}.job => C:\ProgramData\Premium\VaudiX\VaudiX.exeC/schedule /profilepath C:\ProgramData\Premium\VaudiX\profile.ini <==== ATTENTION
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
ShortcutWithArgument: C:\Users\CEP Local 440\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\217f6a27d9c55787\Chromium.lnk -> C:\Program Files\Hola\app\chromium\hola_cr.exe (The Chromium Authors) -> --profile-directory=Default
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [134]
AlternateDataStreams: C:\ProgramData\Temp:553CA6CA [110]
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [128]
HKU\S-1-5-18\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
Winsock: Catalog9 01 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 02 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 03 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 04 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 05 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 06 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 07 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 08 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 09 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{7aacf0c7-f777-451d-935f-0dff73e93a81}: [DhcpNameServer] 192.168.2.1 192.168.2.1
ManualProxies:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON/4
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpl
SearchScopes: HKLM -> {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpl
SearchScopes: HKLM -> {4AF4DA01-B858-4617-AC1C-0E06F377629C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL =
SearchScopes: HKLM-x32 -> {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://search.imgag.com/?appid=wsdt&component=&c=GNWDO59900&sbs=2&sc=2&f=web&vernum=3.1.5.7620&uid=0&did=%7b35a80c04-0e82-4769-ab2e-d57b98cb7e3a%7d&q={searchTerms}
SearchScopes: HKLM-x32 -> {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpl
SearchScopes: HKLM-x32 -> {4AF4DA01-B858-4617-AC1C-0E06F377629C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL =
SearchScopes: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://search.imgag.com/?appid=wsdt&component=&c=GNWDO59900&sbs=2&sc=2&f=web&vernum=3.1.5.7620&uid=0&did=%7b35a80c04-0e82-4769-ab2e-d57b98cb7e3a%7d&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpl
SearchScopes: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Download Accelerator Plus Integration -> {FF6C3CF0-4B15-11D1-ABED-709549C10000} -> C:\Program Files (x86)\DAP\DAPIELoader64.dll [2011-03-24] (SpeedBit Ltd.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: No Name -> {669E08DA-2172-5F0B-4DEE-CFA670E3BC84} -> No File
BHO-x32: SpeedBit Link Verification Helper -> {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} -> C:\Program Files (x86)\DAP\LinkVerifier.dll [2012-12-10] (Speedbit Ltd.)
Toolbar: HKU\.DEFAULT -> No Name - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No File
Toolbar: HKU\.DEFAULT -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> No Name - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No File
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin HKU\S-1-5-21-1124643268-3595298339-4084894015-1000: @hola.org/vlc -> C:\Users\CEP Local 440\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-04-09] (Hola)
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3319613&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP8759D25A-7352-4FC4-8764-92A112E26A02&SSPV=
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3319613&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP8759D25A-7352-4FC4-8764-92A112E26A02&SSPV="
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=994519&p={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo.com search
CHR DefaultSuggestURL: Default -> hxxps://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Extension: (Download Accelerator Plus (DAP)) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb [2013-10-15] [UpdateUrl: hxxps://secure.speedbit.com/chrome/DAP/DAPChromeUpdate6.xml] <==== ATTENTION
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-11-17]
R2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [5622376 2016-11-02] (Hola Networks Ltd.) <==== ATTENTION
R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [8104576 2015-11-01] (Hola Networks Ltd.) <==== ATTENTION
R2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
S3 VideoAcceleratorService; C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe [277744 2013-01-19] (SpeedBit Ltd.)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
DisableService: Garmin Device Interaction Service
DisableService: HP Support Assistant Service
DisableService: LightScribeService
DisableService: LiveUpdateSvc
DisableService: REALPLAYERUPDATESVC
DisableService: RealTimes Desktop Service
DisableService: VideoAcceleratorService
2016-11-18 15:56 - 2016-11-18 15:56 - 00127637 _____ C:\Users\CEP Local 440\Desktop\how to remove Heur_Exploit.Script.Generic - Yahoo Search Results.html
2016-11-18 15:56 - 2016-11-18 15:56 - 00000000 ____D C:\Users\CEP Local 440\Desktop\how to remove Heur_Exploit.Script.Generic - Yahoo Search Results_files
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers





*****************

Restore point was successfully created.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DAC725D-0371-4133-8AF6-D148198B0D4A} => key not found.
C:\WINDOWS\System32\Tasks\GarminUpdaterTask => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GarminUpdaterTask => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{105CBCC4-5BD4-47EC-919F-698174BE6C5E} => key not found.
C:\WINDOWS\System32\Tasks\SBWUpdateTask_Logon_d4e02148-1C659D0430C4 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SBWUpdateTask_Logon_d4e02148-1C659D0430C4 => key not found.
"C:\Program Files (x86)\Common Files\Speedbit" => not found.
"C:\ProgramData\Premium\VaudiX\VaudiX.exe" => not found.
"C:\ProgramData\Premium" => not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\hola => value not found.
"C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll" => not found.
"C:\Program Files (x86)\Kaspersky Lab" => not found.
"C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_CEP_Local_440" => not found.
"C:\WINDOWS\Tasks\Uninstaller_SkipUac_CEP_Local_440.job" => not found.
"C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}" => not found.
"C:\WINDOWS\System32\Tasks\ASC9_SkipUac_CEP Local 440" => not found.
"C:\WINDOWS\Tasks\ASC9_SkipUac_CEP Local 440.job" => not found.
"C:\WINDOWS\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5}.job" => not found.
"C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log" => not found.
"C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log" => not found.
"C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log" => not found.
"C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log" => not found.
"C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log" => not found.
"C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log" => not found.
"C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log" => not found.
"C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log" => not found.
"C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log" => not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1F11BD5D-9CDA-4136-BB17-11759FEB6D09} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DA625BC8-20DA-4F96-B47A-3616BB97937C} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C644734-5475-4DA6-B672-08496CD515EA} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6C306E7E-FA6E-4246-91D6-00F5ED2544EC} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7593305D-BBBF-4CCE-926B-B048B7563B94} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D6CE001-C5BD-4ED4-9DD1-E5AE42D4EFB3} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CF80B1C2-A556-4548-981C-06CBE3BB5EAF} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4860E4E0-5D78-4517-A910-FAB62566D6FA} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CBDE96F0-6E14-4BF7-AFC6-241703E7FC90} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E8F72EA0-BA09-4CBA-9F61-538AA9DBD4B9} => value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\TkBellExe => value not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BC14874-2285-41BC-9C22-9381D778C8C7} => key not found.
C:\WINDOWS\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24FF0670-A2EE-4FE7-9ADC-55ECDCC4A9E1} => key not found.
C:\WINDOWS\System32\Tasks\SBWUpdateTask_Time_d4e02148-1C659D0430C4 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SBWUpdateTask_Time_d4e02148-1C659D0430C4 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25554AD1-5548-49F0-8550-EC465DD19366} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27A76811-8CAB-4FB0-8E58-AE2F14D3523B} => key not found.
C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D23301A-268D-4133-A615-B5D3B6436506} => key not found.
C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{350B0464-18D2-43E5-98C5-C3267B33837D} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E67C9DA-3818-4D54-937E-0B0166CD4C2A} => key not found.
C:\WINDOWS\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4295A246-F1FA-4C92-B703-C98313A8B679} => key not found.
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45EACAAD-C12E-45DB-A0B7-C6968C44E73B} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{462BC8C7-51E1-48D0-A779-3A14AC6127C0} => key not found.
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\PC Health Analysis => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48ACB946-9171-45B5-875C-A86E243BEEC3} => key not found.
C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_CEP_Local_440 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_CEP_Local_440 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56F97E84-3191-45C9-A635-67E8EB4B5A12} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{689603CA-2D8F-42B1-8DFB-CEC176524B4B} => key not found.
C:\WINDOWS\System32\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A1D0173-5E64-47B4-ABF4-B0905C3E7446} => key not found.
C:\WINDOWS\System32\Tasks\SmartDefrag3_Update => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag3_Update => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A547488-E31C-4C6E-8EED-B98D6A8EE4DE} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78E36EFE-EDDE-417C-8CD5-5338C87D4A89} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{881641BF-0BE6-43B4-8EC8-60F5117C11FA} => key not found.
C:\WINDOWS\System32\Tasks\WRCSkipUAC => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WRCSkipUAC => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B2BDB30-21E5-4EAB-876D-714AA59072D2} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F63C092-CD98-4DEF-91B5-ABF2B708ECD7} => key not found.
C:\WINDOWS\System32\Tasks\WinZipBackGroundToolsTask => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinZipBackGroundToolsTask => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F98CCE2-E3BC-4C34-89FD-890FD85D2403} => key not found.
C:\WINDOWS\System32\Tasks\Wise Turbo Checker => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Wise Turbo Checker => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2829269-0700-45E1-BF90-7C8200090DB8} => key not found.
C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2311C6E-8DAA-4CBA-A2A9-C3D2DF6BE404} => key not found.
C:\WINDOWS\System32\Tasks\Wise Turbo Checker.job => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Wise Turbo Checker.job => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9CEC2AE-59CB-4E77-9459-C3A97851374F} => key not found.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RemovalTools\MRT_HB => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFF885BD-E49F-4288-B019-FFDE6C4A683F} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6F549D5-4559-4DED-AFAB-9D5782549FD7} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8E99B3B-8FF9-44C4-AE06-046AAAD78217} => key not found.
C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F91C1C31-1776-45E9-8818-F155E0BB2786} => key not found.
C:\WINDOWS\System32\Tasks\ASC9_SkipUac_CEP Local 440 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC9_SkipUac_CEP Local 440 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA184C91-C5EF-4764-BAF0-F6D3FBE5E08A} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF901301-441E-45AC-BDA9-F12D966A5533} => key not found.
C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayerRealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF9ACA87-4767-430C-861B-1D1765C88317} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key not found.
C:\WINDOWS\Tasks\ASC9_SkipUac_CEP Local 440.job => not found.
C:\WINDOWS\Tasks\Uninstaller_SkipUac_CEP_Local_440.job => not found.
C:\WINDOWS\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5}.job => not found.
C:\WINDOWS\Tasks\Wise Turbo Checker.job => not found.
C:\Users\CEP Local 440\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\217f6a27d9c55787\Chromium.lnk => Shortcut argument removed successfully.
"C:\ProgramData\Temp" => ":373E1720" ADS not found.
"C:\ProgramData\Temp" => ":553CA6CA" ADS not found.
"C:\ProgramData\Temp" => ":56E2E879" ADS not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\KSS => value not found.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" => Value data not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => key not found.
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => key not found.
HKCR\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => key not found.
HKCR\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => key not found.
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => key not found.
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => key not found.
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => key not found.
HKCR\Wow6432Node\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => key not found.
HKCR\Wow6432Node\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => key not found.
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => key not found.
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
HKLM\SOFTWARE\Policies\Google => key not found.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009" => key removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7aacf0c7-f777-451d-935f-0dff73e93a81}\\DhcpNameServer => value removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKCR\CLSID\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKCR\CLSID\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4AF4DA01-B858-4617-AC1C-0E06F377629C} => key not found.
HKCR\CLSID\{4AF4DA01-B858-4617-AC1C-0E06F377629C} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} => key not found.
HKCR\Wow6432Node\CLSID\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKCR\Wow6432Node\CLSID\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{4AF4DA01-B858-4617-AC1C-0E06F377629C} => key not found.
HKCR\Wow6432Node\CLSID\{4AF4DA01-B858-4617-AC1C-0E06F377629C} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} => key not found.
HKCR\CLSID\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKCR\CLSID\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} => key not found.
HKCR\CLSID\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} => key not found.
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKCR\CLSID\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000} => key not found.
HKCR\CLSID\{FF6C3CF0-4B15-11D1-ABED-709549C10000} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} => key not found.
HKCR\Wow6432Node\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{669E08DA-2172-5F0B-4DEE-CFA670E3BC84} => key not found.
HKCR\Wow6432Node\CLSID\{669E08DA-2172-5F0B-4DEE-CFA670E3BC84} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} => key not found.
HKCR\Wow6432Node\CLSID\{D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} => key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} => value not found.
HKCR\CLSID\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} => key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => value not found.
HKCR\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value not found.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => value not found.
HKCR\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => key not found.
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value not found.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} => value not found.
HKCR\CLSID\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{0E5F0222-96B9-11D3-8997-00104BD12D94} => key not found.
HKCR\Wow6432Node\CLSID\{0E5F0222-96B9-11D3-8997-00104BD12D94} => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3 => key not found.
C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9 => key not found.
C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll => not found.
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\MozillaPlugins\@hola.org/vlc => key not found.
C:\Users\CEP Local 440\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll => not found.
Chrome HomePage => not found.
Chrome StartupUrls => not found.
Chrome DefaultSearchURL => not found.
Chrome DefaultSearchKeyword => not found.
Chrome DefaultSuggestURL => not found.
C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb <==== ATTENTION => not found
C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio => moved successfully
hola_svc => service not found.
hola_updater => service not found.
kss => service not found.
VideoAcceleratorService => service not found.
idsvc => service not found.
wfpcapture => service not found.
wpcsvc => service not found.
Garmin Device Interaction Service => service was disabled
HP Support Assistant Service => service was disabled
LightScribeService => not found.
LiveUpdateSvc => service was disabled
REALPLAYERUPDATESVC => service was disabled
RealTimes Desktop Service => service was disabled
VideoAcceleratorService => not found.
"C:\Users\CEP Local 440\Desktop\how to remove Heur_Exploit.Script.Generic - Yahoo Search Results.html" => not found.
"C:\Users\CEP Local 440\Desktop\how to remove Heur_Exploit.Script.Generic - Yahoo Search Results_files" => not found.

========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.



========= End of Reg: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========


========= netsh advfirewall reset =========

Ok.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Ok.


========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= netsh int ip reset c:\resetlog.txt =========

Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= ipconfig /release =========


Windows IP Configuration

No operation can be performed on Local Area Connection while it has its media disconnected.
No operation can be performed on Local Area Connection* 2 while it has its media disconnected.

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::bc01:ae8d:c3e0:9276%5
Default Gateway . . . . . . . . . :

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:3889:1309:9c3f:e205
Link-local IPv6 Address . . . . . : fe80::3889:1309:9c3f:e205%7
Default Gateway . . . . . . . . . : ::

========= End of CMD: =========


========= ipconfig /renew =========


Windows IP Configuration

No operation can be performed on Local Area Connection while it has its media disconnected.
No operation can be performed on Local Area Connection* 2 while it has its media disconnected.

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::bc01:ae8d:c3e0:9276%5
IPv4 Address. . . . . . . . . . . : 192.168.2.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1

Tunnel adapter isatap.{7AACF0C7-F777-451D-935F-0DFF73E93A81}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:204d:fdb:9c3f:e205
Link-local IPv6 Address . . . . . : fe80::204d:fdb:9c3f:e205%7
Default Gateway . . . . . . . . . : ::

========= End of CMD: =========


========= netsh int ipv4 reset =========

Resetting Interface, OK!
Resetting , failed.
Access is denied.

Restart the computer to complete this action.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.8.10240 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7524729 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => -112219 B
Edge => 0 B
Chrome => 46714901 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
CEP Local 440 => 3402440 B
DefaultAppPool => 0 B

RecycleBin => 130120922 B
EmptyTemp: => 179 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:04:11 ====

Malnutrition said:

• Please post the Junkware Removal Tool Log...
  
• Uninstall the software below.

VaudiX (HKLM\...\{6C7F523F-A2A9-AE9E-4C75-EA8BB79C70C9}) (Version: 1.0 - )
McAfee Agent (HKLM-x32\...\{2AAB21C2-4CDA-4189-A0EC-5ED666113F84}) (Version: 4.5.0.1810 - McAfee, Inc.)

Update your software with Patch My PC
Run the Mcafee Removal Tool : Then Reboot computer.



Security Check Scan.

• Download Security Check to your desktop.
• Right click it run as administrator.
• When the program completes, the tool will automatically open a log file.
• Please post that log here in your next post.

What issues remain the machine at this point?

Click to expand...

SecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16]
WebSite: www.safezone.cc
DateLog: 25.11.2016 21:45:42
Path starting: C:\Users\CEP Local 440\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: CEP Local 440
VersionXML: 3.54is-25.11.2016
___________________________________________________________________________

Windows 10(6.3.10240) (x64) Core Lang: English(0409)
Installation date OS: 25.10.2015 14:38:35
LicenseStatus: Windows(R), Core edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.EXE
SystemDrive: C: FS: [NTFS] Capacity: [450.9 Gb] Used: [125.6 Gb] Free: [325.3 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.10240.16841 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Automatically download and schedule installation
Windows Update (wuauserv) - The service has stopped
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
World Wide Web Publishing Service (W3SVC) - The service is running
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office XP v.10.0.6626.0
Microsoft Office 2003 v.11.0.8173.0
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and up to date)
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
Zemana AntiMalware v.2.60.1
--------------------------- [ OtherUtilities ] ----------------------------
7-Zip 16.04 (x64 edition) v.16.04.00.0
Microsoft Silverlight v.5.1.50901.0
7-Zip 16.02 v.16.02 Warning! Download Update
Uninstall old version and install new one.
DivX Setup v.2.6.1.90
--------------------------- [ AppleProduction ] ---------------------------
iTunes v.12.5.3.16 Warning! Download Update
^Please use Apple Software Update tool.^
Bonjour v.3.1.0.1
Bonjour Service (Bonjour Service) - The service is running
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.23.0.0.257
Adobe Shockwave Player 12.2 v.12.2.5.195
Adobe Acrobat Reader DC v.15.020.20042
Adobe Shockwave Player v.11.5.1.601 Warning! Download Update
------------------------------- [ Browser ] -------------------------------
Google Chrome v.54.0.2840.99
----------------------------- [ EmailClient ] -----------------------------
Windows Live Mail v.15.4.3502.0922
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.54.0.2840.99
------------------ [ AntivirusFirewallProcessServices ] -------------------
MBAMService (MBAMService) - The service has stopped
McAfee Validation Trust Protection Service (mfevtp) - The service is running
C:\WINDOWS\System32\mfevtps.exe v.0.0.0.0
C:\Program Files\Windows Defender\MsMpEng.exe v.4.8.10240.16384
C:\Program Files\Windows Defender\MpCmdRun.exe v.4.8.10240.16384
C:\Program Files\Windows Defender\NisSrv.exe v.4.8.10240.16384
Windows Defender Service (WinDefend) - The service is running
Windows Defender Network Inspection Service (WdNisSvc) - The service is running
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.0.0.0.0
---------------------------- [ UnwantedApps ] -----------------------------
FATE v.2.2.0.82 << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------

Here is the file again.
The first time I don't think it was ran as administrator.
Thanks again.
SecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16]
WebSite: www.safezone.cc
DateLog: 25.11.2016 21:54:34
Path starting: C:\Users\CEP Local 440\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: CEP Local 440
VersionXML: 3.54is-25.11.2016
___________________________________________________________________________

Windows 10(6.3.10240) (x64) Core Lang: English(0409)
Installation date OS: 25.10.2015 14:38:35
LicenseStatus: Windows(R), Core edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.EXE
SystemDrive: C: FS: [NTFS] Capacity: [450.9 Gb] Used: [125.6 Gb] Free: [325.3 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.10240.16841 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Automatically download and schedule installation
Windows Update (wuauserv) - The service has stopped
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
World Wide Web Publishing Service (W3SVC) - The service is running
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office XP v.10.0.6626.0
Microsoft Office 2003 v.11.0.8173.0
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and up to date)
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
Zemana AntiMalware v.2.60.1
--------------------------- [ OtherUtilities ] ----------------------------
7-Zip 16.04 (x64 edition) v.16.04.00.0
Microsoft Silverlight v.5.1.50901.0
7-Zip 16.02 v.16.02 Warning! Download Update
Uninstall old version and install new one.
DivX Setup v.2.6.1.90
--------------------------- [ AppleProduction ] ---------------------------
iTunes v.12.5.3.16 Warning! Download Update
^Please use Apple Software Update tool.^
Bonjour v.3.1.0.1
Bonjour Service (Bonjour Service) - The service is running
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.23.0.0.257
Adobe Shockwave Player 12.2 v.12.2.5.195
Adobe Acrobat Reader DC v.15.020.20042
Adobe Shockwave Player v.11.5.1.601 Warning! Download Update
------------------------------- [ Browser ] -------------------------------
Google Chrome v.54.0.2840.99
----------------------------- [ EmailClient ] -----------------------------
Windows Live Mail v.15.4.3502.0922
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.54.0.2840.99
------------------ [ AntivirusFirewallProcessServices ] -------------------
MBAMService (MBAMService) - The service has stopped
McAfee Validation Trust Protection Service (mfevtp) - The service is running
C:\WINDOWS\System32\mfevtps.exe v.0.0.0.0
C:\Program Files\Windows Defender\MsMpEng.exe v.4.8.10240.16384
C:\Program Files\Windows Defender\MpCmdRun.exe v.4.8.10240.16384
C:\Program Files\Windows Defender\NisSrv.exe v.4.8.10240.16384
Windows Defender Service (WinDefend) - The service is running
Windows Defender Network Inspection Service (WdNisSvc) - The service is running
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.0.0.0.0
---------------------------- [ UnwantedApps ] -----------------------------
FATE v.2.2.0.82 << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------

Here is the 9 Lab log file.
Thanks.

Adaware Log;
[-] Deleted ->> File ->> C:\Program Files (x86)\Common Files\L&H\SpeechEngines\1033\TTS\TTS3000\ENUTEMPP.DLL
[-] Deleted ->> File ->> C:\Users\CEP Local 440\Appdata\LocalLow\Microsoft\Internet Explorer\Services\search_{7F4EFF06-7032-458e-AE16-1C1D8255C28A}.ico
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}\ <RegValue:> AppName <RegData:> TbHelper2.exe : TbHelper2.exe
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppPath <RegData:> C:\Program Files (x86)\ConduitEngine : C:\Program Files (x86)\ConduitEngine
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppName <RegData:> ConduitEngineHelper.exe : ConduitEngineHelper.exe
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppPath <RegData:> C:\Program Files (x86)\ConduitEngine : C:\Program Files (x86)\ConduitEngine
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}\ <RegValue:> AppName <RegData:> TbHelper2.exe : TbHelper2.exe
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppPath <RegData:> C:\Program Files (x86)\ConduitEngine : C:\Program Files (x86)\ConduitEngine
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppName <RegData:> ConduitEngineHelper.exe : ConduitEngineHelper.exe
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppPath <RegData:> C:\Program Files (x86)\ConduitEngine : C:\Program Files (x86)\ConduitEngine
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}\ <RegValue:> AppName <RegData:> TbHelper2.exe : TbHelper2.exe
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppPath <RegData:> C:\Program Files (x86)\ConduitEngine : C:\Program Files (x86)\ConduitEngine
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppName <RegData:> ConduitEngineHelper.exe : ConduitEngineHelper.exe
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppPath <RegData:> C:\Program Files (x86)\ConduitEngine : C:\Program Files (x86)\ConduitEngine
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}\ <RegValue:> AppName <RegData:> TbHelper2.exe : TbHelper2.exe
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppPath <RegData:> C:\Program Files (x86)\ConduitEngine : C:\Program Files (x86)\ConduitEngine
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppName <RegData:> ConduitEngineHelper.exe : ConduitEngineHelper.exe
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppPath <RegData:> C:\Program Files (x86)\ConduitEngine : C:\Program Files (x86)\ConduitEngine
[-] Repaired ->> File ->> C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Preferences
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\Software\AppDataLow\Software\Smartbar
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\Software\AppDataLow\Software\TelevisionFanaticEI
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mypcbackup.com
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\televisionfanatic.com
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\weatherblink.com
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\taphss
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\taphss
Thanks

Good Morning:
I downloaded the ZHP Scan.
I ran the scanner. The program found 82 issues. When I attempted to push the repair button the program appeared to be stalled and it wouldn't continue. I closed the program and ran it again 3 more times with the same results.
Any suggestions?

Regards,
P

Get Everything Search;

C:\Program Files (x86)\Common Files\McAfee
C:\Program Files\Common Files\McAfee
C:\ProgramData\McAfee
C:\Users\Default\AppData\Roaming\McAfee
C:\Users\DefaultAppPool\AppData\Roaming\McAfee
C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\McAfee
C:\Program Files (x86)\Hewlett-Packard\HP Setup\Assets\mcafee.png
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\ar\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\bg\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\cs\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\da\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\de\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\el\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\en\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\en_gb\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\es\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\es_es_es\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\et\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\fi\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\fr\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\fr_ca\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\he\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\hr\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\hu\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\it\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\ja\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\ko\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\lt\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\lv\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\nb\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\nl\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\nn\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\pl\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\pt\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\pt_br\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\ro\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\ru\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\sk\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\sl\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\sr\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\sv\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\th\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\tr\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\uk\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\zh\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\zh_hk_hk\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\zh_tw_tw\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml

One at a time!
...there were no files listed

Hola Speedbit VaudiX C: Windows...
...there were no files listed

As yet, since I used the "Reset Browser" program I haven't experienced any pop ups. So I am very pleased with that.
(Thanks)

Here is the next program.
After I ran the last program, (ZHPDiag) there was a report saying that there were 4 issues but it wouldn't allow me to copy them to show you what they were.
~ ZHPDiag v2016.11.28.232 By Nicolas Coolman (2016/11/28)
~ Run by CEP Local 440 (Administrator) (2016/11/29 13:33:46)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\CEP Local 440\Desktop\ZHPDiag.txt
~ Report: C:\Users\CEP Local 440\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Home, 64-bit (Build 10240)

Thanks again,
P

After I ran the ZHPDiag program. As I mentioned before a log came up saying the following;
Items found at your station; 4
Superflous.SlimWare Utilities
Heuristic.Suspect
Pup.Optional. Install Converter
Superflous.Tarma.

Thanks again