Solved Malware or Possible Trogen Issue

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  • Hello everyone We want to personally apologize to everyone for the downtime that we've experienced. We are working to get everything back up as quickly as possible. Due to the issues we've had, your password will need to be reset. Please click the button that says "Forgot Your Password" and change it. We are working to have things back to normal. Emails are fixed and should now send properly. Thank you all for your patience. Thanks, PCHF Management
Status
Not open for further replies.
9-Lab Scan.



  • Download 9-Lab Removal Tool.
  • CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
  • Install the program onto your computer, then right click the icon run as administrator.
  • Update the program and then run a full scan!
  • Make sure the program updates, might be better to install it update reboot and check for updates again.
  • You need to make sure the database updates!!!
  • Upon Scan Completion Click on Show Results.
  • Then Click On Clean
  • Then Click on Save Log.
  • Save it to your desktop, copy and paste the contents of the log here in your next reply.
 
Fix result of Farbar Recovery Scan Tool (x64) Version: 23-11-2016
Ran by CEP Local 440 (25-11-2016 20:00:35) Run:3
Running from C:\Users\CEP Local 440\Desktop
Loaded Profiles: CEP Local 440 (Available Profiles: CEP Local 440 & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
Task: {0DAC725D-0371-4133-8AF6-D148198B0D4A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-04-08] ()
Task: {105CBCC4-5BD4-47EC-919F-698174BE6C5E} - System32\Tasks\SBWUpdateTask_Logon_d4e02148-1C659D0430C4 => C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2013-01-19] (Speedbit Ltd.) <==== ATTENTION
C:\Program Files (x86)\Common Files\Speedbit
C:\ProgramData\Premium\VaudiX\VaudiX.exe
C:\ProgramData\Premium
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2166376 2016-11-02] (Hola Networks Ltd.) <===== ATTENTION
C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
C:\Program Files (x86)\Kaspersky Lab
C: WINDOWS \System32\Tasks\Uninstaller_SkipUac_CEP_Local_440
C:\WINDOWS\Tasks\Uninstaller_SkipUac_CEP_Local_440.job
C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
C:\WINDOWS\System32\Tasks\ASC9_SkipUac_CEP Local 440
C:\WINDOWS\Tasks\ASC9_SkipUac_CEP Local 440.job
C:\WINDOWS\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5}.job
C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
FirewallRules: [{1F11BD5D-9CDA-4136-BB17-11759FEB6D09}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DA625BC8-20DA-4F96-B47A-3616BB97937C}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8C644734-5475-4DA6-B672-08496CD515EA}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6C306E7E-FA6E-4246-91D6-00F5ED2544EC}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7593305D-BBBF-4CCE-926B-B048B7563B94}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2D6CE001-C5BD-4ED4-9DD1-E5AE42D4EFB3}] => (Allow) C:\Users\CEP Local 440\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CF80B1C2-A556-4548-981C-06CBE3BB5EAF}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{4860E4E0-5D78-4517-A910-FAB62566D6FA}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{CBDE96F0-6E14-4BF7-AFC6-241703E7FC90}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{E8F72EA0-BA09-4CBA-9F61-538AA9DBD4B9}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [293768 2016-07-16] (RealNetworks, Inc.)
Task: {1BC14874-2285-41BC-9C22-9381D778C8C7} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {24FF0670-A2EE-4FE7-9ADC-55ECDCC4A9E1} - System32\Tasks\SBWUpdateTask_Time_d4e02148-1C659D0430C4 => C:\Program Files (x86)\Common Files\Speedbit\SbUpdate\SBUpdate.exe [2013-01-19] (Speedbit Ltd.) <==== ATTENTION
Task: {25554AD1-5548-49F0-8550-EC465DD19366} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {27A76811-8CAB-4FB0-8E58-AE2F14D3523B} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {2D23301A-268D-4133-A615-B5D3B6436506} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {350B0464-18D2-43E5-98C5-C3267B33837D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {3E67C9DA-3818-4D54-937E-0B0166CD4C2A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {4295A246-F1FA-4C92-B703-C98313A8B679} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {45EACAAD-C12E-45DB-A0B7-C6968C44E73B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {462BC8C7-51E1-48D0-A779-3A14AC6127C0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {48ACB946-9171-45B5-875C-A86E243BEEC3} - System32\Tasks\Uninstaller_SkipUac_CEP_Local_440 => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {56F97E84-3191-45C9-A635-67E8EB4B5A12} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {689603CA-2D8F-42B1-8DFB-CEC176524B4B} - System32\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5} => C:\ProgramData\Premium\VaudiX\VaudiX.exe [2012-09-19] () <==== ATTENTION
Task: {6A1D0173-5E64-47B4-ABF4-B0905C3E7446} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {6A547488-E31C-4C6E-8EED-B98D6A8EE4DE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {78E36EFE-EDDE-417C-8CD5-5338C87D4A89} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {881641BF-0BE6-43B4-8EC8-60F5117C11FA} - System32\Tasks\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2015-10-27] (WiseCleaner.com)
Task: {8B2BDB30-21E5-4EAB-876D-714AA59072D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8F63C092-CD98-4DEF-91B5-ABF2B708ECD7} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2016-04-28] (WinZip Computing, S.L.)
Task: {9F98CCE2-E3BC-4C34-89FD-890FD85D2403} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2016-01-19] (WiseCleaner.COM)
Task: {A2829269-0700-45E1-BF90-7C8200090DB8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {C2311C6E-8DAA-4CBA-A2A9-C3D2DF6BE404} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2016-01-19] (WiseCleaner.COM)
Task: {E9CEC2AE-59CB-4E77-9459-C3A97851374F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-23] (Microsoft Corporation)
Task: {EFF885BD-E49F-4288-B019-FFDE6C4A683F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F6F549D5-4559-4DED-AFAB-9D5782549FD7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F8E99B3B-8FF9-44C4-AE06-046AAAD78217} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {F91C1C31-1776-45E9-8818-F155E0BB2786} - System32\Tasks\ASC9_SkipUac_CEP Local 440 => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {FA184C91-C5EF-4764-BAF0-F6D3FBE5E08A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {FF901301-441E-45AC-BDA9-F12D966A5533} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {FF9ACA87-4767-430C-861B-1D1765C88317} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\ASC9_SkipUac_CEP Local 440.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_CEP_Local_440.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\WINDOWS\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5}.job => C:\ProgramData\Premium\VaudiX\VaudiX.exeC/schedule /profilepath C:\ProgramData\Premium\VaudiX\profile.ini <==== ATTENTION
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
ShortcutWithArgument: C:\Users\CEP Local 440\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\217f6a27d9c55787\Chromium.lnk -> C:\Program Files\Hola\app\chromium\hola_cr.exe (The Chromium Authors) -> --profile-directory=Default
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [134]
AlternateDataStreams: C:\ProgramData\Temp:553CA6CA [110]
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [128]
HKU\S-1-5-18\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
Winsock: Catalog9 01 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 02 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 03 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 04 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 05 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 06 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 07 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 08 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Winsock: Catalog9 09 C:\Program Files (x86)\SpeedBit Video Accelerator\LSP3.3.6.3\SBLSP.dll [174832 2013-01-19] (SPEEDbit)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{7aacf0c7-f777-451d-935f-0dff73e93a81}: [DhcpNameServer] 192.168.2.1 192.168.2.1
ManualProxies:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON/4
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpl
SearchScopes: HKLM -> {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpl
SearchScopes: HKLM -> {4AF4DA01-B858-4617-AC1C-0E06F377629C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL =
SearchScopes: HKLM-x32 -> {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://search.imgag.com/?appid=wsdt&component=&c=GNWDO59900&sbs=2&sc=2&f=web&vernum=3.1.5.7620&uid=0&did=%7b35a80c04-0e82-4769-ab2e-d57b98cb7e3a%7d&q={searchTerms}
SearchScopes: HKLM-x32 -> {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpl
SearchScopes: HKLM-x32 -> {4AF4DA01-B858-4617-AC1C-0E06F377629C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL =
SearchScopes: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://search.imgag.com/?appid=wsdt&component=&c=GNWDO59900&sbs=2&sc=2&f=web&vernum=3.1.5.7620&uid=0&did=%7b35a80c04-0e82-4769-ab2e-d57b98cb7e3a%7d&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> {2D9F3B71-F660-4605-9BC3-6EDF3782FA70} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpl
SearchScopes: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Download Accelerator Plus Integration -> {FF6C3CF0-4B15-11D1-ABED-709549C10000} -> C:\Program Files (x86)\DAP\DAPIELoader64.dll [2011-03-24] (SpeedBit Ltd.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: No Name -> {669E08DA-2172-5F0B-4DEE-CFA670E3BC84} -> No File
BHO-x32: SpeedBit Link Verification Helper -> {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} -> C:\Program Files (x86)\DAP\LinkVerifier.dll [2012-12-10] (Speedbit Ltd.)
Toolbar: HKU\.DEFAULT -> No Name - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No File
Toolbar: HKU\.DEFAULT -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
Toolbar: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1124643268-3595298339-4084894015-1000 -> No Name - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No File
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin HKU\S-1-5-21-1124643268-3595298339-4084894015-1000: @hola.org/vlc -> C:\Users\CEP Local 440\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-04-09] (Hola)
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3319613&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP8759D25A-7352-4FC4-8764-92A112E26A02&SSPV=
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3319613&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP8759D25A-7352-4FC4-8764-92A112E26A02&SSPV="
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=994519&p={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo.com search
CHR DefaultSuggestURL: Default -> hxxps://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Extension: (Download Accelerator Plus (DAP)) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb [2013-10-15] [UpdateUrl: hxxps://secure.speedbit.com/chrome/DAP/DAPChromeUpdate6.xml] <==== ATTENTION
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-11-17]
R2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [5622376 2016-11-02] (Hola Networks Ltd.) <==== ATTENTION
R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [8104576 2015-11-01] (Hola Networks Ltd.) <==== ATTENTION
R2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
S3 VideoAcceleratorService; C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe [277744 2013-01-19] (SpeedBit Ltd.)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
DisableService: Garmin Device Interaction Service
DisableService: HP Support Assistant Service
DisableService: LightScribeService
DisableService: LiveUpdateSvc
DisableService: REALPLAYERUPDATESVC
DisableService: RealTimes Desktop Service
DisableService: VideoAcceleratorService
2016-11-18 15:56 - 2016-11-18 15:56 - 00127637 _____ C:\Users\CEP Local 440\Desktop\how to remove Heur_Exploit.Script.Generic - Yahoo Search Results.html
2016-11-18 15:56 - 2016-11-18 15:56 - 00000000 ____D C:\Users\CEP Local 440\Desktop\how to remove Heur_Exploit.Script.Generic - Yahoo Search Results_files
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers





*****************

Restore point was successfully created.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0DAC725D-0371-4133-8AF6-D148198B0D4A} => key not found.
C:\WINDOWS\System32\Tasks\GarminUpdaterTask => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GarminUpdaterTask => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{105CBCC4-5BD4-47EC-919F-698174BE6C5E} => key not found.
C:\WINDOWS\System32\Tasks\SBWUpdateTask_Logon_d4e02148-1C659D0430C4 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SBWUpdateTask_Logon_d4e02148-1C659D0430C4 => key not found.
"C:\Program Files (x86)\Common Files\Speedbit" => not found.
"C:\ProgramData\Premium\VaudiX\VaudiX.exe" => not found.
"C:\ProgramData\Premium" => not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\hola => value not found.
"C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll" => not found.
"C:\Program Files (x86)\Kaspersky Lab" => not found.
"C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_CEP_Local_440" => not found.
"C:\WINDOWS\Tasks\Uninstaller_SkipUac_CEP_Local_440.job" => not found.
"C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}" => not found.
"C:\WINDOWS\System32\Tasks\ASC9_SkipUac_CEP Local 440" => not found.
"C:\WINDOWS\Tasks\ASC9_SkipUac_CEP Local 440.job" => not found.
"C:\WINDOWS\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5}.job" => not found.
"C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log" => not found.
"C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log" => not found.
"C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log" => not found.
"C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log" => not found.
"C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log" => not found.
"C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log" => not found.
"C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log" => not found.
"C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log" => not found.
"C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log" => not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1F11BD5D-9CDA-4136-BB17-11759FEB6D09} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DA625BC8-20DA-4F96-B47A-3616BB97937C} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C644734-5475-4DA6-B672-08496CD515EA} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6C306E7E-FA6E-4246-91D6-00F5ED2544EC} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7593305D-BBBF-4CCE-926B-B048B7563B94} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D6CE001-C5BD-4ED4-9DD1-E5AE42D4EFB3} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CF80B1C2-A556-4548-981C-06CBE3BB5EAF} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4860E4E0-5D78-4517-A910-FAB62566D6FA} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CBDE96F0-6E14-4BF7-AFC6-241703E7FC90} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E8F72EA0-BA09-4CBA-9F61-538AA9DBD4B9} => value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\TkBellExe => value not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BC14874-2285-41BC-9C22-9381D778C8C7} => key not found.
C:\WINDOWS\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24FF0670-A2EE-4FE7-9ADC-55ECDCC4A9E1} => key not found.
C:\WINDOWS\System32\Tasks\SBWUpdateTask_Time_d4e02148-1C659D0430C4 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SBWUpdateTask_Time_d4e02148-1C659D0430C4 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25554AD1-5548-49F0-8550-EC465DD19366} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27A76811-8CAB-4FB0-8E58-AE2F14D3523B} => key not found.
C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D23301A-268D-4133-A615-B5D3B6436506} => key not found.
C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{350B0464-18D2-43E5-98C5-C3267B33837D} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E67C9DA-3818-4D54-937E-0B0166CD4C2A} => key not found.
C:\WINDOWS\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4295A246-F1FA-4C92-B703-C98313A8B679} => key not found.
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45EACAAD-C12E-45DB-A0B7-C6968C44E73B} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{462BC8C7-51E1-48D0-A779-3A14AC6127C0} => key not found.
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\PC Health Analysis => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48ACB946-9171-45B5-875C-A86E243BEEC3} => key not found.
C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_CEP_Local_440 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_CEP_Local_440 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56F97E84-3191-45C9-A635-67E8EB4B5A12} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{689603CA-2D8F-42B1-8DFB-CEC176524B4B} => key not found.
C:\WINDOWS\System32\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5} => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A1D0173-5E64-47B4-ABF4-B0905C3E7446} => key not found.
C:\WINDOWS\System32\Tasks\SmartDefrag3_Update => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartDefrag3_Update => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A547488-E31C-4C6E-8EED-B98D6A8EE4DE} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78E36EFE-EDDE-417C-8CD5-5338C87D4A89} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{881641BF-0BE6-43B4-8EC8-60F5117C11FA} => key not found.
C:\WINDOWS\System32\Tasks\WRCSkipUAC => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WRCSkipUAC => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B2BDB30-21E5-4EAB-876D-714AA59072D2} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F63C092-CD98-4DEF-91B5-ABF2B708ECD7} => key not found.
C:\WINDOWS\System32\Tasks\WinZipBackGroundToolsTask => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinZipBackGroundToolsTask => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F98CCE2-E3BC-4C34-89FD-890FD85D2403} => key not found.
C:\WINDOWS\System32\Tasks\Wise Turbo Checker => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Wise Turbo Checker => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2829269-0700-45E1-BF90-7C8200090DB8} => key not found.
C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2311C6E-8DAA-4CBA-A2A9-C3D2DF6BE404} => key not found.
C:\WINDOWS\System32\Tasks\Wise Turbo Checker.job => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Wise Turbo Checker.job => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9CEC2AE-59CB-4E77-9459-C3A97851374F} => key not found.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RemovalTools\MRT_HB => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFF885BD-E49F-4288-B019-FFDE6C4A683F} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6F549D5-4559-4DED-AFAB-9D5782549FD7} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8E99B3B-8FF9-44C4-AE06-046AAAD78217} => key not found.
C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F91C1C31-1776-45E9-8818-F155E0BB2786} => key not found.
C:\WINDOWS\System32\Tasks\ASC9_SkipUac_CEP Local 440 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC9_SkipUac_CEP Local 440 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA184C91-C5EF-4764-BAF0-F6D3FBE5E08A} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF901301-441E-45AC-BDA9-F12D966A5533} => key not found.
C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayerRealUpgradeLogonTaskS-1-5-21-1124643268-3595298339-4084894015-1000 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF9ACA87-4767-430C-861B-1D1765C88317} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key not found.
C:\WINDOWS\Tasks\ASC9_SkipUac_CEP Local 440.job => not found.
C:\WINDOWS\Tasks\Uninstaller_SkipUac_CEP_Local_440.job => not found.
C:\WINDOWS\Tasks\VaudiXUpdaterTask{8641A371-5391-4413-ADCA-0BED20AE0CE5}.job => not found.
C:\WINDOWS\Tasks\Wise Turbo Checker.job => not found.
C:\Users\CEP Local 440\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\217f6a27d9c55787\Chromium.lnk => Shortcut argument removed successfully.
"C:\ProgramData\Temp" => ":373E1720" ADS not found.
"C:\ProgramData\Temp" => ":553CA6CA" ADS not found.
"C:\ProgramData\Temp" => ":56E2E879" ADS not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\KSS => value not found.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" => Value data not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => key not found.
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => key not found.
HKCR\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => key not found.
HKCR\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => key not found.
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => key not found.
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => key not found.
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => key not found.
HKCR\Wow6432Node\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => key not found.
HKCR\Wow6432Node\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => key not found.
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => key not found.
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
HKLM\SOFTWARE\Policies\Google => key not found.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008" => key removed successfully
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009" => key removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7aacf0c7-f777-451d-935f-0dff73e93a81}\\DhcpNameServer => value removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKCR\CLSID\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKCR\CLSID\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4AF4DA01-B858-4617-AC1C-0E06F377629C} => key not found.
HKCR\CLSID\{4AF4DA01-B858-4617-AC1C-0E06F377629C} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} => key not found.
HKCR\Wow6432Node\CLSID\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKCR\Wow6432Node\CLSID\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{4AF4DA01-B858-4617-AC1C-0E06F377629C} => key not found.
HKCR\Wow6432Node\CLSID\{4AF4DA01-B858-4617-AC1C-0E06F377629C} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} => key not found.
HKCR\CLSID\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKCR\CLSID\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} => key not found.
HKCR\CLSID\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} => key not found.
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKCR\CLSID\{2D9F3B71-F660-4605-9BC3-6EDF3782FA70} => key not found.
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000} => key not found.
HKCR\CLSID\{FF6C3CF0-4B15-11D1-ABED-709549C10000} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} => key not found.
HKCR\Wow6432Node\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{669E08DA-2172-5F0B-4DEE-CFA670E3BC84} => key not found.
HKCR\Wow6432Node\CLSID\{669E08DA-2172-5F0B-4DEE-CFA670E3BC84} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} => key not found.
HKCR\Wow6432Node\CLSID\{D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} => key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} => value not found.
HKCR\CLSID\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} => key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => value not found.
HKCR\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value not found.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => value not found.
HKCR\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => key not found.
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value not found.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} => value not found.
HKCR\CLSID\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{0E5F0222-96B9-11D3-8997-00104BD12D94} => key not found.
HKCR\Wow6432Node\CLSID\{0E5F0222-96B9-11D3-8997-00104BD12D94} => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3 => key not found.
C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll => not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9 => key not found.
C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll => not found.
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\Software\MozillaPlugins\@hola.org/vlc => key not found.
C:\Users\CEP Local 440\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll => not found.
Chrome HomePage => not found.
Chrome StartupUrls => not found.
Chrome DefaultSearchURL => not found.
Chrome DefaultSearchKeyword => not found.
Chrome DefaultSuggestURL => not found.
C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb <==== ATTENTION => not found
C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio => moved successfully
hola_svc => service not found.
hola_updater => service not found.
kss => service not found.
VideoAcceleratorService => service not found.
idsvc => service not found.
wfpcapture => service not found.
wpcsvc => service not found.
Garmin Device Interaction Service => service was disabled
HP Support Assistant Service => service was disabled
LightScribeService => not found.
LiveUpdateSvc => service was disabled
REALPLAYERUPDATESVC => service was disabled
RealTimes Desktop Service => service was disabled
VideoAcceleratorService => not found.
"C:\Users\CEP Local 440\Desktop\how to remove Heur_Exploit.Script.Generic - Yahoo Search Results.html" => not found.
"C:\Users\CEP Local 440\Desktop\how to remove Heur_Exploit.Script.Generic - Yahoo Search Results_files" => not found.

========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.



========= End of Reg: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-1124643268-3595298339-4084894015-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========


========= netsh advfirewall reset =========

Ok.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Ok.


========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= netsh int ip reset c:\resetlog.txt =========

Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= ipconfig /release =========


Windows IP Configuration

No operation can be performed on Local Area Connection while it has its media disconnected.
No operation can be performed on Local Area Connection* 2 while it has its media disconnected.

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::bc01:ae8d:c3e0:9276%5
Default Gateway . . . . . . . . . :

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:3889:1309:9c3f:e205
Link-local IPv6 Address . . . . . : fe80::3889:1309:9c3f:e205%7
Default Gateway . . . . . . . . . : ::

========= End of CMD: =========


========= ipconfig /renew =========


Windows IP Configuration

No operation can be performed on Local Area Connection while it has its media disconnected.
No operation can be performed on Local Area Connection* 2 while it has its media disconnected.

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::bc01:ae8d:c3e0:9276%5
IPv4 Address. . . . . . . . . . . : 192.168.2.10
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1

Tunnel adapter isatap.{7AACF0C7-F777-451D-935F-0DFF73E93A81}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:204d:fdb:9c3f:e205
Link-local IPv6 Address . . . . . : fe80::204d:fdb:9c3f:e205%7
Default Gateway . . . . . . . . . : ::

========= End of CMD: =========


========= netsh int ipv4 reset =========

Resetting Interface, OK!
Resetting , failed.
Access is denied.

Restart the computer to complete this action.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Resetting Interface, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.8.10240 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7524729 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => -112219 B
Edge => 0 B
Chrome => 46714901 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
CEP Local 440 => 3402440 B
DefaultAppPool => 0 B

RecycleBin => 130120922 B
EmptyTemp: => 179 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:04:11 ====
 
Malnutrition said:
  • Please post the Junkware Removal Tool Log...
  • Uninstall the software below.
VaudiX (HKLM\...\{6C7F523F-A2A9-AE9E-4C75-EA8BB79C70C9}) (Version: 1.0 - )
McAfee Agent (HKLM-x32\...\{2AAB21C2-4CDA-4189-A0EC-5ED666113F84}) (Version: 4.5.0.1810 - McAfee, Inc.)

Update your software with Patch My PC
Run the Mcafee Removal Tool : Then Reboot computer.



Security Check Scan.

  • Download Security Check to your desktop.
  • Right click it run as administrator.
  • When the program completes, the tool will automatically open a log file.
  • Please post that log here in your next post.

What issues remain the machine at this point?
Click to expand...
 
Malnutrition said:
  • Please post the Junkware Removal Tool Log...
  • Uninstall the software below.
VaudiX (HKLM\...\{6C7F523F-A2A9-AE9E-4C75-EA8BB79C70C9}) (Version: 1.0 - )
McAfee Agent (HKLM-x32\...\{2AAB21C2-4CDA-4189-A0EC-5ED666113F84}) (Version: 4.5.0.1810 - McAfee, Inc.)

Update your software with Patch My PC
Run the Mcafee Removal Tool : Then Reboot computer.



Security Check Scan.

  • Download Security Check to your desktop.
  • Right click it run as administrator.
  • When the program completes, the tool will automatically open a log file.
  • Please post that log here in your next post.

What issues remain the machine at this point?
Click to expand...
SecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16]
WebSite: www.safezone.cc
DateLog: 25.11.2016 21:45:42
Path starting: C:\Users\CEP Local 440\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: CEP Local 440
VersionXML: 3.54is-25.11.2016
___________________________________________________________________________

Windows 10(6.3.10240) (x64) Core Lang: English(0409)
Installation date OS: 25.10.2015 14:38:35
LicenseStatus: Windows(R), Core edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.EXE
SystemDrive: C: FS: [NTFS] Capacity: [450.9 Gb] Used: [125.6 Gb] Free: [325.3 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.10240.16841 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Automatically download and schedule installation
Windows Update (wuauserv) - The service has stopped
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
World Wide Web Publishing Service (W3SVC) - The service is running
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office XP v.10.0.6626.0
Microsoft Office 2003 v.11.0.8173.0
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and up to date)
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
Zemana AntiMalware v.2.60.1
--------------------------- [ OtherUtilities ] ----------------------------
7-Zip 16.04 (x64 edition) v.16.04.00.0
Microsoft Silverlight v.5.1.50901.0
7-Zip 16.02 v.16.02 Warning! Download Update
Uninstall old version and install new one.
DivX Setup v.2.6.1.90
--------------------------- [ AppleProduction ] ---------------------------
iTunes v.12.5.3.16 Warning! Download Update
^Please use Apple Software Update tool.^
Bonjour v.3.1.0.1
Bonjour Service (Bonjour Service) - The service is running
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.23.0.0.257
Adobe Shockwave Player 12.2 v.12.2.5.195
Adobe Acrobat Reader DC v.15.020.20042
Adobe Shockwave Player v.11.5.1.601 Warning! Download Update
------------------------------- [ Browser ] -------------------------------
Google Chrome v.54.0.2840.99
----------------------------- [ EmailClient ] -----------------------------
Windows Live Mail v.15.4.3502.0922
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.54.0.2840.99
------------------ [ AntivirusFirewallProcessServices ] -------------------
MBAMService (MBAMService) - The service has stopped
McAfee Validation Trust Protection Service (mfevtp) - The service is running
C:\WINDOWS\System32\mfevtps.exe v.0.0.0.0
C:\Program Files\Windows Defender\MsMpEng.exe v.4.8.10240.16384
C:\Program Files\Windows Defender\MpCmdRun.exe v.4.8.10240.16384
C:\Program Files\Windows Defender\NisSrv.exe v.4.8.10240.16384
Windows Defender Service (WinDefend) - The service is running
Windows Defender Network Inspection Service (WdNisSvc) - The service is running
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.0.0.0.0
---------------------------- [ UnwantedApps ] -----------------------------
FATE v.2.2.0.82 << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------
 
Adware Removal Tool Scan.



Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.





LOr0Gd7.png




Hit Ok.



sYFsqHx.png




Hit next make sure to leave all items checked, for removal.



8NcZjGc.png






The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.



ZHP Scan.

Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.






2. Once you have started the program, you will need to click the scanner button.

EgsT69u.png


The program will close all open browsers!
3. Once the scan is completed, the you will want to click the Repair button.



At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.
 
Here is the file again.
The first time I don't think it was ran as administrator.
Thanks again.
SecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16]
WebSite: www.safezone.cc
DateLog: 25.11.2016 21:54:34
Path starting: C:\Users\CEP Local 440\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: CEP Local 440
VersionXML: 3.54is-25.11.2016
___________________________________________________________________________

Windows 10(6.3.10240) (x64) Core Lang: English(0409)
Installation date OS: 25.10.2015 14:38:35
LicenseStatus: Windows(R), Core edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.EXE
SystemDrive: C: FS: [NTFS] Capacity: [450.9 Gb] Used: [125.6 Gb] Free: [325.3 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.10240.16841 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Automatically download and schedule installation
Windows Update (wuauserv) - The service has stopped
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
World Wide Web Publishing Service (W3SVC) - The service is running
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office XP v.10.0.6626.0
Microsoft Office 2003 v.11.0.8173.0
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and up to date)
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
Zemana AntiMalware v.2.60.1
--------------------------- [ OtherUtilities ] ----------------------------
7-Zip 16.04 (x64 edition) v.16.04.00.0
Microsoft Silverlight v.5.1.50901.0
7-Zip 16.02 v.16.02 Warning! Download Update
Uninstall old version and install new one.
DivX Setup v.2.6.1.90
--------------------------- [ AppleProduction ] ---------------------------
iTunes v.12.5.3.16 Warning! Download Update
^Please use Apple Software Update tool.^
Bonjour v.3.1.0.1
Bonjour Service (Bonjour Service) - The service is running
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.23.0.0.257
Adobe Shockwave Player 12.2 v.12.2.5.195
Adobe Acrobat Reader DC v.15.020.20042
Adobe Shockwave Player v.11.5.1.601 Warning! Download Update
------------------------------- [ Browser ] -------------------------------
Google Chrome v.54.0.2840.99
----------------------------- [ EmailClient ] -----------------------------
Windows Live Mail v.15.4.3502.0922
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.54.0.2840.99
------------------ [ AntivirusFirewallProcessServices ] -------------------
MBAMService (MBAMService) - The service has stopped
McAfee Validation Trust Protection Service (mfevtp) - The service is running
C:\WINDOWS\System32\mfevtps.exe v.0.0.0.0
C:\Program Files\Windows Defender\MsMpEng.exe v.4.8.10240.16384
C:\Program Files\Windows Defender\MpCmdRun.exe v.4.8.10240.16384
C:\Program Files\Windows Defender\NisSrv.exe v.4.8.10240.16384
Windows Defender Service (WinDefend) - The service is running
Windows Defender Network Inspection Service (WdNisSvc) - The service is running
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.0.0.0.0
---------------------------- [ UnwantedApps ] -----------------------------
FATE v.2.2.0.82 << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------
 
Also, it seems you did not run the McAfee removal tool. Please do so when you have completed all other task.
 
Adware Removal Tool Scan.



Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.





LOr0Gd7.png




Hit Ok.



sYFsqHx.png




Hit next make sure to leave all items checked, for removal.



8NcZjGc.png






The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.



ZHP Scan.

Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.






2. Once you have started the program, you will need to click the scanner button.

EgsT69u.png


The program will close all open browsers!
3. Once the scan is completed, the you will want to click the Repair button.



At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.
 
Adaware Log;
[-] Deleted ->> File ->> C:\Program Files (x86)\Common Files\L&H\SpeechEngines\1033\TTS\TTS3000\ENUTEMPP.DLL
[-] Deleted ->> File ->> C:\Users\CEP Local 440\Appdata\LocalLow\Microsoft\Internet Explorer\Services\search_{7F4EFF06-7032-458e-AE16-1C1D8255C28A}.ico
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}\ <RegValue:> AppName <RegData:> TbHelper2.exe : TbHelper2.exe
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppPath <RegData:> C:\Program Files (x86)\ConduitEngine : C:\Program Files (x86)\ConduitEngine
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppName <RegData:> ConduitEngineHelper.exe : ConduitEngineHelper.exe
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppPath <RegData:> C:\Program Files (x86)\ConduitEngine : C:\Program Files (x86)\ConduitEngine
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}\ <RegValue:> AppName <RegData:> TbHelper2.exe : TbHelper2.exe
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppPath <RegData:> C:\Program Files (x86)\ConduitEngine : C:\Program Files (x86)\ConduitEngine
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppName <RegData:> ConduitEngineHelper.exe : ConduitEngineHelper.exe
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppPath <RegData:> C:\Program Files (x86)\ConduitEngine : C:\Program Files (x86)\ConduitEngine
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}\ <RegValue:> AppName <RegData:> TbHelper2.exe : TbHelper2.exe
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppPath <RegData:> C:\Program Files (x86)\ConduitEngine : C:\Program Files (x86)\ConduitEngine
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppName <RegData:> ConduitEngineHelper.exe : ConduitEngineHelper.exe
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppPath <RegData:> C:\Program Files (x86)\ConduitEngine : C:\Program Files (x86)\ConduitEngine
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}\ <RegValue:> AppName <RegData:> TbHelper2.exe : TbHelper2.exe
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppPath <RegData:> C:\Program Files (x86)\ConduitEngine : C:\Program Files (x86)\ConduitEngine
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppName <RegData:> ConduitEngineHelper.exe : ConduitEngineHelper.exe
[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD9CE514-081C-4EB1-B6A6-9BEA2B97B512}\ <RegValue:> AppPath <RegData:> C:\Program Files (x86)\ConduitEngine : C:\Program Files (x86)\ConduitEngine
[-] Repaired ->> File ->> C:\Users\CEP Local 440\AppData\Local\Google\Chrome\User Data\Default\Preferences
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\Software\AppDataLow\Software\Smartbar
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\Software\AppDataLow\Software\TelevisionFanaticEI
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mypcbackup.com
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\televisionfanatic.com
[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\weatherblink.com
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\taphss
[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\taphss
Thanks
 
Good Morning:
I downloaded the ZHP Scan.
I ran the scanner. The program found 82 issues. When I attempted to push the repair button the program appeared to be stalled and it wouldn't continue. I closed the program and ran it again 3 more times with the same results.
Any suggestions?

Regards,
P
 
  1. Run the program in safe mode with networking.
  2. If that fails.
  3. Skip it.
Next:

Next lets check for Mcafee remnants.


Get the Everything Search Engine
Install Program, Right Click Run As Admin. Type McAfee into to search window.
Then Click Edit.
Select all.
Right Click highlighted items>>>>>>>> Copy full name to clipboard. >>>>> Paste content of clipboard, here in your next reply.

Repeat the same steps for each of the 3 words below.
One at a time!
& Then The file path.

Hola Speedbit VaudiX C:\Windows\System32\Tasks

Next:

You have an extreme amount of scheduled task on your machine. More than Normal by far....

Download CCleaner from here.
After install Click Options.
Go to monitoring.
Uncheck All Monitoring items.
Go to advanced -- Click close program after cleaning.
Go to settings -- click run ccleaner when the computer starts.


Now that you have ccleaner installed and set-up:

Open the program.
Go to Tools
Go to Startup
Now double click each item. To Disable.
Then disable All items in your scheduled task as well.

Reboot the machine.
 
Last edited:
Also, if the pop-ups are still there after the 9-Lab and ZHP scans. Then a browser reset is in order.

Download ResetBrowser To your desktop.
Now close all open browsers.
Right click and run as administrator.

vwUeyaZ.png


Click on Reset Chrome-- Allow completion.
Now reboot your machine.
 
Get Everything Search;

C:\Program Files (x86)\Common Files\McAfee
C:\Program Files\Common Files\McAfee
C:\ProgramData\McAfee
C:\Users\Default\AppData\Roaming\McAfee
C:\Users\DefaultAppPool\AppData\Roaming\McAfee
C:\WINDOWS\System32\config\systemprofile\AppData\Roaming\McAfee
C:\Program Files (x86)\Hewlett-Packard\HP Setup\Assets\mcafee.png
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\ar\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\bg\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\cs\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\da\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\de\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\el\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\en\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\en_gb\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\es\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\es_es_es\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\et\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\fi\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\fr\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\fr_ca\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\he\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\hr\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\hu\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\it\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\ja\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\ko\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\lt\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\lv\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\nb\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\nl\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\nn\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\pl\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\pt\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\pt_br\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\ro\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\ru\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\sk\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\sl\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\sr\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\sv\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\th\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\tr\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\uk\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\zh\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\zh_hk_hk\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
C:\Program Files (x86)\Hewlett-Packard\HP Setup\SecurityPillar\zh_tw_tw\TotalCareSetup.SecurityPillar.McAfee.LearnMore.xml
 
Ok. for now can you tell me what issues remain on your machine please. :)

ZHP Diag.


Download ZHP Diag to your desktop.


1. Right Click Run as Admin.
2. Click the Scanner button.

upload_2016-11-17_20-37-4-png.779


When complete please push the report button.
A notepad will open... copy and paste the report in your next reply.


Also, you need to search each word one at a time. But we will take care of that later. :)

Example:

Jp7x1s2.png

 
Last edited:
As yet, since I used the "Reset Browser" program I haven't experienced any pop ups. So I am very pleased with that.
(Thanks) ;)

Here is the next program.
After I ran the last program, (ZHPDiag) there was a report saying that there were 4 issues but it wouldn't allow me to copy them to show you what they were.
~ ZHPDiag v2016.11.28.232 By Nicolas Coolman (2016/11/28)
~ Run by CEP Local 440 (Administrator) (2016/11/29 13:33:46)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\CEP Local 440\Desktop\ZHPDiag.txt
~ Report: C:\Users\CEP Local 440\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Home, 64-bit (Build 10240)

Thanks again,
P
 
That is not the entire ZHP log, I need the whole thing not just then header. :)
 
After I ran the ZHPDiag program. As I mentioned before a log came up saying the following;
Items found at your station; 4
Superflous.SlimWare Utilities
Heuristic.Suspect
Pup.Optional. Install Converter
Superflous.Tarma.

Thanks again
 
Status
Not open for further replies.
Top Bottom