krell1349

Members

View Profile See their activity

Posts
7
Joined
July 20, 2015
Last visited
November 16, 2015

Content Type

All Activity

Events

Profiles

Forums

Topics
Posts

Everything posted by krell1349

Received a pop up that said my computer is infected(with audio, too)

krell1349 replied to krell1349's topic in Resolved Malware Removal Logs

Thanks for your help.
- November 15, 2015
- 6 replies
Received a pop up that said my computer is infected(with audio, too)

krell1349 replied to krell1349's topic in Resolved Malware Removal Logs

Everything seems normal, I was just concerned that something got on my computer. As soon as I saw the infection message, I closed out IE with the task manager. That being said, per your request: FIX LOG: Fix result of Farbar Recovery Scan Tool (x64) Version:07-11-2015 Ran by Chris_HP (2015-11-15 07:50:47) Run:1 Running from C:\Users\Chris_HP\Desktop Loaded Profiles: Chris_HP (Available Profiles: Chris_HP) Boot Mode: Normal ============================================== fixlist content: ***************** Start CloseProcesses: CreateRestorePoint: U3 idsvc; no ImagePath S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] U3 wpcsvc; no ImagePath C:\Users\Chris_HP\AppData\Local\Temp\Extract.exe C:\Users\Chris_HP\AppData\Local\Temp\HPPSdr.exe C:\Users\Chris_HP\AppData\Local\Temp\SP71616.exe C:\Users\Chris_HP\AppData\Local\Temp\SP71715.exe C:\Users\Chris_HP\AppData\Local\Temp\SP72010.exe C:\Users\Chris_HP\AppData\Local\Temp\SP72283.exe C:\Users\Chris_HP\AppData\Local\Temp\SP72285.exe C:\Users\Chris_HP\AppData\Local\Temp\SP72442.exe C:\Users\Chris_HP\AppData\Local\Temp\UninstallHPSA.exe Task: {00DD52C0-3A99-400E-B2CC-6C904333B581} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {03EDFB99-CD7A-48D3-AAB8-4CFB15101887} - \User_Feed_Synchronization-{C05742E1-1149-44B8-A50B-E82C46127B6F} -> No File <==== ATTENTION Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - \Microsoft\Windows\Tcpip\IpAddressConflict1 -> No File <==== ATTENTION Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - \Microsoft\Windows\Tcpip\IpAddressConflict2 -> No File <==== ATTENTION Task: {0B19B723-64D6-45AF-9795-2037904A79FC} - \Hewlett-Packard\HP Support Assistant\Update Check -> No File <==== ATTENTION Task: {103ECC2C-B769-4C11-8333-E2961367A093} - \Microsoft\Windows\Media Center\DispatchRecoveryTasks -> No File <==== ATTENTION Task: {1331F41C-EA7C-4C80-AD8D-FF3EAB8A45CE} - \Microsoft\Windows\Media Center\RecordingRestart -> No File <==== ATTENTION Task: {1C4AB4AB-E14B-48AB-A3C4-4387ED3A52D9} - \Microsoft\Office\Office Automatic Updates -> No File <==== ATTENTION Task: {1D327E55-B6ED-481B-A289-43018BD1595A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {20779EEB-9B60-4979-93BD-F5634B044C55} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {27B57458-D4FE-46A4-931F-5E11173ECB41} - \Microsoft\Windows\Media Center\InstallPlayReady -> No File <==== ATTENTION Task: {2A38EC86-584C-4A8B-9FDC-B65E7F5E301D} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION Task: {2EF2B0D2-8157-4FA0-8A73-3ACF62A421A9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {2FF6F654-1DF4-4B70-AC26-612C87DE7C16} - \Microsoft\Windows\SideShow\SessionAgent -> No File <==== ATTENTION Task: {35AE4116-87E4-4BB0-8E01-42EECA79AAA6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {4FC092FD-40E5-407F-B8E5-EECF5F9A607B} - \Microsoft\Windows\Media Center\RegisterSearch -> No File <==== ATTENTION Task: {53733915-1F3D-4CA8-B475-807F721CB870} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {59128545-13CB-43B5-92F6-BE4F6BB1547B} - \CLMLSvc_P2G8 -> No File <==== ATTENTION Task: {594C5952-3A07-47FD-8911-B041C8771A66} - \Hewlett-Packard\HP Support Assistant\WarrantyChecker -> No File <==== ATTENTION Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - \Microsoft\Windows\Shell\WindowsParentalControls -> No File <==== ATTENTION Task: {5C67AB8A-2064-4873-A8AA-0694C4CDFB67} - \Microsoft\Windows\Media Center\PBDADiscovery -> No File <==== ATTENTION Task: {5FE87118-83CF-471A-ABC7-CA6568D4308A} - \Microsoft\Windows\Media Center\OCURActivate -> No File <==== ATTENTION Task: {6D13B63D-E693-47AC-B342-C27A0FFF1802} - \Microsoft\Windows\SideShow\GadgetManager -> No File <==== ATTENTION Task: {6D25906E-A62C-40DF-AB71-C52B82B99C8F} - \Microsoft\Windows\Media Center\PBDADiscoveryW1 -> No File <==== ATTENTION Task: {783F39BF-86D9-4AC2-90C5-1B2494AE3742} - \Microsoft\Windows\Media Center\ActivateWindowsSearch -> No File <==== ATTENTION Task: {784E024B-A574-443D-A0F6-0A4D3EDAE674} - \Microsoft\Windows\SideShow\SystemDataProviders -> No File <==== ATTENTION Task: {7A8D3C2F-8362-4B5B-AF1A-C14BC6150B39} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {82D60FFF-ACC7-4CBA-AA2C-399DD1608206} - \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start -> No File <==== ATTENTION Task: {88DFFB14-5AFD-4725-AFEB-AFA667D29966} - \CLVDLauncher -> No File <==== ATTENTION Task: {8A3BBB9F-4B68-4CD2-BDD0-36B45A2E4135} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {8DA6E151-2B4F-498C-9630-D0EBF793846B} - \Microsoft\Windows\Media Center\UpdateRecordPath -> No File <==== ATTENTION Task: {959F6D4F-8050-4E9B-9EE3-050CCED630EC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {96DDD3E7-DB6B-43A1-B6DC-B702CB523529} - \Hewlett-Packard\HP Support Assistant\HPW10UpgradeReminder -> No File <==== ATTENTION Task: {A3CCA2B1-44E2-45E4-9164-8DF2786CD052} - \Microsoft\Windows\Media Center\PBDADiscoveryW2 -> No File <==== ATTENTION Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor -> No File <==== ATTENTION Task: {B3E16941-25B7-4113-9215-5B234173CACD} - \Microsoft\Windows\Media Center\MediaCenterRecoveryTask -> No File <==== ATTENTION Task: {B72680A9-2A66-49D1-8BA6-F2A8B3E9BD35} - \Microsoft\Windows\SideShow\AutoWake -> No File <==== ATTENTION Task: {BC1F8375-757F-4805-9250-D0A6F88DDD2A} - \Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan -> No File <==== ATTENTION Task: {BE0B97A0-232F-46E3-AC26-6FB439A83E92} - \Microsoft\Windows\MobilePC\HotStart -> No File <==== ATTENTION Task: {BE736292-C806-4EAD-A936-AA28FAB26CBE} - \HPCeeScheduleForChris_HP -> No File <==== ATTENTION Task: {C023FA6D-01C2-4128-B0E4-F42DE3A3CE14} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {C6DCA586-E19B-4F92-B541-3A11237BCF20} - \Microsoft\Windows\Media Center\PvrScheduleTask -> No File <==== ATTENTION Task: {CB0FDA7A-57F9-4199-B175-570D7FD48013} - \Microsoft\Windows\Media Center\SqlLiteRecoveryTask -> No File <==== ATTENTION Task: {CE899445-5BEB-47FF-BBA5-C686F53AF19F} - \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask -> No File <==== ATTENTION Task: {CEB39608-8258-47EC-B116-DAF8FA76461B} - \Hewlett-Packard\HP Support Assistant\PC Health Analysis -> No File <==== ATTENTION Task: {DC648C5C-6761-42BF-BC40-A4AA4D42D41B} - \Microsoft\Windows\Media Center\mcupdate -> No File <==== ATTENTION Task: {E2ACC2A3-DFD1-4656-989C-DB6F5ED67109} - \Microsoft\Windows\Media Center\ReindexSearchRoot -> No File <==== ATTENTION Task: {E8E8FD32-213B-4F32-A3B6-A441C92AF058} - \Microsoft\Windows\Media Center\ConfigureInternetTimeService -> No File <==== ATTENTION Task: {EA956834-7F5C-46A5-A959-4E063FB069FC} - \Microsoft\Windows\Media Center\PvrRecoveryTask -> No File <==== ATTENTION Task: {EACA24FF-236C-401D-A1E7-B3D5267B8A50} - \Microsoft\Windows\RAC\RacTask -> No File <==== ATTENTION Task: {ECE040DF-69E5-4AC6-A177-EF543456D3A9} - \Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH4BK270J0 -> No File <==== ATTENTION Task: {EDDA35DC-B7DA-4323-B86E-202A735E40F7} - \Microsoft\Windows\Media Center\OCURDiscovery -> No File <==== ATTENTION Task: {F2E1588E-BC77-4141-9241-86A466EE211C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {F6328E3F-5368-41FA-9EBD-81AB83D73009} - \HPCustParticipation HP ENVY 7640 series -> No File <==== ATTENTION Task: {F645C38B-ACF0-4FCC-B27A-C91B48F84AE6} - \Microsoft\Office\Office ClickToRun Service Monitor -> No File <==== ATTENTION Task: {FFB18CC3-3E76-4733-A13E-DB295597589E} - \Microsoft\Windows\Media Center\ehDRMInit -> No File <==== ATTENTION EmptyTemp: End ***************** Processes closed successfully. Restore point was successfully created. idsvc => service removed successfully wfpcapture => service removed successfully wpcsvc => service removed successfully C:\Users\Chris_HP\AppData\Local\Temp\Extract.exe => moved successfully C:\Users\Chris_HP\AppData\Local\Temp\HPPSdr.exe => moved successfully C:\Users\Chris_HP\AppData\Local\Temp\SP71616.exe => moved successfully C:\Users\Chris_HP\AppData\Local\Temp\SP71715.exe => moved successfully C:\Users\Chris_HP\AppData\Local\Temp\SP72010.exe => moved successfully C:\Users\Chris_HP\AppData\Local\Temp\SP72283.exe => moved successfully C:\Users\Chris_HP\AppData\Local\Temp\SP72285.exe => moved successfully C:\Users\Chris_HP\AppData\Local\Temp\SP72442.exe => moved successfully C:\Users\Chris_HP\AppData\Local\Temp\UninstallHPSA.exe => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{00DD52C0-3A99-400E-B2CC-6C904333B581}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00DD52C0-3A99-400E-B2CC-6C904333B581}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03EDFB99-CD7A-48D3-AAB8-4CFB15101887}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03EDFB99-CD7A-48D3-AAB8-4CFB15101887}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\User_Feed_Synchronization-{C05742E1-1149-44B8-A50B-E82C46127B6F}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{088482FA-65B8-4E17-9ABF-1DCD48E8D373}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{088482FA-65B8-4E17-9ABF-1DCD48E8D373}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\IpAddressConflict1" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09F06BFE-A3C8-40E3-846A-6E6F4000C238}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F06BFE-A3C8-40E3-846A-6E6F4000C238}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Tcpip\IpAddressConflict2" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B19B723-64D6-45AF-9795-2037904A79FC}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B19B723-64D6-45AF-9795-2037904A79FC}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\Update Check" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{103ECC2C-B769-4C11-8333-E2961367A093}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{103ECC2C-B769-4C11-8333-E2961367A093}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{1331F41C-EA7C-4C80-AD8D-FF3EAB8A45CE}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1331F41C-EA7C-4C80-AD8D-FF3EAB8A45CE}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1C4AB4AB-E14B-48AB-A3C4-4387ED3A52D9}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C4AB4AB-E14B-48AB-A3C4-4387ED3A52D9}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Automatic Updates" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D327E55-B6ED-481B-A289-43018BD1595A}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D327E55-B6ED-481B-A289-43018BD1595A}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20779EEB-9B60-4979-93BD-F5634B044C55}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20779EEB-9B60-4979-93BD-F5634B044C55}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27B57458-D4FE-46A4-931F-5E11173ECB41}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27B57458-D4FE-46A4-931F-5E11173ECB41}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2A38EC86-584C-4A8B-9FDC-B65E7F5E301D}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A38EC86-584C-4A8B-9FDC-B65E7F5E301D}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2EF2B0D2-8157-4FA0-8A73-3ACF62A421A9}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EF2B0D2-8157-4FA0-8A73-3ACF62A421A9}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2FF6F654-1DF4-4B70-AC26-612C87DE7C16}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FF6F654-1DF4-4B70-AC26-612C87DE7C16}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SessionAgent" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35AE4116-87E4-4BB0-8E01-42EECA79AAA6}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35AE4116-87E4-4BB0-8E01-42EECA79AAA6}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4FC092FD-40E5-407F-B8E5-EECF5F9A607B}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FC092FD-40E5-407F-B8E5-EECF5F9A607B}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53733915-1F3D-4CA8-B475-807F721CB870}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53733915-1F3D-4CA8-B475-807F721CB870}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{59128545-13CB-43B5-92F6-BE4F6BB1547B}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59128545-13CB-43B5-92F6-BE4F6BB1547B}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CLMLSvc_P2G8" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{594C5952-3A07-47FD-8911-B041C8771A66}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{594C5952-3A07-47FD-8911-B041C8771A66}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\WarrantyChecker" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B42DD9C-5A26-4F27-BB95-34603F0997E5}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\WindowsParentalControls" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C67AB8A-2064-4873-A8AA-0694C4CDFB67}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C67AB8A-2064-4873-A8AA-0694C4CDFB67}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FE87118-83CF-471A-ABC7-CA6568D4308A}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FE87118-83CF-471A-ABC7-CA6568D4308A}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6D13B63D-E693-47AC-B342-C27A0FFF1802}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D13B63D-E693-47AC-B342-C27A0FFF1802}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\GadgetManager" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D25906E-A62C-40DF-AB71-C52B82B99C8F}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D25906E-A62C-40DF-AB71-C52B82B99C8F}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{783F39BF-86D9-4AC2-90C5-1B2494AE3742}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{783F39BF-86D9-4AC2-90C5-1B2494AE3742}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{784E024B-A574-443D-A0F6-0A4D3EDAE674}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{784E024B-A574-443D-A0F6-0A4D3EDAE674}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\SystemDataProviders" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A8D3C2F-8362-4B5B-AF1A-C14BC6150B39}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A8D3C2F-8362-4B5B-AF1A-C14BC6150B39}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{82D60FFF-ACC7-4CBA-AA2C-399DD1608206}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82D60FFF-ACC7-4CBA-AA2C-399DD1608206}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88DFFB14-5AFD-4725-AFEB-AFA667D29966}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88DFFB14-5AFD-4725-AFEB-AFA667D29966}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CLVDLauncher" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8A3BBB9F-4B68-4CD2-BDD0-36B45A2E4135}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A3BBB9F-4B68-4CD2-BDD0-36B45A2E4135}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8DA6E151-2B4F-498C-9630-D0EBF793846B}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DA6E151-2B4F-498C-9630-D0EBF793846B}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{959F6D4F-8050-4E9B-9EE3-050CCED630EC}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{959F6D4F-8050-4E9B-9EE3-050CCED630EC}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96DDD3E7-DB6B-43A1-B6DC-B702CB523529}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96DDD3E7-DB6B-43A1-B6DC-B702CB523529}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HPW10UpgradeReminder" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3CCA2B1-44E2-45E4-9164-8DF2786CD052}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3CCA2B1-44E2-45E4-9164-8DF2786CD052}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0CBAB43-44FC-469B-A4CE-87426761FDCE}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0CBAB43-44FC-469B-A4CE-87426761FDCE}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B3E16941-25B7-4113-9215-5B234173CACD}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3E16941-25B7-4113-9215-5B234173CACD}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B72680A9-2A66-49D1-8BA6-F2A8B3E9BD35}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B72680A9-2A66-49D1-8BA6-F2A8B3E9BD35}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SideShow\AutoWake" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC1F8375-757F-4805-9250-D0A6F88DDD2A}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC1F8375-757F-4805-9250-D0A6F88DDD2A}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BE0B97A0-232F-46E3-AC26-6FB439A83E92}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE0B97A0-232F-46E3-AC26-6FB439A83E92}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MobilePC\HotStart" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE736292-C806-4EAD-A936-AA28FAB26CBE}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE736292-C806-4EAD-A936-AA28FAB26CBE}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCeeScheduleForChris_HP" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C023FA6D-01C2-4128-B0E4-F42DE3A3CE14}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C023FA6D-01C2-4128-B0E4-F42DE3A3CE14}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C6DCA586-E19B-4F92-B541-3A11237BCF20}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6DCA586-E19B-4F92-B541-3A11237BCF20}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB0FDA7A-57F9-4199-B175-570D7FD48013}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB0FDA7A-57F9-4199-B175-570D7FD48013}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE899445-5BEB-47FF-BBA5-C686F53AF19F}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE899445-5BEB-47FF-BBA5-C686F53AF19F}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEB39608-8258-47EC-B116-DAF8FA76461B}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEB39608-8258-47EC-B116-DAF8FA76461B}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\PC Health Analysis" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC648C5C-6761-42BF-BC40-A4AA4D42D41B}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC648C5C-6761-42BF-BC40-A4AA4D42D41B}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2ACC2A3-DFD1-4656-989C-DB6F5ED67109}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2ACC2A3-DFD1-4656-989C-DB6F5ED67109}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8E8FD32-213B-4F32-A3B6-A441C92AF058}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8E8FD32-213B-4F32-A3B6-A441C92AF058}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA956834-7F5C-46A5-A959-4E063FB069FC}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA956834-7F5C-46A5-A959-4E063FB069FC}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EACA24FF-236C-401D-A1E7-B3D5267B8A50}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EACA24FF-236C-401D-A1E7-B3D5267B8A50}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RAC\RacTask" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ECE040DF-69E5-4AC6-A177-EF543456D3A9}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ECE040DF-69E5-4AC6-A177-EF543456D3A9}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH4BK270J0" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EDDA35DC-B7DA-4323-B86E-202A735E40F7}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDDA35DC-B7DA-4323-B86E-202A735E40F7}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F2E1588E-BC77-4141-9241-86A466EE211C}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2E1588E-BC77-4141-9241-86A466EE211C}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F6328E3F-5368-41FA-9EBD-81AB83D73009}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6328E3F-5368-41FA-9EBD-81AB83D73009}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCustParticipation HP ENVY 7640 series" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F645C38B-ACF0-4FCC-B27A-C91B48F84AE6}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F645C38B-ACF0-4FCC-B27A-C91B48F84AE6}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office ClickToRun Service Monitor" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FFB18CC3-3E76-4733-A13E-DB295597589E}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFB18CC3-3E76-4733-A13E-DB295597589E}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit" => key removed successfully EmptyTemp: => 2.6 GB temporary data Removed. The system needed a reboot. ==== End of Fixlog 07:53:34 ==== MBAM: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 11/15/2015 Scan Time: 8:02 AM Logfile: mbam2.txt Administrator: Yes Version: 2.2.0.1024 Malware Database: v2015.11.15.02 Rootkit Database: v2015.11.14.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 10 CPU: x64 File System: NTFS User: Chris_HP Scan Type: Threat Scan Result: Completed Objects Scanned: 333146 Time Elapsed: 9 min, 40 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) AD WARE: # AdwCleaner v5.021 - Logfile created 15/11/2015 at 08:17:13 # Updated 14/11/2015 by Xplode # Database : 2015-11-13.3 [server] # Operating system : Windows 10 Pro (x64) # Username : Chris_HP - CHRIS-HP # Running from : C:\Users\Chris_HP\Desktop\AdwCleaner.exe # Option : Cleaning # Support : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Folders ] ***** ***** [ Files ] ***** ***** [ DLLs ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isurveys.researchresults.com [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\researchresults.com [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\isurveys.researchresults.com [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\researchresults.com [-] Key Deleted : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\isurveys.researchresults.com [-] Key Deleted : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\researchresults.com ***** [ Web browsers ] ***** [-] [C:\Users\Chris_HP\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : aol.com [-] [C:\Users\Chris_HP\AppData\Local\Google\Chrome\User Data\Default\Web Data] [search Provider] Deleted : ask.com ************************* :: "Tracing" keys removed :: Winsock settings cleared ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2007 bytes] ########## JRT: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.6.4 (09.28.2015:1) OS: Windows 10 Pro x64 Ran by Chris_HP on Sun 11/15/2015 at 8:26:24.64 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{26B7B1CD-FC94-48FE-A8DA-97ECAB78524B} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{26B7B1CD-FC94-48FE-A8DA-97ECAB78524B} ~~~ Files ~~~ Folders ~~~ Chrome [C:\Users\Chris_HP\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\Chris_HP\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\Chris_HP\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\Chris_HP\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: [] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sun 11/15/2015 at 8:29:31.92 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ cureit.log
- November 15, 2015
- 6 replies
Received a pop up that said my computer is infected(with audio, too)

krell1349 posted a topic in Resolved Malware Removal Logs

I think it was a fake virus warning, it also said to call an 800 number. I just want to make sure my system is clean. MBAM log pasted below. FRST logs attached, post too big message. Thanks. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 11/14/2015 Scan Time: 6:30 PM Logfile: mbam.txt Administrator: Yes Version: 2.2.0.1024 Malware Database: v2015.11.14.07 Rootkit Database: v2015.11.14.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 10 CPU: x64 File System: NTFS User: Chris_HP Scan Type: Threat Scan Result: Completed Objects Scanned: 335454 Time Elapsed: 5 min, 56 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Addition.txt FRST.txt
- November 15, 2015
- 6 replies
Not sure if all malware was removed - please help

krell1349 replied to krell1349's topic in Resolved Malware Removal Logs

Thanks for your help. All done here. I have made a small donation so you can have a few beers. Regards, Chris
- July 21, 2015
- 7 replies
Not sure if all malware was removed - please help

krell1349 replied to krell1349's topic in Resolved Malware Removal Logs

Seems OK....Avast isn't blocking anything....seems normal again. My son got weather bug software loaded on his machine somehow...then it loaded some other stuff optimizer pro etc. Thanks for your help. Any cleanup/checking I need to do?
- July 20, 2015
- 7 replies
Not sure if all malware was removed - please help

krell1349 replied to krell1349's topic in Resolved Malware Removal Logs

Good day, Log file attached. zoek-results.log
- July 20, 2015
- 7 replies
Not sure if all malware was removed - please help

krell1349 posted a topic in Resolved Malware Removal Logs

Hi, I am having issues with my son's laptop. Avast found some stuff so did Malwarebytes. We are still getting popups from Avast saying things are being blocked. I suspect something is still there. Thanks, Chris I had to attach the logs since they were too long... Addition.txt FRST.txt
- July 20, 2015
- 7 replies

Sign In

krell1349

Posts

Joined

Last visited

Content Type

Events

Profiles

Forums

Everything posted by krell1349

Received a pop up that said my computer is infected(with audio, too)

Received a pop up that said my computer is infected(with audio, too)

Received a pop up that said my computer is infected(with audio, too)

Not sure if all malware was removed - please help

Not sure if all malware was removed - please help

Not sure if all malware was removed - please help

Not sure if all malware was removed - please help

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information