Jump to content

xMirrorx

Members
 View Profile  See their activity

  • Posts

    9

  • Joined

  • Last visited

Reputation

0 Neutral
  1. xMirrorx
    Thank you so much for your help Georgi! Have a lovely day, Leena
  2. xMirrorx
    Hi Georgi, Good to hear! Here's the fixlog: Fix result of Farbar Recovery Scan Tool (x64) Version: 28-09-2016 Ran by Leena (30-09-2016 12:47:45) Run:3 Running from C:\Users\Leena\Desktop Loaded Profiles: Leena (Available Profiles: Leena) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: Unlock: HKLM\SOFTWARE\Wow6432Node\Webitar Production Inc. DeleteKey: HKLM\SOFTWARE\Wow6432Node\Webitar Production Inc. end ***************** Restore point was successfully created. "HKLM\SOFTWARE\Wow6432Node\Webitar Production Inc." => key was unlocked HKLM\SOFTWARE\Wow6432Node\Webitar Production Inc. => key removed successfully ==== End of Fixlog 12:47:45 ==== Cheers, Leena
  3. xMirrorx
    Emsisoft: Emsisoft Emergency Kit - Version 11.9 Last update: 9/30/2016 2:48:28 AM User account: VISCARIA\Leena Computer name: VISCARIA OS version: Windows 10x64 Scan settings: Scan type: Custom Scan Objects: Rootkits, Memory, Traces, C:\ Detect PUPs: On Scan archives: On ADS Scan: On File extension filter: Off Advanced caching: On Direct disk access: Off Scan start: 9/30/2016 2:49:36 AM C:\Users\Leena\Desktop\AK\Aura Kingdom\game.bin detected: Trojan.Generic.14852940 (B) Scanned 467603 Found 1 Scan end: 9/30/2016 4:32:49 AM Scan time: 1:43:13 Regarding gamemon.des, I did play a couple of games that used Gameguard. Not sure why the Aura Kingdom files are setting off alarms, but I haven't touched that game in well over a year so I wouldn't mind just getting rid of it.
  4. xMirrorx
    Alright, here are the reports: ZHPCleaner: ~ ZHPCleaner v2016.9.29.152 by Nicolas Coolman (2016/09/29) ~ Run by Leena (Administrator) (30/09/2016 02:29:06) ~ Web: https://www.nicolascoolman.com ~ Blog: https://www.anti-malware.top ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Scan ~ Report : C:\Users\Leena\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Leena\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 14393) ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (21) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (3) FOUND file: C:\Windows\Installer\wix{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}.SchedServiceConfig.rmi =>.Superfluous.Empty FOUND file: C:\Windows\Installer\wix{457D6189-416A-44CD-A0A6-D6D75AD25CCF}.SchedServiceConfig.rmi =>.Superfluous.Empty FOUND file: C:\Windows\Installer\wix{C4123106-B685-48E6-B9BD-E4F911841EB4}.SchedServiceConfig.rmi =>.Superfluous.Empty ---\\ Registry ( Key, Value, Data) (1) FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Webitar Production Inc. [] =>.Superfluous.WebitarProduction ---\\ Summary of the elements found (2) https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.Empty https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.WebitarProduction ---\\ Result of repair ~ Any repair made ~ Browser not found (Opera Software) ---\\ Statistics ~ Items scanned : 87851 ~ Items found : 4 ~ Items cancelled : 0 ~ Items repaired : 0 ~ End of search in 00h03mn46s ~==================== ZHPCleaner--30092016-02_32_52.txt HitmanPro: HitmanPro 3.7.14.280 www.hitmanpro.com Computer name . . . . : VISCARIA Windows . . . . . . . : 10.0.0.14393.X64/4 User name . . . . . . : VISCARIA\Leena UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2016-09-30 02:35:49 Scan mode . . . . . . : Normal Scan duration . . . . : 6m 30s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 2 Traces . . . . . . . : 254 Objects scanned . . . : 2,081,652 Files scanned . . . . : 46,987 Remnants scanned . . : 630,526 files / 1,404,139 keys Malware _____________________________________________________________________ C:\Users\Leena\AppData\Roaming\aurakingdom.to\AuraKingdom 1.1.0\install\89F06F0\mskdbe.dll Size . . . . . . . : 828,928 bytes Age . . . . . . . : 581.0 days (2015-02-27 01:27:04) Entropy . . . . . : 6.4 SHA-256 . . . . . : 96E77A1284EC1EF1EE76115B4EBEDB887775E9618C01C09AA2D3B3AD26A07812 > Bitdefender . . . : Gen:Trojan.Heur.LP.Yu4@a8yNApbi Fuzzy . . . . . . : 106.0 C:\Users\Leena\Desktop\AK\Aura Kingdom\mskdbe.dll Size . . . . . . . : 828,928 bytes Age . . . . . . . : 581.0 days (2015-02-27 01:52:41) Entropy . . . . . : 6.4 SHA-256 . . . . . : 96E77A1284EC1EF1EE76115B4EBEDB887775E9618C01C09AA2D3B3AD26A07812 > Bitdefender . . . : Gen:Trojan.Heur.LP.Yu4@a8yNApbi Fuzzy . . . . . . : 106.0 Suspicious files ____________________________________________________________ C:\Users\Leena\Desktop\FRST.exe Size . . . . . . . : 1,754,624 bytes Age . . . . . . . : 1.3 days (2016-09-28 20:07:34) Entropy . . . . . : 7.6 SHA-256 . . . . . : 4A3DB78E4A6296D26268EBD2A975632B7BA5C17527E015F8096B7A91EACF9C25 Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. C:\Users\Leena\Desktop\FRST64.exe Size . . . . . . . : 2,404,352 bytes Age . . . . . . . : 1.3 days (2016-09-28 20:10:28) Entropy . . . . . : 7.6 SHA-256 . . . . . : 003671152E9C80D316767EC62EFA9A34F8F282CC80E338F13246262E5F9C529C Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. C:\WINDOWS\SysWoW64\GameMon.des Size . . . . . . . : 3,534,784 bytes Age . . . . . . . : 459.4 days (2015-06-28 17:18:46) Entropy . . . . . : 8.0 SHA-256 . . . . . : ED5A3E58689FDFCD05BCC65C539E8B9A80027C9F5C738E628096AEA588740939 Product . . . . . : nProtect Game Monitor Publisher . . . . : INCA Internet Co., Ltd. Description . . . : nProtect Game Monitor Rev 2199 Version . . . . . : 2015.4.2.1 RSA Key Size . . . : 2048 Service . . . . . : npggsvc LanguageID . . . . : 1042 Authenticode . . . : Valid Fuzzy . . . . . . : 25.0 The file name extension of this program is not common. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities. Starts automatically as a service during system bootup. Program is code signed with a valid Authenticode certificate. Startup HKLM\SYSTEM\CurrentControlSet\Services\npggsvc\ Cookies _____________________________________________________________________ C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\0394YC79.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\08Z6B0CZ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\0KEY0WLG.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\0KSIK4AD.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\0Z8WZN6E.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\1R36FBFD.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\1TFR990N.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\1YO2DGC3.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\258RLKBU.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\27Y79EKJ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\2CURH0ES.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\2VPTM5PK.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\2Y8UGV7Y.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\3BRMIAL1.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\43IL0A2W.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\4G1BMGQ8.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\4Z0VQWAW.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\5A7BJ7G3.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\5BKI6VJ3.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\5F69I9T3.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\5L6G5KDW.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\5Q65Y66O.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\5TZMIBVR.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\68XZD9BS.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\6METZKMI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\6MUFI8FL.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\6PO1GV77.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\78ICBANL.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\7ETYFX7R.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\7J5A2RNJ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\7LWWQCJ6.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\7WJ6GHKC.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\8E7N7GUE.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\93N2XJU0.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\962P7KZH.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\9DA3E009.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\9DXJOKI3.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\AJ370SWH.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\ALX09GHI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\AY1M8KK7.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\B5OASJDL.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\BNIJ9OED.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\BSG2H31S.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\BTRVCXMO.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\BUGHN9KR.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\CH42NB0N.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\CI125ATU.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\DCUQS02C.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\DHW6RZI1.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\DTVVJ0I2.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\DUKLJKW5.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\E3Q15Y1Z.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\FDUDTRSX.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\FXS9MF75.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\G0YQNN35.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\GLV2MILA.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\GNHC6IFO.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\GZZOOD8M.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\H2EQZBEF.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\HFZWFPMJ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\I7CI06FZ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\I7J3J37O.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\IEHDS9XK.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\IGA1424Q.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\IL9GXNH3.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\IOAL465J.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\IR9VS3FU.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\JAH657HD.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\JC5JOX7U.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\JCYIP1JE.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\JK801R26.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\JQ6MTBYN.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\JRL5C00Y.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\JZUH29MG.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\K2DGZUSJ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\K8CCYH0R.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\KMB0IJT8.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\KPHO4067.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\L03S8EXC.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\LK0WXMTQ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\LKQY2K8R.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\07SQ9KSP.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\0IEWID24.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\0KNGT8GB.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\160ESACQ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\1HYAZOHY.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\1J07SOYC.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\1N4I0CZ8.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\1QSSQTF4.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\2M8A2Z9N.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\2VZ98UVE.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\2ZG4CWMY.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\354XZFER.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\3OL8AHII.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\4K072ZVH.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\4LDVVFPW.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\542XNYFU.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\58TFWRZ3.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\5I8OJMVH.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\5LUTN3XL.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\69HU7CQ2.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\6A71QX1Q.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\6KS53NYK.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\6SBKP3Y9.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\6YR8AC82.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\7CZPONQD.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\7G1YO6A0.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\7MQT5LV2.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\7ZKFPTCH.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\83RZ11BH.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\8TKVMLBE.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\94B1OQT5.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\9FXBPAFX.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\B4J1T154.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\BE0VG782.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\BER6HL50.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\C164A6MK.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\C5ZFUSKN.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\CTQYGM42.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\D2RHUMHQ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\D65XHYHY.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\DUF2N5QI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\DWIX5C01.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\EAFUWGK8.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\FNX9VC8D.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\G3JR9LPL.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\GC241ZKO.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\GCG019VS.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\GZ4L9RCH.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\H0QQDJAR.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\H1N87O3V.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\HOHM51I9.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\HYUILYZ1.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\I55WNRDI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\IN7EY3F8.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\JMDH13P4.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\K1HU1A2W.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\K4MG5ULP.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\K8EEE4VV.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\K8R9YNXI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\KV6HIVGL.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\L2DCQSNW.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\L8ZAC3QK.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\LNNK7061.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\LR329EG8.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\LVBZ9Y6G.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\M1RLIXL1.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\M9YH6KV8.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\MEFTO6A0.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\MTKFN87M.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\N37WNN83.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\NPE5NHP6.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\NPJE6LO0.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\OHQXBLMP.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\OMW3HTIQ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\PDQE7L54.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\PQ5J5U2J.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\QH3KBF0J.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\QMZA8VBZ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\QPJPS60V.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\R41RUF40.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\RDF0MN9H.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\RDX42EI0.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\RRWSLLZS.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\SIHA1VOJ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\TCUV3UFR.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\TO6R7GVJ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\TOTHUFOY.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\TQKMD51M.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\TS8AA5XQ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\TVLTWOI3.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\TW0FSJ6K.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\TYGH8QDI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\U78035KM.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\U7GYP3D2.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\U917926J.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\UUDF9HYD.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\X7C8LGN7.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\X9W5W729.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\XBTCEBVN.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\XF21U8QD.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\XFM34EHQ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\XXPXYMP6.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\YDSABVGY.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\YH5YZ14P.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\YI9XJUW9.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\YIEEIUGY.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\YLNSS1XI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\YUWLG56P.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\ZNKQOOTQ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\ZOFLPPUP.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\ZUNEY8NL.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\M3GDAU8S.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\M6H6PS5K.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\MHYVDXMT.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\MK41CHBV.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\MNQ1Q08G.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\MWX4XGK0.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\NBM22TVJ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\NGXGCLYJ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\NQHMD3E7.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\O097Y49Z.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\O87KR7GI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\O8MOSA57.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\OYVXGMXM.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\P7HF1C8G.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\PQDVRZDP.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\PR2TL09Q.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Q9OTWLDP.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\QHNUI288.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\QPJSQ36B.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\RCPXVDTC.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\RUP18LUC.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\S7YKSAMQ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\SLA0E01M.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\SS3MQQVX.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\T2Z80QCX.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\T3TXMLFI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\T9UU7847.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\TIEP3I16.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\U2O9GZA4.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\U418GM3O.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\U5VB80J4.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\UDMVK9QU.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\UHTYYM0L.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\V6P2A6YK.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\V6YF7NQC.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\V8IZEFW1.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\VCMVDZ7P.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\VLF3P52I.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\VN250KE2.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\VPXHDJPI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\VQWTWLIU.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\W2WRQVRO.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\WDR2E5HH.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\WMCJ2EG5.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\WYXK55SR.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\X1823GK5.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\X6742SPG.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\XFWS0C5Z.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\XIIOL2X2.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\YNYRTVCW.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\YVEFOHGF.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\ZD0D9QY4.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\ZG38E26F.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\ZGWO2KC5.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\ZXRDUCGM.txt C:\Users\Leena\AppData\Roaming\Mozilla\Firefox\Profiles\kjyy9wv7.default-1467914197402\cookies.sqlite:doubleclick.net
  5. xMirrorx
    Alright, here are the reports: ZHPCleaner: ~ ZHPCleaner v2016.9.29.152 by Nicolas Coolman (2016/09/29) ~ Run by Leena (Administrator) (30/09/2016 02:29:06) ~ Web: https://www.nicolascoolman.com ~ Blog: https://www.anti-malware.top ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Scan ~ Report : C:\Users\Leena\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Leena\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 14393) ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (21) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (3) FOUND file: C:\Windows\Installer\wix{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}.SchedServiceConfig.rmi =>.Superfluous.Empty FOUND file: C:\Windows\Installer\wix{457D6189-416A-44CD-A0A6-D6D75AD25CCF}.SchedServiceConfig.rmi =>.Superfluous.Empty FOUND file: C:\Windows\Installer\wix{C4123106-B685-48E6-B9BD-E4F911841EB4}.SchedServiceConfig.rmi =>.Superfluous.Empty ---\\ Registry ( Key, Value, Data) (1) FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Webitar Production Inc. [] =>.Superfluous.WebitarProduction ---\\ Summary of the elements found (2) https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.Empty https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.WebitarProduction ---\\ Result of repair ~ Any repair made ~ Browser not found (Opera Software) ---\\ Statistics ~ Items scanned : 87851 ~ Items found : 4 ~ Items cancelled : 0 ~ Items repaired : 0 ~ End of search in 00h03mn46s ~==================== ZHPCleaner--30092016-02_32_52.txt HitmanPro: HitmanPro 3.7.14.280 www.hitmanpro.com Computer name . . . . : VISCARIA Windows . . . . . . . : 10.0.0.14393.X64/4 User name . . . . . . : VISCARIA\Leena UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2016-09-30 02:35:49 Scan mode . . . . . . : Normal Scan duration . . . . : 6m 30s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 2 Traces . . . . . . . : 254 Objects scanned . . . : 2,081,652 Files scanned . . . . : 46,987 Remnants scanned . . : 630,526 files / 1,404,139 keys Malware _____________________________________________________________________ C:\Users\Leena\AppData\Roaming\aurakingdom.to\AuraKingdom 1.1.0\install\89F06F0\mskdbe.dll Size . . . . . . . : 828,928 bytes Age . . . . . . . : 581.0 days (2015-02-27 01:27:04) Entropy . . . . . : 6.4 SHA-256 . . . . . : 96E77A1284EC1EF1EE76115B4EBEDB887775E9618C01C09AA2D3B3AD26A07812 > Bitdefender . . . : Gen:Trojan.Heur.LP.Yu4@a8yNApbi Fuzzy . . . . . . : 106.0 C:\Users\Leena\Desktop\AK\Aura Kingdom\mskdbe.dll Size . . . . . . . : 828,928 bytes Age . . . . . . . : 581.0 days (2015-02-27 01:52:41) Entropy . . . . . : 6.4 SHA-256 . . . . . : 96E77A1284EC1EF1EE76115B4EBEDB887775E9618C01C09AA2D3B3AD26A07812 > Bitdefender . . . : Gen:Trojan.Heur.LP.Yu4@a8yNApbi Fuzzy . . . . . . : 106.0 Suspicious files ____________________________________________________________ C:\Users\Leena\Desktop\FRST.exe Size . . . . . . . : 1,754,624 bytes Age . . . . . . . : 1.3 days (2016-09-28 20:07:34) Entropy . . . . . : 7.6 SHA-256 . . . . . : 4A3DB78E4A6296D26268EBD2A975632B7BA5C17527E015F8096B7A91EACF9C25 Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. C:\Users\Leena\Desktop\FRST64.exe Size . . . . . . . : 2,404,352 bytes Age . . . . . . . : 1.3 days (2016-09-28 20:10:28) Entropy . . . . . : 7.6 SHA-256 . . . . . : 003671152E9C80D316767EC62EFA9A34F8F282CC80E338F13246262E5F9C529C Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. C:\WINDOWS\SysWoW64\GameMon.des Size . . . . . . . : 3,534,784 bytes Age . . . . . . . : 459.4 days (2015-06-28 17:18:46) Entropy . . . . . : 8.0 SHA-256 . . . . . : ED5A3E58689FDFCD05BCC65C539E8B9A80027C9F5C738E628096AEA588740939 Product . . . . . : nProtect Game Monitor Publisher . . . . : INCA Internet Co., Ltd. Description . . . : nProtect Game Monitor Rev 2199 Version . . . . . : 2015.4.2.1 RSA Key Size . . . : 2048 Service . . . . . : npggsvc LanguageID . . . . : 1042 Authenticode . . . : Valid Fuzzy . . . . . . : 25.0 The file name extension of this program is not common. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities. Starts automatically as a service during system bootup. Program is code signed with a valid Authenticode certificate. Startup HKLM\SYSTEM\CurrentControlSet\Services\npggsvc\ Cookies _____________________________________________________________________ C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\0394YC79.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\08Z6B0CZ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\0KEY0WLG.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\0KSIK4AD.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\0Z8WZN6E.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\1R36FBFD.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\1TFR990N.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\1YO2DGC3.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\258RLKBU.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\27Y79EKJ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\2CURH0ES.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\2VPTM5PK.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\2Y8UGV7Y.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\3BRMIAL1.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\43IL0A2W.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\4G1BMGQ8.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\4Z0VQWAW.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\5A7BJ7G3.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\5BKI6VJ3.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\5F69I9T3.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\5L6G5KDW.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\5Q65Y66O.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\5TZMIBVR.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\68XZD9BS.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\6METZKMI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\6MUFI8FL.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\6PO1GV77.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\78ICBANL.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\7ETYFX7R.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\7J5A2RNJ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\7LWWQCJ6.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\7WJ6GHKC.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\8E7N7GUE.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\93N2XJU0.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\962P7KZH.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\9DA3E009.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\9DXJOKI3.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\AJ370SWH.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\ALX09GHI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\AY1M8KK7.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\B5OASJDL.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\BNIJ9OED.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\BSG2H31S.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\BTRVCXMO.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\BUGHN9KR.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\CH42NB0N.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\CI125ATU.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\DCUQS02C.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\DHW6RZI1.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\DTVVJ0I2.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\DUKLJKW5.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\E3Q15Y1Z.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\FDUDTRSX.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\FXS9MF75.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\G0YQNN35.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\GLV2MILA.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\GNHC6IFO.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\GZZOOD8M.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\H2EQZBEF.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\HFZWFPMJ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\I7CI06FZ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\I7J3J37O.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\IEHDS9XK.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\IGA1424Q.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\IL9GXNH3.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\IOAL465J.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\IR9VS3FU.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\JAH657HD.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\JC5JOX7U.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\JCYIP1JE.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\JK801R26.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\JQ6MTBYN.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\JRL5C00Y.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\JZUH29MG.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\K2DGZUSJ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\K8CCYH0R.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\KMB0IJT8.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\KPHO4067.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\L03S8EXC.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\LK0WXMTQ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\LKQY2K8R.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\07SQ9KSP.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\0IEWID24.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\0KNGT8GB.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\160ESACQ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\1HYAZOHY.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\1J07SOYC.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\1N4I0CZ8.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\1QSSQTF4.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\2M8A2Z9N.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\2VZ98UVE.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\2ZG4CWMY.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\354XZFER.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\3OL8AHII.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\4K072ZVH.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\4LDVVFPW.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\542XNYFU.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\58TFWRZ3.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\5I8OJMVH.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\5LUTN3XL.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\69HU7CQ2.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\6A71QX1Q.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\6KS53NYK.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\6SBKP3Y9.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\6YR8AC82.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\7CZPONQD.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\7G1YO6A0.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\7MQT5LV2.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\7ZKFPTCH.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\83RZ11BH.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\8TKVMLBE.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\94B1OQT5.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\9FXBPAFX.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\B4J1T154.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\BE0VG782.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\BER6HL50.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\C164A6MK.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\C5ZFUSKN.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\CTQYGM42.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\D2RHUMHQ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\D65XHYHY.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\DUF2N5QI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\DWIX5C01.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\EAFUWGK8.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\FNX9VC8D.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\G3JR9LPL.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\GC241ZKO.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\GCG019VS.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\GZ4L9RCH.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\H0QQDJAR.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\H1N87O3V.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\HOHM51I9.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\HYUILYZ1.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\I55WNRDI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\IN7EY3F8.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\JMDH13P4.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\K1HU1A2W.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\K4MG5ULP.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\K8EEE4VV.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\K8R9YNXI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\KV6HIVGL.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\L2DCQSNW.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\L8ZAC3QK.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\LNNK7061.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\LR329EG8.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\LVBZ9Y6G.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\M1RLIXL1.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\M9YH6KV8.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\MEFTO6A0.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\MTKFN87M.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\N37WNN83.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\NPE5NHP6.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\NPJE6LO0.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\OHQXBLMP.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\OMW3HTIQ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\PDQE7L54.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\PQ5J5U2J.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\QH3KBF0J.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\QMZA8VBZ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\QPJPS60V.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\R41RUF40.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\RDF0MN9H.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\RDX42EI0.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\RRWSLLZS.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\SIHA1VOJ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\TCUV3UFR.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\TO6R7GVJ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\TOTHUFOY.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\TQKMD51M.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\TS8AA5XQ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\TVLTWOI3.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\TW0FSJ6K.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\TYGH8QDI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\U78035KM.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\U7GYP3D2.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\U917926J.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\UUDF9HYD.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\X7C8LGN7.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\X9W5W729.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\XBTCEBVN.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\XF21U8QD.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\XFM34EHQ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\XXPXYMP6.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\YDSABVGY.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\YH5YZ14P.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\YI9XJUW9.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\YIEEIUGY.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\YLNSS1XI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\YUWLG56P.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\ZNKQOOTQ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\ZOFLPPUP.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Low\ZUNEY8NL.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\M3GDAU8S.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\M6H6PS5K.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\MHYVDXMT.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\MK41CHBV.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\MNQ1Q08G.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\MWX4XGK0.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\NBM22TVJ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\NGXGCLYJ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\NQHMD3E7.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\O097Y49Z.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\O87KR7GI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\O8MOSA57.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\OYVXGMXM.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\P7HF1C8G.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\PQDVRZDP.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\PR2TL09Q.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\Q9OTWLDP.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\QHNUI288.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\QPJSQ36B.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\RCPXVDTC.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\RUP18LUC.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\S7YKSAMQ.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\SLA0E01M.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\SS3MQQVX.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\T2Z80QCX.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\T3TXMLFI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\T9UU7847.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\TIEP3I16.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\U2O9GZA4.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\U418GM3O.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\U5VB80J4.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\UDMVK9QU.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\UHTYYM0L.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\V6P2A6YK.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\V6YF7NQC.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\V8IZEFW1.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\VCMVDZ7P.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\VLF3P52I.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\VN250KE2.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\VPXHDJPI.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\VQWTWLIU.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\W2WRQVRO.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\WDR2E5HH.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\WMCJ2EG5.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\WYXK55SR.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\X1823GK5.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\X6742SPG.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\XFWS0C5Z.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\XIIOL2X2.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\YNYRTVCW.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\YVEFOHGF.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\ZD0D9QY4.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\ZG38E26F.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\ZGWO2KC5.txt C:\Users\Leena\AppData\Local\Microsoft\Windows\INetCookies\ZXRDUCGM.txt C:\Users\Leena\AppData\Roaming\Mozilla\Firefox\Profiles\kjyy9wv7.default-1467914197402\cookies.sqlite:doubleclick.net
  6. xMirrorx
    Hi Georgi, running the ZHPCleaner now and got this message during the scan - not sure what to answer to it.
  7. xMirrorx
    Hi Georgi, I've run the two programs, here are the logs... incidentally, the pop-ups stopped after I posted my initial topic, but I did nothing that would cause that to happen. Seems there were a few more corrupted files, though, according to the first program you sent me. # AdwCleaner v6.020 - Logfile created 29/09/2016 at 19:50:31 # Updated on 14/09/2016 by ToolsLib # Database : 2016-09-28.1 [Server] # Operating System : Windows 10 Home (X64) # Username : Leena - VISCARIA # Running from : C:\Users\Leena\Desktop\AdwCleaner.exe # Mode: Clean # Support : https://toolslib.net/forum ***** [ Services ] ***** ***** [ Folders ] ***** ***** [ Files ] ***** ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKU\S-1-5-21-2455016114-2898786267-3492820769-1001\Software\darwendlm [#] Key deleted on reboot: HKCU\Software\darwendlm [#] Key deleted on reboot: [x64] HKCU\Software\darwendlm ***** [ Web browsers ] ***** [-] [C:\Users\Leena\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com [-] [C:\Users\Leena\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [1148 Bytes] - [29/09/2016 19:50:31] C:\AdwCleaner\AdwCleaner[S0].txt - [1405 Bytes] - [29/09/2016 19:49:35] C:\AdwCleaner\AdwCleaner[S1].txt - [1476 Bytes] - [29/09/2016 19:50:24] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1367 Bytes] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.8 (09.20.2016) Operating System: Windows 10 Home x64 Ran by Leena (Administrator) on Thu 09/29/2016 at 19:53:36.33 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Thu 09/29/2016 at 19:56:23.75 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  8. xMirrorx
    Thanks for helping me, Georgi! Regarding the piracy, I did report this topic originally because I hadn't read it prior to posting. I removed anything that would fall under that category, I think - let me know if I'm wrong. I attached updated Addition and FRST.txt files to the report, but I'm guessing the new files after completing all three steps you listed will do? The ones attached to this post are from after completing Step 3. Here is the log from Step 2: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 9/29/2016 Scan Time: 12:43 AM Logfile: Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.09.29.03 Rootkit Database: v2016.09.26.02 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 10 CPU: x64 File System: NTFS User: Leena Scan Type: Threat Scan Result: Completed Objects Scanned: 338254 Time Elapsed: 35 min, 50 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Fixlog.txt Addition.txt FRST.txt
  9. xMirrorx
    Hello, I used Windows Defender earlier today to remove some viruses/malware from my laptop, and followed it up by using Malwarebytes to remove any remaining PUPs. My computer is giving me the all clear, but I still occasionally get "pop-ups" while I'm browsing. I should note that these pop-ups don't open any new windows; they open new tabs to sketchy-looking sites. I've been careful not to log in to any sites since discovering the malware on my laptop, and these pop-ups are making me have to continue doing that. I'm not sure what to do about it since everything that I know to check in my settings looks okay. Can anyone here give me further advice? I used the program from the "I'm infected - What do I do" stickied topic and the logs are attached to this topic. Thanks for reading. FRST.txt Addition.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.