Mouse issues and Adware not working.

Ok my mouse is starting to not respond well. It has issues go left but going anywhere else it's just fine kinda. It goes back and forth from working well to not working at all. While I was checking with virus programs, Adware said "Subscript used on non-accessible variable"

 

I have used Maywalbytes, and Advest but the problem pressist. I also would like a good way to clean my PC of hidden junk. No matter what you end up picking things up here and there.

 

Edit: enore the Mouse bit seem more likely it is simply old. But some of the other stuff is still valid.

Edited by Houka, 21 March 2016 - 08:20 PM.

Houka:

 

Welcome to the Bleeping Computer Am I Infected? What Do I Do? Forum.  Nothing in your post suggests to me that you might infected.  I am not familiar with the programs to which you are referring: "Adware" and "Advest".

 

If you want to run some scans to check for viruses, malware, etc., then let me know, and I will work with you.

 

For cleaning out junk files, Windows has its own "Disk Cleanup" utility, which works fine.  Personally, I use CCleaner by Piriform, available for download here.

 

Bleeping Computer does not recommend using registry or system optimizers, so if I was you, I would not use the CCleaner "Registry Cleaner module."  The cleaning function of CCleaner is safe to use.  That said, the CCleaner "Registry Cleaner" does make a backup before cleaning, it is configurable, and it makes no ridiculous claims to improve your computer speed.

 

I learned my lesson the hard way about "registry and system optimizers", so I avoid all of them.

 

Have a great day.

 

Regards,

-Phil

Well Sure what do you suggest for checking for virus malware and other agents?

Houka:

I suggest that we run the following scans to determine if your computer might be compromised.

ESET Online Scanner using Internet Explorer:

Note 1: These instructions are for Internet Explorer only! If you're using Chrome or Firefox, you will need to download and install the ESET Smart Installer tool before it can scan. See instructions here.
Note 2: You will need to disable your currently installed Anti-Virus, how to do so can be found here.

*Click this link to open ESET OnlineScan.
* Place a checkmark next to "Yes, I accept the Terms of Use", then click the button.
* When prompted allow the Add-On/Active X to install.
* In the new window that opens, tic the radio button next to Enable detection of potentially unwanted applications.
* Then click "Advanced settings", and make sure there is a checkmark next to only the following items (uncheck everything else):

• Remove found threats
• Scan archives
• Scan for potentially unsafe applications
• Enable Anti-Stealth technology

*Then click the button and ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
*When the scan completes, click List Found Threats (only if anything is found).
*Then click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
*Click , then click to exit ESET Online Scanner.

Don't forget to re-enable your antivirus when finished!


 

 

Download and install Malwarebytes Anti-Malware:

Please download Malwarebytes Anti-Malware to your desktop.

• Double-click mbam-setup-2.2.*.****.exe and follow the prompts to install the program ( * = program version numbers may vary - always get the latest version).
• At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
• Click Finish.
• On the Dashboard, click the 'Update Now >>' link
• After the update completes, click the 'Scan Now >>' button.
• Or, on the Dashboard, click the Scan Now >> button.
• If an update is available, click the Update Now button.
• A Threat Scan will begin.
• When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
• In most cases, a restart will be required.
• Wait for the prompt to restart the computer to appear, then click on Yes.
• After the restart once you are back at your desktop, open MBAM once more.
• Click on the History tab > Application Logs.
• Double click on the scan log which shows the Date and time of the scan just performed.
• Click 'Copy to Clipboard
• Paste the contents of the clipboard into your next reply.

 

 

 

I would like you to paste the logs from both scans into your next reply. I will examine those and determine what our next step should be. If there is evidence of serious infection, you might have to open a new thread in the Virus, Trojan, Spyware and Malware Removal Logs Forum, but let's not get ahead of ourselves yet.

If I haven't responded to your reply in 24 hours, please send me a personal message.

Have a great day.

Regards,
-Phil

ESET- C:\Users\All Users\{587CB0BF-08FE-6139-B978-11BB69FAC235}\1.7.1.0\colo.dll.mwt    a variant of Win32/DealPly.AP potentially unwanted application    
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Consumer Input\CIuninstall.exe.vir    a variant of Win32/Compete.C potentially unwanted application    deleted
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Consumer Input\InternetExplorer\uninstall.exe.vir    a variant of Win32/Compete.C potentially unwanted application    deleted
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Consumer Input\Update\1.3.25.309\goopdate.dll.vir    a variant of Win32/Compete.A potentially unwanted application    cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Consumer Input\Update\1.3.25.309\psmachine.dll.vir    a variant of Win32/Compete.A potentially unwanted application    cleaned by deleting
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Consumer Input\Update\1.3.25.309\psuser.dll.vir    a variant of Win32/Compete.A potentially unwanted application    cleaned by deleting
C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftLSPInstaller64.exe    a variant of Win64/Packed.Komodia.A suspicious application    cleaned by deleting
C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService64.dll    a variant of Win64/Packed.Komodia.A suspicious application    cleaned by deleting
C:\ProgramData\{587CB0BF-08FE-6139-B978-11BB69FAC235}\1.7.1.0\colo.dll.mwt    a variant of Win32/DealPly.AP potentially unwanted application    cleaned by deleting
C:\Users\Andrew\AppData\Local\Temp\in668B1079\1E0D3EB1_stp\RAM.dll    a variant of Win32/InstallCore.ACL potentially unwanted application    cleaned by deleting
C:\Users\Andrew\AppData\Local\Temp\in668B1079\1F6AB224_stp\icmac.dll    a variant of Win32/InstallCore.ACL potentially unwanted application    cleaned by deleting
C:\Users\Andrew\AppData\Local\Temp\in679F052E\2AA7F4B2_stp\wzro36.exe    a variant of Win32/Systweak potentially unwanted application    deleted
C:\Users\Andrew\AppData\Local\{28FF1EA3-0C57-721B-61CF-57F345A7AB6B}\uninstall.exe    a variant of Win32/DealPly.CS potentially unwanted application    cleaned by deleting
C:\Users\Andrew\AppData\Roaming\uTorrent\updates\3.4.2_34537.exe    a variant of Win32/AdkDLLWrapper.A potentially unwanted application    cleaned by deleting
C:\Users\Andrew\Downloads\AdwCleaner%20Setup.exe    a variant of Win32/InstallCore.AFW potentially unwanted application    cleaned by deleting
C:\Users\Andrew\Downloads\uTorrent.exe    a variant of Win32/AdkDLLWrapper.A potentially unwanted application    cleaned by deleting
C:\Windows\System32\LavasoftTcpService64.dll    a variant of Win64/Packed.Komodia.A suspicious application    cleaned by deleting
C:\Windows\System32\roboot64.exe    a variant of Win64/Systweak.A potentially unwanted application    cleaned by deleting
 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 3/23/2016
Scan Time: 7:55 PM
Logfile: MWB.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.03.23.06
Rootkit Database: v2016.03.12.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Andrew

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 411701
Time Elapsed: 43 min, 41 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\ScreenShotServ.exe, 3180, Delete-on-Reboot, [7fb34a41d5c455e1dd744bfa23e1e818]

Modules: 3
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPDR.dll, Delete-on-Reboot, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPNet.dll, Delete-on-Reboot, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPTask.dll, Delete-on-Reboot, [7fb34a41d5c455e1dd744bfa23e1e818],

Registry Keys: 12
PUP.Optional.ScreenSnapShotTool, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{61FFE1F9-137D-4c31-A181-3415FCAA5946}, Quarantined, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TheScreenSnapshotService, Quarantined, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [57db32590297a98da9135b229e6604fc],
PUP.Optional.ScreenSnapShotTool, HKLM\SOFTWARE\SCREENSNAPSHOTTOOL, Quarantined, [ff33ec9fc9d0d4629db2bc8d6d9713ed],
PUP.Optional.NowUSeeItPlayer, HKLM\SOFTWARE\WOW6432NODE\NowUSeeItPlayer, Quarantined, [5ad82a61dbbee74f11959dda6e969967],
PUP.Optional.NowUSeeItPlayer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C0AFC06A-6C9E-420F-AABF-B1AC7EE1F589}, Quarantined, [a58d8308a3f690a614d5e0a429db3cc4],
PUP.Optional.WinZipRegOp, HKLM\SOFTWARE\WOW6432NODE\NICO MAK COMPUTING\WinZip Registry Optimizer, Quarantined, [ab87791226730b2be6c72c6956aea15f],
PUP.Optional.InstallCore, HKU\S-1-5-21-1378875358-1120829428-2694025308-1001\SOFTWARE\ICSW1.19, Quarantined, [3df5deade4b5aa8c78880c105da713ed],
Adware.NowUSeeIt, HKU\S-1-5-21-1378875358-1120829428-2694025308-1001\SOFTWARE\NowUSeeItPlayer, Quarantined, [ab870388efaa52e4d230452848bc40c0],
PUP.Optional.WinYahoo, HKU\S-1-5-21-1378875358-1120829428-2694025308-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [aa883358e6b3e84e873405786d97659b],
PUP.Optional.WinZipRegOp, HKU\S-1-5-21-1378875358-1120829428-2694025308-1001\SOFTWARE\NICO MAK COMPUTING\WinZip Registry Optimizer, Quarantined, [042e8ffc0f8a6dc9d465fa86867ef20e],
PUP.Optional.ProductSetup, HKU\S-1-5-21-1378875358-1120829428-2694025308-1001\SOFTWARE\PRODUCTSETUP, Quarantined, [5dd5f299871265d10cb264c75da76997],

Registry Values: 10
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, https://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_12_ssg03&param1=1&param2=f[57db32590297a98da9135b229e6604fc]D4%26b[57db32590297a98da9135b229e6604fc]DIE%26cc[57db32590297a98da9135b229e6604fc]Dus%26pa[57db32590297a98da9135b229e6604fc]DWincy%26cd[57db32590297a98da9135b229e6604fc]D2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtC0F0BtDzy0Ezy0CtB0BtN0D0Tzu0StCyDyEtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAtD0AtByD0EyBtDtGtAzyyDtCtGzytD0CyDtGyDtD0FtBtG0A0EtD0EtBtB0FzyyCyEyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByE0AyD0D0Dzy0FtGtCyCzz0EtGyE0CzzyDtG0AyBzzyEtGyD0C0BtBtA0FtBzztAyCtB0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByBtC%26cr[57db32590297a98da9135b229e6604fc]D505644883%26a[57db32590297a98da9135b229e6604fc]Dwbf_omxmedia_16_12_ssg03%26os_ver[57db32590297a98da9135b229e6604fc]D6.1%26os[57db32590297a98da9135b229e6604fc]DWindowsQuarantinedB7QuarantinedBHomeQuarantinedBPremium&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, https://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_12_ssg03&param1=1&param2=f[fe341576b3e68fa72696dca1768e5da3]D4%26b[fe341576b3e68fa72696dca1768e5da3]DIE%26cc[fe341576b3e68fa72696dca1768e5da3]Dus%26pa[fe341576b3e68fa72696dca1768e5da3]DWincy%26cd[fe341576b3e68fa72696dca1768e5da3]D2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtC0F0BtDzy0Ezy0CtB0BtN0D0Tzu0StCyDyEtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAtD0AtByD0EyBtDtGtAzyyDtCtGzytD0CyDtGyDtD0FtBtG0A0EtD0EtBtB0FzyyCyEyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByE0AyD0D0Dzy0FtGtCyCzz0EtGyE0CzzyDtG0AyBzzyEtGyD0C0BtBtA0FtBzztAyCtB0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByBtC%26cr[fe341576b3e68fa72696dca1768e5da3]D505644883%26a[fe341576b3e68fa72696dca1768e5da3]Dwbf_omxmedia_16_12_ssg03%26os_ver[fe341576b3e68fa72696dca1768e5da3]D6.1%26os[fe341576b3e68fa72696dca1768e5da3]DWindowsQuarantinedB7QuarantinedBHomeQuarantinedBPremium&p={searchTerms}, %4, %5
PUP.Optional.ScreenSnapShotTool, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{61FFE1F9-137D-4c31-A181-3415FCAA5946}|DisplayIcon, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\ScreenSnapshot.exe, Quarantined, [73bf3259554489ad381eaf96d62eb14f]
PUP.Optional.ScreenSnapShotTool, HKLM\SOFTWARE\SCREENSNAPSHOTTOOL|PartnerID, Installchannel2|us|IBD|Bundle, Quarantined, [ff33ec9fc9d0d4629db2bc8d6d9713ed]
PUP.Optional.NowUSeeItPlayer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NowUSeeIt Player, "C:\Program Files (x86)\NowUSeeItPlayer\NowUSeeItPlayer.exe" /autostart=1, Quarantined, [d95906859108b77f22dc8f02d0341ae6]
PUP.Optional.NowUSeeItPlayer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{C0AFC06A-6C9E-420F-AABF-B1AC7EE1F589}|DisplayName, NowUSeeIt Player, Quarantined, [a58d8308a3f690a614d5e0a429db3cc4]
PUP.Optional.WinYahoo, HKU\S-1-5-21-1378875358-1120829428-2694025308-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, https://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_12_ssg03&param1=1&param2=f[aa883358e6b3e84e873405786d97659b]D4%26b[aa883358e6b3e84e873405786d97659b]DIE%26cc[aa883358e6b3e84e873405786d97659b]Dus%26pa[aa883358e6b3e84e873405786d97659b]DWincy%26cd[aa883358e6b3e84e873405786d97659b]D2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtC0F0BtDzy0Ezy0CtB0BtN0D0Tzu0StCyDyEtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAtD0AtByD0EyBtDtGtAzyyDtCtGzytD0CyDtGyDtD0FtBtG0A0EtD0EtBtB0FzyyCyEyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByE0AyD0D0Dzy0FtGtCyCzz0EtGyE0CzzyDtG0AyBzzyEtGyD0C0BtBtA0FtBzztAyCtB0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByBtC%26cr[aa883358e6b3e84e873405786d97659b]D505644883%26a[aa883358e6b3e84e873405786d97659b]Dwbf_omxmedia_16_12_ssg03%26os_ver[aa883358e6b3e84e873405786d97659b]D6.1%26os[aa883358e6b3e84e873405786d97659b]DWindowsQuarantinedB7QuarantinedBHomeQuarantinedBPremium&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-1378875358-1120829428-2694025308-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, https://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_12_ssg03&param1=1&param2=f[86acb6d5227735012893166748bc07f9]D4%26b[86acb6d5227735012893166748bc07f9]DIE%26cc[86acb6d5227735012893166748bc07f9]Dus%26pa[86acb6d5227735012893166748bc07f9]DWincy%26cd[86acb6d5227735012893166748bc07f9]D2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtC0F0BtDzy0Ezy0CtB0BtN0D0Tzu0StCyDyEtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAtD0AtByD0EyBtDtGtAzyyDtCtGzytD0CyDtGyDtD0FtBtG0A0EtD0EtBtB0FzyyCyEyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByE0AyD0D0Dzy0FtGtCyCzz0EtGyE0CzzyDtG0AyBzzyEtGyD0C0BtBtA0FtBzztAyCtB0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByBtC%26cr[86acb6d5227735012893166748bc07f9]D505644883%26a[86acb6d5227735012893166748bc07f9]Dwbf_omxmedia_16_12_ssg03%26os_ver[86acb6d5227735012893166748bc07f9]D6.1%26os[86acb6d5227735012893166748bc07f9]DWindowsQuarantinedB7QuarantinedBHomeQuarantinedBPremium&p={searchTerms}, %4, %5
Adware.NowUSeeIt, HKU\S-1-5-21-1378875358-1120829428-2694025308-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NowUSeeIt Player, "C:\Program Files (x86)\NowUSeeItPlayer\NowUSeeItPlayer.exe" /autostart=1, Quarantined, [b18192f99ffa2d09de835b1852b2b54b]
PUP.Optional.ProductSetup, HKU\S-1-5-21-1378875358-1120829428-2694025308-1001\SOFTWARE\PRODUCTSETUP|tb, 0P1S1S1F1D1B2W2O0M2W1D1F1F1G2O, Quarantined, [5dd5f299871265d10cb264c75da76997]

Registry Data: 1
PUP.Optional.WinYahoo, HKU\S-1-5-21-1378875358-1120829428-2694025308-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_12_ssg03&param1=1&param2=fBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_12_ssg03&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtC0F0BtDzy0Ezy0CtB0BtN0D0Tzu0StCyDyEtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAtD0AtByD0EyBtDtGtAzyyDtCtGzytD0CyDtGyDtD0FtBtG0A0EtD0EtBtB0FzyyCyEyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByE0AyD0D0Dzy0FtGtCyCzz0EtGyE0CzzyDtG0AyBzzyEtGyD0C0BtBtA0FtBzztAyCtB0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByBtC%26cr%3D505644883%26a%3Dwbf_omxmedia_16_12_ssg03%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium),Replaced,[e949315aaeeba393f08a2502c93c41bf]D1%26bBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_12_ssg03&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtC0F0BtDzy0Ezy0CtB0BtN0D0Tzu0StCyDyEtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAtD0AtByD0EyBtDtGtAzyyDtCtGzytD0CyDtGyDtD0FtBtG0A0EtD0EtBtB0FzyyCyEyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByE0AyD0D0Dzy0FtGtCyCzz0EtGyE0CzzyDtG0AyBzzyEtGyD0C0BtBtA0FtBzztAyCtB0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByBtC%26cr%3D505644883%26a%3Dwbf_omxmedia_16_12_ssg03%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium),Replaced,[e949315aaeeba393f08a2502c93c41bf]DIE%26ccBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_12_ssg03&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtC0F0BtDzy0Ezy0CtB0BtN0D0Tzu0StCyDyEtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAtD0AtByD0EyBtDtGtAzyyDtCtGzytD0CyDtGyDtD0FtBtG0A0EtD0EtBtB0FzyyCyEyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByE0AyD0D0Dzy0FtGtCyCzz0EtGyE0CzzyDtG0AyBzzyEtGyD0C0BtBtA0FtBzztAyCtB0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByBtC%26cr%3D505644883%26a%3Dwbf_omxmedia_16_12_ssg03%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium),Replaced,[e949315aaeeba393f08a2502c93c41bf]Dus%26paBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_12_ssg03&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtC0F0BtDzy0Ezy0CtB0BtN0D0Tzu0StCyDyEtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAtD0AtByD0EyBtDtGtAzyyDtCtGzytD0CyDtGyDtD0FtBtG0A0EtD0EtBtB0FzyyCyEyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByE0AyD0D0Dzy0FtGtCyCzz0EtGyE0CzzyDtG0AyBzzyEtGyD0C0BtBtA0FtBzztAyCtB0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByBtC%26cr%3D505644883%26a%3Dwbf_omxmedia_16_12_ssg03%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium),Replaced,[e949315aaeeba393f08a2502c93c41bf]DWincy%26cdBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_12_ssg03&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtC0F0BtDzy0Ezy0CtB0BtN0D0Tzu0StCyDyEtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAtD0AtByD0EyBtDtGtAzyyDtCtGzytD0CyDtGyDtD0FtBtG0A0EtD0EtBtB0FzyyCyEyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByE0AyD0D0Dzy0FtGtCyCzz0EtGyE0CzzyDtG0AyBzzyEtGyD0C0BtBtA0FtBzztAyCtB0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByBtC%26cr%3D505644883%26a%3Dwbf_omxmedia_16_12_ssg03%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium),Replaced,[e949315aaeeba393f08a2502c93c41bf]D2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtC0F0BtDzy0Ezy0CtB0BtN0D0Tzu0StCyDyEtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAtD0AtByD0EyBtDtGtAzyyDtCtGzytD0CyDtGyDtD0FtBtG0A0EtD0EtBtB0FzyyCyEyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByE0AyD0D0Dzy0FtGtCyCzz0EtGyE0CzzyDtG0AyBzzyEtGyD0C0BtBtA0FtBzztAyCtB0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByBtC%26crBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_12_ssg03&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtC0F0BtDzy0Ezy0CtB0BtN0D0Tzu0StCyDyEtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAtD0AtByD0EyBtDtGtAzyyDtCtGzytD0CyDtGyDtD0FtBtG0A0EtD0EtBtB0FzyyCyEyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByE0AyD0D0Dzy0FtGtCyCzz0EtGyE0CzzyDtG0AyBzzyEtGyD0C0BtBtA0FtBzztAyCtB0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByBtC%26cr%3D505644883%26a%3Dwbf_omxmedia_16_12_ssg03%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium),Replaced,[e949315aaeeba393f08a2502c93c41bf]D505644883%26aBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_12_ssg03&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtC0F0BtDzy0Ezy0CtB0BtN0D0Tzu0StCyDyEtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAtD0AtByD0EyBtDtGtAzyyDtCtGzytD0CyDtGyDtD0FtBtG0A0EtD0EtBtB0FzyyCyEyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByE0AyD0D0Dzy0FtGtCyCzz0EtGyE0CzzyDtG0AyBzzyEtGyD0C0BtBtA0FtBzztAyCtB0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByBtC%26cr%3D505644883%26a%3Dwbf_omxmedia_16_12_ssg03%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium),Replaced,[e949315aaeeba393f08a2502c93c41bf]Dwbf_omxmedia_16_12_ssg03%26os_verBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_12_ssg03&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtC0F0BtDzy0Ezy0CtB0BtN0D0Tzu0StCyDyEtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAtD0AtByD0EyBtDtGtAzyyDtCtGzytD0CyDtGyDtD0FtBtG0A0EtD0EtBtB0FzyyCyEyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByE0AyD0D0Dzy0FtGtCyCzz0EtGyE0CzzyDtG0AyBzzyEtGyD0C0BtBtA0FtBzztAyCtB0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByBtC%26cr%3D505644883%26a%3Dwbf_omxmedia_16_12_ssg03%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium),Replaced,[e949315aaeeba393f08a2502c93c41bf]D6.1%26osBad: (https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_12_ssg03&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtC0F0BtDzy0Ezy0CtB0BtN0D0Tzu0StCyDyEtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAtD0AtByD0EyBtDtGtAzyyDtCtGzytD0CyDtGyDtD0FtBtG0A0EtD0EtBtB0FzyyCyEyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByE0AyD0D0Dzy0FtGtCyCzz0EtGyE0CzzyDtG0AyBzzyEtGyD0C0BtBtA0FtBzztAyCtB0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByBtC%26cr%3D505644883%26a%3Dwbf_omxmedia_16_12_ssg03%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium),Replaced,[e949315aaeeba393f08a2502c93c41bf]DWindowsGood: (www.google.com)B7Good: (www.google.com)BHomeGood: (www.google.com)BPremium, %4, %5

Folders: 6
PUP.Optional.ScreenSnapShotTool, C:\Users\Andrew\AppData\Roaming\ScreenSnapshotTool\dump, Quarantined, [65cd8308dfba84b29bb5dd685ca8eb15],
PUP.Optional.ScreenSnapShotTool, C:\Users\Andrew\AppData\Roaming\ScreenSnapshotTool, Quarantined, [65cd8308dfba84b29bb5dd685ca8eb15],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130, Delete-on-Reboot, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPData, Quarantined, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool, Delete-on-Reboot, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapshot, C:\Users\Public\Documents\Guid\Common\I18N\IPCSUpdateCache\ScreenSnapshot, Quarantined, [a9895a3192070531ec19bb63aa59ad53],

Files: 20
PUP.Optional.WinZipRegOp, C:\Users\Public\Desktop\WinZip Registry Optimizer.lnk, Quarantined, [fa38e2a96732eb4b2b5ffa45ff0542be],
PUP.Optional.ScreenSnapShotTool, C:\Users\Andrew\AppData\Roaming\ScreenSnapshotTool\dump\BugReportConfig.ini, Quarantined, [65cd8308dfba84b29bb5dd685ca8eb15],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\CrashReportModuleConf.ini, Quarantined, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\CrashReport.exe, Quarantined, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\CrashUL.exe, Quarantined, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPConfig.ini, Quarantined, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPDR.dll, Delete-on-Reboot, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPHelp.dll, Quarantined, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPKernel.dll, Quarantined, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPNet.dll, Delete-on-Reboot, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPTask.dll, Delete-on-Reboot, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\InstallHelper.exe, Quarantined, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\Language.json, Quarantined, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\Report.exe, Quarantined, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\ScreenShotServ.exe, Delete-on-Reboot, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\ScreenSnapshot.exe, Quarantined, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.11130\EVPData\History.dat, Quarantined, [7fb34a41d5c455e1dd744bfa23e1e818],
PUP.Optional.WinYahoo, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk, Quarantined, [3200a1ea54456fc7ca277807e51fb947],
PUP.Optional.SearchManager.ChrmPRST, C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bahkljhhdeciiaodlkppoonappfnheoi_0.localstorage, Quarantined, [af83692294056fc747a79ef627ddb54b],
PUP.Optional.WinYahoo, C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\5zo6vkca.default\prefs.js, Good: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Bad: (user_pref("browser.startup.homepage", "https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_12_ssg03&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EzztDtAzy0AtC0F0BtDzy0Ezy0CtB0BtN0D0Tzu0StCyDyEtCtN1L2XzutAtFtBtDtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAtD0AtByD0EyBtDtGtAzyyDtCtGzytD0CyDtGyDtD0FtBtG0A0EtD0EtBtB0FzyyCyEyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByE0AyD0D0Dzy0FtGtCyCzz0EtGyE0CzzyDtG0AyBzzyEtGyD0C0BtBtA0FtBzztAyCtB0D2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyByBtC%26cr%3D505644883%26a%3Dwbf_omxmedia_16_12_ssg03%26os_ver%3D6.1%26os%3DWindowsReplaced,[1e145239d0c986b02e9b56fe6a9b51af]B7Replaced,[1e145239d0c986b02e9b56fe6a9b51af]BHomeReplaced,[1e145239d0c986b02e9b56fe6a9b51af]BPremium");), %5

Physical Sectors: 0
(No malicious items detected)


(end)

Houka:
 
Thanks for your logs.  There were a lot of PUPs (Potentially Unwanted Programs) cleared by both ESET and Malwarebytes.  Since we are here, we might as well run a couple of other scans to see if there are any more PUPs and junk about.

 

 

Please download AdwCleaner by Xplode and save the file to your Desktop.

• Double click on AdwCleaner.exe to run the tool.
  Vista/Windows 7/8 users right-click and select Run As Administrator
• The tool will start to update the database, please wait for it to complete the update.
• Click on I Agree button.
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
• The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
• Copy and paste the contents of that logfile in your next reply.
• A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

 

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

 

 

Please post both logs into your next reply. Thank you and have a great day.

Regards,
-Phil

# AdwCleaner v4.203 - Logfile created 25/10/2015 at 17:12:08
# Updated 30/04/2015 by Xplode
# Database : 2015-10-18.5 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Andrew - ANDREW-PC
# Running from : C:\Users\Andrew\Downloads\adwcleaner_4.203.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
Key Deleted : HKCU\Software\Reg\Clean
Key Deleted : HKLM\SOFTWARE\Reg\Clean
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] -
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Data Deleted : HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings [ProxySettingsPerUser] -

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.18057


-\\ Mozilla Firefox v41.0.2 (x86 en-US)


*************************

AdwCleaner[R0].txt - [1201 bytes] - [21/04/2015 13:13:58]
AdwCleaner[R1].txt - [313 bytes] - [01/05/2015 17:45:21]
AdwCleaner[R2].txt - [1629 bytes] - [01/05/2015 17:47:24]
AdwCleaner[R3].txt - [1436 bytes] - [05/05/2015 13:26:03]
AdwCleaner[R4].txt - [1495 bytes] - [13/05/2015 11:40:23]
AdwCleaner[R5].txt - [1553 bytes] - [14/05/2015 11:02:10]
AdwCleaner[R6].txt - [1611 bytes] - [27/05/2015 14:43:38]
AdwCleaner[R7].txt - [1672 bytes] - [07/06/2015 21:20:02]
AdwCleaner[R8].txt - [1898 bytes] - [09/06/2015 16:07:32]
AdwCleaner[R9].txt - [2074 bytes] - [25/10/2015 17:10:42]
AdwCleaner[S0].txt - [1707 bytes] - [01/05/2015 17:49:30]
AdwCleaner[S1].txt - [1964 bytes] - [25/10/2015 17:12:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2023  bytes] ##########
# AdwCleaner v5.105 - Logfile created 24/03/2016 at 15:40:00
# Updated 21/03/2016 by Xplode
# Database : 2016-03-24.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Andrew - ANDREW-PC
# Running from : C:\Users\Andrew\Downloads\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : rtop

***** [ Folders ] *****

Folder Found : C:\Program Files\ByteFence
Folder Found : C:\Program Files (x86)\Free Youtube Downloader
Folder Found : C:\ProgramData\ByteFence
Folder Found : C:\ProgramData\Free Youtube Downloader
Folder Found : C:\ProgramData\{587CB0BF-08FE-6139-B978-11BB69FAC235}
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Youtube Downloader
Folder Found : C:\Users\Andrew\AppData\Local\Free Youtube Downloader
Folder Found : C:\Users\Public\Documents\Guid
Folder Found : C:\windows\SysNative\Tasks\ByteFence

***** [ Files ] *****

File Found : C:\Users\Andrew\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Youtube Downloader.lnk
File Found : C:\Users\Andrew\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Free Youtube Downloader.lnk
File Found : C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\5zo6vkca.default\invalidprefs.js
File Found : C:\Users\Public\Desktop\Free Youtube Downloader.lnk

***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

Task Found : Registry Optimizer_UPDATES
Task Found : Registry Optimizer
Task Found : Registry Optimizer_DEFAULT
Task Found : updateTask
Task Found : ByteFence
Task Found : ByteFence Scan

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ConsumerInputUpdate.exe
Key Found : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpHeaders
Key Found : HKLM\SOFTWARE\Classes\CptUrlPassthru.hxxpHeaders.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82025773-B1B0-497B-B942-0171A2E42C3C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D8F06F2A-FDCE-4F12-8D2A-7A97A752CF1A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06306AA5-80A1-4260-A9A3-A8E10F6AA8B7}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{82025773-B1B0-497B-B942-0171A2E42C3C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{06306AA5-80A1-4260-A9A3-A8E10F6AA8B7}
Key Found : HKCU\Software\ByteFence
Key Found : HKLM\SOFTWARE\ByteFence
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinZip Registry Optimizer_is1
Key Found : [x64] HKLM\SOFTWARE\ByteFence
Key Found : HKU\.DEFAULT\Software\ByteFence
Key Found : HKU\S-1-5-21-1378875358-1120829428-2694025308-1001\Software\ByteFence
Key Found : HKU\S-1-5-18\Software\ByteFence
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\akamaihd.net
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hdapp1008-a.akamaihd.net

***** [ Web browsers ] *****


*************************

C:\AdwCleaner\AdwCleaner[R0].txt - [1201 bytes] - [21/04/2015 13:13:58]
C:\AdwCleaner\AdwCleaner[R10].txt - [5828 bytes] - [11/12/2015 02:46:42]
C:\AdwCleaner\AdwCleaner[R11].txt - [2028 bytes] - [21/12/2015 13:28:37]
C:\AdwCleaner\AdwCleaner[R12].txt - [2090 bytes] - [13/01/2016 13:55:54]
C:\AdwCleaner\AdwCleaner[R13].txt - [313 bytes] - [21/03/2016 14:25:27]
C:\AdwCleaner\AdwCleaner[R14].txt - [313 bytes] - [21/03/2016 14:26:27]
C:\AdwCleaner\AdwCleaner[R15].txt - [313 bytes] - [21/03/2016 14:57:24]
C:\AdwCleaner\AdwCleaner[R16].txt - [313 bytes] - [21/03/2016 15:19:42]
C:\AdwCleaner\AdwCleaner[R17].txt - [313 bytes] - [21/03/2016 15:25:55]
C:\AdwCleaner\AdwCleaner[R18].txt - [313 bytes] - [21/03/2016 19:21:51]
C:\AdwCleaner\AdwCleaner[R19].txt - [313 bytes] - [21/03/2016 19:34:45]
C:\AdwCleaner\AdwCleaner[R1].txt - [313 bytes] - [01/05/2015 17:45:21]
C:\AdwCleaner\AdwCleaner[R2].txt - [1629 bytes] - [01/05/2015 17:47:24]
C:\AdwCleaner\AdwCleaner[R3].txt - [1436 bytes] - [05/05/2015 13:26:03]
C:\AdwCleaner\AdwCleaner[R4].txt - [1495 bytes] - [13/05/2015 11:40:23]
C:\AdwCleaner\AdwCleaner[R5].txt - [1553 bytes] - [14/05/2015 11:02:10]
C:\AdwCleaner\AdwCleaner[R6].txt - [1611 bytes] - [27/05/2015 14:43:38]
C:\AdwCleaner\AdwCleaner[R7].txt - [1672 bytes] - [07/06/2015 21:20:02]
C:\AdwCleaner\AdwCleaner[R8].txt - [1898 bytes] - [09/06/2015 16:07:32]
C:\AdwCleaner\AdwCleaner[R9].txt - [2074 bytes] - [25/10/2015 17:10:42]
C:\AdwCleaner\AdwCleaner[S0].txt - [1707 bytes] - [01/05/2015 17:49:30]
C:\AdwCleaner\AdwCleaner[S1].txt - [6818 bytes] - [25/10/2015 17:12:08]
C:\AdwCleaner\AdwCleaner[S2].txt - [5390 bytes] - [11/12/2015 02:50:27]
C:\AdwCleaner\AdwCleaner[S3].txt - [2161 bytes] - [13/01/2016 13:58:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [7037 bytes] ##########
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 7 Home Premium x64
Ran by Andrew (Administrator) on Thu 03/24/2016 at 16:53:24.20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 233

Failed to delete: C:\ProgramData\lavasoft\web companion (Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{006D6A42-C20C-4E7F-9766-CF44E93B65B8} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{03617653-D5CD-4C9A-9B5B-519ACB85C3C8} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{06FB3152-3320-4CBF-A68E-3DE6A1066D2F} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{06FD8D0D-D5C7-4F74-B621-207AC5596C07} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{077123A4-BF25-4789-9E7B-064C15A3914D} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{07C72CBC-15E0-4C70-81CB-A351269B4637} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{07DA016E-66C4-4696-9EC6-E7E9F40D3514} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{08C01599-85CF-4CA8-A017-64F4C99E316D} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{0A1ED61A-036C-4782-9C7D-1550A057C26C} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{0B254A81-2E04-494B-8040-23760D083911} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{0C4FAF1C-DB97-4B3E-94C9-CA38E54A369E} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{0C8827DD-FFC7-442A-9BDC-AF37CE763CF3} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{0D8092A9-829C-4097-A703-80BD0AC3C699} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{0DF51766-07CB-4BD4-A76F-4837C91052D2} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{0E72A5B9-F2E4-4F78-B4EA-1B84AC827C69} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{10D16F24-C8FA-4D27-8796-4F0672E6FEDB} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{1259D8FB-4B1C-49D8-B39B-553BFD6E5B73} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{12A16D5D-F6F5-4DC2-84B9-4734A8A2D1B3} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{133F5830-F8EC-4B42-9702-DC04DA81A0E3} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{13DDC9BE-E291-4E8A-872B-3AA35D2AD77A} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{13E6E8D7-63DC-4E15-AF34-5AA5382F2F4F} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{140AB90E-6172-4979-BA05-E69DD60EC07C} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{142F7129-4661-434B-9AAE-35DC13665B0D} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{16A5AB2B-D0A8-4AFD-8142-800E9CF6F3AA} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{17BCF6E7-93EB-4229-B63F-5DC4EFD7FCCD} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{19317FB1-4F76-426F-B07A-EB45A079817B} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{1A539C9B-B2BD-472F-8CEB-17758EF689A8} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{1B64DCAB-F6B5-45F4-9344-F69186BBAAE5} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{1B721498-7181-4B90-AD9A-ADCF1B5B6255} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{1EB50802-2D3F-4589-8D3E-0A3DC8996358} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{1EB8508F-5141-4A6A-A838-51350EF180B8} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{204BE878-DF84-4A5C-8411-D9278324BC85} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{2084C780-672F-4D09-B66A-877EB9A31A2A} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{20B57116-8CCE-4741-8263-FF5D6EE4E335} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{22F33420-7285-496B-9DC3-87BA694E403E} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{29787D99-3F04-41F1-9B5E-8AA4ADD02FBC} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{2A5DBAB1-FD47-45EC-BAA9-F7EC147BCCCF} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{2AA0CD00-7411-42F9-A9AA-791F2663FBB3} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{30E8C3E7-E315-4945-83C9-DE4D6DB54BE7} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{329FBD20-053F-461D-99B1-7E819C505CCA} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{368D5DC2-9066-45FD-88C8-8C5FF233A404} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{37120212-B382-478F-8881-56035EBE40F8} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{37160731-6447-4EBC-B494-F5DE17EC9D95} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{3886D712-ED61-43A2-BE3F-D8B74A6A1AAF} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{3B127ED8-51CF-4A63-B2E1-4321DC7C99F1} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{3D076607-DC58-4C1B-872B-93E1E79A5ADD} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{3DB6AA9D-738B-4ACA-BAC2-1B5C9541C71E} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{3EF2BEDF-824F-41C3-BDFD-805A959A19EB} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{3F83BCF5-478D-474D-9204-1FC39063E66F} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{3FADDE39-080A-44E0-B07B-5EE924D10FA2} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{404ED0DC-50F9-42EE-B91F-580391433D7B} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{42A1CC86-7B8C-41F5-8DF3-A32DABB95A00} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{472E0892-282F-4A87-8288-CF63ED1C1AC4} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{475E5A26-1D65-4D40-A927-7BA6BA4D1381} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{4783540B-8F9F-471C-90B7-97C97698DEA1} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{48581A69-1F2C-4C93-A1FB-2E1F3F9DA20D} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{4921AA8B-0690-416F-A03E-DCAF33BD426A} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{49760CD6-7600-429F-9D5C-B1BA9732E520} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{4D487308-F237-4560-B1C3-86CB20A79B64} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{4F664EB9-4A6F-414E-82BC-EC6E92570E3B} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{4F6B7A16-54AB-4C99-ACA9-75E5DADFC6B6} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{4FD841F5-97E0-4FC3-B07E-D0485AC60B00} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{5190FEC9-F3C6-4B39-8D96-6971B48DE9D1} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{51D0C094-4223-4398-A24F-747C8AA4F3A7} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{530C2090-500A-4734-8BE5-48099A02CC49} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{56AE85E5-D915-485E-B538-EBAD67179FE4} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{5AB64B71-C99E-45FF-A9ED-F36B1FFA1602} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{5B340BC0-B9FD-4404-8931-3D4D545264DC} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{5B541BB9-748F-44C0-A0C6-73B1108AC510} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{5BD40600-1506-4520-813E-3E0F76ADDB80} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{5C3C2CA5-D327-43EE-B63C-4FD9347783D5} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{5C523B02-DA41-4D56-A7D9-EB06DF123C44} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{5E3B52FC-D2A7-4750-9817-5415095D610B} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{5EF499B4-6957-4B06-BD90-DED04EEB2514} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{68454AEF-3AC5-44FA-910F-AE4C97757E58} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{6954911F-8F35-49AE-9C93-D2D7229E99F5} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{6AC8791F-F009-4632-BABF-85C1AC002226} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{6BED7E14-24A0-4D68-93CD-69449C93A9B3} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{72019FB2-A240-4453-905A-4C89EC44765B} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{72DD3B01-69B9-4153-AD28-7C3BE7EE2F55} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{749442C8-503C-2E70-3DA4-0B9819CCF700} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{75A24017-7C16-46C9-B252-0BFDD4DF6153} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{7656F518-008E-4946-B6E6-72851FBEB02F} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{7772FAE3-8AC0-4CDB-B3A0-998F02693E19} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{78E328BE-1B45-417D-B544-FB86500DF9B9} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{79297186-D898-4C61-A03B-E73FE5A923A4} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{79CB9F2B-170E-417A-B3E5-DD28DE975050} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{7B58EEE6-7FCC-44EF-B931-26F6A9E4819B} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{7B87600C-09A8-4ED0-9124-2211503953E0} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{7C956CD9-08CF-4DC2-AB32-E655B61B4683} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{7E3F2A5C-278A-470B-8BE0-81A343D47344} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{7F36BE36-175C-40C3-9A84-2F3BB8888E73} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{7FBB4347-99F8-4772-A299-79FDA249070D} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{81DA5DEB-FA6B-4524-9CAF-FB53A1E12CB0} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{82CEFCE0-93A2-4DAC-B3A4-B97C97A475F1} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{83414C36-41AB-416D-B348-5C251056E617} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{842ACC87-DE98-48D3-A3F5-F6340B6F91BE} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{854E0290-6641-46D9-9B72-9D5D17838B42} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{8591E397-A3D1-412A-99A0-E701E9DF6993} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{86898629-D7AE-4F7C-BDB1-739AC14647B3} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{871B51F0-A7CC-4D61-9C4E-7B875C261B59} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{885A7D9B-9E71-425E-92A3-39396A3C10F1} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{88A575EE-94D8-4408-A8B9-4AFF6531F38B} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{88D49642-0D9F-415B-9E48-69DABE0215A9} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{895C0779-6D6F-4AE8-9F97-7643E9205191} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{8978F5E1-EA5C-455D-84E9-70C8C7413989} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{89C05D94-7AFA-4B63-AB50-912C374481B3} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{8D296A13-92EF-43CC-8A0B-B8E77ABC1C31} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{8E6F3C7C-CADE-4F0F-9BD9-106B3024DAB2} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{8FA0EF48-D112-413B-959C-9A110CF1A364} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{9034423B-21D3-4F85-9B3F-1D209839A1DD} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{90F0DB09-6761-44F9-85EB-BD5DAB8E9C57} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{92514714-05C8-4257-9302-8F9109DE53C4} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{92E76C08-2D2B-4764-80B1-8B185080C732} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{9380B253-551E-411B-B17D-6776EB78CF66} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{93D27A20-7FA2-4271-9A60-84EFCB7B6FF2} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{95E99973-79C2-44FA-9B6D-33B92D459B33} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{963A7D25-3D66-4FFE-B067-5829FD71595C} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{964C2A85-5C2D-4CD1-A50C-3E4EE61452C4} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{9749277B-4543-40DE-A447-D86B770E2868} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{9812410D-1D2C-4206-9D15-82B64E5CAED9} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{991B7576-A9A1-4E98-B49D-66C913419F1A} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{993AA8DA-87C8-4EB9-A76A-628153CB52C3} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{9DAC3818-D7EE-4B60-87BC-D57024C123E1} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{9EC6697F-09AA-4DF5-9207-AB081705F4EC} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{A07F06D6-9C6E-4229-8688-D65ACE7FBFC3} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{A2902D22-C18C-4B10-B041-D26D389A206C} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{A2BC89C1-49D4-4291-BCBE-5B5FC3A9D839} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{A3BD5697-C9B0-4D5C-820C-5A135550DA37} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{A4DDD207-D438-4673-B797-B5CB6B10C85D} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{A56FD317-1A4E-4A1A-9DE4-7C6E3784204A} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{A576E922-99CE-473D-91EE-CE6F9148ECA5} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{A62BF30A-0254-4B6C-A89A-A55D75C8F733} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{A68193AE-BE43-4965-951A-D8567DF10A69} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{A797F83D-083A-4F8D-A6ED-0AE7DE206F1C} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{A7C560A6-B22D-487B-B4E7-CC379827ED87} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{A987729B-E78D-415A-9F13-42718E1C6D9C} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{AA5B6BFA-9801-4531-9D87-04B6BB089725} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{AD820237-6643-4DEE-9D26-6B2D5B1CC2A3} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{AE51901F-9D86-4938-854B-EB01DACD6191} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{AF25F4DF-3B77-49A3-8595-EF213B8AEE94} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{AF866720-C52B-4915-AAC3-468B049CCC22} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{AF97AA5A-64E9-422B-9E47-C21460A2F2BA} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{B0099274-DE2C-4877-9EE0-FA75D64AEECD} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{B0392E18-18AA-4F37-98A4-6ECFE412873C} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{B142B7ED-72C0-42B0-B479-76F55136DF6C} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{B2080636-CF3A-4E1F-8BC8-1D89C5E7F5F0} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{B2C1C80F-E9B2-485B-94CE-FAADA0E57161} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{B2F28AD2-1BE6-49E5-A13F-235FD40F14EF} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{B3CAE514-39EB-463F-AE0B-F1FCEC32E2A4} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{B593205F-2F8F-4BF2-A89B-FA095E6C670C} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{B5FB8E6D-87F2-450F-A845-589B3E127358} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{B6998D41-607B-485A-9979-8141A71699E1} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{B6DBE932-DF06-452F-97E1-1C2BB0CCBCA4} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{BA9242D5-2D3D-4D35-96FE-06E6AA0CE53C} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{BAB40096-A9A8-426D-BD02-12448A6B7424} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{BEDCECBA-BB76-4696-B1C1-646428873C91} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{BF2B3664-DFEE-496E-A3A9-2664A646FF82} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{BF3527DD-D6DC-43F4-85A4-BF0769292065} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{BF5D34A1-5907-45C4-A4B1-7B3FC4FCF781} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{BFD0E17E-A0B9-4623-B9CB-D3B7F9ED0A23} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{C075C2BC-B8EC-4147-8800-35120E788E98} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{C2D7860F-EA0C-43B0-9A8C-5B15D641BA81} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{C313F652-F15B-41DA-AF2C-2C193E9FC722} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{C55EA59A-6810-4EDD-8238-C5A01CBC8D17} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{C80C77FE-8B7C-4C72-925F-EC5411BD5C02} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{C968A717-CD22-43D0-B53A-542533ED807A} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{C97F044C-CAF9-4E20-ACCA-C54AD1DAD71B} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{CD9F4356-EC41-494F-BD21-8086DE72F960} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{D1B0E59E-1A90-42FE-A6D8-3E4A1F455431} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{D5F1A5CF-6D25-4028-9D6B-A09B2E833E30} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{D743B25D-8C3D-461E-8F48-90D1033A9B1D} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{DA271238-CD74-4008-BC17-6DDEF93F99A8} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{DA6C98F0-43B1-403E-A919-BCACEEED58D5} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{DDC6DE9A-A7DE-4818-B46F-5B1C883B6CED} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{DE3D679D-708E-4AE7-8C4C-3032B60DCFC9} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{DE6192AD-73F0-4144-8BBD-4E8726963C5A} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{DE9BB3BE-B406-4B95-BB55-5C7D2B269F5C} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{DEE17122-178B-4A73-A640-3319A45983F1} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{E0EB176B-5DB2-4640-BA28-D8AD04B18300} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{E16BD421-AAE4-4312-A54C-20CE9F66F70E} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{E3668105-EE3B-480D-97A1-EEB50C6C08E2} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{E3A7216D-FB5B-4D3C-81A0-57429D65207F} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{E3AA189D-E6E3-48B9-AF17-DC57CE348FA1} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{E491C5D9-22BE-4DAE-8B7A-B191EB7FE892} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{E5F06731-1990-47F5-B0F6-BB069CA106DF} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{E606759B-25E5-40EB-BC97-DF39AAF22BB1} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{E6319184-C12E-43C9-A817-CFBBF689E7CA} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{E7093AD1-7270-4AC5-92B0-1A4BC003B5D2} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{E778A68E-6769-456F-AEB7-217C7530DBAE} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{EDD9AF12-BECA-41DF-AA25-D18E23A17BF5} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{EFF1A5D4-0B0B-4A3A-9B18-FB02AB3C2A97} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{F181591B-35F8-4DAC-8E56-660C1AE2119D} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{F49B96CA-8DF1-4BF2-AE8A-4AC1EA243DBE} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{F64D124E-CE44-4094-945F-0315E8619B63} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{FB6465F7-D8D9-4B81-A857-6E4AE8613423} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{FC69A145-16D5-44F2-9870-E1A2EE237A50} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\{FFC82038-9309-45CF-AB3C-9716DF406D0F} (Empty Folder)
Successfully deleted: C:\Users\Andrew\AppData\Roaming\lavasoft\web companion (Folder)
Successfully deleted: C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\3yne4wca.Default User\extensions\staged (Folder)
Successfully deleted: C:\Users\Andrew\AppData\Roaming\nico mak computing (Folder)
Successfully deleted: C:\Users\Andrew\Desktop\clean registry for free!.lnk (Shortcut)
Successfully deleted: C:\Users\Public\Desktop\geekbuddy.lnk (Shortcut)
Successfully deleted: C:\windows\system32\Tasks\EasySpeedUpManager (Task)
Successfully deleted: C:\Program Files (x86)\lavasoft\web companion (Folder)
Successfully deleted: C:\Program Files (x86)\pro pc cleaner (Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1D2695B8 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GJDTP9D9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JCQKKT13 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZ9V30HW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OVH1JJCR (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QII5T35T (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6EQ0GYK (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S932NP5Y (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TTFYR0J4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYW1RPEE (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WIVBNL8P (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZOTSNEK4 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1D2695B8 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GJDTP9D9 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JCQKKT13 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZ9V30HW (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OVH1JJCR (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QII5T35T (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R6EQ0GYK (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S932NP5Y (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TTFYR0J4 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYW1RPEE (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WIVBNL8P (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZOTSNEK4 (Temporary Internet Files Folder)



Registry: 3

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99af1bd8-7efc-4361-aed5-8c612492a051} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99af1bd8-7efc-4361-aed5-8c612492a051} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2b43dc1c-e3a3-4bad-8242-6fa6302d3f34} (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 03/24/2016 at 17:03:11.82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Houka:

 

Thank you for your logs.  More junk was removed that would slow down your computer.  I see from the logs that you are using registry cleaners and PC optimizers.  Bleeping Computer, and Microsoft, do NOT recommend the use of such programs.  At best, they are "snake oil"; at worst, they can render your computer unbootable.  Such applications might be responsible for some of the issues that you are experiencing.

 

Please click on this link to learn more about registry cleaners.  It is an excellent article by Quietman7.

 

How is your computer running now?

 

Have a great day.

 

Regards,

-Phil

 

 

A lot of those sort of down load themselves on my PC that is why I like a clean up to get rid those, I don't if there are any hidden ones yeah.

 

Well everything seem o be working beside my audio device just stop work or act like my headphones aren't connect but revert back to normal after I restarted.

Houka:

Thanks for your post. It is good to know that your computer is running better now.


Some Final Advice ...

The most common cause of an infected machine is the Trojan Horse, or programs which appear to be legitimate but which contain malicious payloads, or which are simply malicious in and of themselves. No antivirus, firewall, host-based intrusion prevention system (HIPS), or other security software can fully protect you against this kind of attack. The best way to project yourself is not to run email attachments from untrusted sources, and avoid software downloaded from the internet wherever possible. Remember, when you run an application, you are giving that application permission to do to your machine anything you can do to the machine, including create, modify, or destroy files or other data. In the Windows (and most other systems' such as Unix) security model, applications don't have privileges, users do.

The second most common cause of infection is out of date software. Leaving your system unpatched leaves holes through which attackers can execute code on your behalf without your consent. This goes for far more than common targets such as Windows and Internet Explorer. Most recent threats target other third party software, such as Adobe's Adobe Reader, Shockwave Player, or Flash Player, or Oracle's Java browser plugins. You can check your system for out of date software manually, or by using automated tools such as Secunia's Personal Software Inspector. This goes doubly for security applications such as antivirus and other antimalware products based on definition lists, where out-of-date lists mean no detection of newer malware.

Finally, occasionally you will be forced to run some potentially infected binary, or attackers will use a hole which is unpatched by software vendors, so a last line of defense is needed. That means turning on a firewall (Windows Firewall included with Windows XP SP2 or later is fine) and leaving it on, and using and keeping up-to-date an antivirus solution such as Bitdefender. Antiviral solutions don't even have to cost money; for instance Microsoft Secuity Essentials provides perfectly acceptable protection for free. If for some reason you don't like MSE, there are other free products available as well:

• Avast (home use only)
• Avira (shows nag screen to purchase full product when updating, home use only)
• Bitdefender Free (home use only)

That should be fine for the majority of users. However, if you absolutely want additional protection, consider one or more of the following products:

• DNS based website blacklists, such as OpenDNS, Google Public DNS, or the MSMVPs Hosts File
• An additional (non-antivirus) antimalware solution, such as MalwareBytes' Anti-Malware or SUPERAntiSpyware
• Internet Explorer zone blacklists such as those provided by SpywareBlaster or ZonedOut

If you want more information on methods malware uses to infect your computer, consider browsing our How did I get infected? topic.



It has been a pleasure assisting you and I hope that you will avoid any further infections in the future. Your most important protection step is to ALWAYS HAVE MORE THAN ONE RECENT BACKUP OF YOUR ENTIRE SYSTEM on an external drive that is only connected to your computer long enough to backup or restore. I do system images weekly. With the free backup software out there (Easeus ToDo Backup Home, Macrium Reflect, etc.), and the very reasonable prices for external USB hard drives, there is no reason to not have a backup.

On behalf of the Bleeping Computer Community, stay safe out there in cyberspace and have a great day.

Regards,
-Phil

OK before ya go want do ya recommend for remove unwanted programs?

Houka:

 

No problem, I am still here for you.  You can, of course, use the Control Panel to uninstall programs, and some programs have available uninstall tools, sometimes necessary, particularly for anti-virus and anti-malware applications.

 

Personally I, and many other Bleeping Computer folks, use Revo Uninstaller Pro.  It detects and removes the "remnants" that many of the default uninstallers leave behind.

 

That said, there are other uninstaller utilities out there which are very good, I just don't have personal experience with them and you asked what I recommended.

 

So, this post is just my personal recommendation and should not be interpreted to mean that Bleeping Computer recommends Revo Uninstaller Pro, and no other uninstaller utility.

 

Just so we are clear on that.  One lawsuit for Grinler, at a time, is probably much more than he bargained for when he started this Board to help computer users internationally.

 

You can "google" other uninstaller utilities and read the reviews, and choose what you think will work for you.  There is no "one size fits all" when it comes to computer software.

 

Have a great day.

 

Regards,

-Phil