Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Was told to make topic from Am I infected? Thread


  • This topic is locked This topic is locked
7 replies to this topic

#1 broman400

broman400

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:57 AM

Posted 16 May 2018 - 07:10 PM

Was told by a MOD to create a thread here and run FRST. Please find my attached logs. Thank you :)

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,751 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:57 AM

Posted 17 May 2018 - 06:59 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-4254226789-487654737-2996639702-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1007450&geo=US&ver=22.9.1.12&locale=en_US&guid=E7249EC3-3D36-47E4-A7C0-DD2D181902E9&doi=2016-09-01&gct=kwd&qsrc=2869
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
Toolbar: HKU\S-1-5-21-4254226789-487654737-2996639702-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Extension: (Smart HTTPS) - C:\Users\broma_000\AppData\Roaming\Mozilla\Firefox\Profiles\arx9uih2.default-1494196778229\Extensions\{b3e677f4-1150-4387-8629-da738260a48e}.xpi [2018-05-12]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [No File]
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [No File]
CHR HKLM\...\Chrome\Extension: [ilnidodcffjfecahcfiihlhiohnaobic] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4254226789-487654737-2996639702-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ilnidodcffjfecahcfiihlhiohnaobic] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ilnidodcffjfecahcfiihlhiohnaobic] - hxxps://clients2.google.com/service/update2/crx
S3 SmbDrv; \SystemRoot\System32\drivers\Smb_driver_AMDASF.sys [X]

CustomCLSID: HKU\S-1-5-21-4254226789-487654737-2996639702-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-1FE79EAFF944}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-4254226789-487654737-2996639702-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\broma_000\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} =>  -> No File
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} =>  -> No File
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} =>  -> No File
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
Task: {0EE48309-0C9E-440D-8EB0-421C723A4E20} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {233F49F1-3850-4224-9BC4-2A2D133E7395} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {46C800C7-44DE-44D0-90A7-01F6354A2CEB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4A7DA362-DBEC-4399-8AEF-DFBB3113FF78} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {54CD7A07-EECE-44DF-8DAC-D06E48364574} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-4254226789-487654737-2996639702-1001 -> No File <==== ATTENTION
Task: {710B96C2-3861-43B6-B4CD-26A5ACC51EE4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7F507996-BCC8-412F-87C9-BF443EE0CAC3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {859016B2-7CC7-4EA7-8495-F3B276A1C3FB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {98EEF43A-D583-4694-867C-127794B4BB0F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A4480409-A019-4D60-96B3-01AA9B85694C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {BA831B7D-6178-431B-AB87-F86F897CB0C9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CDD04F8C-BF7B-4BEF-89F7-A2CF7F6BF732} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.

Please let me know what issues you are having with this computer.

#3 broman400

broman400
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:57 AM

Posted 19 May 2018 - 03:59 PM

Fix result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by Brian (19-05-2018 16:44:13) Run:3
Running from C:\Users\broma_000\Desktop
Loaded Profiles: Brian (Available Profiles: Brian & User & DefaultAppPool)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-4254226789-487654737-2996639702-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NS&chn=1007450&geo=US&ver=22.9.1.12&locale=en_US&guid=E7249EC3-3D36-47E4-A7C0-DD2D181902E9&doi=2016-09-01&gct=kwd&qsrc=2869
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
Toolbar: HKU\S-1-5-21-4254226789-487654737-2996639702-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Extension: (Smart HTTPS) - C:\Users\broma_000\AppData\Roaming\Mozilla\Firefox\Profiles\arx9uih2.default-1494196778229\Extensions\{b3e677f4-1150-4387-8629-da738260a48e}.xpi [2018-05-12]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [No File]
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [No File]
CHR HKLM\...\Chrome\Extension: [ilnidodcffjfecahcfiihlhiohnaobic] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4254226789-487654737-2996639702-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ilnidodcffjfecahcfiihlhiohnaobic] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ilnidodcffjfecahcfiihlhiohnaobic] - hxxps://clients2.google.com/service/update2/crx
S3 SmbDrv; \SystemRoot\System32\drivers\Smb_driver_AMDASF.sys [X]
 
CustomCLSID: HKU\S-1-5-21-4254226789-487654737-2996639702-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-1FE79EAFF944}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-4254226789-487654737-2996639702-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\broma_000\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} =>  -> No File
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} =>  -> No File
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} =>  -> No File
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
Task: {0EE48309-0C9E-440D-8EB0-421C723A4E20} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {233F49F1-3850-4224-9BC4-2A2D133E7395} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {46C800C7-44DE-44D0-90A7-01F6354A2CEB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4A7DA362-DBEC-4399-8AEF-DFBB3113FF78} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {54CD7A07-EECE-44DF-8DAC-D06E48364574} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-4254226789-487654737-2996639702-1001 -> No File <==== ATTENTION
Task: {710B96C2-3861-43B6-B4CD-26A5ACC51EE4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7F507996-BCC8-412F-87C9-BF443EE0CAC3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {859016B2-7CC7-4EA7-8495-F3B276A1C3FB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {98EEF43A-D583-4694-867C-127794B4BB0F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A4480409-A019-4D60-96B3-01AA9B85694C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {BA831B7D-6178-431B-AB87-F86F897CB0C9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CDD04F8C-BF7B-4BEF-89F7-A2CF7F6BF732} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => removed successfully
"HKU\S-1-5-21-4254226789-487654737-2996639702-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}" => removed successfully
HKLM\Software\Classes\CLSID\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => removed successfully
HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => not found
"HKU\S-1-5-21-4254226789-487654737-2996639702-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
"HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
C:\Users\broma_000\AppData\Roaming\Mozilla\Firefox\Profiles\arx9uih2.default-1494196778229\Extensions\{b3e677f4-1150-4387-8629-da738260a48e}.xpi => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0" => removed successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\ilnidodcffjfecahcfiihlhiohnaobic" => removed successfully
"HKU\S-1-5-21-4254226789-487654737-2996639702-1001\SOFTWARE\Google\Chrome\Extensions\ilnidodcffjfecahcfiihlhiohnaobic" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ilnidodcffjfecahcfiihlhiohnaobic" => removed successfully
"HKLM\System\CurrentControlSet\Services\SmbDrv" => removed successfully
SmbDrv => service removed successfully
"HKU\S-1-5-21-4254226789-487654737-2996639702-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-1FE79EAFF944}" => removed successfully
"HKU\S-1-5-21-4254226789-487654737-2996639702-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\  OverlayExcluded" => removed successfully
"HKLM\Software\Classes\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\  OverlayPending" => removed successfully
HKLM\Software\Classes\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\  OverlayProtected" => removed successfully
"HKLM\Software\Classes\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7" => removed successfully
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => removed successfully
HKLM\Software\Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => removed successfully
HKLM\Software\Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => removed successfully
HKLM\Software\Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => removed successfully
HKLM\Software\Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\  OverlayExcluded" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\  OverlayPending" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\  OverlayProtected" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AIMP" => removed successfully
HKLM\Software\Classes\CLSID\{1F77B17B-F531-44DB-ACA4-76ABB5010A28} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx" => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\AIMP" => removed successfully
HKLM\Software\Classes\CLSID\{1F77B17B-F531-44DB-ACA4-76ABB5010A28} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files" => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ FileSyncEx" => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files" => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0EE48309-0C9E-440D-8EB0-421C723A4E20}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EE48309-0C9E-440D-8EB0-421C723A4E20}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{233F49F1-3850-4224-9BC4-2A2D133E7395}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{233F49F1-3850-4224-9BC4-2A2D133E7395}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{46C800C7-44DE-44D0-90A7-01F6354A2CEB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46C800C7-44DE-44D0-90A7-01F6354A2CEB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A7DA362-DBEC-4399-8AEF-DFBB3113FF78}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A7DA362-DBEC-4399-8AEF-DFBB3113FF78}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{54CD7A07-EECE-44DF-8DAC-D06E48364574}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54CD7A07-EECE-44DF-8DAC-D06E48364574}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-4254226789-487654737-2996639702-1001" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{710B96C2-3861-43B6-B4CD-26A5ACC51EE4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{710B96C2-3861-43B6-B4CD-26A5ACC51EE4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F507996-BCC8-412F-87C9-BF443EE0CAC3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F507996-BCC8-412F-87C9-BF443EE0CAC3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{859016B2-7CC7-4EA7-8495-F3B276A1C3FB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{859016B2-7CC7-4EA7-8495-F3B276A1C3FB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98EEF43A-D583-4694-867C-127794B4BB0F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98EEF43A-D583-4694-867C-127794B4BB0F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A4480409-A019-4D60-96B3-01AA9B85694C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4480409-A019-4D60-96B3-01AA9B85694C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA831B7D-6178-431B-AB87-F86F897CB0C9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA831B7D-6178-431B-AB87-F86F897CB0C9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CDD04F8C-BF7B-4BEF-89F7-A2CF7F6BF732}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDD04F8C-BF7B-4BEF-89F7-A2CF7F6BF732}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 6578176 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19106377 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 468533045 B
Edge => 15735181 B
Chrome => 402917066 B
Firefox => 82035796 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 9936 B
LocalService => 0 B
NetworkService => 6236 B
NetworkService => 0 B
broma_000 => 483588399 B
User => 4710608 B
DefaultAppPool => 0 B
 
RecycleBin => 1050210 B
EmptyTemp: => 1.4 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 16:46:40 ====


#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,751 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:57 AM

Posted 20 May 2018 - 06:46 AM

Hi,

How is the computer running?

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/


https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
Simple and easy ways to keep your computer safe and secure on the Internet.
===

#5 broman400

broman400
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:57 AM

Posted 20 May 2018 - 05:32 PM

Computer runs fine, but my mouse keeps jumping randomly. I try to click something and the mouse just jumps and moves, I thought it was a driver issue and installed the latest Synaptics touchpad driver from Snappy Driver Origin after running your fixes, but the issue still persists.



#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,751 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:57 AM

Posted 21 May 2018 - 05:57 AM

Hi,

Your mouse is going bad. Replace it.

#7 broman400

broman400
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:57 AM

Posted 22 May 2018 - 12:08 AM

It's a trackpad, it recently started acting up. Same thing is happening on my dad's laptop. My laptop is from 2013 but his laptop is an HP envy from last year.

Edited by broman400, 22 May 2018 - 12:09 AM.


#8 nasdaq

nasdaq

  • Malware Response Team
  • 40,751 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:57 AM

Posted 22 May 2018 - 07:11 AM


Hi,

Try this.

How to force a reset on Magic Trackpad
https://discussions.apple.com/thread/2720347

This article may help.
https://www.bleepingcomputer.com/forums/t/648826/mouse-keeps-jumping-to-top-right-corner/?hl=%2Btrackpad#entry4257130

If the problem persists check these two Forums for a possible solution.

External Hardware.
https://www.bleepingcomputer.com/forums/f/138/external-hardware/

Or

This Apple Forum.

https://www.bleepingcomputer.com/forums/f/184/apple-ios/

If nothing is found start a new topic in one of the forum.
Someone with knowledge of TrackPad should be able to help you.
I do not own such equipment.

I will leave this topic open. If you need to return please do.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users