[Resolved] Pop-up all the time. 2016-03-03T23:40:00+00:00

Home Forums Virus, Trojan, Spyware, and Malware Removal Logs [Resolved] Pop-up all the time.

  • Author
    Posts
  • HappySos
    Participant
    Post count: 6
    #1656 |

    Hello,

    My name is HappySos. I have a problem with my computer. After the installation of my computer i have installed a software but now i have some popups all the time !

    Regards,

  • Anonymous
    Post count: 0

    Hello ! Welcome on SosVirus :)

    For your problem, please make this step :

      Please download the correct version of Farbar Recovery Scan Tool (FRST) and save it to your Desktop.
      FRST 32-bits
      FRST 64-bits

      Disable all your antivirus and antimalware software.

    • Start FRST/FRST64.exe, right click Run as administrator.
    • When the tool launches, choose Yes at the disclaimer.
    • Before choose Scan, place a checkmark in the following :
      – Registry
      – Services
      – Drivers
      – Processes
      – Internet
      – Addition.txt

      Please be patient as the scan will take some time.

    • The tool will produces a logfile named FRST.txt in the same location where the tool is run from.
    • To finish, upload the logfile on SOSUpload and give me the link on your next message.

    I wait your reports.

    Regards,

  • HappySos
    Participant
    Post count: 6

    Hello,

    I have try to upload my reports but the website is offline ?

    The first logfile :

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
    Ran by test (administrator) on TEST-PC (06-03-2016 03:30:50)
    Running from C:UsersTomDesktop
    Loaded Profiles: test (Available Profiles: test)
    Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 8 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Skype Technologies S.A.) C:Program Files (x86)SkypePhoneSkype.exe
    (TeamViewer GmbH) C:Program Files (x86)TeamViewerTeamViewer_Service.exe
    (Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejusched.exe
    (Microsoft Corporation) C:WindowsSystem32dllhost.exe
    () C:UsersTomAppDataLocalDailyPcClean Supportupdpcc_en_026010153.exe
    (Tuto4PC) C:Program Files (x86)DailyPCCleanDPCCSchedule.exe
    (Tuto4PC) C:Program Files (x86)DailyPCCleanDailyPCClean.exe
    () C:Program Files (x86)TopFlixdnsnorthlake.exe
    (pcspeeduppro.net) C:Program FilesPC-Speedup-Propcsp.exe
    () C:Program Files (x86)TopFlixdnsnorthlake.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM-x32...Run: [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [594992 2016-01-29] (Oracle Corporation)
    HKLM-x32...RunOnce: [updpcc_en_026010153.exe] => C:UsersTomAppDataLocalDailyPcClean Supportupdpcc_en_026010153.exe [3323568 2015-11-21] ()
    HKUS-1-5-21-1146954719-197784650-3855368955-1000...Run: [Skype] => C:Program Files (x86)SkypePhoneSkype.exe [50599552 2016-02-10] (Skype Technologies S.A.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    TcpipParameters: [DhcpNameServer] 192.168.239.2
    Tcpip..Interfaces{8979A870-8985-41F7-A8D4-25931150E6FF}: [NameServer] 82.163.143.156,82.163.142.158
    Tcpip..Interfaces{8979A870-8985-41F7-A8D4-25931150E6FF}: [DhcpNameServer] 192.168.239.2

    Internet Explorer:
    ==================
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program FilesJavajre1.8.0_73binssv.dll [2016-03-05] (Oracle Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program FilesJavajre1.8.0_73binjp2ssv.dll [2016-03-05] (Oracle Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program Files (x86)Javajre1.8.0_73binssv.dll [2016-03-05] (Oracle Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program Files (x86)Javajre1.8.0_73binjp2ssv.dll [2016-03-05] (Oracle Corporation)
    Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:Windowssystem32urlmon.dll [2010-11-20] (Microsoft Corporation)
    Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:WindowsSysWOW64urlmon.dll [2010-11-20] (Microsoft Corporation)
    Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:Windowssystem32urlmon.dll [2010-11-20] (Microsoft Corporation)
    Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:WindowsSysWOW64urlmon.dll [2010-11-20] (Microsoft Corporation)

    FireFox:
    ========
    FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:Program FilesJavajre1.8.0_73bindtpluginnpDeployJava1.dll [2016-03-05] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:Program FilesJavajre1.8.0_73binplugin2npjp2.dll [2016-03-05] (Oracle Corporation)
    FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:Program FilesVideoLANVLCnpvlc.dll [2016-01-20] (VideoLAN)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:Program Files (x86)Foxit SoftwareFoxit ReaderpluginsnpFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:Program Files (x86)Javajre1.8.0_73bindtpluginnpDeployJava1.dll [2016-03-05] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:Program Files (x86)Javajre1.8.0_73binplugin2npjp2.dll [2016-03-05] (Oracle Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:Program Files (x86)GoogleUpdate1.3.29.5npGoogleUpdate3.dll [2016-03-05] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:Program Files (x86)GoogleUpdate1.3.29.5npGoogleUpdate3.dll [2016-03-05] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2016-01-20] (VideoLAN)

    Chrome:
    =======
    CHR Profile: C:UsersTomAppDataLocalGoogleChromeUser DataDefault
    CHR Extension: (Google Slides) - C:UsersTomAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2016-03-05]
    CHR Extension: (Google Docs) - C:UsersTomAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2016-03-05]
    CHR Extension: (Google Drive) - C:UsersTomAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2016-03-05]
    CHR Extension: (YouTube) - C:UsersTomAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-05]
    CHR Extension: (Google Sheets) - C:UsersTomAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2016-03-05]
    CHR Extension: (Google Docs Offline) - C:UsersTomAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-05]
    CHR Extension: (Chrome Web Store Payments) - C:UsersTomAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2016-03-05]
    CHR Extension: (Gmail) - C:UsersTomAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2016-03-05]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S2 PCValidator; C:ProgramDataValidatorPCPCValidatorService.exe [29696 2015-11-04] (AppVerifierService) [File not signed]
    R2 TeamViewer; C:Program Files (x86)TeamViewerTeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
    R2 WinDefend; C:Program FilesWindows Defendermpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 ebdrv; C:Windowssystem32driversevbda.sys [3286016 2009-06-10] (Broadcom Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-03-06 03:35 - 2014-06-30 14:14 - 00008856 _____ (Microsoft Corporation) C:WindowsSysWOW64icardres.dll
    2016-03-06 03:35 - 2014-06-05 22:16 - 00035480 _____ (Microsoft Corporation) C:WindowsSysWOW64TsWpfWrp.exe
    2016-03-06 03:35 - 2014-03-09 13:47 - 00619672 _____ (Microsoft Corporation) C:WindowsSysWOW64icardagt.exe
    2016-03-06 03:35 - 2014-03-09 13:47 - 00099480 _____ (Microsoft Corporation) C:WindowsSysWOW64infocardapi.dll
    2016-03-06 03:30 - 2016-03-06 03:31 - 00009201 _____ C:UsersTomDesktopFRST.txt
    2016-03-06 03:30 - 2016-03-06 03:30 - 00000000 ____D C:FRST
    2016-03-06 03:29 - 2016-03-06 03:29 - 02374144 _____ (Farbar) C:UsersTomDesktopFRST64.exe
    2016-03-05 14:53 - 2016-03-06 03:29 - 00000216 _____ C:appmanager.txt
    2016-03-05 14:53 - 2016-03-05 14:54 - 00003038 _____ C:WindowsSystem32TasksPC-Speedup-Pro_Logon
    2016-03-05 14:53 - 2016-03-05 14:53 - 00057560 _____ C:UsersTomAppDataLocalGDIPFONTCACHEV1.DAT
    2016-03-05 14:53 - 2016-03-05 14:53 - 00003058 _____ C:WindowsSystem32TasksAppManager_logon
    2016-03-05 14:53 - 2016-03-05 14:53 - 00000830 _____ C:UsersPublicDesktopPC-Speedup-Pro.lnk
    2016-03-05 14:53 - 2016-03-05 14:53 - 00000000 ____D C:UsersTomAppDataRoamingpcspeeduppro.net
    2016-03-05 14:53 - 2016-03-05 14:53 - 00000000 ____D C:UsersTomAppDataRoamingFileOpenerWindows
    2016-03-05 14:53 - 2016-03-05 14:53 - 00000000 ____D C:UsersTomAppDataRoamingappmanager
    2016-03-05 14:53 - 2016-03-05 14:53 - 00000000 ____D C:ProgramDataValidatorPC
    2016-03-05 14:53 - 2016-03-05 14:53 - 00000000 ____D C:ProgramDataPCSpeedupPro.net
    2016-03-05 14:53 - 2016-03-05 14:53 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsPC-Speedup-Pro
    2016-03-05 14:53 - 2016-03-05 14:53 - 00000000 ____D C:Program FilesPC-Speedup-Pro
    2016-03-05 14:52 - 2016-03-05 14:52 - 00000000 ____D C:Program Files (x86)VideoLAN
    2016-03-05 14:51 - 2016-03-05 14:51 - 30510920 _____ C:UsersTomDownloadsHDVideoPlayer.exe
    2016-03-05 14:49 - 2016-03-05 14:52 - 00000000 ____D C:UsersTomAppDataLocalDailyPcClean Support
    2016-03-05 14:49 - 2016-03-05 14:49 - 00003232 _____ C:WindowsSystem32TasksDailyPCClean Schedule
    2016-03-05 14:49 - 2016-03-05 14:49 - 00001055 _____ C:UsersTomDesktopDailyPCClean.lnk
    2016-03-05 14:49 - 2016-03-05 14:49 - 00000000 ____D C:UsersTomDocumentsDailyPCClean
    2016-03-05 14:49 - 2016-03-05 14:49 - 00000000 ____D C:UsersTomAppDataRoamingDailyPCClean
    2016-03-05 14:49 - 2016-03-05 14:49 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsDailyPCClean
    2016-03-05 14:49 - 2016-03-05 14:49 - 00000000 ____D C:Program Files (x86)DailyPcClean Support
    2016-03-05 14:49 - 2016-03-05 14:49 - 00000000 ____D C:Program Files (x86)DailyPCClean
    2016-03-05 14:43 - 2016-03-06 03:29 - 00000000 ____D C:UsersTomAppDataRoamingSkype
    2016-03-05 14:43 - 2016-03-05 14:43 - 00026340 _____ C:WindowsSystem32TasksDNSNORTHLAKE
    2016-03-05 14:43 - 2016-03-05 14:43 - 00000000 ____D C:Program Files (x86)TopFlix
    2016-03-05 11:17 - 2015-02-03 18:54 - 00318464 _____ (Microsoft Corporation) C:WindowsSysWOW64WMPhoto.dll
    2016-03-05 08:24 - 2016-03-05 08:24 - 00000000 ____D C:Program Files (x86)SearchProtect
    2016-03-05 08:19 - 2016-03-05 08:19 - 00002697 _____ C:UsersPublicDesktopSkype.lnk
    2016-03-05 08:19 - 2016-03-05 08:19 - 00000000 ___RD C:Program Files (x86)Skype
    2016-03-05 08:19 - 2016-03-05 08:19 - 00000000 ____D C:UsersTomAppDataLocalGoogle
    2016-03-05 08:19 - 2016-03-05 08:19 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSkype
    2016-03-05 08:18 - 2016-03-05 08:19 - 00000000 ____D C:ProgramDataSkype
    2016-03-05 08:18 - 2016-03-05 08:18 - 00001351 _____ C:UsersPublicDesktopFoxit Reader.lnk
    2016-03-05 08:18 - 2016-03-05 08:18 - 00000000 ____D C:UsersTomAppDataRoamingFoxit Software
    2016-03-05 08:18 - 2016-03-05 08:18 - 00000000 ____D C:UsersTomAppDataRoamingFoxit AgentInformation
    2016-03-05 08:18 - 2016-03-05 08:18 - 00000000 ____D C:UsersPublicFoxit Software
    2016-03-05 08:18 - 2016-03-05 08:18 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsFoxit Reader
    2016-03-05 08:18 - 2016-03-05 08:18 - 00000000 ____D C:Program Files (x86)Foxit Software
    2016-03-05 08:17 - 2016-03-05 14:52 - 00001066 _____ C:UsersPublicDesktopVLC media player.lnk
    2016-03-05 08:17 - 2016-03-05 08:17 - 00001043 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsTeamViewer 11.lnk
    2016-03-05 08:17 - 2016-03-05 08:17 - 00001031 _____ C:UsersPublicDesktopTeamViewer 11.lnk
    2016-03-05 08:17 - 2016-03-05 08:17 - 00001019 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAudacity.lnk
    2016-03-05 08:17 - 2016-03-05 08:17 - 00001007 _____ C:UsersPublicDesktopAudacity.lnk
    2016-03-05 08:17 - 2016-03-05 08:17 - 00000000 ____D C:UsersTomAppDataRoamingTeamViewer
    2016-03-05 08:17 - 2016-03-05 08:17 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsVideoLAN
    2016-03-05 08:17 - 2016-03-05 08:17 - 00000000 ____D C:Program FilesVideoLAN
    2016-03-05 08:17 - 2016-03-05 08:17 - 00000000 ____D C:Program Files (x86)TeamViewer
    2016-03-05 08:17 - 2016-03-05 08:17 - 00000000 ____D C:Program Files (x86)Audacity
    2016-03-05 08:16 - 2016-03-05 08:16 - 00001264 _____ C:UsersTomDesktopRevo Uninstaller.lnk
    2016-03-05 08:16 - 2016-03-05 08:16 - 00001037 _____ C:UsersPublicDesktopNotepad++.lnk
    2016-03-05 08:16 - 2016-03-05 08:16 - 00000984 _____ C:UsersPublicDesktopFileZilla.lnk
    2016-03-05 08:16 - 2016-03-05 08:16 - 00000000 ____D C:UsersTomAppDataRoamingNotepad++
    2016-03-05 08:16 - 2016-03-05 08:16 - 00000000 ____D C:UsersTomAppDataRoamingMicrosoftWindowsStart MenuProgramsRevo Uninstaller
    2016-03-05 08:16 - 2016-03-05 08:16 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsNotepad++
    2016-03-05 08:16 - 2016-03-05 08:16 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsFileZilla FTP Client
    2016-03-05 08:16 - 2016-03-05 08:16 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuPrograms7-Zip
    2016-03-05 08:16 - 2016-03-05 08:16 - 00000000 ____D C:Program FilesFileZilla FTP Client
    2016-03-05 08:16 - 2016-03-05 08:16 - 00000000 ____D C:Program Files7-Zip
    2016-03-05 08:16 - 2016-03-05 08:16 - 00000000 ____D C:Program Files (x86)VS Revo Group
    2016-03-05 08:16 - 2016-03-05 08:16 - 00000000 ____D C:Program Files (x86)Notepad++
    2016-03-05 08:15 - 2016-03-05 08:14 - 00110176 _____ (Oracle Corporation) C:Windowssystem32WindowsAccessBridge-64.dll
    2016-03-05 08:13 - 2016-03-05 08:13 - 00000000 ____D C:Program FilesJava
    2016-03-05 08:12 - 2016-03-05 08:15 - 00000000 ____D C:UsersTom.oracle_jre_usage
    2016-03-05 08:12 - 2016-03-05 08:15 - 00000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsJava
    2016-03-05 08:12 - 2016-03-05 08:12 - 00097888 _____ (Oracle Corporation) C:WindowsSysWOW64WindowsAccessBridge-32.dll
    2016-03-05 08:12 - 2016-03-05 08:12 - 00000000 ____D C:UsersTomAppDataRoamingSun
    2016-03-05 08:12 - 2016-03-05 08:12 - 00000000 ____D C:UsersTomAppDataLocalLowSun
    2016-03-05 08:11 - 2016-03-06 03:31 - 00000898 _____ C:WindowsTasksGoogleUpdateTaskMachineUA.job
    2016-03-05 08:11 - 2016-03-05 14:43 - 00000894 _____ C:WindowsTasksGoogleUpdateTaskMachineCore.job
    2016-03-05 08:11 - 2016-03-05 08:11 - 00003894 _____ C:WindowsSystem32TasksGoogleUpdateTaskMachineUA
    2016-03-05 08:11 - 2016-03-05 08:11 - 00003642 _____ C:WindowsSystem32TasksGoogleUpdateTaskMachineCore
    2016-03-05 08:11 - 2016-03-05 08:11 - 00002195 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
    2016-03-05 08:11 - 2016-03-05 08:11 - 00002183 _____ C:UsersPublicDesktopGoogle Chrome.lnk
    2016-03-05 08:11 - 2016-03-05 08:11 - 00001159 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMozilla Firefox.lnk
    2016-03-05 08:11 - 2016-03-05 08:11 - 00001147 _____ C:UsersPublicDesktopMozilla Firefox.lnk
    2016-03-05 08:11 - 2016-03-05 08:11 - 00000000 ____D C:UsersTomAppDataLocalLowOracle
    2016-03-05 08:11 - 2016-03-05 08:11 - 00000000 ____D C:ProgramDataOracle
    2016-03-05 08:11 - 2016-03-05 08:11 - 00000000 ____D C:Program Files (x86)Mozilla Maintenance Service
    2016-03-05 08:11 - 2016-03-05 08:11 - 00000000 ____D C:Program Files (x86)Mozilla Firefox
    2016-03-05 08:11 - 2016-03-05 08:11 - 00000000 ____D C:Program Files (x86)Java
    2016-03-05 08:11 - 2016-03-05 08:11 - 00000000 ____D C:Program Files (x86)Google
    2016-02-18 01:51 - 2012-02-16 22:38 - 01031680 _____ (Microsoft Corporation) C:Windowssystem32rdpcore.dll
    2016-02-18 01:51 - 2012-02-16 21:34 - 00826880 _____ (Microsoft Corporation) C:WindowsSysWOW64rdpcore.dll
    2016-02-18 01:51 - 2012-02-16 20:58 - 00210944 _____ (Microsoft Corporation) C:Windowssystem32Driversrdpwd.sys
    2016-02-18 01:51 - 2012-02-16 20:57 - 00023552 _____ (Microsoft Corporation) C:Windowssystem32Driverstdtcp.sys
    2016-02-18 00:39 - 2016-03-05 08:12 - 00000000 ____D C:UsersTom
    2016-02-18 00:39 - 2016-02-18 00:39 - 00001443 _____ C:UsersTomAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Explorer.lnk
    2016-02-18 00:39 - 2016-02-18 00:39 - 00001409 _____ C:UsersTomAppDataRoamingMicrosoftWindowsStart MenuProgramsInternet Explorer (64-bit).lnk
    2016-02-18 00:39 - 2016-02-18 00:39 - 00000020 ___SH C:UsersTomntuser.ini
    2016-02-18 00:39 - 2016-02-18 00:39 - 00000000 _SHDL C:UsersTomMy Documents
    2016-02-18 00:39 - 2016-02-18 00:39 - 00000000 _SHDL C:UsersTomDocumentsMy Videos
    2016-02-18 00:39 - 2016-02-18 00:39 - 00000000 _SHDL C:UsersTomDocumentsMy Pictures
    2016-02-18 00:39 - 2016-02-18 00:39 - 00000000 _SHDL C:UsersTomDocumentsMy Music
    2016-02-18 00:39 - 2016-02-18 00:39 - 00000000 ____D C:UsersTomAppDataLocalVirtualStore
    2016-02-18 00:39 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:Windowssystem32wuwebv.dll
    2016-02-18 00:39 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:WindowsSysWOW64wuwebv.dll
    2016-02-18 00:39 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:Windowssystem32wuapp.exe
    2016-02-18 00:39 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:WindowsSysWOW64wuapp.exe
    2016-02-18 00:39 - 2014-05-14 08:23 - 02477536 _____ (Microsoft Corporation) C:Windowssystem32wuaueng.dll
    2016-02-18 00:39 - 2014-05-14 08:23 - 00700384 _____ (Microsoft Corporation) C:Windowssystem32wuapi.dll
    2016-02-18 00:39 - 2014-05-14 08:23 - 00581600 _____ (Microsoft Corporation) C:WindowsSysWOW64wuapi.dll
    2016-02-18 00:39 - 2014-05-14 08:23 - 00058336 _____ (Microsoft Corporation) C:Windowssystem32wuauclt.exe
    2016-02-18 00:39 - 2014-05-14 08:23 - 00044512 _____ (Microsoft Corporation) C:Windowssystem32wups2.dll
    2016-02-18 00:39 - 2014-05-14 08:23 - 00038880 _____ (Microsoft Corporation) C:Windowssystem32wups.dll
    2016-02-18 00:39 - 2014-05-14 08:23 - 00036320 _____ (Microsoft Corporation) C:WindowsSysWOW64wups.dll
    2016-02-18 00:39 - 2014-05-14 08:21 - 02620928 _____ (Microsoft Corporation) C:Windowssystem32wucltux.dll
    2016-02-18 00:39 - 2014-05-14 08:20 - 00097792 _____ (Microsoft Corporation) C:Windowssystem32wudriver.dll
    2016-02-18 00:39 - 2014-05-14 08:17 - 00092672 _____ (Microsoft Corporation) C:WindowsSysWOW64wudriver.dll
    2016-02-18 00:39 - 2011-04-12 00:28 - 00000000 ____D C:UsersTomAppDataRoamingMedia Center Programs
    2016-02-17 22:52 - 2016-02-17 22:52 - 00001345 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMedia Center.lnk
    2016-02-17 22:52 - 2016-02-17 22:52 - 00001326 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsWindows DVD Maker.lnk
    2016-02-17 22:50 - 2016-02-18 00:39 - 00000000 ____D C:WindowsPanther
    2016-02-17 22:46 - 2016-02-17 22:46 - 00000000 ____D C:Windows.old

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2016-03-06 03:29 - 2009-07-13 20:45 - 00016656 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2016-03-06 03:29 - 2009-07-13 20:45 - 00016656 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2016-03-05 14:51 - 2009-07-13 21:13 - 00713888 _____ C:Windowssystem32PerfStringBackup.INI
    2016-03-05 14:51 - 2009-07-13 19:20 - 00000000 ____D C:Windowsinf
    2016-03-05 14:43 - 2009-07-13 21:08 - 00000006 ____H C:WindowsTasksSA.DAT
    2016-03-05 14:43 - 2009-07-13 20:45 - 00275432 _____ C:Windowssystem32FNTCACHE.DAT
    2016-03-05 14:43 - 2009-07-13 19:20 - 00000000 ____D C:WindowsRegistration
    2016-02-18 00:40 - 2009-07-13 19:20 - 00000000 ____D C:Program FilesCommon FilesMicrosoft Shared
    2016-02-18 00:39 - 2009-07-13 19:20 - 00000000 ____D C:Windowsrescache
    2016-02-17 22:52 - 2009-07-13 19:20 - 00000000 ____D C:Windowssystem32sysprep
    2016-02-17 22:50 - 2011-04-12 00:28 - 00000000 ____D C:WindowsCSC
    2016-02-17 22:49 - 2016-01-06 11:40 - 00008192 __RSH C:BOOTSECT.BAK
    2016-02-17 22:49 - 2009-07-13 21:32 - 00028672 _____ C:Windowssystem32configBCD-Template

    Some files in TEMP:
    ====================
    C:UsersTomAppDataLocalTempxmlUpdater.exe


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:Windowssystem32winlogon.exe => File is digitally signed
    C:Windowssystem32wininit.exe => File is digitally signed
    C:WindowsSysWOW64wininit.exe => File is digitally signed
    C:Windowsexplorer.exe => File is digitally signed
    C:WindowsSysWOW64explorer.exe => File is digitally signed
    C:Windowssystem32svchost.exe => File is digitally signed
    C:WindowsSysWOW64svchost.exe => File is digitally signed
    C:Windowssystem32services.exe => File is digitally signed
    C:Windowssystem32User32.dll => File is digitally signed
    C:WindowsSysWOW64User32.dll => File is digitally signed
    C:Windowssystem32userinit.exe => File is digitally signed
    C:WindowsSysWOW64userinit.exe => File is digitally signed
    C:Windowssystem32rpcss.dll => File is digitally signed
    C:Windowssystem32dnsapi.dll => File is digitally signed
    C:WindowsSysWOW64dnsapi.dll => File is digitally signed
    C:Windowssystem32Driversvolsnap.sys => File is digitally signed


    LastRegBack: 2016-02-17 22:50

    ==================== End of FRST.txt ============================

    The next :

    Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
    Ran by test (2016-03-06 03:44:45)
    Running from C:UsersTomDesktop
    Windows 7 Professional Service Pack 1 (X64) (2016-02-18 08:39:06)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1146954719-197784650-3855368955-500 - Administrator - Disabled)
    Guest (S-1-5-21-1146954719-197784650-3855368955-501 - Limited - Disabled)
    test (S-1-5-21-1146954719-197784650-3855368955-1000 - Administrator - Enabled) => C:UsersTom

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    7-Zip 15.14 (x64) (HKLM...7-Zip) (Version: 15.14 - Igor Pavlov)
    Audacity 2.1.2 (HKLM-x32...Audacity®_is1) (Version: 2.1.2 - Audacity Team)
    DailyPcClean Support (HKLM-x32...dpcc_en_026010153_is1) (Version: - Tuto4PC.Com) < ==== ATTENTION
    DailyPCClean v4.1 (HKLM-x32...DailyPCClean_is1) (Version: 4.1 - Tuto4PC.Com) < ==== ATTENTION
    FileZilla Client 3.16.0 (HKLM-x32...FileZilla Client) (Version: 3.16.0 - Tim Kosse)
    Foxit Reader (HKLM-x32...Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
    Google Chrome (HKLM-x32...{93EB1D27-3378-36DD-ACEC-380FEDB2297B}) (Version: 49.0.2623.75 - Google, Inc.)
    Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
    Java 8 Update 73 (64-bit) (HKLM...{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
    Java 8 Update 73 (HKLM-x32...{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32...{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Mozilla Firefox 44.0.2 (x86 en-US) (HKLM-x32...Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32...MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
    Notepad++ (HKLM-x32...Notepad++) (Version: 6.9 - Notepad++ Team)
    PC-Speedup-Pro (HKLM...74F25055-8CA3-431A-9FA0-BBFDDFA37CE6_is1) (Version: PC-Speedup-Pro - )
    Revo Uninstaller 1.95 (HKLM-x32...Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    Setup (HKLM-x32...{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) < ==== ATTENTION
    Skype™ 7.18 (HKLM-x32...{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
    TeamViewer 11 (HKLM-x32...TeamViewer) (Version: 11.0.56083 - TeamViewer)
    TopFlix version 1.4 (HKLM-x32...{B1D4623E-00B2-49EC-988B-14944EAA3D1C}_is1) (Version: 1.4 - www.TopFlix.info)
    VLC media player (HKLM...VLC media player) (Version: 2.2.2 - VideoLAN)
    VLC media player (HKLM-x32...VLC media player) (Version: 2.2.2 - VideoLAN)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {081CD308-3169-4CB1-B761-A15FB14D54D3} - System32TasksAppManager_logon => C:UsersTomAppDataRoamingappmanagerappmanager.exe [2016-03-03] (AppManager)
    Task: {17193911-2B31-4BA8-BE68-1F14DD191F3A} - System32TasksDailyPCClean Schedule => C:Program Files (x86)DailyPCCleanOSPCSchedule.exe < ==== ATTENTION
    Task: {301BF373-92BF-47DE-BF53-11FB3F73F2EA} - System32TasksPC-Speedup-Pro_Logon => C:Program FilesPC-Speedup-Propcsp.exe [2016-03-03] (pcspeeduppro.net) < ==== ATTENTION
    Task: {57BDF760-02B5-42A7-AC9F-0DB8EA9B086A} - System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2016-03-05] (Google Inc.)
    Task: {A3698CE8-965B-4DE2-BAC2-2CFB52CF478F} - System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2016-03-05] (Google Inc.)
    Task: {B529595B-ECAA-4A0B-89D0-B7A91F9E84EC} - System32TasksDNSNORTHLAKE => C:Program Files (x86)TopFlixdnsnorthlake.exe [2016-02-09] ()

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:WindowsTasksGoogleUpdateTaskMachineCore.job => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    Task: C:WindowsTasksGoogleUpdateTaskMachineUA.job => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe

    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============

    2016-02-29 02:23 - 2016-02-29 02:23 - 00052912 _____ () C:Program FilesFileZilla FTP Clientfzshellext_64.dll
    2016-02-21 13:38 - 2016-02-21 13:38 - 00230064 _____ () C:Program Files (x86)Notepad++NppShell_06.dll
    2016-03-05 14:49 - 2015-11-21 04:31 - 03323568 _____ () C:UsersTomAppDataLocalDailyPcClean Supportupdpcc_en_026010153.exe
    2016-03-05 14:43 - 2016-02-09 14:24 - 00674304 _____ () C:Program Files (x86)TopFlixdnsnorthlake.exe

    ==================== Alternate Data Streams (Whitelisted) =========

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:Windowssystem32Driversetchosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKUS-1-5-21-1146954719-197784650-3855368955-1000Control PanelDesktop\Wallpaper -> C:UsersTomAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper.jpg
    DNS Servers: 82.163.143.156 - 82.163.142.158
    HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%system32sppsvc.exe
    FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%system32sppsvc.exe
    FirewallRules: [{333D3A6C-D9B4-4B05-88CB-2E7DC6B90A51}] => (Allow) C:Program Files (x86)Mozilla Firefoxfirefox.exe
    FirewallRules: [{588538B2-9ADA-419E-A63B-3291F9FAA9AD}] => (Allow) C:Program Files (x86)Mozilla Firefoxfirefox.exe
    FirewallRules: [{C09118A2-ABA2-46A0-BF4F-7443A32EAC22}] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe
    FirewallRules: [{B8646927-1E29-4EF5-8A05-9BB09C744070}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe
    FirewallRules: [{58F916C9-F0B3-4D86-9D2A-95A2AC3CE094}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe
    FirewallRules: [{C15BE726-813B-44E7-9FD5-C8BC5F8148D3}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe
    FirewallRules: [{0A27E02D-524D-4C90-806B-3BEBEAC686C7}] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe
    FirewallRules: [{40E0A5C5-1C4C-476D-BD42-57C99D05E2DC}] => (Allow) C:Program Files (x86)SkypePhoneSkype.exe

    ==================== Restore Points =========================

    05-03-2016 12:13:53 Windows Update
    06-03-2016 03:34:18 Windows Update

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (03/05/2016 02:45:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (03/05/2016 08:10:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (02/18/2016 01:50:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
    Description: Failed extract of third-party root list from auto update cab at: with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
    .

    Error: (02/18/2016 01:00:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
    Description: Failed extract of third-party root list from auto update cab at:
    with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
    .

    Error: (02/18/2016 01:00:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
    Description: Failed extract of third-party root list from auto update cab at:
    with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
    .

    Error: (02/18/2016 01:00:26 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
    Description: Failed extract of third-party root list from auto update cab at:
    with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
    .

    Error: (02/18/2016 01:00:24 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
    Description: Failed extract of third-party root list from auto update cab at:
    with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
    .

    Error: (02/18/2016 12:54:40 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
    Description: Failed extract of third-party root list from auto update cab at:
    with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
    .

    Error: (02/18/2016 12:54:40 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
    Description: Failed extract of third-party root list from auto update cab at:
    with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
    .

    Error: (02/18/2016 12:53:23 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
    Description: Failed extract of third-party root list from auto update cab at:
    with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
    .


    System errors:
    =============
    Error: (03/05/2016 02:43:18 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 2:42:16 PM on ‎3/‎5/‎2016 was unexpected.

    Error: (03/05/2016 02:40:51 PM) (Source: Server) (EventID: 2505) (User: )
    Description: The server could not bind to the transport DeviceNetBT_Tcpip_{8979A870-8985-41F7-A8D4-25931150E6FF} because another computer on the network has the same name. The server could not start.

    Error: (03/05/2016 02:40:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
    Percentage of memory in use: 87%
    Total physical RAM: 2047.49 MB
    Available physical RAM: 253.13 MB
    Total Virtual: 4094.98 MB
    Available Virtual: 1796.58 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:40 GB) (Free:12.31 GB) NTFS ==>[drive with boot components (obtained from BCD)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 40 GB) (Disk ID: C1D5A3C9)
    Partition 1: (Active) - (Size=40 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
  • Anonymous
    Post count: 0

    Hi,

    Ok, please make this :

    • Press the keys Windows and R at the same time.
    • The window “Run” will be appear. In the the text zone, write : appwiz.cpl

    • Finds the following programs in the lists :
      • DailyPcClean
      • PC-Speedup-Pro
      • TopFlix
    • Then click Uninstall , and unistall them one by one.

    • Download FixScript_FRST and save it to your Desktop.
    • Copy the entire content of the codebox below :

      start
      CreateRestorePoint:
      CloseProcesses:
      C:appmanager.txt
      C:Program Files (x86)DailyPCClean
      C:Program Files (x86)DailyPcClean Support
      C:Program Files (x86)SearchProtect
      C:Program Files (x86)TopFlix
      C:Program FilesPC-Speedup-Pro
      C:ProgramDataMicrosoftWindowsStart MenuProgramsDailyPCClean
      C:ProgramDataMicrosoftWindowsStart MenuProgramsPC-Speedup-Pro
      C:ProgramDataPCSpeedupPro.net
      C:ProgramDataValidatorPC
      C:UsersPublicDesktopPC-Speedup-Pro.lnk
      C:UsersTomAppDataLocalDailyPcClean Support
      C:UsersTomAppDataRoamingappmanager
      C:UsersTomAppDataRoamingDailyPCClean
      C:UsersTomAppDataRoamingFileOpenerWindows
      C:UsersTomAppDataRoamingpcspeeduppro.net
      C:UsersTomDesktopDailyPCClean.lnk
      C:UsersTomDocumentsDailyPCClean
      C:UsersTomDownloadsHDVideoPlayer.exe
      C:WindowsSystem32TasksAppManager_logon
      C:WindowsSystem32TasksDailyPCClean Schedule
      C:WindowsSystem32TasksPC-Speedup-Pro_Logon
      HKLM-x32...RunOnce: [updpcc_en_026010153.exe] => C:UsersTomAppDataLocalDailyPcClean Supportupdpcc_en_026010153.exe [3323568 2015-11-21] ()
      S2 PCValidator; C:ProgramDataValidatorPCPCValidatorService.exe [29696 2015-11-04] (AppVerifierService) [File not signed]
      Task: {081CD308-3169-4CB1-B761-A15FB14D54D3} - System32TasksAppManager_logon => C:UsersTomAppDataRoamingappmanagerappmanager.exe [2016-03-03] (AppManager)
      Task: {17193911-2B31-4BA8-BE68-1F14DD191F3A} - System32TasksDailyPCClean Schedule => C:Program Files (x86)DailyPCCleanOSPCSchedule.exe < ==== ATTENTION
      Task: {301BF373-92BF-47DE-BF53-11FB3F73F2EA} - System32TasksPC-Speedup-Pro_Logon => C:Program FilesPC-Speedup-Propcsp.exe [2016-03-03] (pcspeeduppro.net) < ==== ATTENTION
      Task: {B529595B-ECAA-4A0B-89D0-B7A91F9E84EC} - System32TasksDNSNORTHLAKE => C:Program Files (x86)TopFlixdnsnorthlake.exe [2016-02-09] ()
      end

    • Start FixScript_FRST.exe, right click Run as administrator.
    • FRST/FRST64 will automatically be open. Click Fix.

      Please be patient as the Fix will take some time.

    • The tool will produces a logfile named Fixlog.txt in the same location where the tool is run from.
    • To finish, upload the logfile on SOSUpload and give me the link on your next message.

    I wait your report.

    Regards,

  • HappySos
    Participant
    Post count: 6

    Hi,

    I have unistall programs.

    This is my Fixlog report :

    Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
    Ran by test (2016-03-06 04:50:08) Run:2
    Running from C:UsersTomDesktop
    Loaded Profiles: test (Available Profiles: test)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    start
    CreateRestorePoint:
    CloseProcesses:
    C:appmanager.txt
    C:Program Files (x86)DailyPCClean
    C:Program Files (x86)DailyPcClean Support
    C:Program Files (x86)SearchProtect
    C:Program Files (x86)TopFlix
    C:Program FilesPC-Speedup-Pro
    C:ProgramDataMicrosoftWindowsStart MenuProgramsDailyPCClean
    C:ProgramDataMicrosoftWindowsStart MenuProgramsPC-Speedup-Pro
    C:ProgramDataPCSpeedupPro.net
    C:ProgramDataValidatorPC
    C:UsersPublicDesktopPC-Speedup-Pro.lnk
    C:UsersTomAppDataLocalDailyPcClean Support
    C:UsersTomAppDataRoamingappmanager
    C:UsersTomAppDataRoamingDailyPCClean
    C:UsersTomAppDataRoamingFileOpenerWindows
    C:UsersTomAppDataRoamingpcspeeduppro.net
    C:UsersTomDesktopDailyPCClean.lnk
    C:UsersTomDocumentsDailyPCClean
    C:UsersTomDownloadsHDVideoPlayer.exe
    C:WindowsSystem32TasksAppManager_logon
    C:WindowsSystem32TasksDailyPCClean Schedule
    C:WindowsSystem32TasksPC-Speedup-Pro_Logon
    HKLM-x32...RunOnce: [updpcc_en_026010153.exe] => C:UsersTomAppDataLocalDailyPcClean Supportupdpcc_en_026010153.exe [3323568 2015-11-21] ()
    S2 PCValidator; C:ProgramDataValidatorPCPCValidatorService.exe [29696 2015-11-04] (AppVerifierService) [File not signed]
    Task: {081CD308-3169-4CB1-B761-A15FB14D54D3} - System32TasksAppManager_logon => C:UsersTomAppDataRoamingappmanagerappmanager.exe [2016-03-03] (AppManager)
    Task: {17193911-2B31-4BA8-BE68-1F14DD191F3A} - System32TasksDailyPCClean Schedule => C:Program Files (x86)DailyPCCleanOSPCSchedule.exe < ==== ATTENTION
    Task: {301BF373-92BF-47DE-BF53-11FB3F73F2EA} - System32TasksPC-Speedup-Pro_Logon => C:Program FilesPC-Speedup-Propcsp.exe [2016-03-03] (pcspeeduppro.net) < ==== ATTENTION
    Task: {B529595B-ECAA-4A0B-89D0-B7A91F9E84EC} - System32TasksDNSNORTHLAKE => C:Program Files (x86)TopFlixdnsnorthlake.exe [2016-02-09] ()
    end
    *****************

    Restore point was successfully created.
    Processes closed successfully.
    C:appmanager.txt => moved successfully
    C:Program Files (x86)DailyPCClean => moved successfully
    C:Program Files (x86)DailyPcClean Support => moved successfully
    C:Program Files (x86)SearchProtect => moved successfully
    C:Program Files (x86)TopFlix => moved successfully
    "C:Program FilesPC-Speedup-Pro" => not found.
    "C:ProgramDataMicrosoftWindowsStart MenuProgramsDailyPCClean" => not found.
    "C:ProgramDataMicrosoftWindowsStart MenuProgramsPC-Speedup-Pro" => not found.
    "C:ProgramDataPCSpeedupPro.net" => not found.
    C:ProgramDataValidatorPC => moved successfully
    "C:UsersPublicDesktopPC-Speedup-Pro.lnk" => not found.
    "C:UsersTomAppDataLocalDailyPcClean Support" => not found.
    "C:UsersTomAppDataRoamingappmanager" => not found.
    "C:UsersTomAppDataRoamingDailyPCClean" => not found.
    C:UsersTomAppDataRoamingFileOpenerWindows => moved successfully
    "C:UsersTomAppDataRoamingpcspeeduppro.net" => not found.
    "C:UsersTomDesktopDailyPCClean.lnk" => not found.
    C:UsersTomDocumentsDailyPCClean => moved successfully
    C:UsersTomDownloadsHDVideoPlayer.exe => moved successfully
    "C:WindowsSystem32TasksAppManager_logon" => not found.
    "C:WindowsSystem32TasksDailyPCClean Schedule" => not found.
    "C:WindowsSystem32TasksPC-Speedup-Pro_Logon" => not found.
    HKLMSoftwareWOW6432NodeMicrosoftWindowsCurrentVersionRunOnce\updpcc_en_026010153.exe => value not found.
    PCValidator => service not found.
    HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{081CD308-3169-4CB1-B761-A15FB14D54D3} => key not found.
    C:WindowsSystem32TasksAppManager_logon => not found.
    HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTreeAppManager_logon => key not found.
    HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{17193911-2B31-4BA8-BE68-1F14DD191F3A} => key not found.
    C:WindowsSystem32TasksDailyPCClean Schedule => not found.
    HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTreeDailyPCClean Schedule => key not found.
    HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{301BF373-92BF-47DE-BF53-11FB3F73F2EA} => key not found.
    C:WindowsSystem32TasksPC-Speedup-Pro_Logon => not found.
    HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTreePC-Speedup-Pro_Logon => key not found.
    HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{B529595B-ECAA-4A0B-89D0-B7A91F9E84EC} => key not found.
    C:WindowsSystem32TasksDNSNORTHLAKE => not found.
    HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTreeDNSNORTHLAKE => key not found.


    The system needed a reboot.

    ==== End of Fixlog 04:50:20 ====

    Thank you :)

  • Anonymous
    Post count: 0

    Hello,

    Ok for your report, good job ;)

    Please now follow this two steps :

    • Download Malwarebytes Anti-Malware (MBAM), save it to your Desktop.
    • Install Malwarebytes Anti-Malware, follow the prompt. At the end place a checkmark in Launch Malwarebytes Anti-Malware, then choose Finish.
    • When MBAM opens it will says Your database is out of date. Choose Fix Now.
    • Click on the Settings tab at the top of the window, click on Detection and Protection at the top of the windows, checkmarck Scan for rootkits.
    • Click on the Scan tab at the top of the window, choose Threat Scan, then Scan Now.
    • If you receive a message that updates are available, choose Update Now button (the scan will start after updates are completed).

      Please be patient as the scan will take some time.

    • If MBAM detected threats, choose Quarantine for all items, then click Apply Actions.

      If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
      Click OK to either and let MBAM proceed with the disinfection process.
      If asked to restart the computer, please do so immediately.

    • After the reboot, launch MBAM, click on the History tab, choose Application Logs.
    • Click the most recent Scan Log. In the window that opens, click the Export button, choose Text file (*.txt) and save the log to your Desktop.
    • To finish, upload the log on SOSUpload and give me the link on your next message.

    • Download Adwcleaner, save it to your Desktop.
    • Start adwcleaner.exe, right click Run as administrator.
    • Accept the EULA, click I accept, let the database update.
    • First click Scan.

      Please be patient as the scan will take some time.

    • Secondly click Cleaning.
    • Click Yes at disclaimers.
    • The computer will restart.

    • After the restart, a logfile will open when logging in Notepad AdwCleaner[C#].txt. Save this log on your desktop.
    • To finish, upload the log on SOSUpload and give me the link on your next message.

    I waiting you.

  • HappySos
    Participant
    Post count: 6

    I back !

    MBAM report :

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 3/7/2016
    Scan Time: 4:07 PM
    Logfile: s.txt
    Administrator: Yes

    Version: 2.2.0.1024
    Malware Database: v2016.03.07.08
    Rootkit Database: v2016.02.27.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: test

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 324386
    Time Elapsed: 5 min, 58 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 11
    PUP.Optional.Tuto4PC, HKLMSOFTWAREWOW6432NODECLASSESCLSID{8FF10FED-2F0A-4F7F-BE87-B04F1DCD4319}, Quarantined, [856f34507a1f3afc3271b0148d75d729],
    PUP.Optional.Tuto4PC, HKLMSOFTWARECLASSESWOW6432NODECLSID{8FF10FED-2F0A-4F7F-BE87-B04F1DCD4319}, Quarantined, [856f34507a1f3afc3271b0148d75d729],
    PUP.Optional.DNSUnlocker, HKLMSOFTWAREMICROSOFTSYSTEMCERTIFICATESROOTCERTIFICATES26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, Quarantined, [36be285c039669cdabd3d79a22e257a9],
    PUP.Optional.PCSpeedupPro, HKLMSOFTWAREPCSP-PR, Quarantined, [c4309ee6732652e4c6de4736ab597f81],
    PUP.Optional.DNSUnlocker, HKLMSOFTWAREWOW6432NODEMICROSOFTSYSTEMCERTIFICATESROOTCERTIFICATES26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, Quarantined, [33c1e0a416836ec8f28cadc4b45040c0],
    PUP.Optional.DailyPCClean, HKLMSOFTWAREWOW6432NODEMICROSOFTTRACINGDailyPCClean_RASAPI32, Quarantined, [757f3450f8a140f6a5aa8fde06fe9967],
    PUP.Optional.DailyPCClean, HKLMSOFTWAREWOW6432NODEMICROSOFTTRACINGDailyPCClean_RASMANCS, Quarantined, [a252fd87a9f049ed56f9432a31d38080],
    PUP.Optional.MySearch123, HKLMSOFTWAREWOW6432NODEMICROSOFTWINDOWSCURRENTVERSIONUNINSTALL{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}, Quarantined, [17dd6222603937ffa0a4ef749a6a47b9],
    PUP.Optional.Tuto4PC, HKLMSOFTWAREWOW6432NODETUTORIALS, Quarantined, [37bd275d1d7c16200282f72ec73dbc44],
    PUP.Optional.Tuto4PC, HKUS-1-5-21-1146954719-197784650-3855368955-1000SOFTWARETutoTag, Quarantined, [54a06a1abcdd8caadfa16db8f113e41c],
    PUP.Optional.Tuto4PC, HKUS-1-5-21-1146954719-197784650-3855368955-1000SOFTWAREMICROSOFTOTUT, Quarantined, [b341295b1980cf672152067727dddc24],

    Registry Values: 4
    PUP.Optional.PCSpeedupPro, HKLMSOFTWAREPCSP-PR|affiliateid, Quarantined, [c4309ee6732652e4c6de4736ab597f81],
    PUP.Optional.Tuto4PC, HKLMSOFTWAREWOW6432NODETUTORIALS|HostGUID, D2275A80-0021-47F0-A9E1-0A68BA573999, Quarantined, [37bd275d1d7c16200282f72ec73dbc44]
    PUP.Optional.Tuto4PC, HKUS-1-5-21-1146954719-197784650-3855368955-1000SOFTWAREMICROSOFTOTUT|product, tutoproduct, Quarantined, [b341295b1980cf672152067727dddc24]
    PUP.Optional.Tuto4PC, HKUS-1-5-21-1146954719-197784650-3855368955-1000SOFTWAREMICROSOFTOTUT|partner, tuto, Quarantined, [5d97354f0a8feb4b5c17e69747bd619f]

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    Adwcleaner report :

    # AdwCleaner v5.101 - Logfile created 07/03/2016 at 16:18:45
    # Updated 07/03/2016 by Xplode
    # Database : 2016-03-06.3 [Server]
    # Operating system : Windows 7 Professional Service Pack 1 (x64)
    # Username : Tom - Tom-PC
    # Running from : C:UserstomDesktopadwcleaner_5.101.exe
    # Option : Clean
    # Support : http://toolslib.net/forum

    ***** [ Services ] *****


    ***** [ Folders ] *****


    ***** [ Files ] *****


    ***** [ DLLs ] *****


    ***** [ Shortcuts ] *****


    ***** [ Scheduled tasks ] *****


    ***** [ Registry ] *****

    [-] Key Deleted : HKCUSoftwareDAILYPCCLEAN
    [-] Key Deleted : HKCUSoftwareMicrosoftTinstalls
    [-] Key Deleted : [x64] HKLMSOFTWAREPCValidator

    ***** [ Web browsers ] *****

    [-] [C:UserstomAppDataLocalGoogleChromeUser DataDefaultWeb Data] [Search Provider] Deleted : aol.com
    [-] [C:UserstomAppDataLocalGoogleChromeUser DataDefaultWeb Data] [Search Provider] Deleted : ask.com

    *************************

    :: "Tracing" keys removed
    :: Winsock settings cleared

    *************************

    C:Program Files (x86)AdwCleanerAdwCleaner[C1].txt - [1075 bytes] - [07/03/2016 16:18:45]
    C:Program Files (x86)AdwCleanerAdwCleaner[S1].txt - [1151 bytes] - [07/03/2016 16:18:21]

    ########## EOF - C:Program Files (x86)AdwCleanerAdwCleaner[C1].txt - [1261 bytes] ##########
  • Anonymous
    Post count: 0

    Ok. You don’t have a antivirus. You must install a antivirus.

    Have you pop-up again ? Have you some questions ?

  • HappySos
    Participant
    Post count: 6

    Done. I have installed Avast.

    No questions, thank you. It’s finish ?

  • Anonymous
    Post count: 0

    Ok perfect.

    Last step :

    • Download Delfix, save it to your Desktop.
    • Start Delfix.exe, right click Run as administrator.
    • Place a checkmark in the following :
      – Active UAC
      – Remove disinfection tools
      – Create registry backup
      – Purge system restore
      – Reset system settings

    • Click Run

      Please be patient as the scan will take some time.

    • After the scan, a logfile will open in Notepad Delfix.txt. Save this log on your desktop.
    • To finish, upload the log on SOSUpload and give me the link on your next message.
  • HappySos
    Participant
    Post count: 6

    The report of Delfix :

    # DelFix v1.012 - Logfile created 07/03/2016 at 16:53:38
    # Updated 04/03/2015 by Xplode
    # Username : Tom - Tom-PC
    # Operating System : Windows 7 Professional Service Pack 1 (64 bits)

    ~ Activating UAC ... OK

    ~ Removing disinfection tools ...

    Deleted : C:FRST
    Deleted : C:UserstomDesktopAddition.txt
    Deleted : C:UserstomDesktopadwcleaner_5.101.exe
    Deleted : C:UserstomDesktopFixlog.txt
    Deleted : C:UserstomDesktopFRST64.exe

    ~ Creating registry backup ... OK

    ~ Cleaning system restore ...


    New restore point created !

    ~ Resetting system settings ... OK

    ########## - EOF - ##########

    Thank you very much ! :D

  • Anonymous
    Post count: 0

    Your welcom ;)

  • You must be logged in to reply to this topic.