Jump to content


Photo

Had malware, think its gone - can someone check please?


  • This topic is locked This topic is locked
2 replies to this topic

#1 Strawberryblonde

Strawberryblonde

    Member

  • New Member
  • Pip
  • 1 posts

Posted 13 August 2018 - 02:32 AM

Hi,

2 weeks ago i got a talking message saying computer was infected, which i think i sorted out. Yesterday got a notification that Kaspersky had found malicious something, unfortunately, i renewed my Kaspersky this morning, so cant actually say what it was...

Can someone check my logs (FRST, RGSA and MBAM below)? Thanks in advance

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by Ash (administrator) on ASHVIC (13-08-2018 18:08:33)
Running from C:\Users\Ash\Desktop\check
Loaded Profiles: Ash (Available Profiles: UpdatusUser & Ash)
Platform: Windows 10 Home Version 1803 17134.165 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Windows\SysWOW64\ASGT.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avpui.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
(LG Electronics Inc.) C:\Program Files (x86)\LG Software\LG Smart Share\Update\SmartShareTray.exe
(LG Electronics Inc.) C:\Program Files (x86)\LG Software\LG Smart Share\DMS\SmartShareDMS.exe
(LG Electronics Inc.) C:\Program Files (x86)\LG Software\LG Smart Share\DMC\Aggregation.exe
(LG Electronics Inc.) C:\Program Files (x86)\LG Software\LG Smart Share\DMR\SmartShareDMR.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1806.1821.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-03-24] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5256336 2012-07-12] (VIA)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2018-06-23] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM Group Policy restriction on software: *.gif*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <==== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.jse <==== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.jse <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.js <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: ** <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.js <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.js <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <==== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.js <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3498243067-1637199546-3403071203-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2015-01-28] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3498243067-1637199546-3403071203-1002\...\Run: [Spotify Web Helper] => C:\Users\Ash\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2016-05-18] (Spotify Ltd)
HKU\S-1-5-21-3498243067-1637199546-3403071203-1002\...\Run: [Spotify] => C:\Users\Ash\AppData\Roaming\Spotify\Spotify.exe [7168568 2016-05-18] (Spotify Ltd)
HKU\S-1-5-21-3498243067-1637199546-3403071203-1002\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [254840 2017-03-17] (TomTom)
Startup: C:\Users\Ash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2013-09-07]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3da64aae-f9e1-403c-b2fb-02bdece9c4d1}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.news.net/index.php?referid=134
HKU\S-1-5-21-3498243067-1637199546-3403071203-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com.au/
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2018-06-20] (Internet Download Manager, Tonec Inc.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-18] (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll => No File
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-18] (Oracle Corporation)
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-13] (AO Kaspersky Lab)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2018-06-20] (Internet Download Manager, Tonec Inc.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll => No File
BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\IEExt\ie_plugin.dll [2018-08-13] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-13] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\IEExt\ie_plugin.dll [2018-08-13] (AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-3498243067-1637199546-3403071203-1002 -> Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\IEExt\ie_plugin.dll [2018-08-13] (AO Kaspersky Lab)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
 
FireFox:
========
FF ProfilePath: C:\Users\Ash\AppData\Roaming\TomTom\HOME\Profiles\si3157je.default [2017-07-03]
FF HKLM\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-08-13]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F88CEF8523DE460F9FA1D6E48BF8D340@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKU\S-1-5-21-3498243067-1637199546-3403071203-1002\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Ash\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Ash\AppData\Roaming\IDM\idmmzcc5 [2016-11-25] [Legacy] [not signed]
FF HKU\S-1-5-21-3498243067-1637199546-3403071203-1002\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll [2015-10-17] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-05-18] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll [2015-10-17] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-06-04] (CANON INC.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-30] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.com.au/"
CHR Profile: C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default [2018-08-13]
CHR Extension: (Kaspersky Protection) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-08-13]
CHR Extension: (Docs) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Google Drive) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Kaspersky Protection) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-05-20]
CHR Extension: (YouTube) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google Search) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Adobe Acrobat) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-06]
CHR Extension: (Google Docs Offline) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\Ash\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-09]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-07-11]
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-07-11]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\avp.exe [619640 2018-02-28] (AO Kaspersky Lab)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [517464 2015-01-28] (Garmin Ltd or its subsidiaries)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 19.0.0\x64\vssbridge64.exe [416560 2018-08-13] (AO Kaspersky Lab)
R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (AO Kaspersky Lab)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-11] ()
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-12] (Microsoft Corporation)
S3 klvssbrigde64; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [72904 2017-12-27] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [122560 2018-02-02] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [87752 2018-07-19] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2017-03-30] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [220360 2018-08-13] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1193160 2018-08-13] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [168760 2018-08-13] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1112264 2018-08-13] (AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57032 2018-02-12] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [58048 2018-01-15] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [83496 2017-12-11] (AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50648 2017-05-30] (AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45784 2017-11-29] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48080 2018-02-12] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [236488 2018-08-13] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2018-08-13] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [258864 2018-08-13] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [109248 2018-08-13] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [177848 2018-08-13] (AO Kaspersky Lab)
S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [100552 2018-02-17] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [161080 2018-07-19] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [203968 2018-02-24] (AO Kaspersky Lab)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [44480 2013-09-23] (hxxp://libusb-win32.sourceforge.net)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-08-13] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-08-13 17:29 - 2018-08-13 17:29 - 000109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2018-08-13 16:13 - 2018-08-13 16:13 - 000258864 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2018-08-13 16:12 - 2018-08-13 16:12 - 000087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2018-08-13 16:10 - 2018-08-13 16:10 - 000236488 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2018-08-13 16:10 - 2018-08-13 16:10 - 000177848 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2018-08-13 16:10 - 2018-08-13 16:10 - 000109248 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2018-08-13 16:10 - 2018-08-13 16:10 - 000003392 _____ C:\WINDOWS\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2018-08-13 16:08 - 2018-08-13 16:08 - 000001253 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2018-08-13 16:08 - 2018-08-13 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2018-08-13 16:08 - 2018-08-13 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2018-08-13 16:08 - 2018-08-13 16:07 - 000002150 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2018-08-13 16:07 - 2018-08-13 16:07 - 000152360 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\klhkum.dll
2018-08-12 17:55 - 2018-08-12 17:55 - 000061629 _____ C:\Users\Ash\Desktop\RegRenewalReceipt 1LA6NY_20180812_0555.pdf
2018-08-11 16:30 - 2018-08-11 16:32 - 000880835 _____ C:\Users\Ash\Desktop\Tenant - Booking Terms and Conditions Form_signed.pdf
2018-08-09 13:46 - 2018-08-09 13:46 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-08-09 13:46 - 2018-08-09 13:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-08-09 13:46 - 2018-08-09 13:46 - 000000000 ____D C:\Program Files\iPod
2018-08-09 13:45 - 2018-08-09 13:46 - 000000000 ____D C:\Program Files\iTunes
2018-08-09 13:44 - 2018-08-09 13:44 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2018-08-09 13:44 - 2018-08-09 13:44 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-08-09 12:27 - 2018-08-09 12:27 - 000242309 _____ C:\Users\Ash\Downloads\38104742.pdf
2018-08-02 11:23 - 2018-08-02 11:23 - 000008226 _____ C:\Users\Ash\Downloads\TransactionHistory.csv
2018-08-02 10:50 - 2018-08-02 10:50 - 000162763 _____ C:\Users\Ash\Downloads\Holiday Booking Statement.pdf
2018-08-02 10:50 - 2018-08-02 10:50 - 000110592 ____H C:\Users\Ash\Downloads\~WRL0001.tmp
2018-07-30 15:37 - 2018-07-30 15:46 - 000081753 _____ C:\Users\Ash\Downloads\Budget_200917.xlsx
2018-07-30 10:50 - 2018-07-30 10:50 - 000137186 _____ C:\Users\Ash\Downloads\Resume_Victoria+Brennan_May18.pdf
2018-07-30 10:44 - 2018-07-30 10:44 - 009894595 _____ C:\Users\Ash\Downloads\Untitled_Message (9).zip
2018-07-28 15:07 - 2018-07-28 15:07 - 011344055 _____ C:\Users\Ash\Downloads\Untitled_Message (8).zip
2018-07-27 10:16 - 2018-07-27 10:16 - 005224042 _____ C:\Users\Ash\Downloads\Untitled_Message (7).zip
2018-07-26 19:54 - 2018-07-26 19:54 - 000066715 _____ C:\Users\Ash\Downloads\TLS_Dividend_Advice_2018_03_29 (1).pdf
2018-07-26 19:51 - 2018-07-26 19:51 - 000068003 _____ C:\Users\Ash\Downloads\TLS_Dividend_Advice_2017_09_28.pdf
2018-07-26 19:51 - 2018-07-26 19:51 - 000066715 _____ C:\Users\Ash\Downloads\TLS_Dividend_Advice_2018_03_29.pdf
2018-07-26 19:48 - 2018-07-26 19:48 - 000067567 _____ C:\Users\Ash\Downloads\AGL_Dividend_Advice_2018_03_26.pdf
2018-07-26 19:48 - 2018-07-26 19:48 - 000067299 _____ C:\Users\Ash\Downloads\AGL_Dividend_Advice_2017_09_22 (1).pdf
2018-07-20 22:44 - 2018-07-20 22:44 - 000425970 _____ C:\Users\Ash\Downloads\report-511801578514-2018-07-04-to-2018-07-20.csv
2018-07-20 08:40 - 2018-07-20 08:40 - 006981240 _____ (ESET spol. s r.o.) C:\Users\Ash\Downloads\esetonlinescanner_enu.exe
2018-07-20 08:40 - 2018-07-20 08:40 - 000000000 ____D C:\Users\Ash\AppData\Local\ESET
2018-07-20 08:23 - 2018-07-20 08:25 - 007417040 _____ (Malwarebytes) C:\Users\Ash\Downloads\adwcleaner_7.2.2.exe
2018-07-20 08:20 - 2018-07-20 08:20 - 000035559 _____ C:\Users\Ash\Downloads\Addition.txt
2018-07-20 08:19 - 2018-08-13 18:08 - 000000000 ____D C:\FRST
2018-07-20 08:19 - 2018-07-20 08:20 - 000103378 _____ C:\Users\Ash\Downloads\FRST.txt
2018-07-20 08:19 - 2018-07-20 08:19 - 002412544 _____ (Farbar) C:\Users\Ash\Downloads\FRST64.exe
2018-07-20 08:15 - 2018-08-13 16:57 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-07-16 20:06 - 2018-07-16 20:06 - 000476769 _____ C:\Users\Ash\Downloads\agl_bill (3).pdf
2018-07-16 20:06 - 2018-07-16 20:06 - 000464259 _____ C:\Users\Ash\Downloads\agl_bill (2).pdf
2018-07-16 20:05 - 2018-07-16 20:05 - 000310210 _____ C:\Users\Ash\Downloads\TRPB_1_1326134688.pdf
2018-07-16 20:00 - 2018-07-16 20:00 - 002092603 _____ C:\Users\Ash\Downloads\AAMI Car Renewal Account MPA033771003.pdf
2018-07-16 19:59 - 2018-07-16 19:59 - 002555191 _____ C:\Users\Ash\Downloads\AAMI Car New Policy Account MPA087812120.pdf
2018-07-16 19:55 - 2018-07-16 19:55 - 002053070 _____ C:\Users\Ash\Downloads\AAMI Car Policy Account MPA087812120.pdf
2018-07-14 17:37 - 2018-07-14 17:37 - 007725611 _____ C:\Users\Ash\Downloads\Untitled_Message (6).zip
2018-07-14 17:36 - 2018-07-14 17:36 - 006466402 _____ C:\Users\Ash\Downloads\Untitled_Message (5).zip
2018-07-14 17:36 - 2018-07-14 17:36 - 005299457 _____ C:\Users\Ash\Downloads\Untitled_Message (4).zip
2018-07-14 17:35 - 2018-07-14 17:35 - 007627434 _____ C:\Users\Ash\Downloads\Untitled_Message (3).zip
2018-07-14 17:35 - 2018-07-14 17:35 - 005102399 _____ C:\Users\Ash\Downloads\Untitled_Message (2).zip
2018-07-14 17:34 - 2018-07-14 17:34 - 003859578 _____ C:\Users\Ash\Downloads\Untitled_Message (1).zip
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-08-13 18:08 - 2016-08-21 11:52 - 000000000 ____D C:\Users\Ash\Desktop\check
2018-08-13 18:07 - 2016-08-21 11:46 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-08-13 18:02 - 2018-04-12 09:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-13 17:29 - 2018-05-14 19:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-13 17:29 - 2013-08-28 20:57 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-08-13 16:57 - 2018-06-09 16:52 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-08-13 16:44 - 2018-05-14 19:40 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-13 16:44 - 2018-04-12 09:36 - 000000000 ____D C:\WINDOWS\INF
2018-08-13 16:38 - 2018-05-14 19:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-13 16:38 - 2018-04-12 07:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-08-13 16:38 - 2017-07-29 11:03 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-13 16:10 - 2015-08-01 15:16 - 000000000 ____D C:\Program Files\Common Files\AV
2018-08-13 16:08 - 2015-12-20 17:14 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-08-13 16:08 - 2013-08-28 22:26 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2018-08-13 16:07 - 2018-04-12 09:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-08-13 16:07 - 2016-04-29 03:02 - 001193160 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2018-08-13 16:07 - 2015-12-20 17:22 - 001112264 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2018-08-13 16:07 - 2015-12-20 17:22 - 000220360 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2018-08-13 16:07 - 2015-10-30 16:28 - 000000000 ____D C:\Users\Default.migrated
2018-08-13 09:15 - 2018-05-14 19:37 - 000003356 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3498243067-1637199546-3403071203-1002
2018-08-13 09:15 - 2018-05-14 19:30 - 000002397 _____ C:\Users\Ash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-12 17:43 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-08-12 17:36 - 2013-08-29 22:40 - 000000000 ____D C:\Users\Ash\AppData\Roaming\DMCache
2018-08-12 15:42 - 2018-04-12 09:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-09 13:44 - 2013-09-01 19:01 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-08-09 09:08 - 2018-04-12 07:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-08-09 08:35 - 2013-11-10 17:58 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-09 08:35 - 2013-11-10 17:58 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-03 15:23 - 2018-07-06 08:19 - 000000000 ____D C:\ProgramData\Packages
2018-08-02 15:42 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-02 11:00 - 2013-09-08 10:55 - 000050560 _____ C:\Users\Ash\AppData\Local\GDIPFONTCACHEV1.DAT
2018-08-01 17:55 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-08-01 17:35 - 2018-04-12 09:38 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2018-07-27 09:51 - 2018-05-14 19:30 - 000000000 ____D C:\Users\UpdatusUser
2018-07-20 08:25 - 2013-09-01 20:16 - 000000000 ____D C:\AdwCleaner
2018-07-20 08:14 - 2013-08-29 22:40 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2018-07-20 08:11 - 2013-08-29 22:40 - 000000000 ____D C:\Users\Ash\AppData\Roaming\IDM
2018-07-19 19:02 - 2015-06-16 20:56 - 000161080 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2018-07-19 19:02 - 2015-06-06 07:51 - 000087752 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kldisk.sys
 
==================== Files in the root of some directories =======
 
2013-11-28 18:05 - 2017-02-20 18:29 - 000007601 _____ () C:\Users\Ash\AppData\Local\resmon.resmoncfg
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-05-14 19:27
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Ash (13-08-2018 18:09:04)
Running from C:\Users\Ash\Desktop\check
Windows 10 Home Version 1803 17134.165 (X64) (2018-05-14 09:37:22)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3498243067-1637199546-3403071203-500 - Administrator - Disabled)
Ash (S-1-5-21-3498243067-1637199546-3403071203-1002 - Administrator - Enabled) => C:\Users\Ash
DefaultAccount (S-1-5-21-3498243067-1637199546-3403071203-503 - Limited - Disabled)
Guest (S-1-5-21-3498243067-1637199546-3403071203-501 - Limited - Disabled)


#2 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,223 posts

Posted 13 August 2018 - 06:10 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Your logs are clean.

The only thing that needs your attention is this.

ATTENTION: System Restore is disabled
Turn System Restore On for Drives in Windows 10 - Immediately.
http://www.tenforums...ndows-10-a.html
===

For your added security I suggest that you update the following programs.

JAVA

You can manually check your present version and update as recommended.
https://www.java.com...d/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmic...java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.co...oads/index.html

How to disable Java in your browsers
http://www.infoworld...browsers-210882
===

Stay safe.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#3 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,223 posts

Posted 17 August 2018 - 05:33 AM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




Member of UNITE
Support SpywareInfo Forum - click the button