Solved Have a virus/malware and can't download things

[Broni]

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

[windowman]

Fix result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018
Ran by Michael (11-01-2018 20:41:15) Run:1
Running from C:\Users\Michael\Desktop
Loaded Profiles: Michael (Available Profiles: Michael)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [aleck] => "C:\Program Files (x86)\Mec\trays.exe"
C:\Program Files (x86)\Me
HKU\S-1-5-21-867915027-2464976829-1762966156-1000\...\Run: [discusses] => "C:\Program Files (x86)\Mec\trays.exe"
HKU\S-1-5-21-867915027-2464976829-1762966156-1000\...\Run: [karsten] => "C:\Program Files (x86)\Mec\trays.exe"
HKU\S-1-5-21-867915027-2464976829-1762966156-1000\...\Run: [width] => "C:\Program Files (x86)\Mec\trays.exe"
FirewallRules: [{2988FD3F-8E68-4AA7-A394-D8D3E2DE9825}] => (Allow) C:\Program Files (x86)\Mec\trays.exe
HKLM\...\Run: [mediaskarsten] => "C:\Program Files (x86)\predesignated\worse.exe"
C:\Program Files (x86)\predesignated
HKLM-x32\...\Run: [aleckdiscusses] => "C:\Program Files (x86)\predesignated\worse.exe"
HKU\Michael\...\Run: [discussesaleck] => "C:\Program Files (x86)\predesignated\worse.exe"
HKU\Michael\...\Run: [karstenmedias] => "C:\Program Files (x86)\predesignated\worse.exe"
FirewallRules: [{7D3F54A0-D368-4AA1-B94A-61CD92ED85CF}] => (Allow) C:\Program Files (x86)\predesignated\worse.exe
HKLM\...\Run: [mediasmedias] => "C:\Program Files (x86)\Anarchists\trays.exe"
C:\Program Files (x86)\Anarchist
HKLM-x32\...\Run: [aleckaleck] => "C:\Program Files (x86)\Anarchists\trays.exe"
HKU\S-1-5-21-867915027-2464976829-1762966156-1000\...\Run: [discussesdiscusses] => "C:\Program Files (x86)\Anarchists\trays.exe"
HKU\S-1-5-21-867915027-2464976829-1762966156-1000\...\Run: [karstenkarsten] => "C:\Program Files (x86)\Anarchists\trays.exe"
FirewallRules: [{D790CE8A-C5D7-49A6-81C6-0BE683DA6F05}] => (Allow) C:\Program Files (x86)\Anarchists\trays.exe
FirewallRules: [{D5157F8D-D4D0-4E1F-8068-6DF0C7DC7144}] => (Allow) C:\Program Files (x86)\Anarchists\worse.exe
HKU\S-1-5-21-867915027-2464976829-1762966156-1000\...\Run: [entrails] => "C:\Program Files (x86)\inoperative\entrails.exe"
C:\Program Files (x86)\inoperative
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
S2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X]
S3 ESLoadService; "C:\Program Files (x86)\EaseUS\EaseUS MobiMover\bin\ESLoadService.exe" [X]
S3 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\DrFone for iOS\DriverInstall.exe [X]
S1 ArcCtrl; system32\drivers\ArcCtrl.sys [X]
U3 aswbdisk; no ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2016-12-18 19:47 - 2018-01-10 11:47 - 000000307 _____ () C:\Users\Michael\AppData\Roaming\com.mobilesyncbrowser.msb6
2014-02-01 23:10 - 2014-02-09 21:48 - 001617996 _____ () C:\Users\Michael\AppData\Local\ASbs.ac
2016-07-02 21:14 - 2016-07-02 21:14 - 000003584 _____ () C:\Users\Michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-01-08 10:06 - 2018-01-08 10:06 - 000140800 _____ () C:\Users\Michael\AppData\Local\installer.dat
2014-01-12 21:31 - 2016-10-12 21:02 - 000007598 _____ () C:\Users\Michael\AppData\Local\Resmon.ResmonCfg
2008-02-05 14:28 - 2008-02-05 14:28 - 000000051 _____ () C:\Users\Michael\AppData\Local\setup.txt
2018-01-08 10:06 - 2018-01-08 10:06 - 001895381 _____ () C:\Users\Michael\AppData\Local\Spanstrong.bin
2018-01-09 16:02 - 2018-01-09 16:02 - 002393088 _____ (Farbar) C:\Users\Michael\AppData\Local\Temp\62BA.tmp.exe
2018-01-09 08:02 - 2018-01-09 08:02 - 002393088 _____ (Farbar) C:\Users\Michael\AppData\Local\Temp\9E33.tmp.exe
2018-01-09 15:34 - 2018-01-09 15:34 - 002393088 _____ (Farbar) C:\Users\Michael\AppData\Local\Temp\B50D.tmp.exe
2018-01-10 18:27 - 2014-02-19 20:41 - 001732032 _____ (Microsoft Corporation) C:\Users\Michael\AppData\Local\Temp\dllnt_dump.dll
2018-01-09 08:46 - 2018-01-09 08:46 - 002393088 _____ (Farbar) C:\Users\Michael\AppData\Local\Temp\E63.tmp.exe
CustomCLSID: HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Shortcut: C:\Users\Michael\Desktop\Tor Browser\Stаrt Тоr Вrоwsеr.lnk -> C:\Users\Michael\Desktop\Tor Browser\Browser\firefox.bat (No File)
Shortcut: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехplоrеr.lnk -> C:\Program Files\Internet Explorer\iexplore.bat (No File)
Shortcut: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stаrt Тоr Вrоwsеr.lnk -> C:\Users\Michael\Desktop\Tor Browser\Browser\firefox.bat (No File)
Shortcut: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехplоrеr (Nо Аdd-оns).lnk -> C:\Program Files\Internet Explorer\iexplore.bat (No File)
Shortcut: C:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (No File)
Shortcut: C:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File)
Shortcut: C:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Ехplоrеr.lnk -> C:\Program Files\Internet Explorer\iexplore.bat (No File)
Shortcut: C:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quаkе Livе.lnk -> C:\Program Files (x86)\Quake Live\Launcher.bat (No File)
Shortcut: C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (No File)
Shortcut: C:\Users\Public\Desktop\Quаkе Livе.lnk -> C:\Program Files (x86)\Quake Live\Launcher.bat (No File)
AlternateDataStreams: C:\ProgramData\TEMP:05E9FFE5 [149]
AlternateDataStreams: C:\ProgramData\TEMP:B6418BC9 [412]

*****************

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\aleck" => removed successfully
"C:\Program Files (x86)\Me" => not found
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Run\\discusses" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Run\\karsten" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Run\\width" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2988FD3F-8E68-4AA7-A394-D8D3E2DE9825}" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mediaskarsten" => removed successfully
C:\Program Files (x86)\predesignated => moved successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\aleckdiscusses" => removed successfully
"HKU\Michael\Software\Microsoft\Windows\CurrentVersion\Run\\discussesaleck" => not found
"HKU\Michael\Software\Microsoft\Windows\CurrentVersion\Run\\karstenmedias" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7D3F54A0-D368-4AA1-B94A-61CD92ED85CF}" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mediasmedias" => removed successfully
"C:\Program Files (x86)\Anarchist" => not found
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\aleckaleck" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Run\\discussesdiscusses" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Run\\karstenkarsten" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D790CE8A-C5D7-49A6-81C6-0BE683DA6F05}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D5157F8D-D4D0-4E1F-8068-6DF0C7DC7144}" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Run\\entrails" => removed successfully
C:\Program Files (x86)\inoperative => moved successfully
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKLM\System\CurrentControlSet\Services\ADExchange" => removed successfully
ADExchange => service removed successfully
"HKLM\System\CurrentControlSet\Services\ESLoadService" => removed successfully
ESLoadService => service removed successfully
"HKLM\System\CurrentControlSet\Services\WinDefend" => removed successfully
WinDefend => service removed successfully
"HKLM\System\CurrentControlSet\Services\WsDrvInst" => removed successfully
WsDrvInst => service removed successfully
"HKLM\System\CurrentControlSet\Services\ArcCtrl" => removed successfully
ArcCtrl => service removed successfully
"HKLM\System\CurrentControlSet\Services\aswbdisk" => removed successfully
aswbdisk => service removed successfully
"HKLM\System\CurrentControlSet\Services\catchme" => removed successfully
catchme => service removed successfully
"HKLM\System\CurrentControlSet\Services\VGPU" => removed successfully
VGPU => service removed successfully
C:\Users\Michael\AppData\Roaming\com.mobilesyncbrowser.msb6 => moved successfully
C:\Users\Michael\AppData\Local\ASbs.ac => moved successfully
C:\Users\Michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\Michael\AppData\Local\installer.dat => moved successfully
C:\Users\Michael\AppData\Local\Resmon.ResmonCfg => moved successfully
C:\Users\Michael\AppData\Local\setup.txt => moved successfully
C:\Users\Michael\AppData\Local\Spanstrong.bin => moved successfully
C:\Users\Michael\AppData\Local\Temp\62BA.tmp.exe => moved successfully
C:\Users\Michael\AppData\Local\Temp\9E33.tmp.exe => moved successfully
C:\Users\Michael\AppData\Local\Temp\B50D.tmp.exe => moved successfully
C:\Users\Michael\AppData\Local\Temp\dllnt_dump.dll => moved successfully
C:\Users\Michael\AppData\Local\Temp\E63.tmp.exe => moved successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}" => removed successfully
"HKU\S-1-5-21-867915027-2464976829-1762966156-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found
"C:\Users\Michael\Desktop\Tor Browser\Stаrt Тоr Вrоwsеr.lnk" => Could not move.
"C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехplоrеr.lnk" => Could not move.
"C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stаrt Тоr Вrоwsеr.lnk" => Could not move.
"C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехplоrеr (Nо Аdd-оns).lnk" => Could not move.
"C:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk" => Could not move.
"C:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk" => Could not move.
"C:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Ехplоrеr.lnk" => Could not move.
"C:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Gооglе Сhrоmе.lnk" => Could not move.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk" => Could not move.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quаkе Livе.lnk" => Could not move.
"C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk" => Could not move.
"C:\Users\Public\Desktop\Quаkе Livе.lnk" => Could not move.
C:\ProgramData\TEMP => ":05E9FFE5" ADS removed successfully
C:\ProgramData\TEMP => ":B6418BC9" ADS removed successfully

==== End of Fixlog 20:41:23 ====

 

[windowman]

Was this all you needed or is there another step?

Thank you for the help too.

 

[Broni]

Last scans...

Download Security Check from here or here and save it to your Desktop.

• Double-click SecurityCheck.exe
• Follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:

• Internet Services
• Windows Firewall
• System Restore
• Security Center
• Windows Update
• Windows Defender
• Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

• Double click on TFC.exe to run the program.
• Click on Start button to begin cleaning process.
• TFC will close all running programs, and it may ask you to restart computer.

Download Sophos Free Virus Removal Tool and save it to your desktop.

• Double click the icon and select Run
• Click Next
• Select I accept the terms in this license agreement, then click Next twice
• Click Install
• Click Finish to launch the program
• Once the virus database has been updated click Start Scanning
• If any threats are found click Details, then View log file... (bottom left hand corner)
• Copy and paste the results in your reply
• Close the Notepad document, close the Threat Details screen, then click Start cleanup
• Click Exit to close the program

 

[windowman]

1st one, Security Check

Results of screen317's Security Check version 1.014 --- 12/23/15
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
ESET NOD32 Antivirus 7.0
Malwarebytes
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java version 32-bit out of Date!
Google Chrome (63.0.3239.132)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
ESET NOD32 Antivirus egui.exe
ESET NOD32 Antivirus ekrn.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamtray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 40% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

 

[windowman]

2nd one Farbar scanner ,

Farbar Service Scanner Version: 27-01-2016
Ran by Michael (administrator) on 15-01-2018 at 18:31:28
Running from "C:\Users\Michael\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed

ATTENTION!=====> C:\Program Files\Windows Defender\MpSvc.dll FILE IS MISSING.

C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

 

[Broni]

We have one system file missing.

Re-run FRST again.
Type the following in the edit box after "Search:".

MpSvc.dll

Click Search files button and post the log (Search.txt) it makes in your reply.

 

[windowman]

1st half

2018-01-16 02:41:23.356 Sophos Virus Removal Tool version 2.6.1
2018-01-16 02:41:23.356 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.

2018-01-16 02:41:23.356 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2018-01-16 02:41:23.356 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x100 PT=0x1 WOW64
2018-01-16 02:41:23.358 Checking for updates...
2018-01-16 02:41:30.756 Option all = no
2018-01-16 02:41:30.756 Option recurse = yes
2018-01-16 02:41:30.756 Option archive = no
2018-01-16 02:41:30.756 Option service = yes
2018-01-16 02:41:30.756 Option confirm = yes
2018-01-16 02:41:30.756 Option sxl = yes
2018-01-16 02:41:30.757 Option max-data-age = 35
2018-01-16 02:41:30.757 Option vdl-logging = yes
2018-01-16 02:41:30.762 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2018-01-16 02:41:30.762 Machine ID: 8cdf7c7dc1194167b87c38e2a81ea520
2018-01-16 02:41:30.766 Component SVRTcli.exe version 2.6.1
2018-01-16 02:41:30.766 Component control.dll version 2.6.1
2018-01-16 02:41:30.766 Component SVRTservice.exe version 2.6.1
2018-01-16 02:41:30.766 Component engine\osdp.dll version 1.44.1.2286
2018-01-16 02:41:30.766 Component engine\veex.dll version 3.68.6.2286
2018-01-16 02:41:30.766 Component engine\savi.dll version 9.0.7.2286
2018-01-16 02:41:30.767 Component rkdisk.dll version 1.5.31.1
2018-01-16 02:41:30.767 Version info: Product version 2.6.1
2018-01-16 02:41:30.767 Version info: Detection engine 3.68.6
2018-01-16 02:41:30.767 Version info: Detection data 5.46
2018-01-16 02:41:30.767 Version info: Build date 11/28/2017
2018-01-16 02:41:30.767 Version info: Data files added 365
2018-01-16 02:41:30.767 Version info: Last successful update (not yet updated)
2018-01-16 02:41:36.985 Update progress: proxy server not available
2018-01-16 02:41:50.443 Downloading updates...
2018-01-16 02:41:50.444 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2018-01-16 02:41:50.444 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2018-01-16 02:41:50.444 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2018-01-16 02:41:50.444 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2018-01-16 02:41:50.444 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2018-01-16 02:41:50.444 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2018-01-16 02:41:50.444 Update progress: [I49502] sdds.data0910.xml: found supplement IDE547 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2018-01-16 02:41:50.444 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE547 LATEST path=
2018-01-16 02:41:50.444 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE547 LATEST path=
2018-01-16 02:41:50.444 Update progress: [I49502] sdds.data0910.xml: found supplement IDE548 LATEST path= baseVersion= [included from product IDE547 LATEST path=]
2018-01-16 02:41:50.444 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE548 LATEST path=
2018-01-16 02:41:50.444 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE548 LATEST path=
2018-01-16 02:41:50.444 Update progress: [I49502] sdds.data0910.xml: found supplement IDE549 LATEST path= baseVersion= [included from product IDE548 LATEST path=]
2018-01-16 02:41:50.444 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE549 LATEST path=
2018-01-16 02:41:50.444 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE549 LATEST path=
2018-01-16 02:41:50.444 Update progress: [I49502] sdds.data0910.xml: found supplement IDE550 LATEST path= baseVersion= [included from product IDE549 LATEST path=]
2018-01-16 02:41:50.444 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE550 LATEST path=
2018-01-16 02:41:50.444 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE550 LATEST path=
2018-01-16 02:41:50.444 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2018-01-16 02:41:50.925 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2018-01-16 02:41:50.925 Update progress: [I19463] Product download size 178991033 bytes
2018-01-16 02:41:53.036 Update progress: [I19463] Syncing product IDE547 LATEST path=
2018-01-16 02:41:53.036 Update progress: [I19463] Product download size 4521286 bytes
2018-01-16 02:41:53.585 Update progress: [I19463] Syncing product IDE548 LATEST path=
2018-01-16 02:41:53.585 Update progress: [I19463] Product download size 3541768 bytes
2018-01-16 02:41:54.028 Update progress: [I19463] Syncing product IDE549 LATEST path=
2018-01-16 02:41:54.028 Update progress: [I19463] Product download size 645122 bytes
2018-01-16 02:41:54.099 Update progress: [I19463] Syncing product IDE550 LATEST path=
2018-01-16 02:41:54.121 Installing updates...
2018-01-16 02:41:54.723 Error level 1
2018-01-16 02:41:57.856 Update successful
2018-01-16 02:42:04.415 Option all = no
2018-01-16 02:42:04.415 Option recurse = yes
2018-01-16 02:42:04.415 Option archive = no
2018-01-16 02:42:04.415 Option service = yes
2018-01-16 02:42:04.415 Option confirm = yes
2018-01-16 02:42:04.415 Option sxl = yes
2018-01-16 02:42:04.416 Option max-data-age = 35
2018-01-16 02:42:04.416 Option vdl-logging = yes
2018-01-16 02:42:04.420 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2018-01-16 02:42:04.420 Machine ID: 8cdf7c7dc1194167b87c38e2a81ea520
2018-01-16 02:42:04.423 Component SVRTcli.exe version 2.6.1
2018-01-16 02:42:04.424 Component control.dll version 2.6.1
2018-01-16 02:42:04.424 Component SVRTservice.exe version 2.6.1
2018-01-16 02:42:04.424 Component engine\osdp.dll version 1.44.1.2286
2018-01-16 02:42:04.424 Component engine\veex.dll version 3.68.6.2286
2018-01-16 02:42:04.424 Component engine\savi.dll version 9.0.7.2286
2018-01-16 02:42:04.424 Component rkdisk.dll version 1.5.31.1
2018-01-16 02:42:04.424 Version info: Product version 2.6.1
2018-01-16 02:42:04.425 Version info: Detection engine 3.68.6
2018-01-16 02:42:04.425 Version info: Detection data 5.46
2018-01-16 02:42:04.425 Version info: Build date 11/28/2017
2018-01-16 02:42:04.425 Version info: Data files added 365
2018-01-16 02:42:04.425 Version info: Last successful update 1/15/2018 6:41:57 PM

2018-01-16 03:21:12.018 Error level 0

2018-01-16 03:21:12.018 Scan cancelled by user.
2018-01-16 03:21:12.018

------------------------------------------------------------

2018-01-16 03:29:51.783 Sophos Virus Removal Tool version 2.6.1
2018-01-16 03:29:51.783 Copyright (c) 2009-2017 Sophos Limited. All rights reserved.

2018-01-16 03:29:51.783 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2018-01-16 03:29:51.783 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x100 PT=0x1 WOW64
2018-01-16 03:29:51.783 Checking for updates...
2018-01-16 03:29:59.947 Option all = no
2018-01-16 03:29:59.947 Option recurse = yes
2018-01-16 03:29:59.947 Option archive = no
2018-01-16 03:29:59.947 Option service = yes
2018-01-16 03:29:59.947 Option confirm = yes
2018-01-16 03:29:59.947 Option sxl = yes
2018-01-16 03:29:59.947 Option max-data-age = 35
2018-01-16 03:29:59.947 Option vdl-logging = yes
2018-01-16 03:29:59.957 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2018-01-16 03:29:59.957 Machine ID: 8cdf7c7dc1194167b87c38e2a81ea520
2018-01-16 03:29:59.967 Component SVRTcli.exe version 2.6.1
2018-01-16 03:29:59.967 Component control.dll version 2.6.1
2018-01-16 03:29:59.967 Component SVRTservice.exe version 2.6.1
2018-01-16 03:29:59.967 Component engine\osdp.dll version 1.44.1.2286
2018-01-16 03:29:59.967 Component engine\veex.dll version 3.68.6.2286
2018-01-16 03:29:59.967 Component engine\savi.dll version 9.0.7.2286
2018-01-16 03:29:59.967 Component rkdisk.dll version 1.5.31.1
2018-01-16 03:29:59.967 Version info: Product version 2.6.1
2018-01-16 03:29:59.967 Version info: Detection engine 3.68.6
2018-01-16 03:29:59.967 Version info: Detection data 5.46
2018-01-16 03:29:59.967 Version info: Build date 11/28/2017
2018-01-16 03:29:59.967 Version info: Data files added 365
2018-01-16 03:29:59.967 Version info: Last successful update 1/15/2018 6:41:57 PM
2018-01-16 03:30:05.397 Update progress: proxy server not available
2018-01-16 03:30:07.696 Downloading updates...
2018-01-16 03:30:07.696 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1
2018-01-16 03:30:07.696 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2018-01-16 03:30:07.696 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2018-01-16 03:30:07.696 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=]
2018-01-16 03:30:07.696 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path=
2018-01-16 03:30:07.696 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path=
2018-01-16 03:30:07.696 Update progress: [I49502] sdds.data0910.xml: found supplement IDE547 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=]
2018-01-16 03:30:07.696 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE547 LATEST path=
2018-01-16 03:30:07.696 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE547 LATEST path=
2018-01-16 03:30:07.696 Update progress: [I49502] sdds.data0910.xml: found supplement IDE548 LATEST path= baseVersion= [included from product IDE547 LATEST path=]
2018-01-16 03:30:07.696 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE548 LATEST path=
2018-01-16 03:30:07.696 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE548 LATEST path=
2018-01-16 03:30:07.696 Update progress: [I49502] sdds.data0910.xml: found supplement IDE549 LATEST path= baseVersion= [included from product IDE548 LATEST path=]
2018-01-16 03:30:07.696 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE549 LATEST path=
2018-01-16 03:30:07.696 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE549 LATEST path=
2018-01-16 03:30:07.696 Update progress: [I49502] sdds.data0910.xml: found supplement IDE550 LATEST path= baseVersion= [included from product IDE549 LATEST path=]
2018-01-16 03:30:07.696 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE550 LATEST path=
2018-01-16 03:30:07.696 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE550 LATEST path=
2018-01-16 03:30:07.696 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=
2018-01-16 03:30:08.046 Update progress: [I19463] Syncing product SAVIW32 LATEST path=
2018-01-16 03:30:08.197 Update progress: [I19463] Syncing product IDE547 LATEST path=
2018-01-16 03:30:08.347 Update progress: [I19463] Syncing product IDE548 LATEST path=
2018-01-16 03:30:08.377 Update progress: [I19463] Syncing product IDE549 LATEST path=
2018-01-16 03:30:08.377 Update progress: [I19463] Syncing product IDE550 LATEST path=
2018-01-16 03:30:08.397 Installing updates...
2018-01-16 03:30:08.997 Error level 1
2018-01-16 03:30:09.217 Update successful
2018-01-16 03:30:15.465 Option all = no
2018-01-16 03:30:15.465 Option recurse = yes
2018-01-16 03:30:15.465 Option archive = no
2018-01-16 03:30:15.465 Option service = yes
2018-01-16 03:30:15.465 Option confirm = yes
2018-01-16 03:30:15.465 Option sxl = yes
2018-01-16 03:30:15.465 Option max-data-age = 35
2018-01-16 03:30:15.465 Option vdl-logging = yes
2018-01-16 03:30:15.475 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2018-01-16 03:30:15.475 Machine ID: 8cdf7c7dc1194167b87c38e2a81ea520
2018-01-16 03:30:15.475 Component SVRTcli.exe version 2.6.1
2018-01-16 03:30:15.475 Component control.dll version 2.6.1
2018-01-16 03:30:15.475 Component SVRTservice.exe version 2.6.1
2018-01-16 03:30:15.475 Component engine\osdp.dll version 1.44.1.2286
2018-01-16 03:30:15.475 Component engine\veex.dll version 3.68.6.2286
2018-01-16 03:30:15.475 Component engine\savi.dll version 9.0.7.2286
2018-01-16 03:30:15.475 Component rkdisk.dll version 1.5.31.1
2018-01-16 03:30:15.475 Version info: Product version 2.6.1
2018-01-16 03:30:15.475 Version info: Detection engine 3.68.6
2018-01-16 03:30:15.475 Version info: Detection data 5.46
2018-01-16 03:30:15.475 Version info: Build date 11/28/2017
2018-01-16 03:30:15.475 Version info: Data files added 365
2018-01-16 03:30:15.475 Version info: Last successful update 1/15/2018 7:30:09 PM

2018-01-16 04:50:39.842 Could not open C:\hiberfil.sys
2018-01-16 04:50:39.857 Could not open C:\pagefile.sys
2018-01-16 04:59:22.318 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-01-16 04:59:22.318 Could not open C:\System Volume Information\{4a8d3ad0-fa5f-11e7-9cd2-00acce2b8d08}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-01-16 04:59:22.318 Could not open C:\System Volume Information\{7f65c06e-f950-11e7-a054-00acce2b8d08}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-01-16 04:59:22.318 Could not open C:\System Volume Information\{a4508d27-f645-11e7-89ee-00acce2b8d08}{3808876b-c176-4e48-b7ae-04046e6cc752}
2018-01-16 05:13:59.338 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2018-01-16 05:13:59.338 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2018-01-16 05:14:00.555 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2018-01-16 05:14:00.555 Could not open C:\Windows\System32\config\RegBack\SAM
2018-01-16 05:14:00.555 Could not open C:\Windows\System32\config\RegBack\SECURITY
2018-01-16 05:14:00.571 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2018-01-16 05:14:00.571 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2018-01-16 05:21:09.322 >>> Virus 'Mal/ZAccConf-A' found in file D:\$Recycle.Bin\S-1-5-21-3269869849-2626671297-3505673395-1000\$867578979a1c01a79e68673e8aa87395\@
2018-01-16 05:21:09.322 >>> Virus 'Mal/ZAccConf-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 05:21:09.322 >>> Virus 'Mal/ZAccConf-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 05:21:09.322 >>> Virus 'Mal/ZAccConf-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 05:21:09.322 >>> Virus 'Mal/ZAccConf-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 05:21:09.322 >>> Virus 'Mal/ZAccConf-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 05:21:09.322 >>> Virus 'Mal/ZAccConf-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 05:21:09.322 >>> Virus 'Mal/ZAccConf-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 05:21:09.322 >>> Virus 'Mal/ZAccConf-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 05:21:09.322 >>> Virus 'Mal/ZAccConf-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 05:21:09.322 >>> Virus 'Mal/ZAccConf-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 05:21:09.322 >>> Virus 'Mal/ZAccConf-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 05:21:09.322 >>> Virus 'Mal/ZAccConf-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 05:21:09.322 >>> Virus 'Mal/ZAccConf-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 05:44:36.248 >>> Virus 'Mal/JNLP-A' found in file D:\Users\Michael\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\1d24104c-3f73b6df
2018-01-16 05:44:36.248 >>> Virus 'Mal/JNLP-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 05:44:36.248 >>> Virus 'Mal/JNLP-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 05:44:36.248 >>> Virus 'Mal/JNLP-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 05:44:36.248 >>> Virus 'Mal/JNLP-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 05:44:36.248 >>> Virus 'Mal/JNLP-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 05:44:36.248 >>> Virus 'Mal/JNLP-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 05:44:36.248 >>> Virus 'Mal/JNLP-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 05:44:36.248 >>> Virus 'Mal/JNLP-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 05:44:36.248 >>> Virus 'Mal/JNLP-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 05:44:36.248 >>> Virus 'Mal/JNLP-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 05:44:36.248 >>> Virus 'Mal/JNLP-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 05:44:36.248 >>> Virus 'Mal/JNLP-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 05:44:36.248 >>> Virus 'Mal/JNLP-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 05:44:41.318 >>> Virus 'Troj/ZAccess-LY' found in file D:\Users\Michael\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\21c74e9b-69f46073
2018-01-16 05:44:41.318 >>> Virus 'Troj/ZAccess-LY' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 05:44:41.318 >>> Virus 'Troj/ZAccess-LY' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 05:44:41.318 >>> Virus 'Troj/ZAccess-LY' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 05:44:41.318 >>> Virus 'Troj/ZAccess-LY' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 05:44:41.318 >>> Virus 'Troj/ZAccess-LY' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 05:44:41.318 >>> Virus 'Troj/ZAccess-LY' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 05:44:41.318 >>> Virus 'Troj/ZAccess-LY' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 05:44:41.318 >>> Virus 'Troj/ZAccess-LY' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 05:44:41.318 >>> Virus 'Troj/ZAccess-LY' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 05:44:41.318 >>> Virus 'Troj/ZAccess-LY' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 05:44:41.318 >>> Virus 'Troj/ZAccess-LY' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 05:44:41.318 >>> Virus 'Troj/ZAccess-LY' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 05:44:41.318 >>> Virus 'Troj/ZAccess-LY' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 05:44:46.513 >>> Virus 'Mal/JNLP-A' found in file D:\Users\Michael\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\56efa708-1f8354af
2018-01-16 05:44:46.513 >>> Virus 'Mal/JNLP-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 05:44:46.513 >>> Virus 'Mal/JNLP-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 05:44:46.513 >>> Virus 'Mal/JNLP-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 05:44:46.513 >>> Virus 'Mal/JNLP-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 05:44:46.513 >>> Virus 'Mal/JNLP-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 05:44:46.513 >>> Virus 'Mal/JNLP-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 05:44:46.513 >>> Virus 'Mal/JNLP-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 05:44:46.513 >>> Virus 'Mal/JNLP-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 05:44:46.513 >>> Virus 'Mal/JNLP-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 05:44:46.513 >>> Virus 'Mal/JNLP-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 05:44:46.513 >>> Virus 'Mal/JNLP-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 05:44:46.513 >>> Virus 'Mal/JNLP-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 05:44:46.513 >>> Virus 'Mal/JNLP-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 05:46:12.032 >>> Virus 'Mal/HiBrowLnk-A' found in file D:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
2018-01-16 05:46:12.110 >>> Virus 'Mal/HiBrowLnk-A' found in file D:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
2018-01-16 05:46:12.250 >>> Virus 'Mal/HiBrowLnk-A' found in file D:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
2018-01-16 05:46:12.297 >>> Virus 'Mal/HiBrowLnk-A' found in file D:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
2018-01-16 05:46:16.915 >>> Virus 'Mal/HiBrowLnk-A' found in file D:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-01-16 05:49:47.390 Could not check D:\Users\Michael\Documents\WORK PC BU\My Documents 7-25-14\Production Manager\Production work files\AGING SUMMARY\2007\AR06.05.07.xls (corrupt)
2018-01-16 05:52:17.463 Could not check D:\Users\Michael\OneDrive\Documents\Production work files\AGING SUMMARY\2007\AR06.05.07.xls (corrupt)
2018-01-16 05:56:50.420 >>> Virus 'Mal/HiBrowLnk-A' found in file D:\Users\Public\Desktop\Google Chrome.lnk
2018-01-16 06:16:51.848 Password protected file F:\Downloads\Downloads\Passwords 8.2011.xlsx
2018-01-16 06:26:35.151 >>> Virus 'Mal/Behav-370' found in file F:\Game Stuff\1Maria's games\1 Done\PopCap\NingPo MahJongg Deluxe\NingPo_MahJongg_Deluxe Keygen\ningpo.mahjong.deluxe.1.04.keygen-tsrh.exe
2018-01-16 06:26:35.151 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:26:35.151 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:26:35.151 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:26:35.151 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:26:35.151 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:26:35.151 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:26:35.151 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:26:35.151 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:26:35.151 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:26:35.151 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:26:35.151 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:26:35.151 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:26:35.151 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:28:41.527 >>> Virus 'W32/Rebhip-W' found in file F:\Game Stuff\1Maria's games\games\Angry Birds Games\Angry Birds\Angry Birds\Crack\Angry Birds\Patch.exe
2018-01-16 06:28:41.527 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:28:41.527 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:28:41.527 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:28:41.527 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:28:41.527 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:28:41.527 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:28:41.527 >>> Virus 'W32/Rebhip-W' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:28:41.527 >>> Virus 'W32/Rebhip-W' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:28:41.527 >>> Virus 'W32/Rebhip-W' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:28:41.527 >>> Virus 'W32/Rebhip-W' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:28:41.527 >>> Virus 'W32/Rebhip-W' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:28:41.527 >>> Virus 'W32/Rebhip-W' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:28:41.527 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:28:49.093 >>> Virus 'W32/Rebhip-W' found in file F:\Game Stuff\1Maria's games\games\Angry Birds Games\Angry Birds\Angry Birds\Crack\Angry Birds RIO\Patch.exe
2018-01-16 06:28:49.093 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:28:49.093 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:28:49.109 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:28:49.109 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:28:49.109 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:28:49.109 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:28:49.109 >>> Virus 'W32/Rebhip-W' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:28:49.109 >>> Virus 'W32/Rebhip-W' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:28:49.109 >>> Virus 'W32/Rebhip-W' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:28:49.109 >>> Virus 'W32/Rebhip-W' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:28:49.109 >>> Virus 'W32/Rebhip-W' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:28:49.109 >>> Virus 'W32/Rebhip-W' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:28:49.109 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:29:01.355 >>> Virus 'W32/Rebhip-W' found in file F:\Game Stuff\1Maria's games\games\Angry Birds Games\Angry.Birds.Rio.v1.1.0.Cracked.by.Jay\Angry.Birds.Rio.v1.1.0.Cracked.by.Jay\Crack\Patch.exe
2018-01-16 06:29:01.355 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:29:01.355 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:29:01.355 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:29:01.355 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:29:01.355 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:29:01.355 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:29:01.355 >>> Virus 'W32/Rebhip-W' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:29:01.355 >>> Virus 'W32/Rebhip-W' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:29:01.355 >>> Virus 'W32/Rebhip-W' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:29:01.355 >>> Virus 'W32/Rebhip-W' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:29:01.355 >>> Virus 'W32/Rebhip-W' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:29:01.355 >>> Virus 'W32/Rebhip-W' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:29:01.355 >>> Virus 'W32/Rebhip-W' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:31:36.840 >>> Virus 'Mal/EncPk-LT' found in file F:\Game Stuff\1Maria's games\games\Myst III\Myst_1_.III.Exile.Digital.Download.CRACK-MACiOZO\Myst.III.Exile.Digital.Download.CRACK-MACiOZO\M3.exe
2018-01-16 06:31:36.840 >>> Virus 'Mal/EncPk-LT' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:31:36.840 >>> Virus 'Mal/EncPk-LT' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:31:36.840 >>> Virus 'Mal/EncPk-LT' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:31:36.840 >>> Virus 'Mal/EncPk-LT' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:31:36.840 >>> Virus 'Mal/EncPk-LT' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:31:36.840 >>> Virus 'Mal/EncPk-LT' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:31:36.840 >>> Virus 'Mal/EncPk-LT' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:31:36.840 >>> Virus 'Mal/EncPk-LT' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:31:36.840 >>> Virus 'Mal/EncPk-LT' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:31:36.840 >>> Virus 'Mal/EncPk-LT' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:31:36.840 >>> Virus 'Mal/EncPk-LT' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:31:36.840 >>> Virus 'Mal/EncPk-LT' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:31:36.840 >>> Virus 'Mal/EncPk-LT' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:33:22.733 >>> Virus 'Mal/ECLKeyGen-A' found in file F:\Game Stuff\1Maria's games\Gift Shop\eclgifts.exe

 

[windowman]

2nd part

2018-01-16 06:33:22.733 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:33:22.733 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:33:22.733 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:33:22.733 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:33:22.733 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:33:22.733 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:33:22.733 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:33:22.733 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:33:22.733 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:33:22.733 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:33:22.733 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:33:22.733 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:33:22.733 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:36:11.307 >>> Virus 'Mal/FakeAV-MG' found in file F:\Game Stuff\1Maria's games\new 5-09-10\Mahjong Dimensions Deluxe\Mahjongg Dimensions Deluxe.exe
2018-01-16 06:36:11.307 >>> Virus 'Mal/FakeAV-MG' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:36:11.307 >>> Virus 'Mal/FakeAV-MG' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:36:11.307 >>> Virus 'Mal/FakeAV-MG' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:36:11.307 >>> Virus 'Mal/FakeAV-MG' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:36:11.323 >>> Virus 'Mal/FakeAV-MG' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:36:11.323 >>> Virus 'Mal/FakeAV-MG' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:36:11.323 >>> Virus 'Mal/FakeAV-MG' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:36:11.323 >>> Virus 'Mal/FakeAV-MG' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:36:11.323 >>> Virus 'Mal/FakeAV-MG' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:36:11.323 >>> Virus 'Mal/FakeAV-MG' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:36:11.323 >>> Virus 'Mal/FakeAV-MG' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:36:11.323 >>> Virus 'Mal/FakeAV-MG' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:36:11.323 >>> Virus 'Mal/FakeAV-MG' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:48:36.430 >>> Virus 'Mal/Behav-370' found in file F:\Game Stuff\Games\games\PopCap\NingPo MahJongg Deluxe\NingPo_MahJongg_Deluxe Keygen\ningpo.mahjong.deluxe.1.04.keygen-tsrh.exe
2018-01-16 06:48:36.430 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:48:36.430 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:48:36.430 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:48:36.430 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:48:36.430 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:48:36.430 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:48:36.430 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:48:36.430 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:48:36.430 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:48:36.430 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:48:36.430 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:48:36.430 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:48:36.430 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:49:15.165 >>> Virus 'Mal/Generic-S' found in file F:\Game Stuff\Games\games1\5 Spots II\5s2.exe
2018-01-16 06:49:15.165 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:49:15.165 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:49:15.165 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:49:15.165 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:49:15.165 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:49:15.165 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:49:15.165 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:49:15.165 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:49:15.165 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:49:15.165 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:49:15.165 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:49:15.165 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:49:15.165 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:49:20.484 >>> Virus 'Mal/Generic-S' found in file F:\Game Stuff\Games\games1\5 Spots II\New Folder\5s2.exe
2018-01-16 06:49:20.484 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:49:20.484 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:49:20.484 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:49:20.484 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:49:20.484 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:49:20.484 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:49:20.484 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:49:20.484 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:49:20.484 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:49:20.484 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:49:20.484 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:49:20.484 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:49:20.484 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:49:20.734 >>> Virus 'Mal/Generic-S' found in file F:\Game Stuff\Games\games1\5 Spots II\New Folder\5spots2.exe\FILE:0000
2018-01-16 06:49:20.734 Disinfection not offered
2018-01-16 06:50:26.566 >>> Virus 'Mal/Generic-L' found in file F:\Game Stuff\Games\games1\Backspin Billiards\New Folder\backspinbilliards_r1a.exe
2018-01-16 06:50:26.566 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:50:26.566 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:50:26.566 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:50:26.566 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:50:26.566 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:50:26.566 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:50:26.566 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:50:26.566 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:50:26.566 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:50:26.566 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:50:26.566 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:50:26.566 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:50:26.566 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:52:02.319 >>> Virus 'Mal/Generic-L' found in file F:\Game Stuff\Games\games1\Crystalix\Crystalix.exe
2018-01-16 06:52:02.319 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:52:02.319 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:52:02.319 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:52:02.319 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:52:02.319 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:52:02.319 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:52:02.319 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:52:02.319 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:52:02.319 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:52:02.319 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:52:02.319 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:52:02.319 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:52:02.319 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:52:14.019 >>> Virus 'Mal/Generic-L' found in file F:\Game Stuff\Games\games1\Crystalix\New Folder\Crystalix.exe
2018-01-16 06:52:14.019 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:52:14.019 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:52:14.019 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:52:14.019 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:52:14.019 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:52:14.019 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:52:14.019 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:52:14.019 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:52:14.019 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:52:14.019 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:52:14.019 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:52:14.019 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:52:14.019 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:52:14.456 >>> Virus 'Mal/Generic-L' found in file F:\Game Stuff\Games\games1\Crystalix\New Folder\crystalix_r1a.exe\FILE:0000
2018-01-16 06:52:14.456 Disinfection not offered
2018-01-16 06:53:36.953 >>> Virus 'Mal/EncPk-OJ' found in file F:\Game Stuff\Games\games1\DONE\Gold Miner Special Edition\New Folder\goldse6_r1a.exe\FILE:0000
2018-01-16 06:53:36.953 Disinfection not offered
2018-01-16 06:55:40.272 >>> Virus 'Mal/ECLKeyGen-A' found in file F:\Game Stuff\Games\games1\Gift Shop\eclgifts.exe
2018-01-16 06:55:40.272 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:55:40.272 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:55:40.272 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:55:40.272 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:55:40.272 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:55:40.272 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:55:40.272 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:55:40.272 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:55:40.272 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:55:40.272 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:55:40.272 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:55:40.272 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:55:40.272 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:58:19.688 >>> Virus 'Mal/Generic-S' found in file F:\Game Stuff\Games\games2\Mystic Inn\mysticinn.exe
2018-01-16 06:58:19.688 >>> Virus 'Mal/Generic-S' found in file F:\Game Stuff\Games\games2\Mystic Inn\mysticinn.exe
2018-01-16 06:58:19.688 >>> Virus 'Mal/Generic-S' found in file F:\Game Stuff\Games\games2\Mystic Inn\mysticinn.exe
2018-01-16 06:58:19.688 >>> Virus 'Mal/Generic-S' found in file F:\Game Stuff\Games\games2\Mystic Inn\mysticinn.exe
2018-01-16 06:58:19.688 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:58:19.688 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:58:19.688 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:58:19.688 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:58:19.688 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:58:19.688 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:58:19.688 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:58:19.688 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:58:19.688 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:58:19.688 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:58:19.688 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:58:19.688 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:58:19.688 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:58:27.878 >>> Virus 'Mal/ECLKeyGen-A' found in file F:\Game Stuff\Games\games2\New games\paparazzi\Paparazzi.v1.5.4.WinALL.Incl.Keygen-ECLiPSE\Paparazzi.v1.5.4.WinALL.Incl.Keygen-ECLiPSE\Paparazzi.v1.5.4.Keygen\eclpr154.exe
2018-01-16 06:58:27.878 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:58:27.878 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:58:27.878 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:58:27.878 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:58:27.878 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:58:27.878 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:58:27.878 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:58:27.878 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:58:27.878 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:58:27.878 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:58:27.878 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:58:27.878 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:58:27.878 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:58:46.770 >>> Virus 'Mal/ECLKeyGen-A' found in file F:\Game Stuff\Games\games2\Paparazzi\eclpr154.exe
2018-01-16 06:58:46.770 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:58:46.770 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:58:46.770 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:58:46.770 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:58:46.770 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:58:46.770 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:58:46.770 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:58:46.770 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:58:46.770 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:58:46.770 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:58:46.770 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:58:46.770 >>> Virus 'Mal/ECLKeyGen-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:58:46.770 >>> Virus 'Mal/ECLKeyGen-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:58:55.678 >>> Virus 'Mal/Generic-L' found in file F:\Game Stuff\Games\games2\Picture Pyramid\New Folder\picture pyramid.exe\FILE:0000
2018-01-16 06:58:55.678 Disinfection not offered
2018-01-16 06:59:17.471 >>> Virus 'Mal/Generic-L' found in file F:\Game Stuff\Games\games2\Picture Pyramid\New Folder\PicturePyramid.exe
2018-01-16 06:59:17.471 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:59:17.471 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:59:17.471 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:59:17.471 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:59:17.471 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:59:17.471 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:59:17.471 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:59:17.471 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:59:17.471 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:59:17.471 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:59:17.471 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:59:17.471 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:59:17.471 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:59:38.125 >>> Virus 'Mal/Generic-L' found in file F:\Game Stuff\Games\games2\Picture Pyramid\PicturePyramid.exe
2018-01-16 06:59:38.125 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:59:38.125 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 06:59:38.125 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:59:38.125 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 06:59:38.125 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:59:38.125 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 06:59:38.125 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:59:38.125 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 06:59:38.125 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:59:38.125 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 06:59:38.125 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:59:38.125 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 06:59:38.125 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:02:10.163 >>> Virus 'Mal/EncPk-OJ' found in file F:\Game Stuff\Games\games2\Trick or Treat Smash\New Folder\fruit_r1a.exe\FILE:0000
2018-01-16 07:02:10.163 Disinfection not offered
2018-01-16 07:06:45.052 Could not check F:\michaels drive\AHR work folder\AHR Files\AHR Stuff\AGING SUMMARY\2007\AR06.05.07.xls (corrupt)
2018-01-16 07:09:35.018 >>> Virus 'Mal/Generic-S' found in file F:\michaels drive\AHR work folder\Programs\Anti Virus\Malwarebytes Anti-Malware v1.44\patrick.exe
2018-01-16 07:09:35.018 >>> Virus 'Mal/Generic-S' found in file F:\michaels drive\AHR work folder\Programs\Anti Virus\Malwarebytes Anti-Malware v1.44\patrick.exe
2018-01-16 07:09:35.018 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:09:35.018 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:09:35.018 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:09:35.018 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:09:35.018 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:09:35.018 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:09:35.018 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:09:35.018 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:09:35.018 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:09:35.018 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:09:35.018 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:09:35.018 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:09:35.018 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:09:47.482 >>> Virus 'Mal/Generic-L' found in file F:\michaels drive\AHR work folder\Programs\Anti Virus\SuperAntiSpyware.com\crack\SUPERAntiSpyware_Professional_v4.33.1000_Final-AT4RE\SUPERAntiSpyware.Professional.v4.xx.x.Keygen-AT4RE\SUPERAntiSpyware Professional v4.xx.x Keygen AT4RE\keygen.exe
2018-01-16 07:09:47.482 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:09:47.482 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:09:47.482 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:09:47.482 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:09:47.482 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:09:47.482 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:09:47.482 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:09:47.482 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:09:47.482 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:09:47.482 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:09:47.482 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:09:47.482 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:09:47.482 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:09:57.872 >>> Virus 'Troj/WPAKill-A' found in file F:\michaels drive\AHR work folder\RemoveWAT\AntiWPA\amd64\AntiWPA.Dll
2018-01-16 07:09:57.872 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:09:57.872 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:09:57.872 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:09:57.872 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:09:57.872 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:09:57.872 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:09:57.872 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:09:57.872 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:09:57.872 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:09:57.872 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:09:57.872 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:09:57.872 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:09:57.872 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect

 

[windowman]

3rd part,

2018-01-16 07:10:03.035 >>> Virus 'Troj/WPAKill-A' found in file F:\michaels drive\AHR work folder\RemoveWAT\AntiWPA\x86\AntiWPA.Dll
2018-01-16 07:10:03.035 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:10:03.035 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:10:03.035 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:10:03.035 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:10:03.035 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:10:03.035 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:10:03.035 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:10:03.035 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:10:03.035 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:10:03.035 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:10:03.035 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:10:03.035 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:10:03.035 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:11:29.865 >>> Virus 'Mal/Generic-L' found in file F:\michaels drive\Downloads\Downloads 1-29-10\Compressed\nod 32 64 bit\good\TNodUP10-Installer.exe
2018-01-16 07:11:29.865 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:11:29.865 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:11:29.865 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:11:29.865 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:11:29.865 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:11:29.865 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:11:29.865 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:11:29.865 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:11:29.865 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:11:29.865 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:11:29.865 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:11:29.865 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:11:29.865 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:12:17.664 >>> Virus 'Mal/Packer' found in file F:\michaels drive\I Drive backup\downloads go thru\GoogleStuff\Google Earth Pro\Google_Earth_Pro_v.4.2.0205.5730\crack\crack.exe
2018-01-16 07:12:17.664 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:12:17.664 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:12:17.679 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:12:17.679 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:12:17.679 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:12:17.679 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:12:17.679 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:12:17.679 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:12:17.679 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:12:17.679 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:12:17.679 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:12:17.679 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:12:17.679 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:15:04.740 >>> Virus 'Mal/Behav-370' found in file F:\michaels drive\I Drive backup\storage safe\G drive\Full Games\Games\Games with serial#\PopCap\NingPo MahJongg Deluxe\NingPo_MahJongg_Deluxe Keygen\ningpo.mahjong.deluxe.1.04.keygen-tsrh.exe
2018-01-16 07:15:04.740 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:15:04.740 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:15:04.740 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:15:04.740 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:15:04.740 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:15:04.740 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:15:04.740 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:15:04.740 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:15:04.740 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:15:04.740 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:15:04.740 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:15:04.740 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:15:04.740 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:15:13.492 >>> Virus 'Mal/Packer' found in file F:\michaels drive\I Drive backup\storage safe\G drive\Full Games\games2\Bejewelled\Bejeweledv1.6keygenCORE\cr-b16.exe
2018-01-16 07:15:13.492 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:15:13.492 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:15:13.492 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:15:13.492 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:15:13.492 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:15:13.492 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:15:13.492 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:15:13.492 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:15:13.492 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:15:13.492 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:15:13.492 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:15:13.492 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:15:13.492 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:15:45.924 >>> Virus 'Mal/Packer' found in file F:\michaels drive\I Drive backup\storage safe\G drive\Full Games\games2\Games\Bejewelled\Bejeweledv1.6keygenCORE\cr-b16.exe
2018-01-16 07:15:45.924 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:15:45.924 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:15:45.924 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:15:45.924 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:15:45.924 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:15:45.924 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:15:45.924 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:15:45.924 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:15:45.924 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:15:45.924 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:15:45.924 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:15:45.924 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:15:45.924 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:15:59.668 >>> Virus 'Mal/Behav-370' found in file F:\michaels drive\I Drive backup\storage safe\G drive\Full Games\games2\Games\PopCap\NingPo MahJongg Deluxe\NingPo_MahJongg_Deluxe Keygen\ningpo.mahjong.deluxe.1.04.keygen-tsrh.exe
2018-01-16 07:15:59.668 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:15:59.668 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:15:59.668 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:15:59.668 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:15:59.668 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:15:59.668 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:15:59.668 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:15:59.668 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:15:59.668 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:15:59.668 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:15:59.668 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:15:59.668 >>> Virus 'Mal/Behav-370' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:15:59.668 >>> Virus 'Mal/Behav-370' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:20:46.396 >>> Virus 'Mal/Packer' found in file F:\michaels drive\I Drive backup\storage safe\Games\games\Bejewelled\Bejeweledv1.6keygenCORE\cr-b16.exe
2018-01-16 07:20:46.396 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:20:46.396 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:20:46.396 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:20:46.396 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:20:46.396 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:20:46.396 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:20:46.396 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:20:46.396 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:20:46.396 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:20:46.396 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:20:46.396 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:20:46.412 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:20:46.412 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:20:51.700 >>> Virus 'Mal/Packer' found in file F:\michaels drive\I Drive backup\storage safe\Games\games1\(need to run setup)\Bejewelled\Bejeweledv1.6keygenCORE\cr-b16.exe
2018-01-16 07:20:51.700 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:20:51.700 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:20:51.700 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:20:51.700 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:20:51.700 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:20:51.700 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:20:51.700 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:20:51.700 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:20:51.700 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:20:51.700 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:20:51.700 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:20:51.700 >>> Virus 'Mal/Packer' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:20:51.700 >>> Virus 'Mal/Packer' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:27:13.751 >>> Virus 'Mal/Generic-S' found in file F:\michaels drive\lastest backup\Programs\Malwarebytes working 2-6-10\Malwarebytes.Anti-Malware.v1.44.Full\Malwarebytes Anti-Malware v1.44\patrick.exe
2018-01-16 07:27:13.751 >>> Virus 'Mal/Generic-S' found in file F:\michaels drive\lastest backup\Programs\Malwarebytes working 2-6-10\Malwarebytes.Anti-Malware.v1.44.Full\Malwarebytes Anti-Malware v1.44\patrick.exe
2018-01-16 07:27:13.751 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:27:13.751 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:27:13.766 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:27:13.766 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:27:13.766 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:27:13.766 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:27:13.766 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:27:13.766 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:27:13.766 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:27:13.766 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:27:13.766 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:27:13.766 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:27:13.766 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:31:12.571 >>> Virus 'Mal/Generic-L' found in file F:\michaels drive\SuperAntiSpyware.com\crack\SUPERAntiSpyware_Professional_v4.33.1000_Final-AT4RE\SUPERAntiSpyware.Professional.v4.xx.x.Keygen-AT4RE\SUPERAntiSpyware Professional v4.xx.x Keygen AT4RE\keygen.exe
2018-01-16 07:31:12.571 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:31:12.571 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:31:12.571 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:31:12.571 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:31:12.571 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:31:12.571 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:31:12.571 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:31:12.571 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:31:12.571 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:31:12.571 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:31:12.571 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:31:12.571 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:31:12.571 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:31:23.086 >>> Virus 'Mal/Generic-S' found in file F:\michaels drive\SuperAntiSpyware.com\Malwarebytes Anti-Malware v1.44\patrick.exe
2018-01-16 07:31:23.086 >>> Virus 'Mal/Generic-S' found in file F:\michaels drive\SuperAntiSpyware.com\Malwarebytes Anti-Malware v1.44\patrick.exe
2018-01-16 07:31:23.086 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:31:23.086 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA

 

[windowman]

4th part,

2018-01-16 07:31:23.086 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:31:23.086 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:31:23.086 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:31:23.086 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:31:23.086 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:31:23.086 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:31:23.086 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:31:23.086 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:31:23.086 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:31:23.086 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:31:23.086 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:32:17.358 >>> Virus 'Mal/Generic-S' found in file F:\michaels drive\USB STICK\MY USB STICK\Malwarebytes Anti-Malware v1.44\patrick.exe
2018-01-16 07:32:17.358 >>> Virus 'Mal/Generic-S' found in file F:\michaels drive\USB STICK\MY USB STICK\Malwarebytes Anti-Malware v1.44\patrick.exe
2018-01-16 07:32:17.358 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:32:17.358 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:32:17.358 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:32:17.358 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:32:17.358 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:32:17.358 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:32:17.358 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:32:17.358 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:32:17.358 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:32:17.358 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:32:17.358 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:32:17.358 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:32:17.358 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:32:41.273 >>> Virus 'Troj/WPAKill-A' found in file F:\michaels drive\Windows XP stuff\Windows XP OS's\AntiWPA\AntiWPA\amd64\AntiWPA.Dll
2018-01-16 07:32:41.273 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:32:41.273 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:32:41.273 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:32:41.273 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:32:41.273 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:32:41.273 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:32:41.273 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:32:41.273 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:32:41.273 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:32:41.273 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:32:41.273 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:32:41.273 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:32:41.273 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:32:46.406 >>> Virus 'Troj/WPAKill-A' found in file F:\michaels drive\Windows XP stuff\Windows XP OS's\AntiWPA\AntiWPA\x86\AntiWPA.Dll
2018-01-16 07:32:46.406 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:32:46.406 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:32:46.406 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:32:46.406 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:32:46.406 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:32:46.406 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:32:46.406 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:32:46.406 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:32:46.406 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:32:46.406 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:32:46.406 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:32:46.406 >>> Virus 'Troj/WPAKill-A' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:32:46.406 >>> Virus 'Troj/WPAKill-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:32:59.182 >>> Virus 'Mal/Generic-L' found in file F:\michaels drive\Windows XP stuff\Windows XP OS's\WGA bypass\WGA bypass\MGA_crack.exe
2018-01-16 07:32:59.182 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:32:59.182 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:32:59.182 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:32:59.182 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:32:59.182 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:32:59.182 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:32:59.182 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:32:59.182 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:32:59.182 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:32:59.182 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:32:59.182 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:32:59.182 >>> Virus 'Mal/Generic-L' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:32:59.182 >>> Virus 'Mal/Generic-L' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:33:43.892 >>> Virus 'Mal/Generic-S' found in file F:\michaels drive\Windows XP stuff\xp 32 & 64 Activator\XP 32bit & Vista 32bit & 64bit Activator\Vista Activator.exe
2018-01-16 07:33:43.892 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:33:43.892 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:33:43.892 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:33:43.892 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:33:43.892 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:33:43.892 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:33:43.892 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:33:43.892 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:33:43.892 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:33:43.892 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:33:43.892 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:33:43.892 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:33:43.892 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:33:50.709 >>> Virus 'Mal/Generic-S' found in file F:\michaels drive\Windows XP stuff\xp cracker\XP_32bit_&_Vista_32bit_&_64bit_Activator\Vista Activator.exe
2018-01-16 07:33:50.709 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:33:50.709 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:33:50.709 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:33:50.709 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:33:50.709 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:33:50.709 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:33:50.709 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:33:50.709 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:33:50.709 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:33:50.709 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:33:50.709 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:33:50.709 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:33:50.709 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:33:58.462 >>> Virus 'Mal/Generic-S' found in file F:\michaels drive\Windows XP stuff\Xp cracks to save\xp cracker\XP_32bit_&_Vista_32bit_&_64bit_Activator\Vista Activator.exe
2018-01-16 07:33:58.462 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:33:58.462 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 07:33:58.462 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:33:58.462 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 07:33:58.462 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:33:58.462 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 07:33:58.462 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:33:58.462 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 07:33:58.462 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:33:58.478 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 07:33:58.478 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:33:58.478 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 07:33:58.478 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 08:12:11.348 >>> Virus 'Mal/Generic-S' found in file F:\usb bu\USB STICK\MY USB STICK\Malwarebytes Anti-Malware v1.44\patrick.exe
2018-01-16 08:12:11.348 >>> Virus 'Mal/Generic-S' found in file F:\usb bu\USB STICK\MY USB STICK\Malwarebytes Anti-Malware v1.44\patrick.exe
2018-01-16 08:12:11.348 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 08:12:11.348 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA
2018-01-16 08:12:11.364 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 08:12:11.364 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin
2018-01-16 08:12:11.364 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 08:12:11.364 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Attachments\ScanWithAntiVirus
2018-01-16 08:12:11.364 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 08:12:11.364 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 08:12:11.364 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 08:12:11.364 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet
2018-01-16 08:12:11.364 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 08:12:11.364 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-867915027-2464976829-1762966156-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500
2018-01-16 08:12:11.364 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
2018-01-16 08:14:38.893 Could not check F:\WORK PC BU\Backup file\Production Manager\Production work files\AGING SUMMARY\2007\AR06.05.07.xls (corrupt)
2018-01-16 08:19:33.219 Could not check F:\WORK PC BU\My Documents 7-25-14\Production Manager\Production work files\AGING SUMMARY\2007\AR06.05.07.xls (corrupt)
2018-01-16 08:27:10.228 Password protected file F:\WORK PC BU\Old F Drive\AHR\Pricing & Commission Files\Version 2008\Milgard Tuscany SH & XO.xlsx
2018-01-16 08:35:50.660 Password protected file F:\WORK PC BU\Old F Drive\Pricing & Commission Files\Version 2008\Milgard Tuscany SH & XO.xlsx
2018-01-16 08:36:10.582 Password protected file F:\WORK PC BU\Passwords 5 (Autosaved).xlsx
2018-01-16 08:36:10.597 Password protected file F:\WORK PC BU\Passwords 5.2014-Marc-PC.xlsx
2018-01-16 08:36:11.393 The following items will be cleaned up:
2018-01-16 08:36:11.393 Mal/ZAccConf-A
2018-01-16 08:36:11.393 Mal/JNLP-A
2018-01-16 08:36:11.393 Troj/ZAccess-LY
2018-01-16 08:36:11.393 Mal/Behav-370
2018-01-16 08:36:11.393 W32/Rebhip-W
2018-01-16 08:36:11.393 Mal/EncPk-LT
2018-01-16 08:36:11.393 Mal/ECLKeyGen-A
2018-01-16 08:36:11.393 Mal/FakeAV-MG
2018-01-16 08:36:11.393 Mal/Generic-S
2018-01-16 08:36:11.393 Mal/Generic-L
2018-01-16 08:36:11.393 Troj/WPAKill-A
2018-01-16 08:36:11.393 Mal/Packer
2018-01-16 08:36:11.393 Mal/HiBrowLnk-A
2018-01-16 08:36:11.393 Mal/HiBrowLnk-A
2018-01-16 08:36:11.393 Mal/HiBrowLnk-A
2018-01-16 08:36:11.393 Mal/HiBrowLnk-A
2018-01-16 08:36:11.393 Mal/HiBrowLnk-A
2018-01-16 08:36:11.393 Mal/HiBrowLnk-A
2018-01-16 08:36:11.393 Mal/Generic-S
2018-01-16 08:36:11.393 Mal/Generic-L
2018-01-16 08:36:11.393 Mal/EncPk-OJ
2018-01-16 08:36:11.393 Mal/Generic-L
2018-01-16 08:36:11.393 Mal/EncPk-OJ

 

[windowman]

Farbar Recovery Scan Tool (x64) Version: 14.01.2018
Ran by Michael (16-01-2018 07:46:34)
Running from C:\Users\Michael\Desktop
Boot Mode: Normal

================== Search Files: "MpSvc.dll" =============

C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MpSvc.dll
[2009-07-13 15:54][2009-07-13 17:41] 001011712 _____ (Microsoft Corporation) CF318F60A84F15AF352439465A8D05F4 [File is digitally signed]

C:\Program Files\Windows Defender 1\MpSvc.dll
[2009-07-13 15:54][2009-07-13 17:41] 001011712 _____ (Microsoft Corporation) CF318F60A84F15AF352439465A8D05F4 [File is digitally signed]


====== End of Search ======

 

[windowman]

I know nothing about what im seeing except that it looks like my soon to be ex was downing things.

 

[Broni]

OK, it looks like someone renamed Windows Defender folder.
Open Windows Explorer, navigate to:
C:\Program Files\Windows Defender 1
Right click on "Windows Defender 1" and remove "1" from there co the folder reads "Windows Defender" not "Windows Defender 1".

When done....

Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download

DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

• Activate UAC (optional; some users prefer to keep it off)
• Remove disinfection tools
• Create registry backup
• Purge System Restore
• Reset system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

6. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

7. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

8. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

9. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

10. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

11. Please, let me know, how your computer is doing.

 

[Broni]

Still with me?

 

[windowman]

Sorry yes was out of town and sick a few days.
I will finish tomorrow since I’m feeling better.

 

[Broni]

OK

 

[windowman]

So far everything seems to be running fine, but I'm still pretty sick so I haven't been on my pc very much.

Thank you

 

[Broni]

Way to go!!
Good luck and stay safe and healthy