I used adwcleaner to clean these viruses but they just keep on returning after boot-up.

Here are the names:

-Registry- [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wiz

-Web browser- [-] [utorrent.en.softonic.com] [Search Provider] Deleted: utorrent.en.softonic.com [-] [dead-rising-3.en.softonic.com] [Search Provider] Deleted: dead-rising-3.en.softonic.com [-] [microsoft-powerpoint.en.softonic.com] [Search Provider] Deleted: microsoft-powerpoint.en.softonic.com

 

These viruses are very dangerous and they have complete control over my computer. They remove my password on my laptop at their command and worse deactivates my antiviruses and runs PUPs whenever I play games. I don't want to reformat my computer since I have school assignments to do. I need help they keep on getting worse and worse by the day. I don't know if they have keyloggers in my computer.

 

 

Re: Dead Rising 3 softonic viruses

Hello,

Can you share the whole logfile please ?

Best regards,

Re: Dead Rising 3 softonic viruses

# AdwCleaner v6.010 - Logfile created 06/09/2016 at 10:27:47
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-09-05.1 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : samsung - TEAMALPHA
# Running from : C:\Users\samsung\Downloads\adwcleaner_6.010.exe
# Mode: Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

[-] [utorrent.en.softonic.com] [Search Provider] Deleted: utorrent.en.softonic.com
[-] [dead-rising-3.en.softonic.com] [Search Provider] Deleted: dead-rising-3.en.softonic.com
[-] [microsoft-powerpoint.en.softonic.com] [Search Provider] Deleted: microsoft-powerpoint.en.softonic.com

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C10].txt - [3467 Bytes] - [05/09/2016 09:11:53]
C:\AdwCleaner\AdwCleaner[C11].txt - [3542 Bytes] - [05/09/2016 21:53:11]
C:\AdwCleaner\AdwCleaner[C12].txt - [3281 Bytes] - [05/09/2016 22:11:36]
C:\AdwCleaner\AdwCleaner[C5].txt - [2902 Bytes] - [08/08/2016 17:10:25]
C:\AdwCleaner\AdwCleaner[C6].txt - [1324 Bytes] - [06/09/2016 10:27:47]
C:\AdwCleaner\AdwCleaner[C9].txt - [4152 Bytes] - [14/08/2016 14:13:26]
C:\AdwCleaner\AdwCleaner[S12].txt - [254004 Bytes] - [14/08/2016 14:12:53]
C:\AdwCleaner\AdwCleaner[S13].txt - [4143 Bytes] - [05/09/2016 09:10:29]
C:\AdwCleaner\AdwCleaner[S14].txt - [4043 Bytes] - [05/09/2016 21:52:52]
C:\AdwCleaner\AdwCleaner[S15].txt - [3589 Bytes] - [05/09/2016 22:11:11]
C:\AdwCleaner\AdwCleaner[S2].txt - [11370 Bytes] - [19/05/2015 15:37:47]
C:\AdwCleaner\AdwCleaner[S3].txt - [7252 Bytes] - [28/06/2015 21:32:12]
C:\AdwCleaner\AdwCleaner[S4].txt - [4571 Bytes] - [30/07/2015 11:52:55]
C:\AdwCleaner\AdwCleaner[S5].txt - [2728 Bytes] - [08/08/2016 17:07:07]
C:\AdwCleaner\AdwCleaner[S8].txt - [2933 Bytes] - [24/08/2015 14:57:18]
C:\AdwCleaner\AdwCleaner[S9].txt - [2500 Bytes] - [06/09/2016 10:27:25]

########## EOF - C:\AdwCleaner\AdwCleaner[C6].txt - [2207 Bytes] ##########

 

Re: Dead Rising 3 softonic viruses

Hello,

Ok. We'll double check with FRST:

  • Download FRST
  • Right-click on the file -> "Execute as Administrator"
  • Click on the "Scan" button
  • The logfile is saved as FRST.txt , and additional informations are in Addition.txt.
  • Please host them on Up2Share and share the generated links.

Best regards,

Re: Dead Rising 3 softonic viruses

Hello,

Thanks.

Can you relaunch AdwCleaner, go to Tools > Options and be sure "Server" is checked in the "Database" section.

Then, do a scan and share the generated logfile.

Thanks,

Re: Dead Rising 3 softonic viruses

Link: https://up2sha.re/file?f=o0zEPemPletf

I don't know if the virus is learning but it seems to have detected that I went onto this site.

Re: Dead Rising 3 softonic viruses

Hello,

Thanks. Finally:

  • Download MalwareBytes Anti Malware here.
  • Launch MalwareByte's Anti Malware from your desktop
  • Click on the tab Settings -> Detection & Protection -> PUP/PUM and check "Treat these detections like malware".
  • Tab Exam choose Threats, click on Scan now, and click on Launch the exam.
  • If something is detected, choose to Quarantine everything. If it asks you to reboot the computer, do it.
  • After the reboot (or at the end of the exam), launch Malwarebytes -> click on History -> Application logs -> Select the last exam log -> Show.
  • Click on Export -> text file (*.txt) -> Choose the desktop as destination, name the file "report-mbam" for example, and click on Save.
  • Paste the logfile in your next answer.

Best regards,

Re: Dead Rising 3 softonic viruses

Link: https://up2sha.re/file?f=YQKkOY5LD0Ht

153 PUPs O.o

Written in Text file:

Malwarebytes Anti-Malware www.malwarebytes.org

Scan Date: 9/10/2016 Scan Time: 10:23 AM Logfile: Results.txt Administrator: Yes

Version: 2.2.1.1043 Malware Database: v2016.09.10.01 Rootkit Database: v2016.08.15.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled

OS: Windows 10 CPU: x64 File System: NTFS User: samsung

Scan Type: Threat Scan Result: Completed Objects Scanned: 403543 Time Elapsed: 45 min, 46 sec

Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled

Processes: 0 (No malicious items detected)

Modules: 0 (No malicious items detected)

Registry Keys: 15 PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, Quarantined, [82f7b2be1684fe38497a801452b0867a],  PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Quarantined, [6c0d1c54b8e2e2545e65573df30f2cd4],  PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, Quarantined, [6c0d1c54b8e2e2545e65573df30f2cd4],  PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, Quarantined, [6c0d1c54b8e2e2545e65573df30f2cd4],  PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, Quarantined, [6c0d1c54b8e2e2545e65573df30f2cd4],  PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, Quarantined, [6c0d1c54b8e2e2545e65573df30f2cd4],  PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, Quarantined, [6c0d1c54b8e2e2545e65573df30f2cd4],  PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Quarantined, [0e6b6a067d1d8fa7457e44507290d32d],  PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Quarantined, [40398ae6cfcbb97df3d0a4f005fd38c8],  PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{73A34160-3CC5-400F-A88E-EF69E266D9FF}, Delete-on-Reboot, [5e1be987b2e890a68b26c033af5411ef],  PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A8651089-D94F-4AD7-B246-4BCDB1897448}, Delete-on-Reboot, [9edb95db8515f442753c5c97f60d669a],  PUP.Optional.AllMyApps, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C126D933-7354-4EE4-96E6-0D0CBD56CD58}, Delete-on-Reboot, [24552050e6b464d261446b89689bc63a],  PUP.Optional.AllMyApps, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AllmyappsUpdateTask, Delete-on-Reboot, [d1a82749e3b7290d4e58e70d83803bc5],  PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\d95df9fc-8393-489c-a096-3cda9b784081-2, Delete-on-Reboot, [e396f9779ffb96a017fec5da0cf7857b],  PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\d95df9fc-8393-489c-a096-3cda9b784081-3, Delete-on-Reboot, [d8a10070247687afdc39346bb84bf40c], 

Registry Values: 4 PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{73A34160-3CC5-400F-A88E-EF69E266D9FF}|Path, \d95df9fc-8393-489c-a096-3cda9b784081-2, Delete-on-Reboot, [5e1be987b2e890a68b26c033af5411ef] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A8651089-D94F-4AD7-B246-4BCDB1897448}|Path, \d95df9fc-8393-489c-a096-3cda9b784081-3, Delete-on-Reboot, [9edb95db8515f442753c5c97f60d669a] PUP.Optional.AllMyApps, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C126D933-7354-4EE4-96E6-0D0CBD56CD58}|Path, \AllmyappsUpdateTask, Delete-on-Reboot, [24552050e6b464d261446b89689bc63a] PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|video MediaPlay-Air-bg.exe, 8000, Quarantined, [aecbabc57c1e033343f16493b1527987]

Registry Data: 0 (No malicious items detected)

Folders: 32 PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1, Quarantined, [1663cda3eab006305b378f472bd7e020],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll, Quarantined, [1663cda3eab006305b378f472bd7e020],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229, Quarantined, [c1b8313fc7d34aecfb9707cf17eb31cf],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd, Quarantined, [c1b8313fc7d34aecfb9707cf17eb31cf],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1, Quarantined, [83f6412f6c2e4de92b677a5c3bc7f907],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig, Quarantined, [83f6412f6c2e4de92b677a5c3bc7f907],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1, Quarantined, [d3a675fb376365d1365c52846d95ba46],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll, Quarantined, [d3a675fb376365d1365c52846d95ba46],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229, Quarantined, [fb7eea860a90e452f0a20dc96d951fe1],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd, Quarantined, [fb7eea860a90e452f0a20dc96d951fe1],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1, Quarantined, [a4d5cba5aded3105a7eb9e38d82a28d8],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig, Quarantined, [a4d5cba5aded3105a7eb9e38d82a28d8],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1, Quarantined, [accd175964369e98d4bfd9fd18ea966a],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll, Quarantined, [accd175964369e98d4bfd9fd18ea966a],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229, Quarantined, [92e775fbdac04bebbfd410c6e61c738d],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd, Quarantined, [92e775fbdac04bebbfd410c6e61c738d],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1, Quarantined, [5623313f5e3c51e5395a10c647bba759],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig, Quarantined, [5623313f5e3c51e5395a10c647bba759],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hlenaceabbbjngogjncgapaanbaalbfm\3.9, Quarantined, [bebb73fdd4c655e10b88c70fa9597789],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hlenaceabbbjngogjncgapaanbaalbfm, Quarantined, [bebb73fdd4c655e10b88c70fa9597789],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kgfibdhmbmjleoemlmofbhloihpcnale\3.9, Quarantined, [5c1d79f70199ce6810837462fb0732ce],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kgfibdhmbmjleoemlmofbhloihpcnale, Quarantined, [5c1d79f70199ce6810837462fb0732ce],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1, Quarantined, [8dec4d230991c274c9cab62016ec15eb],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll, Quarantined, [8dec4d230991c274c9cab62016ec15eb],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229, Quarantined, [9edb77f92c6ee2548e05795dd230bf41],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd, Quarantined, [9edb77f92c6ee2548e05795dd230bf41],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1, Quarantined, [2a4fff71f9a1e6503f548f4730d27090],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig, Quarantined, [2a4fff71f9a1e6503f548f4730d27090],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hlenaceabbbjngogjncgapaanbaalbfm\3.9, Quarantined, [c0b9d0a09bff7abc6132ecea9d652cd4],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hlenaceabbbjngogjncgapaanbaalbfm, Quarantined, [c0b9d0a09bff7abc6132ecea9d652cd4],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kgfibdhmbmjleoemlmofbhloihpcnale\3.9, Quarantined, [b2c7e18f7b1f81b5d3c0e7efcd3509f7],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kgfibdhmbmjleoemlmofbhloihpcnale, Quarantined, [b2c7e18f7b1f81b5d3c0e7efcd3509f7], 

Files: 84 PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\lsdb.js, Quarantined, [1663cda3eab006305b378f472bd7e020],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\background.html, Quarantined, [1663cda3eab006305b378f472bd7e020],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\content.js, Quarantined, [1663cda3eab006305b378f472bd7e020],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\manifest.json, Quarantined, [1663cda3eab006305b378f472bd7e020],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\newtab.html, Quarantined, [1663cda3eab006305b378f472bd7e020],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229\lsdb.js, Quarantined, [c1b8313fc7d34aecfb9707cf17eb31cf],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229\background.html, Quarantined, [c1b8313fc7d34aecfb9707cf17eb31cf],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229\content.js, Quarantined, [c1b8313fc7d34aecfb9707cf17eb31cf],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229\manifest.json, Quarantined, [c1b8313fc7d34aecfb9707cf17eb31cf],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\lsdb.js, Quarantined, [83f6412f6c2e4de92b677a5c3bc7f907],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\background.html, Quarantined, [83f6412f6c2e4de92b677a5c3bc7f907],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\content.js, Quarantined, [83f6412f6c2e4de92b677a5c3bc7f907],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\manifest.json, Quarantined, [83f6412f6c2e4de92b677a5c3bc7f907],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\newtab.html, Quarantined, [83f6412f6c2e4de92b677a5c3bc7f907],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\lsdb.js, Quarantined, [d3a675fb376365d1365c52846d95ba46],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\background.html, Quarantined, [d3a675fb376365d1365c52846d95ba46],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\content.js, Quarantined, [d3a675fb376365d1365c52846d95ba46],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\manifest.json, Quarantined, [d3a675fb376365d1365c52846d95ba46],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\newtab.html, Quarantined, [d3a675fb376365d1365c52846d95ba46],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229\lsdb.js, Quarantined, [fb7eea860a90e452f0a20dc96d951fe1],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229\background.html, Quarantined, [fb7eea860a90e452f0a20dc96d951fe1],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229\content.js, Quarantined, [fb7eea860a90e452f0a20dc96d951fe1],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229\manifest.json, Quarantined, [fb7eea860a90e452f0a20dc96d951fe1],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\lsdb.js, Quarantined, [a4d5cba5aded3105a7eb9e38d82a28d8],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\background.html, Quarantined, [a4d5cba5aded3105a7eb9e38d82a28d8],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\content.js, Quarantined, [a4d5cba5aded3105a7eb9e38d82a28d8],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\manifest.json, Quarantined, [a4d5cba5aded3105a7eb9e38d82a28d8],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\newtab.html, Quarantined, [a4d5cba5aded3105a7eb9e38d82a28d8],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\lsdb.js, Quarantined, [accd175964369e98d4bfd9fd18ea966a],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\background.html, Quarantined, [accd175964369e98d4bfd9fd18ea966a],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\content.js, Quarantined, [accd175964369e98d4bfd9fd18ea966a],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\manifest.json, Quarantined, [accd175964369e98d4bfd9fd18ea966a],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\newtab.html, Quarantined, [accd175964369e98d4bfd9fd18ea966a],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229\lsdb.js, Quarantined, [92e775fbdac04bebbfd410c6e61c738d],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229\background.html, Quarantined, [92e775fbdac04bebbfd410c6e61c738d],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229\content.js, Quarantined, [92e775fbdac04bebbfd410c6e61c738d],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229\manifest.json, Quarantined, [92e775fbdac04bebbfd410c6e61c738d],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\lsdb.js, Quarantined, [5623313f5e3c51e5395a10c647bba759],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\background.html, Quarantined, [5623313f5e3c51e5395a10c647bba759],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\content.js, Quarantined, [5623313f5e3c51e5395a10c647bba759],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\manifest.json, Quarantined, [5623313f5e3c51e5395a10c647bba759],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\newtab.html, Quarantined, [5623313f5e3c51e5395a10c647bba759],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hlenaceabbbjngogjncgapaanbaalbfm\3.9\lsdb.js, Quarantined, [bebb73fdd4c655e10b88c70fa9597789],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hlenaceabbbjngogjncgapaanbaalbfm\3.9\background.html, Quarantined, [bebb73fdd4c655e10b88c70fa9597789],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hlenaceabbbjngogjncgapaanbaalbfm\3.9\content.js, Quarantined, [bebb73fdd4c655e10b88c70fa9597789],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hlenaceabbbjngogjncgapaanbaalbfm\3.9\manifest.json, Quarantined, [bebb73fdd4c655e10b88c70fa9597789],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kgfibdhmbmjleoemlmofbhloihpcnale\3.9\lsdb.js, Quarantined, [5c1d79f70199ce6810837462fb0732ce],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kgfibdhmbmjleoemlmofbhloihpcnale\3.9\background.html, Quarantined, [5c1d79f70199ce6810837462fb0732ce],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kgfibdhmbmjleoemlmofbhloihpcnale\3.9\content.js, Quarantined, [5c1d79f70199ce6810837462fb0732ce],  PUP.Optional.MultiPlug, C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kgfibdhmbmjleoemlmofbhloihpcnale\3.9\manifest.json, Quarantined, [5c1d79f70199ce6810837462fb0732ce],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\lsdb.js, Quarantined, [8dec4d230991c274c9cab62016ec15eb],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\background.html, Quarantined, [8dec4d230991c274c9cab62016ec15eb],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\content.js, Quarantined, [8dec4d230991c274c9cab62016ec15eb],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\manifest.json, Quarantined, [8dec4d230991c274c9cab62016ec15eb],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgclgkjhliofcokinafphpjahfphmfll\2.1\newtab.html, Quarantined, [8dec4d230991c274c9cab62016ec15eb],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229\lsdb.js, Quarantined, [9edb77f92c6ee2548e05795dd230bf41],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229\background.html, Quarantined, [9edb77f92c6ee2548e05795dd230bf41],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229\content.js, Quarantined, [9edb77f92c6ee2548e05795dd230bf41],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd\229\manifest.json, Quarantined, [9edb77f92c6ee2548e05795dd230bf41],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\lsdb.js, Quarantined, [2a4fff71f9a1e6503f548f4730d27090],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\background.html, Quarantined, [2a4fff71f9a1e6503f548f4730d27090],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\content.js, Quarantined, [2a4fff71f9a1e6503f548f4730d27090],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\manifest.json, Quarantined, [2a4fff71f9a1e6503f548f4730d27090],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ecalpcoiabmidlfonabjnjjjhdicleig\2.1\newtab.html, Quarantined, [2a4fff71f9a1e6503f548f4730d27090],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hlenaceabbbjngogjncgapaanbaalbfm\3.9\lsdb.js, Quarantined, [c0b9d0a09bff7abc6132ecea9d652cd4],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hlenaceabbbjngogjncgapaanbaalbfm\3.9\background.html, Quarantined, [c0b9d0a09bff7abc6132ecea9d652cd4],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hlenaceabbbjngogjncgapaanbaalbfm\3.9\content.js, Quarantined, [c0b9d0a09bff7abc6132ecea9d652cd4],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hlenaceabbbjngogjncgapaanbaalbfm\3.9\manifest.json, Quarantined, [c0b9d0a09bff7abc6132ecea9d652cd4],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kgfibdhmbmjleoemlmofbhloihpcnale\3.9\lsdb.js, Quarantined, [b2c7e18f7b1f81b5d3c0e7efcd3509f7],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kgfibdhmbmjleoemlmofbhloihpcnale\3.9\background.html, Quarantined, [b2c7e18f7b1f81b5d3c0e7efcd3509f7],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kgfibdhmbmjleoemlmofbhloihpcnale\3.9\content.js, Quarantined, [b2c7e18f7b1f81b5d3c0e7efcd3509f7],  PUP.Optional.MultiPlug, C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kgfibdhmbmjleoemlmofbhloihpcnale\3.9\manifest.json, Quarantined, [b2c7e18f7b1f81b5d3c0e7efcd3509f7],  PUP.Optional.LSHAREit.Trace, C:\awh3110.tmp, Quarantined, [314807691d7dbc7a874a6081b64d8779],  PUP.Optional.LSHAREit.Trace, C:\awh3976.tmp, Quarantined, [47325c149604ed49864b677af60d5ea2],  PUP.Optional.LSHAREit.Trace, C:\awh5218.tmp, Quarantined, [601973fdd9c1d4622ba6f8e9a65dfe02],  PUP.Optional.LSHAREit.Trace, C:\awh5F3F.tmp, Quarantined, [9ddcfb753b5f7abc3b96aa372ad91fe1],  PUP.Optional.LSHAREit.Trace, C:\awh6103.tmp, Quarantined, [166300707921f93d9d34756c20e31fe1],  PUP.Optional.LSHAREit.Trace, C:\awh61C3.tmp, Quarantined, [babff8788b0f83b34d84469bde25649c],  PUP.Optional.LSHAREit.Trace, C:\awh6279.tmp, Quarantined, [0c6d86ea2b6f6bcbb61b855c17ec4cb4],  PUP.Optional.LSHAREit.Trace, C:\awh6FD2.tmp, Quarantined, [babfbfb15e3cbd7928a9c61ba3608a76],  PUP.Optional.LSHAREit.Trace, C:\awhF0D9.tmp, Quarantined, [245538380298ff377160439e1fe47987],  PUP.Optional.LSHAREit.Trace, C:\awhFDAF.tmp, Quarantined, [6316e38d0199bf775b76934e19eaac54],  PUP.Optional.AllMyApps, C:\Windows\System32\Tasks\AllmyappsUpdateTask, Quarantined, [d6a379f7aaf08aacdcc7777dc73c30d0],  PUP.Optional.AllMyApps, C:\Windows\Tasks\AllmyappsUpdateTask.job, Quarantined, [ed8c5818504ab482a8fc0aea06fd946c], 

Physical Sectors: 0 (No malicious items detected)

(end)

Re: Dead Rising 3 softonic viruses

Hello,

Ok, great.

Do you still have an issue ?

Re: Dead Rising 3 softonic viruses

Great !

  • Download DelFix from Xplode on your desktop;
  • Launch it with administrator rights;
  • Select all the option except the one proposing to save the registry;
  • Then click on the "Execute" button;
  • When everything is finish, the software will close itself;
  • Then a report appear on the notepad, please copy paste it's content in your answer.

Then, clean with CCleaner:

  1. Download CCleaner from here, and install it.
  2. Start CCleaner (there should be a shortcut on your Desktop)
  3. Go in Options tab > Advanced, untick Only delete Windows temporary files older than 24 hours.
  4. Then in Options  tab > Surveillance, untick the both boxes.
  5. In the Clean tab, click on "Clean".
  6. When the cleaning is done, go in the "Registry" tab, click on "Find errors" and then "Fix".

Finally, we'll reordonate the files stored on the hard drive. It will be faster to access them :

  1. Download Defraggler here
  2. Follow the instructions to install and launch the software.
  3. In the program's window, click on [Defragment]. The process can take a few hours to complete. It's advised not to use the computer during the operation (to make it more efficient)
  4. At the end, just reboot the computer

Best regards,

Re: Dead Rising 3 softonic viruses

Eh.. I don't think my computer is free from them. My password just got deactivated again. Here is the DelFix content:

# DelFix v1.013 - Logfile created 11/09/2016 at 15:14:27
# Updated 17/04/2016 by Xplode
# Username : samsung - TEAMALPHA
# Operating System : Windows 10 Home  (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\Users\samsung\Downloads\adwcleaner_6.010.exe
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Cleaning system restore ...

Deleted : RP #41 [Windows Update | 08/14/2016 11:07:06]
Deleted : RP #42 [Scheduled Checkpoint | 08/27/2016 07:45:48]
Deleted : RP #43 [Windows Update | 09/03/2016 05:07:51]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

I am going to do the CCleaner and the Defraggler next.

Re: Dead Rising 3 softonic viruses

Hello,

Which password ?

Thanks for the logfile,

Re: Dead Rising 3 softonic viruses

The password of my computer. The one when you need to put in when you open your computer.

Re: Dead Rising 3 softonic viruses

Do you log in as a local user or with an outlook/hotmail account ?

Re: Dead Rising 3 softonic viruses

I am on Windows 10 and I am using my Microsoft account to log in.

Re: Dead Rising 3 softonic viruses

Hello,

So, if you reset your Microsoft password, when you reboot, the password has been changed twice ?

Re: Dead Rising 3 softonic viruses

Lets clean some thash.

Download fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Re: Dead Rising 3 softonic viruses

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-09-2016
Ran by samsung (14-09-2016 06:57:02) Run:1
Running from C:\Users\samsung\Desktop
Loaded Profiles: samsung (Available Profiles: samsung & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
[code]start
CreateRestorePoint:
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
CustomCLSID: HKU\S-1-5-21-1285780863-4141913994-941100708-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\samsung\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1285780863-4141913994-941100708-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\samsung\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1285780863-4141913994-941100708-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\samsung\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1285780863-4141913994-941100708-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\samsung\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
Task: {05A930BD-7531-4971-AAB1-6ACF62D9E5BC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {1772F661-4ECF-4B65-8569-9DDD6A187ECA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2988E62B-9891-401B-B4E5-800A4933177D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4461A4A8-D2DD-4A26-8EA8-338642025DE6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {53A9B4AE-AB5C-45B1-AC70-2F138093576E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {73A34160-3CC5-400F-A88E-EF69E266D9FF} - \d95df9fc-8393-489c-a096-3cda9b784081-2 -> No File <==== ATTENTION
Task: {8550573A-EFA4-46B2-92F4-FBBAE722BEE1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8FFEAB47-B68E-459A-803E-6B926A551365} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A8651089-D94F-4AD7-B246-4BCDB1897448} - \d95df9fc-8393-489c-a096-3cda9b784081-3 -> No File <==== ATTENTION
Task: {B9EC03B2-520D-46EC-9F10-FF6426898D8A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D11C4C05-57E6-448D-878C-63A1EE2966A6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {E0B9FC29-ACB7-415D-812E-C4C9BDE86B6E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {EE22EAF9-ABC9-4FD1-BDC4-FAE08479381C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
AlternateDataStreams: C:\Users\samsung\Cookies:2AvvZcN0ucNj3D486cbO7gY4 [2018]
AlternateDataStreams: C:\Users\samsung\AppData\Local\xNNOgvjbn:PSH68b1JgvoXeRjlpihDaLC4pTnr [2192]
GroupPolicy: Restriction - Chrome <======= ATTENTION
BHO: youtubeadblocker -> {4cabfe67-ea68-495c-906f-72eb8d3555e4} -> C:\Program Files (x86)\youtubeadblocker\KZCEoo0qJZpLnw.x64.dll => No File
S4 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [X]
EmptyTemp:
Reboot:
end[/code]
*****************

[code]start => Error: No automatic fix found for this entry.
Restore point was successfully created.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}\\SystemComponent => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{185F9795-9663-4F13-9EF9-307A282ADB5A}\\SystemComponent => value removed successfully
"HKU\S-1-5-21-1285780863-4141913994-941100708-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => key removed successfully
"HKU\S-1-5-21-1285780863-4141913994-941100708-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => key removed successfully
"HKU\S-1-5-21-1285780863-4141913994-941100708-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}" => key removed successfully
"HKU\S-1-5-21-1285780863-4141913994-941100708-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{05A930BD-7531-4971-AAB1-6ACF62D9E5BC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05A930BD-7531-4971-AAB1-6ACF62D9E5BC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1772F661-4ECF-4B65-8569-9DDD6A187ECA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1772F661-4ECF-4B65-8569-9DDD6A187ECA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2988E62B-9891-401B-B4E5-800A4933177D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2988E62B-9891-401B-B4E5-800A4933177D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4461A4A8-D2DD-4A26-8EA8-338642025DE6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4461A4A8-D2DD-4A26-8EA8-338642025DE6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{53A9B4AE-AB5C-45B1-AC70-2F138093576E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53A9B4AE-AB5C-45B1-AC70-2F138093576E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{73A34160-3CC5-400F-A88E-EF69E266D9FF}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73A34160-3CC5-400F-A88E-EF69E266D9FF} => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d95df9fc-8393-489c-a096-3cda9b784081-2 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8550573A-EFA4-46B2-92F4-FBBAE722BEE1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8550573A-EFA4-46B2-92F4-FBBAE722BEE1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8FFEAB47-B68E-459A-803E-6B926A551365}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FFEAB47-B68E-459A-803E-6B926A551365}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A8651089-D94F-4AD7-B246-4BCDB1897448}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A8651089-D94F-4AD7-B246-4BCDB1897448} => key not found. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\d95df9fc-8393-489c-a096-3cda9b784081-3 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9EC03B2-520D-46EC-9F10-FF6426898D8A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9EC03B2-520D-46EC-9F10-FF6426898D8A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D11C4C05-57E6-448D-878C-63A1EE2966A6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D11C4C05-57E6-448D-878C-63A1EE2966A6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0B9FC29-ACB7-415D-812E-C4C9BDE86B6E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0B9FC29-ACB7-415D-812E-C4C9BDE86B6E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE22EAF9-ABC9-4FD1-BDC4-FAE08479381C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE22EAF9-ABC9-4FD1-BDC4-FAE08479381C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"C:\Users\samsung\Cookies" => ":2AvvZcN0ucNj3D486cbO7gY4" ADS not found.
C:\Users\samsung\AppData\Local\xNNOgvjbn => ":PSH68b1JgvoXeRjlpihDaLC4pTnr" ADS removed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4cabfe67-ea68-495c-906f-72eb8d3555e4}" => key removed successfully
"HKCR\CLSID\{4cabfe67-ea68-495c-906f-72eb8d3555e4}" => key removed successfully
HitmanProScheduler => service removed successfully
end[/code] => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 146589 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10991438 B
Java, Flash, Steam htmlcache => 372638400 B
Windows/system/drivers => 69316 B
Edge => 151198445 B
Chrome => 406084886 B
Firefox => 91591144 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 1536 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 7330262 B
samsung => 7145921 B
DefaultAppPool => 0 B

RecycleBin => 0 B
EmptyTemp: => 998.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 07:00:40 ====

Here you go

Re: Dead Rising 3 softonic viruses

CraftedGaming,

1) Uninstall via Control Panel - Programs and components "bl" and "ph" if there is.

2) Delete folder C:\FRST