Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
I just installed ANVI Smart Defender to remove rocket-find, and it uninstalled my email client
Message
<blockquote data-quote="trw6142" data-source="post: 441249" data-attributes="member: 43659"><p>Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-10-2015</p><p>Ran by TRW (administrator) on TOMS-PC (14-10-2015 01:11:00)</p><p>Running from C:\Users\TRW\Downloads</p><p>Loaded Profiles: TRW (Available Profiles: TRW & Guest)</p><p>Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)</p><p>Internet Explorer Version 11 (Default browser: IE)</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">FRST Tutorial - How to use Farbar Recovery Scan Tool</a></p><p></p><p>==================== Processes (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)</p><p></p><p>(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchksrv.exe</p><p>(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe</p><p>(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe</p><p>(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe</p><p>(Intel) C:\Program Files (x86)\Intel\AMT\LMS.exe</p><p>(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\n360.exe</p><p>(Intel) C:\Program Files (x86)\Intel\AMT\UNS.exe</p><p>(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxtray.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxsrvc.exe</p><p>(Intel Corporation) C:\Windows\System32\hkcmd.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxpers.exe</p><p>(<a href="http://www.emule-project.net" target="_blank">eMule-Project.net - Official eMule Homepage. Downloads, Help, Docu, News...</a>) C:\Program Files (x86)\eMule\emule.exe</p><p>(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe</p><p>(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe</p><p>(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe</p><p>(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\n360.exe</p><p>(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe</p><p>(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe</p><p>() C:\Program Files (x86)\SolSuite\SolSuite.exe</p><p>(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe</p><p>(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe</p><p>(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe</p><p>(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_19_0_0_185_ActiveX.exe</p><p></p><p></p><p>==================== Registry (Whitelisted) ===========================</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p></p><p>HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)</p><p>HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)</p><p>Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)</p><p>HKU\S-1-5-21-1354457429-920771469-1351253148-1003\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-10-11] (Glarysoft Ltd)</p><p>HKU\S-1-5-21-1354457429-920771469-1351253148-1003\...\Run: [IncrediMail] => C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [444840 2015-10-14] (IncrediMail, Ltd.)</p><p>HKU\S-1-5-21-1354457429-920771469-1351253148-1003\...\Run: [eMuleAutoStart] => C:\Program Files (x86)\eMule\emule.exe [5758976 2010-04-07] (<a href="http://www.emule-project.net" target="_blank">eMule-Project.net - Official eMule Homepage. Downloads, Help, Docu, News...</a>)</p><p>HKU\S-1-5-21-1354457429-920771469-1351253148-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\GPHOTO~1.SCR [641088 2012-04-30] (Gianpaolo Bottin)</p><p>HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> </p><p>ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)</p><p>ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)</p><p>ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)</p><p>Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk [2014-11-09]</p><p>ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()</p><p>Startup: C:\Users\TRW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Event Reminder.lnk [2014-12-19]</p><p>ShortcutTarget: Event Reminder.lnk -> C:\Program Files\Mindscape\PrintMaster\PMREMIND.EXE ()</p><p>BootExecute: autocheck autochk * BootDefrag.exeSmartDefragBootTime.exe</p><p></p><p>==================== Internet (Whitelisted) ====================</p><p></p><p>(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)</p></blockquote><p></p>
[QUOTE="trw6142, post: 441249, member: 43659"] Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-10-2015 Ran by TRW (administrator) on TOMS-PC (14-10-2015 01:11:00) Running from C:\Users\TRW\Downloads Loaded Profiles: TRW (Available Profiles: TRW & Guest) Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [URL="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/"]FRST Tutorial - How to use Farbar Recovery Scan Tool[/URL] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchksrv.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe (Intel) C:\Program Files (x86)\Intel\AMT\LMS.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\n360.exe (Intel) C:\Program Files (x86)\Intel\AMT\UNS.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe ([URL="http://www.emule-project.net"]eMule-Project.net - Official eMule Homepage. Downloads, Help, Docu, News...[/URL]) C:\Program Files (x86)\eMule\emule.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\n360.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe () C:\Program Files (x86)\SolSuite\SolSuite.exe (IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe (IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_19_0_0_185_ActiveX.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1354457429-920771469-1351253148-1003\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-10-11] (Glarysoft Ltd) HKU\S-1-5-21-1354457429-920771469-1351253148-1003\...\Run: [IncrediMail] => C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [444840 2015-10-14] (IncrediMail, Ltd.) HKU\S-1-5-21-1354457429-920771469-1351253148-1003\...\Run: [eMuleAutoStart] => C:\Program Files (x86)\eMule\emule.exe [5758976 2010-04-07] ([URL="http://www.emule-project.net"]eMule-Project.net - Official eMule Homepage. Downloads, Help, Docu, News...[/URL]) HKU\S-1-5-21-1354457429-920771469-1351253148-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\GPHOTO~1.SCR [641088 2012-04-30] (Gianpaolo Bottin) HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk [2014-11-09] ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe () Startup: C:\Users\TRW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Event Reminder.lnk [2014-12-19] ShortcutTarget: Event Reminder.lnk -> C:\Program Files\Mindscape\PrintMaster\PMREMIND.EXE () BootExecute: autocheck autochk * BootDefrag.exeSmartDefragBootTime.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) [/QUOTE]
Insert quotes…
Verification
Post reply
Top
