Computer is running really loud lately, possible malware I'm missing?

Status
Not open for further replies.
I made an educated guess and exported to text file. Here is the ESET scan:

C:\AdwCleaner\FileQuarantine\C\Users\Owner\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\FileQuarantine\C\Users\Owner\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\FileQuarantine\C\Users\Owner\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\FileQuarantine\C\Users\Owner\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\FileQuarantine\C\Users\Owner\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\FileQuarantine\C\Users\Owner\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\CT3298581\plugins\TBVerifier.dll.vir Win32/Toolbar.Conduit.AC potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ConduitEngine\ConduitEngine.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ConduitEngine\ConduitEngineUninstall.exe.vir a variant of Win32/Toolbar.Conduit.AR potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Coupons\uninstall.exe.vir a variant of Win32/Adware.Coupons.AA application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SW-Booster\Assistant_x64.dll.vir a variant of Win64/SProtector.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\uTorrentBar\tbuTor.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.7z.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\ProgramData\ExsttraSSaevinags\1qC.dll.vir a variant of Win32/AdWare.MultiPlug.N application
C:\AdwCleaner\Quarantine\C\ProgramData\saave net\wnLAlG5.exe.vir a variant of Win32/AdWare.MultiPlug.Y application
C:\AdwCleaner\Quarantine\C\ProgramData\saavee onett\77CMT.exe.vir a variant of Win32/AdWare.MultiPlug.Y application
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{ED7702F7-093C-4968-8B84-3CF5D1A3F23D}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application
C:\AdwCleaner\Quarantine\C\ProgramData\YoutubeAdblocker\lHBgJ.exe.vir a variant of Win32/AdWare.MultiPlug.Y application
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\mJ9k1J6RtZx.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\olmcifmckodjahofoaagljdikbbfbmpp\5.14\PirYrPf.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\enekehjgaaanjlpmlbcipoigpncjejlp\5.14\sPE2dOT8epd.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikipapifkbcdpamlpjoomlcfbeopmhjk\5.14\et6j8U.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\boJ9i7Hj.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\mJ9k1J6RtZx.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnodkiakfohbcpjjpodlnbmfmeddfeea\1.0\zOCi9a.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmnofnnhckfmeelmncbocoabcggefgoh\2.1\B5uON.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\FSYSEmwMg0fK.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmcifmckodjahofoaagljdikbbfbmpp\5.14\PirYrPf.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\enekehjgaaanjlpmlbcipoigpncjejlp\5.14\sPE2dOT8epd.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\ikipapifkbcdpamlpjoomlcfbeopmhjk\5.14\et6j8U.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\boJ9i7Hj.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\mJ9k1J6RtZx.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\lnodkiakfohbcpjjpodlnbmfmeddfeea\1.0\zOCi9a.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\198\bvIqjKgum.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\mmnofnnhckfmeelmncbocoabcggefgoh\2.1\B5uON.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\FSYSEmwMg0fK.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\olmcifmckodjahofoaagljdikbbfbmpp\5.14\PirYrPf.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\mJ9k1J6RtZx.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\olmcifmckodjahofoaagljdikbbfbmpp\5.14\PirYrPf.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\enekehjgaaanjlpmlbcipoigpncjejlp\5.14\sPE2dOT8epd.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikipapifkbcdpamlpjoomlcfbeopmhjk\5.14\et6j8U.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\boJ9i7Hj.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\mJ9k1J6RtZx.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnodkiakfohbcpjjpodlnbmfmeddfeea\1.0\zOCi9a.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmnofnnhckfmeelmncbocoabcggefgoh\2.1\B5uON.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\FSYSEmwMg0fK.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmcifmckodjahofoaagljdikbbfbmpp\5.14\PirYrPf.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\enekehjgaaanjlpmlbcipoigpncjejlp\5.14\sPE2dOT8epd.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\ikipapifkbcdpamlpjoomlcfbeopmhjk\5.14\et6j8U.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\boJ9i7Hj.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\mJ9k1J6RtZx.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\lnodkiakfohbcpjjpodlnbmfmeddfeea\1.0\zOCi9a.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\198\bvIqjKgum.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\mmnofnnhckfmeelmncbocoabcggefgoh\2.1\B5uON.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\FSYSEmwMg0fK.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\olmcifmckodjahofoaagljdikbbfbmpp\5.14\PirYrPf.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\mJ9k1J6RtZx.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\olmcifmckodjahofoaagljdikbbfbmpp\5.14\PirYrPf.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\enekehjgaaanjlpmlbcipoigpncjejlp\5.14\sPE2dOT8epd.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikipapifkbcdpamlpjoomlcfbeopmhjk\5.14\et6j8U.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\boJ9i7Hj.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\mJ9k1J6RtZx.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnodkiakfohbcpjjpodlnbmfmeddfeea\1.0\zOCi9a.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmnofnnhckfmeelmncbocoabcggefgoh\2.1\B5uON.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\FSYSEmwMg0fK.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmcifmckodjahofoaagljdikbbfbmpp\5.14\PirYrPf.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\enekehjgaaanjlpmlbcipoigpncjejlp\5.14\sPE2dOT8epd.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\ikipapifkbcdpamlpjoomlcfbeopmhjk\5.14\et6j8U.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\boJ9i7Hj.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\mJ9k1J6RtZx.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\lnodkiakfohbcpjjpodlnbmfmeddfeea\1.0\zOCi9a.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\198\bvIqjKgum.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\mmnofnnhckfmeelmncbocoabcggefgoh\2.1\B5uON.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\FSYSEmwMg0fK.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\olmcifmckodjahofoaagljdikbbfbmpp\5.14\PirYrPf.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Chromatic Browser\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Chromatic Browser\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\mJ9k1J6RtZx.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Chromatic Browser\User Data\Default\Extensions\olmcifmckodjahofoaagljdikbbfbmpp\5.14\PirYrPf.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\enekehjgaaanjlpmlbcipoigpncjejlp\5.14\sPE2dOT8epd.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iehjklkgijkjfcfmmjmjlmcccholamaf\10.26.0.540_0\APISupport\APISupport.dll.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iehjklkgijkjfcfmmjmjlmcccholamaf\10.26.0.540_0\nativeMessaging\TBMessagingHost.exe.vir Win32/Toolbar.Conduit.AH potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\mJ9k1J6RtZx.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmnofnnhckfmeelmncbocoabcggefgoh\2.1\B5uON.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\FSYSEmwMg0fK.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmcifmckodjahofoaagljdikbbfbmpp\5.14\PirYrPf.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\NativeMessaging\CT3298581\1_0_0_4\TBMessagingHost.exe.vir Win32/Toolbar.Conduit.AH potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\SwvUpdater\Updater.exe.vir a variant of Win32/Amonetize.AB potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\TBHostSupport\TBHostSupport.dll.vir a variant of Win32/Toolbar.Conduit.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\torch\User Data\Default\Extensions\enekehjgaaanjlpmlbcipoigpncjejlp\5.14\sPE2dOT8epd.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\torch\User Data\Default\Extensions\ikipapifkbcdpamlpjoomlcfbeopmhjk\5.14\et6j8U.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\torch\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\boJ9i7Hj.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\torch\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\torch\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\torch\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\mJ9k1J6RtZx.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\torch\User Data\Default\Extensions\lnodkiakfohbcpjjpodlnbmfmeddfeea\1.0\zOCi9a.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\torch\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\198\bvIqjKgum.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\torch\User Data\Default\Extensions\mmnofnnhckfmeelmncbocoabcggefgoh\2.1\B5uON.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\torch\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\torch\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\FSYSEmwMg0fK.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\torch\User Data\Default\Extensions\olmcifmckodjahofoaagljdikbbfbmpp\5.14\PirYrPf.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\WhiteListing\PluginsWhiteListing.dll.vir a variant of Win32/Toolbar.Conduit.AR potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\Vuze_Remote\tbVuze.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application
C:\Program Files\KMSpico\Service_KMS.exe a variant of MSIL/HackTool.IdleKMS.C potentially unsafe application
C:\Program Files (x86)\Vuze\bunndle.zip a variant of Win32/Bunndle potentially unsafe application
C:\Program Files (x86)\Vuze\.install4j\i4j_extf_32_5p83tu.dll a variant of Win32/Bunndle potentially unsafe application
C:\Program Files (x86)\Vuze\.install4j\user\mism.exe a variant of Win32/Toolbar.Conduit.AR potentially unwanted application
C:\ProgramData\Spybot - Search & Destroy\Recovery\myPCBackup.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam33.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam65.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO16.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO7.zip Win32/Bagle.gen.zip worm
C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen.zip Win32/Bagle.gen.zip worm
C:\ProgramData\{CA19C67B-273A-466C-A67A-E9467606540F}\Shareaza_V8_en_Setup.res a variant of Win32/Toolbar.SearchSuite.Y potentially unwanted application
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js JS/Chromex.Agent.L trojan
C:\Users\All Users\Spybot - Search & Destroy\Recovery\myPCBackup.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\Wajam33.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\Wajam65.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\WebCakeBHO16.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\WebCakeBHO7.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\WinDownloadergen.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\{CA19C67B-273A-466C-A67A-E9467606540F}\Shareaza_V8_en_Setup.res a variant of Win32/Toolbar.SearchSuite.Y potentially unwanted application
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Owner\.gimp-2.8\.frostwire5\updates\frostwire-5.6.9.windows.coc.premium.exe a variant of Win32/OpenCandy.A potentially unsafe application
C:\Users\Owner\.gimp-2.8\.frostwire5\updates\frostwire-5.6.9.windows.exe a variant of Win32/OpenCandy.A potentially unsafe application
C:\Users\Owner\Documents\Vuze Downloads\Microsoft Office Proffesional Plus 2010 Corporate Final Full Activated -NoGRp\Microsoft Office Proffesional Plus 2010 Corporate Final (full activated).iso a variant of MSIL/HackKMS.A potentially unsafe application

Computer still is running loud.
 
I made an educated guess and exported to text file. Here is the ESET scan
Original instructions were first posted on post #7
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

C:\Program Files\KMSpico\Service_KMS.exe
tool often used to activate illegal versions of Microsoft Office
Note:
We do not support the use of Pirated-Warez-Keygens-Cracked software.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

(P2P) file sharing software is installed on your computer. I advise you avoid P2P file sharing programmes; they are a security risk which can make your computer susceptible to malware. File sharing networks are thoroughly infected and infested with malware - worms, backdoor Trojans, IRCBots, and rootkits propagate via P2P file sharing networks, gaming, and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans, and spyware. The best way to reduce the risk of infection is to avoid these types of web sites and not use P2P applications. Please read the following articles for more information.
Your P2P software can be removed by following the instructions below.
  • Press the Windows Key
    pdKOQKY.png
    + r on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for the aforementioned programme(s), right-click and click Uninstall.

~~~~~~~~~~~~~~~~~~~``

Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)


FRSTfix.JPG



start
CreateRestorePoint:
CloseProcesses:
C:\Program Files\KMSpico\Service_KMS.exe
C:\Program Files (x86)\Vuze\bunndle.zip
C:\Program Files (x86)\Vuze\.install4j\i4j_extf_32_5p83tu.dll
C:\Program Files (x86)\Vuze\.install4j\user\mism.exe
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js
C:\Users\All Users\{CA19C67B-273A-466C-A67A-E9467606540F}\Shareaza_V8_en_Setup.res a variant of Win32/Toolbar.SearchSuite.Y potentially unwanted application
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js
C:\Users\Owner\.gimp-2.8\.frostwire5\updates\frostwire-5.6.9.windows.coc.premium.exe
C:\Users\Owner\.gimp-2.8\.frostwire5\updates\frostwire-5.6.9.windows.exe
C:\Users\Owner\Documents\Vuze Downloads\Microsoft Office Proffesional Plus 2010 Corporate Final Full Activated -NoGRp\Microsoft Office Proffesional Plus 2010 Corporate Final (full activated).iso
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
Hosts:
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
End

Open FRST/FRST64 and press the > Fix < button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

~~~~~~~~~~~~~~`

CXrghb6.png
Update Outdated Software

Outdated software contain security risks that must be patched. Please download and install the latest version of the programmes below.
 
Hello, that's what I thought but when I went back to re-read #7, there was nothing after "click....". Just letting you know for the next person.

When I tried to save the fixlist.txt, it asks whether I want it saved as ANSI or Unicode. The default was ANSI but it says there is Unicode and all of those commands will be lost if I save it as ANSI. Not sure what all of this means, sorry.
 
Must be a glitch somewhere.....I looked over it again and did not see any Unicode so??

Go back and see if it will run as saved in Unicode?
 
I got a warning when pressing "fix". It says "Looks like you don't know what to do. To prevent damage to the system, the tool will exit."

That was when I used "unicode". Should I try it again using ANSI?
 
I guess I should ask, what does the stuff in the quote box/fix do?

Oh, and I forgot to tell you that I updated Adobe and Java like you said below.
 
I don't know whats going on.

Let's start over.

Find Farbar Recovery Scan Tool thats located on your desktop
Right click on that and you should see the option to delete. If you don't drag it to the recycle bin.
Then look for the Fixlog.txt and delete it too.

Now, we'll see if downloading a new version will help.


After it's on Desktop don't click on anything.

We'll create a new script.

Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)


FRSTfix.JPG

start
CreateRestorePoint:
CloseProcesses:
C:\Program Files\KMSpico\Service_KMS.exe
C:\Program Files (x86)\Vuze\bunndle.zip
C:\Program Files (x86)\Vuze\.install4j\i4j_extf_32_5p83tu.dll
C:\Program Files (x86)\Vuze\.install4j\user\mism.exe
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js
C:\Users\All Users\{CA19C67B-273A-466C-A67A-E9467606540F}\Shareaza_V8_en_Setup.res
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js
C:\Users\Owner\.gimp-2.8\.frostwire5\updates\frostwire-5.6.9.windows.coc.premium.exe
C:\Users\Owner\.gimp-2.8\.frostwire5\updates\frostwire-5.6.9.windows.exe
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
Hosts:
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
End

Open FRST/FRST64 and press the > Fix < button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

~~~~~~~~~~~~~~`
 
It worked! And I know what I did wrong (but am too embarrassed to say!).
Here is the Fixlog.txt:

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-06-2016
Ran by Owner (2016-06-30 19:43:58) Run:2
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
C:\Program Files\KMSpico\Service_KMS.exe
C:\Program Files (x86)\Vuze\bunndle.zip
C:\Program Files (x86)\Vuze\.install4j\i4j_extf_32_5p83tu.dll
C:\Program Files (x86)\Vuze\.install4j\user\mism.exe
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js
C:\Users\All Users\{CA19C67B-273A-466C-A67A-E9467606540F}\Shareaza_V8_en_Setup.res
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js
C:\Users\Owner\.gimp-2.8\.frostwire5\updates\frostwire-5.6.9.windows.coc.premium.exe
C:\Users\Owner\.gimp-2.8\.frostwire5\updates\frostwire-5.6.9.windows.exe
CMD: ipconfig /flushdns
CMD: netsh winsock reset all
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
Hosts:
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f

Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
End
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Program Files\KMSpico\Service_KMS.exe => moved successfully
C:\Program Files (x86)\Vuze\bunndle.zip => moved successfully
C:\Program Files (x86)\Vuze\.install4j\i4j_extf_32_5p83tu.dll => moved successfully
C:\Program Files (x86)\Vuze\.install4j\user\mism.exe => moved successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js => moved successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js => moved successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js => moved successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js => moved successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js => moved successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js => moved successfully
C:\Users\All Users\{CA19C67B-273A-466C-A67A-E9467606540F}\Shareaza_V8_en_Setup.res => moved successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js => moved successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js => moved successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js => moved successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js => moved successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js => moved successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js => moved successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js => moved successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js => moved successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nmebbfaopbbaeefhbhgfgdcganoifhje\5.14\content.js => moved successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kljcpckmkjfjcncacblmkbeeibblkfph\5.14\content.js => moved successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\llenmfobpkcbohomijckfhhehblnlilb\1.0\content.js => moved successfully
C:\Users\Owner\.gimp-2.8\.frostwire5\updates\frostwire-5.6.9.windows.coc.premium.exe => moved successfully
C:\Users\Owner\.gimp-2.8\.frostwire5\updates\frostwire-5.6.9.windows.exe => moved successfully

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= netsh winsock reset all =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reseting Global, OK!
Reseting Interface, OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reseting Interface, OK!
Restart the computer to complete this action.


========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.



========= End of Reg: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22275879 B
Java, Flash, Steam htmlcache => 2251 B
Windows/system/drivers => 303240 B
Edge => 0 B
Chrome => 0 B
Firefox => 333777233 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66228 B
systemprofile32 => 692 B
LocalService => 0 B
NetworkService => 8596 B
Owner => 126236171 B

RecycleBin => 3140818 B
EmptyTemp: => 471.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:49:22 ====
 
WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version.

Or install the latest version here https://java.com/en/download/

Flash Player Update
make sure you Uncheck the box to install the Optional Offer software or whatever offer they try to bundle along with it..
http://get.adobe.com/flashplayer/
 
I'd uninstall it. If you go somewhere and it's needed you will probably get a notice with a link to download the latest version.
My opinion, since so many sites now know how open to exploit it is, other tools are used or drafter in.

Ready to remove tools and quarantine folders?
 
DelFix

  • Please download DelFix or from Here and save the file to your Desktop.
  • Double-click DelFix.exe to run the programme.
  • Place a checkmark next to the following items:
  • Activate UAC
  • Remove disinfection tools
  • Click the Run button.
  • -- This will remove the specialized tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).

~~~~~~~~~~~~~~~

  • AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads.
  • E8I37RF.png
    CryptoPrevent places policy restrictions on loading points for ransomware (eg. CryptoWall), helping prevent the execution of malware.
  • EG85Vjt.png
    Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
  • 6YRrgUC.png
    Malwarebytes Anti-Malware Premium (MBAM) works in real-time along side your Anti-Virus to prevent malware execution.
  • jv4nhMJ.png
    NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
  • Sandboxie isolates programmes of your choice, preventing files from being written to your HDD unless approved by you.
  • DgW1XL2.png
    Secunia PSI will scan your computer for vulnerable software that is outdated, and automatically find the latest update for you.
  • j1OLIec.png
    SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
  • sHjS79L.png
    Unchecky automatically removes checkmarks for bunlded software in programme installers; helping you avoid adware and PUPs.
  • JEP5iWI.png
    Web of Trust (WOT) is a browser add-on designed to alert you before interacting with a potentially malicious website.

b]Want to help others? Join the ClassRoom [/b]and learn how.
 
So is my computer going to run quietly after I run the DelFix? Because my computer is still running loud, there has been no change yet.
 
So is my computer going to run quietly after I run the DelFix? Because my computer is still running loud, there has been no change yet.

I had hoped yes, but, now I know that this isn't related to malware but rather something internal.
Does it ever feel hot or more then usual warm?

Let me direct you to another forum where the tech's there can better help with that (I'm a member there too), kinda takes me out of my field of knowledge.
Register here
https://forums.whatthetech.com/index.php?showforum=126

You can create a new topic and supply them with a link from this site if they need to see whats been done.
 
Oh, too bad. I thought I was just missing the final step. No, my computer doesn't seem warmer to the touch at all.
Do I still run the DelFix first or leave everything as is and register on the other site?
 
Go ahead and use Delfix, those tools are not needed now.



One thing I didn't ask:
Let's check and see if something is updating or running in the background.
(If we have already took this step then just ignore this)

Right click on the tool bar at the bottom of your screen, select Task Manager
Located near the bottom of that window you'll see Show Processes from all Users
From here use the scroll bar and check if you can see which process or .exe is using a high amount of CPU
 
Last edited:
Here is the log I got from using DelFix:

# DelFix v1.013 - Logfile created 02/07/2016 at 09:58:32
# Updated 17/04/2016 by Xplode
# Username : Owner - OWNER-HP
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\Users\Owner\Desktop\FRST-OlderVersion
Deleted : C:\Users\Owner\Desktop\Addition.txt
Deleted : C:\Users\Owner\Desktop\AdwCleaner.exe
Deleted : C:\Users\Owner\Desktop\aswMBR.exe
Deleted : C:\Users\Owner\Desktop\aswMBR.txt
Deleted : C:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
Deleted : C:\Users\Owner\Desktop\Fixlog.txt
Deleted : C:\Users\Owner\Desktop\FRST.txt
Deleted : C:\Users\Owner\Desktop\FRST64.exe
Deleted : C:\Users\Owner\Desktop\JRT.exe
Deleted : C:\Users\Owner\Desktop\JRT.txt
Deleted : C:\Users\Owner\Desktop\MBR.dat
Deleted : C:\Users\Owner\Desktop\TFC.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

########## - EOF - ##########


I went into Task Manger and it shows that svchost.exe is using 50 CPU and System Idle Process is using between 47-49 CPU. The rest all say zero or one.
Is this bad?
 
svchost.exe isn't always associated with viruses, it is a windows feature responsible for loading shared dll's for other applications to use.



Have you tried to update Microsoft Windows update manually in a while?

Is this service running wuauserv? not a problem if it is it's relate to Windows Update.
 
No, wuauserv isn't running.
I checked my Windows updates, I have 39 important updates pending download/installation!!! I'm installing them now.....
 
Status
Not open for further replies.
Back
Top