[Lyanheart]

Logs attached.

I would be happy to get rid of MSE and replace it with something more reliable, and if it even works well I don't have a problem paying for it. Of course, I went for months without any issues and then this happened out of nowhere

Attached Files

•  FRST.txt   27.32KB   129 downloads
•  Addition.txt   24.05KB   163 downloads

[Advertisements]

OK, as far as weird stuff goes... I find these text files pop up on my desktop every so often. Some kinda of java error? Just noticed it; attached to this post.

Attached Files

•  hs_err_pid5624.log   18.29KB   233 downloads

[Lyanheart]

OK, as far as weird stuff goes... I find these text files pop up on my desktop every so often. Some kinda of java error? Just noticed it; attached to this post.

Attached Files

•  hs_err_pid5624.log   18.29KB   233 downloads

[Essexboy]

OK we will sort that next.. First lets kill this bad boy and then replace MSES

Download the attached fixlist.txt to the same location as FRST
Run FRST and press fix
Please post the log it generates

THEN

Download Avast Free to your desktop
Uninstall MSES
Install Avast, a reboot may be required and it will run a quick scan after install
Default settings for Avast will be good so no need to dig around in the interface

[Lyanheart]

I think you forgot to attach the fixlist...

[Essexboy]

[Lyanheart]

OK, working again after the reboot. Fixlog is attached.

MSE came online and detected the following, all occuring at 4:35pm yesterday:
trojan Win64/Sirefef.P
trojan Win32/Sirefef.AB
trojan Win32/Sirefef!cfg (this one is shown twice)
and this one again, occuring at 10:29am today:
trojan Win64/Sirefef.P

all are under MSE's quarantined status; still reccomending to uninstall MSE and try Avast?

Attached Files

•  Fixlog.txt   4.22KB   121 downloads

[Essexboy]

Yes because Avast will also give additional data as to where it is and should block it as it tries to install

[Essexboy]

Once Avast is installed could you then run OTL as I will need to use that to remove the google desktop folder.. FRST failed to move that

Can you recall anything unusual or untoward at about 4:35 yesterday ?

Download OTL to your Desktop
Secondary link

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  
  
  
• Select All Users
• Select LOP and Purity
• Under the Custom Scan box paste this in
  
  netsvcs
  BASESERVICES
  %SYSTEMDRIVE%\*.exe
  c:\program files (x86)\Google\Desktop
  c:\program files\Google\Desktop
  dir "%systemdrive%\*" /S /A:L /C
  CREATERESTOREPOINT
  
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Attach both logs

[Lyanheart]

log files attached.
nothing abnormal about 4:30ish yesterday. I do find it odd that google desktop is still doing something, despite being uninstalled and does not even appear on my list of programs in the control panel.

Avast installed and did its initial quick scan, detected no problems.

Attached Files

•  OTL.Txt   128.29KB   118 downloads
•  Extras.Txt   44.44KB   131 downloads

[Essexboy]

Lets now remove the folder that FRST couldn't

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  

:Commands
[CREATERESTOREPOINT]

:Files
C:\Users\Ryan2011\AppData\Local\Google\Desktop
C:\Program Files (x86)\Google

:Commands
[resethosts]
[emptytemp]
[Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

[Lyanheart]

OTL scan log attached

Attached Files

•  OTL.Txt   90.59KB   103 downloads

[Essexboy]

Could you now update Java here please and let me know if the java popups disappear

Windows x64 29.27 MB jre-7u45-windows-x64.exe http://www.oracle.co...ds-1880261.html

[Essexboy]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.