Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Pop Ups & Ads have taken over laptop [Solved]

Started by mckinney7 , Mar 09 2014 03:22 PM

  • This topic is locked This topic is locked

#61
mckinney7
Posted 14 April 2014 - 06:13 AM

mckinney7

    Member

  • Topic Starter
  • Member
  • PipPip
  • 60 posts

I have gone through several steps of the process. However,  I still cannot uninstall AVG.  I try to do it using the Control Panel>Programs>Uninstall, but it just won't work.  I was able to uninstall the Malwarebytes that way.  I decided to go ahead with the process anyway, but when I started the Dr. Web 700 Security Space, a message came up saying that AVG is still on my computer and running the Dr. Web program with AVG on there could give unpredictable results.  What should I do?


  • 0

Advertisements

#62
JSntgRvr
Posted 14 April 2014 - 08:55 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts

Use the removal tool for AVG 2012 available here.


  • 0

#63
mckinney7
Posted 15 April 2014 - 06:24 AM

mckinney7

    Member

  • Topic Starter
  • Member
  • PipPip
  • 60 posts

I was able to use the program you gave me to uninstall AVG.  That went fine.

 

However, something seems to have gone wrong with the installation of Dr. Web Security Space 7.0.  I followed all the steps (down through #8) and it was installing fine, then suddenly it stalled and now it won't go any further. I have not been able to get to the part where it gives the demo key. It has not gone any further for at least half and hour. I will leave it while I go to work to see if it kicks in.


  • 0

#64
JSntgRvr
Posted 15 April 2014 - 02:28 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Did you run Dr.Web Cureit? Any report on the virus?
  • 0

#65
mckinney7
Posted 15 April 2014 - 08:28 PM

mckinney7

    Member

  • Topic Starter
  • Member
  • PipPip
  • 60 posts

I did run Dr. Web Cure It several days ago.  There were many viruses on it and it said it cured them all.  But something happened and I was not able to access a report.  I tried running it again, but it said it needed to update.  That seemed to not work and so I just ran the original version I had.  It said there were no viruses found.  I have tried to update the program again, but it doesn't work.  


  • 0

#66
JSntgRvr
Posted 16 April 2014 - 06:37 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Run FRST and post the FRST.txt to see if the file we replaced was cured.
  • 0

#67
mckinney7
Posted 17 April 2014 - 05:18 AM

mckinney7

    Member

  • Topic Starter
  • Member
  • PipPip
  • 60 posts

Here is the FRST scan:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-04-2014
Ran by John (administrator) on JOHN-PC on 17-04-2014 06:18:17
Running from C:\Users\John\Desktop
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Doctor Web, Ltd.) C:\Program Files (x86)\DrWeb\dwservice.exe
(WildTangent, Inc.) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
(Doctor Web, Ltd.) C:\Program Files (x86)\DrWeb\dwnetfilter.exe
(Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Doctor Web, Ltd.) C:\Program Files (x86)\DrWeb\spideragent.exe
(Google Inc.) C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre6\bin\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [495104 2009-07-14] (Conexant Systems, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-11-01] (Sun Microsystems, Inc.)
HKLM\...\Run: [SpIDerAgent] => C:\Program Files (x86)\DrWeb\spideragent.exe [7518560 2014-04-15] (Doctor Web, Ltd.)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Java\jre6\bin\jusched.exe [149280 2009-11-01] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [53248 2014-04-13] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2012-06-19] (RealNetworks, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-28] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3082703480-1980997582-769674337-1000\...\Run: [Google Update] => C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-11] (Google Inc.)
HKU\S-1-5-21-3082703480-1980997582-769674337-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [33792 2014-04-13] (Google Inc.)
HKU\S-1-5-21-3082703480-1980997582-769674337-1000\...\Policies\Explorer: [HideSCAHealth] 1

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQNOT/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQNOT/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/CQNOT/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQNOT/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/CQNOT/1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 173.244.132.86 173.244.132.254
Tcpip\..\Interfaces\{81F105C5-75F7-4B34-BD57-6B3F15F03039}: [NameServer]76.73.7.75,107.6.133.7
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer]76.73.7.75,107.6.133.7
Tcpip\..\Interfaces\{F19EA1D7-803A-4B44-B142-1BA0BAACFDCE}: [NameServer]76.73.7.75,107.6.133.7

FireFox:
========
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\John\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\John\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-11-01]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-06-19]
FF HKLM-x32\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\
FF Extension: AVG Do Not Track - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ []
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-02]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta5635\ff
FF HKCU\...\Firefox\Extensions: [speedtest4354@BestOffers] - C:\Users\John\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers
FF Extension: Speed Test 127 - C:\Users\John\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers [2014-02-07]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3324426&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP8F066D17-1D19-46F9-826D-38BA4B129E7B&SSPV="
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\John\AppData\Local\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\John\AppData\Local\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\John\AppData\Local\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.150.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U15) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-12]
CHR Extension: (Google Search) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-12]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-06-19]
CHR Extension: (Google Wallet) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-22]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-08-02]
CHR Extension: (Gmail) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-12]
CHR HKLM-x32\...\Chrome\Extension: [ebplnjmfmakhhedomfffdiekifpdffnd] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha7893\ch\MediaViewV1alpha7893.crx [2012-05-12]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-06-19]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM-x32\...\Chrome\Extension: [oobclncfihjeobfooihfhglbfloocnkg] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta5635\ch\VideoPlayerV3beta5635.crx [2011-12-12]
CHR StartMenuInternet: Google Chrome - C:\Users\John\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

R2 DrWebAVService; C:\Program Files (x86)\DrWeb\dwservice.exe [2969952 2014-04-15] (Doctor Web, Ltd.)
R3 DrWebEngine; C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe [1913680 2014-04-15] (Doctor Web, Ltd.)
R3 DrWebNetFilter; C:\Program Files (x86)\DrWeb\dwnetfilter.exe [3184992 2014-04-15] (Doctor Web, Ltd.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [241664 2014-04-13] ()

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 DrWebWfp; C:\Windows\System32\drivers\dw_wfp.sys [72448 2014-04-15] (Doctor Web, Ltd.)
R0 DwProt; C:\Windows\System32\drivers\dwprot.sys [226560 2014-04-15] (Doctor Web, Ltd.)
R0 SpiderG3; C:\Windows\System32\drivers\spiderg3.sys [223960 2014-04-15] (Doctor Web, Ltd.)
S0 AVGIDSHA; system32\DRIVERS\avgidsha.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-17 06:17 - 2014-04-17 06:17 - 00000000 ____D () C:\Users\John\Desktop\FRST-OlderVersion
2014-04-15 21:40 - 2014-04-15 21:40 - 00000955 _____ () C:\Users\Public\Desktop\Dr.Web Scanner.lnk
2014-04-15 07:00 - 2014-04-15 16:20 - 00000000 __SHD () C:\DrWeb Quarantine
2014-04-15 06:53 - 2014-04-15 06:53 - 00072448 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\dw_wfp.sys
2014-04-15 06:52 - 2014-04-15 06:52 - 00223960 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\spiderg3.sys
2014-04-15 06:51 - 2014-04-15 06:51 - 00226560 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\dwprot.sys
2014-04-15 06:51 - 2014-04-15 06:51 - 00000000 ____D () C:\Program Files\Common Files\Doctor Web
2014-04-15 06:50 - 2014-04-15 06:53 - 00000000 ____D () C:\Program Files (x86)\DrWeb
2014-04-15 06:50 - 2014-04-15 06:51 - 00000000 ____D () C:\ProgramData\Doctor Web
2014-04-15 06:09 - 2014-04-15 06:11 - 00373086 _____ () C:\Users\John\Downloads\avgremover.log
2014-04-15 06:09 - 2014-04-15 06:09 - 02899344 _____ (AVG Technologies CZ, s.r.o.) C:\Users\John\Downloads\avg_remover_stf_x64_2012_2125.exe
2014-04-13 09:10 - 2014-04-13 09:28 - 00000000 ____D () C:\Users\John\Doctor Web
2014-04-13 08:51 - 2014-04-13 09:03 - 207636488 _____ (Doctor Web, Ltd.) C:\Users\John\Desktop\drweb-700-win-space.exe
2014-04-13 08:34 - 2014-04-13 08:43 - 146342024 _____ () C:\Users\John\Desktop\cureit.exe
2014-04-09 06:17 - 2014-04-09 06:17 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-02 06:10 - 2014-04-02 06:10 - 00107234 _____ () C:\Users\John\Downloads\SVCHOSTS.zip
2014-03-31 16:29 - 2014-03-31 16:30 - 00000000 ____D () C:\Users\Public\Desktop\CC Support
2014-03-31 16:28 - 2014-03-31 16:28 - 04009167 _____ () C:\Users\John\Desktop\ServicesRepair.exe
2014-03-28 06:19 - 2014-04-17 06:18 - 00009690 _____ () C:\Users\John\Desktop\FRST.txt
2014-03-28 06:19 - 2014-04-02 06:14 - 00007312 _____ () C:\Users\John\Desktop\Search.txt
2014-03-27 06:10 - 2014-04-02 06:07 - 00001010 _____ () C:\Users\John\Desktop\FSS.txt
2014-03-27 06:09 - 2014-03-27 06:09 - 00409600 _____ (Farbar) C:\Users\John\Desktop\FSS.exe
2014-03-20 06:15 - 2014-03-20 06:15 - 00384084 _____ () C:\Users\John\Desktop\AIDA64 Report.txt
2014-03-20 06:14 - 2014-03-20 06:14 - 00000000 ____D () C:\Users\John\Documents\AIDA64 Reports
2014-03-20 06:13 - 2014-03-20 06:13 - 00001175 _____ () C:\Users\John\Desktop\AIDA64 Extreme.lnk
2014-03-20 06:13 - 2014-03-20 06:13 - 00000000 ____D () C:\Program Files (x86)\FinalWire
2014-03-20 06:10 - 2014-03-20 06:11 - 15834968 _____ (FinalWire Ltd. ) C:\Users\John\Downloads\aida64extreme420.exe
2014-03-20 06:09 - 2014-03-20 06:09 - 00000000 ____D () C:\Users\John\Desktop\Regfix (1)
2014-03-20 06:08 - 2014-03-20 06:08 - 00000323 _____ () C:\Users\John\Downloads\Regfix.zip
2014-03-20 06:08 - 2014-03-20 06:08 - 00000323 _____ () C:\Users\John\Desktop\Regfix (1).zip
2014-03-20 06:05 - 2014-03-20 06:05 - 00000924 _____ () C:\Users\John\Desktop\NTREGOPT.lnk
2014-03-20 06:05 - 2014-03-20 06:05 - 00000905 _____ () C:\Users\John\Desktop\ERUNT.lnk
2014-03-20 06:05 - 2014-03-20 06:05 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-03-20 06:03 - 2014-03-20 06:03 - 00791393 _____ (Lars Hederer ) C:\Users\John\Downloads\erunt-setup.exe
2014-03-19 05:53 - 2014-03-19 05:53 - 00000142 _____ () C:\Users\John\Desktop\MUI.txt
2014-03-19 05:44 - 2014-03-19 05:46 - 00001602 _____ () C:\Users\John\Desktop\SystemLook.txt
2014-03-19 05:40 - 2014-03-19 05:40 - 00165376 _____ () C:\Users\John\Desktop\SystemLook_x64.exe

==================== One Month Modified Files and Folders =======

2014-04-17 06:18 - 2014-03-28 06:19 - 00009690 _____ () C:\Users\John\Desktop\FRST.txt
2014-04-17 06:18 - 2014-03-12 06:00 - 00000000 ____D () C:\FRST
2014-04-17 06:17 - 2014-04-17 06:17 - 00000000 ____D () C:\Users\John\Desktop\FRST-OlderVersion
2014-04-17 06:17 - 2014-03-12 05:59 - 02158592 _____ (Farbar) C:\Users\John\Desktop\FRST64.exe
2014-04-17 06:10 - 2012-05-11 02:08 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-17 06:02 - 2009-07-13 23:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-17 06:02 - 2009-07-13 23:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-17 06:01 - 2012-05-11 02:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-17 05:59 - 2009-07-14 00:13 - 00726316 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-17 05:54 - 2012-05-10 19:27 - 00802598 _____ () C:\Windows\PFRO.log
2014-04-17 05:54 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-17 05:54 - 2009-07-13 23:51 - 00211226 _____ () C:\Windows\setupact.log
2014-04-16 07:30 - 2012-05-12 17:00 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3082703480-1980997582-769674337-1000UA.job
2014-04-15 21:40 - 2014-04-15 21:40 - 00000955 _____ () C:\Users\Public\Desktop\Dr.Web Scanner.lnk
2014-04-15 20:42 - 2012-05-11 02:08 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-15 16:20 - 2014-04-15 07:00 - 00000000 __SHD () C:\DrWeb Quarantine
2014-04-15 14:30 - 2012-05-12 17:00 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3082703480-1980997582-769674337-1000Core.job
2014-04-15 06:53 - 2014-04-15 06:53 - 00072448 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\dw_wfp.sys
2014-04-15 06:53 - 2014-04-15 06:50 - 00000000 ____D () C:\Program Files (x86)\DrWeb
2014-04-15 06:52 - 2014-04-15 06:52 - 00223960 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\spiderg3.sys
2014-04-15 06:51 - 2014-04-15 06:51 - 00226560 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\dwprot.sys
2014-04-15 06:51 - 2014-04-15 06:51 - 00000000 ____D () C:\Program Files\Common Files\Doctor Web
2014-04-15 06:51 - 2014-04-15 06:50 - 00000000 ____D () C:\ProgramData\Doctor Web
2014-04-15 06:11 - 2014-04-15 06:09 - 00373086 _____ () C:\Users\John\Downloads\avgremover.log
2014-04-15 06:09 - 2014-04-15 06:09 - 02899344 _____ (AVG Technologies CZ, s.r.o.) C:\Users\John\Downloads\avg_remover_stf_x64_2012_2125.exe
2014-04-15 06:09 - 2012-07-31 12:21 - 00000000 ____D () C:\ProgramData\AVG2012
2014-04-15 06:09 - 2012-07-31 12:18 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-14 06:17 - 2012-05-11 18:19 - 00000000 ____D () C:\Users\John\AppData\Local\CrashDumps
2014-04-13 09:29 - 2012-05-12 01:19 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-13 09:29 - 2012-05-11 05:37 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\searchindexer.exe
2014-04-13 09:29 - 2012-05-11 05:37 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-04-13 09:29 - 2012-05-11 05:34 - 00558592 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-04-13 09:29 - 2009-07-13 20:05 - 03524608 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2014-04-13 09:29 - 2009-07-13 19:36 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\fxssvc.exe
2014-04-13 09:29 - 2009-07-13 19:10 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\snmptrap.exe
2014-04-13 09:29 - 2009-07-13 19:08 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\alg.exe
2014-04-13 09:29 - 2009-07-13 18:59 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\msdtc.exe
2014-04-13 09:29 - 2009-07-13 18:59 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\dllhost.exe
2014-04-13 09:29 - 2009-07-13 18:52 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\ui0detect.exe
2014-04-13 09:29 - 2009-07-13 18:48 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2014-04-13 09:29 - 2009-07-13 18:43 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
2014-04-13 09:29 - 2009-07-13 18:39 - 01600512 _____ (Microsoft Corporation) C:\Windows\system32\vssvc.exe
2014-04-13 09:29 - 2009-07-13 18:37 - 01503744 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2014-04-13 09:29 - 2009-07-13 18:37 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-04-13 09:29 - 2009-07-13 18:31 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2014-04-13 09:29 - 2009-07-13 18:31 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2014-04-13 09:29 - 2009-07-13 18:20 - 00303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2014-04-13 09:29 - 2009-07-13 18:19 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
2014-04-13 09:28 - 2014-04-13 09:10 - 00000000 ____D () C:\Users\John\Doctor Web
2014-04-13 09:10 - 2012-05-10 19:30 - 00000000 ____D () C:\Users\John
2014-04-13 09:08 - 2014-01-22 21:18 - 00000003 _____ () C:\ProgramData\31.nls
2014-04-13 09:03 - 2014-04-13 08:51 - 207636488 _____ (Doctor Web, Ltd.) C:\Users\John\Desktop\drweb-700-win-space.exe
2014-04-13 08:43 - 2014-04-13 08:34 - 146342024 _____ () C:\Users\John\Desktop\cureit.exe
2014-04-12 15:52 - 2012-05-12 17:01 - 00002358 _____ () C:\Users\John\Desktop\Google Chrome.lnk
2014-04-12 15:33 - 2009-07-13 22:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-04-09 06:17 - 2014-04-09 06:17 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-03 06:12 - 2010-01-09 10:25 - 01660747 _____ () C:\Windows\WindowsUpdate.log
2014-04-02 06:37 - 2012-05-11 02:08 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-02 06:37 - 2012-05-11 02:08 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-02 06:14 - 2014-03-28 06:19 - 00007312 _____ () C:\Users\John\Desktop\Search.txt
2014-04-02 06:10 - 2014-04-02 06:10 - 00107234 _____ () C:\Users\John\Downloads\SVCHOSTS.zip
2014-04-02 06:07 - 2014-03-27 06:10 - 00001010 _____ () C:\Users\John\Desktop\FSS.txt
2014-03-31 16:30 - 2014-03-31 16:29 - 00000000 ____D () C:\Users\Public\Desktop\CC Support
2014-03-31 16:28 - 2014-03-31 16:28 - 04009167 _____ () C:\Users\John\Desktop\ServicesRepair.exe
2014-03-29 08:15 - 2014-03-10 20:37 - 00000003 _____ () C:\ProgramData\2psvc31.nls
2014-03-27 14:25 - 2012-05-12 17:00 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3082703480-1980997582-769674337-1000UA
2014-03-27 14:25 - 2012-05-12 17:00 - 00003480 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3082703480-1980997582-769674337-1000Core
2014-03-27 06:09 - 2014-03-27 06:09 - 00409600 _____ (Farbar) C:\Users\John\Desktop\FSS.exe
2014-03-21 17:45 - 2013-05-13 23:56 - 00000000 ____D () C:\Program Files (x86)\ConverterLite
2014-03-21 15:00 - 2012-05-12 01:19 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-03-21 14:26 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-03-20 06:15 - 2014-03-20 06:15 - 00384084 _____ () C:\Users\John\Desktop\AIDA64 Report.txt
2014-03-20 06:14 - 2014-03-20 06:14 - 00000000 ____D () C:\Users\John\Documents\AIDA64 Reports
2014-03-20 06:13 - 2014-03-20 06:13 - 00001175 _____ () C:\Users\John\Desktop\AIDA64 Extreme.lnk
2014-03-20 06:13 - 2014-03-20 06:13 - 00000000 ____D () C:\Program Files (x86)\FinalWire
2014-03-20 06:11 - 2014-03-20 06:10 - 15834968 _____ (FinalWire Ltd. ) C:\Users\John\Downloads\aida64extreme420.exe
2014-03-20 06:09 - 2014-03-20 06:09 - 00000000 ____D () C:\Users\John\Desktop\Regfix (1)
2014-03-20 06:08 - 2014-03-20 06:08 - 00000323 _____ () C:\Users\John\Downloads\Regfix.zip
2014-03-20 06:08 - 2014-03-20 06:08 - 00000323 _____ () C:\Users\John\Desktop\Regfix (1).zip
2014-03-20 06:07 - 2014-03-09 14:59 - 00000000 ____D () C:\Windows\erdnt
2014-03-20 06:05 - 2014-03-20 06:05 - 00000924 _____ () C:\Users\John\Desktop\NTREGOPT.lnk
2014-03-20 06:05 - 2014-03-20 06:05 - 00000905 _____ () C:\Users\John\Desktop\ERUNT.lnk
2014-03-20 06:05 - 2014-03-20 06:05 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-03-20 06:03 - 2014-03-20 06:03 - 00791393 _____ (Lars Hederer ) C:\Users\John\Downloads\erunt-setup.exe
2014-03-19 05:53 - 2014-03-19 05:53 - 00000142 _____ () C:\Users\John\Desktop\MUI.txt
2014-03-19 05:46 - 2014-03-19 05:44 - 00001602 _____ () C:\Users\John\Desktop\SystemLook.txt
2014-03-19 05:45 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-03-19 05:42 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-19 05:40 - 2014-03-19 05:40 - 00165376 _____ () C:\Users\John\Desktop\SystemLook_x64.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe
[2009-07-13 18:19] - [2014-04-13 09:29] - 0020992 ____A (Microsoft Corporation) 1CEBA540E3D3DC17ABB8F7A1032F57E1

C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-09 08:06

==================== End Of Log ============================


  • 0

#68
JSntgRvr
Posted 17 April 2014 - 08:41 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts

It is completely different. Please have the followng file scanned at VirusTotal:

 

C:\Windows\SysWOW64\svchost.exe

 

Let me know the link to the scan.


  • 0

#69
mckinney7
Posted 18 April 2014 - 07:00 AM

mckinney7

    Member

  • Topic Starter
  • Member
  • PipPip
  • 60 posts

Here is the link to the VirusTotal scan:

 

https://www.virustot...sis/1397825989/


  • 0

#70
JSntgRvr
Posted 18 April 2014 - 08:42 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts

Got re-infected. I don't see any other option but to reformat and re-install. I the computer is a known brand name, then a destructive recovery to factory settings is suggested.

 

There is no way to know if the computer is safe when a file infector is present.

 

Sorry for the bad news.


  • 0

Advertisements

#71
mckinney7
Posted 19 April 2014 - 08:19 AM

mckinney7

    Member

  • Topic Starter
  • Member
  • PipPip
  • 60 posts

I am sorry too.  I really appreciate all the help you have given.  I guess we will have to decide where to go from here.  Is there anything else that you think we should do at this point?


  • 0

#72
JSntgRvr
Posted 19 April 2014 - 09:52 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts

I am sorry too.  I really appreciate all the help you have given.  I guess we will have to decide where to go from here.  Is there anything else that you think we should do at this point?

Dealing with a file infector is the only way to remove all traces of it.


  • 0

#73
mckinney7
Posted 21 April 2014 - 08:42 AM

mckinney7

    Member

  • Topic Starter
  • Member
  • PipPip
  • 60 posts

"If the computer is a known brand name, then a destructive recovery to factory settings is suggested."

 

Our computer is a Compaq Presario.  I know we talked about this before, but does this require us having the original operating system CDs?  As I mentioned before, we haven't been able to find those.  

 

I have used up a great deal of your time to get me to this point on our laptop.  I REALLY appreciate all of your help.  Once I understand the destructive recovery,  I will venture out on my own.  

 

Thanks!


  • 0

#74
JSntgRvr
Posted 21 April 2014 - 06:51 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
No problems.

Is there an option for Recovery at startup during the Compaq splash logo? The Presarios I have dealt with use pressing F10 at startup. Then there is an advanced option where you select the Destructive Recovery.

Keep me posted. If not present, post the model and series.
  • 0

#75
mckinney7
Posted 26 April 2014 - 06:43 AM

mckinney7

    Member

  • Topic Starter
  • Member
  • PipPip
  • 60 posts

I am sorry for taking so long to get back to you.  I didn't realize how much time had passed.  

 

When I press F10 at start up, it takes me to a screen titled "InsydeH20 Setup Utility."  The tabs at the top are: Main, Security, Diagnostics, System Configuration, and Exit. There are different things I can choose on each of these pages, but  I don't see an option to do Destructive Recovery.  

 

My laptop is Compaq Presario CQ60.

 

Thanks!

 

Melanie


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP