[Teima]

Hello. Do you still require assistance?

[Advertisements]

All is running fine so far.  I am running above and will re-post.  I apologize for the delay in getting back to you. I have an 11-month-old son and he keeps me quite busy.  Thank you!

[mom2dylkay]

All is running fine so far.  I am running above and will re-post.  I apologize for the delay in getting back to you. I have an 11-month-old son and he keeps me quite busy.  Thank you!

[Teima]

No worries. Thanks for the status update. It's much appreciated.

[mom2dylkay]

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe.vir a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\UpdateManager.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Source\program files\AskPartnerNetwork\Toolbar\searchhook.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Source\program files\AskPartnerNetwork\Toolbar\SO.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Source\program files\AskPartnerNetwork\Toolbar\toolbar.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Source\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Source\program files\AskPartnerNetwork\Toolbar\toolbar_x64.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-V7C\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport_x64.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wisdom-soft\tbWisd.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\LPT\sppsm.dll.vir a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\LPT\spusm.dll.vir a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\LPT\srbu.dll.vir a variant of MSIL/Toolbar.Linkury.F potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\LPT\srptc.dll.vir a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir a variant of MSIL/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir a variant of MSIL/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\Smartbar\Application\spbl.dll.vir a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\Smartbar\Application\sppsm.dll.vir a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\Smartbar\Application\spusm.dll.vir a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\Smartbar\Application\srbu.dll.vir a variant of MSIL/Toolbar.Linkury.F potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_25.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_26.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_27.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_28.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_29.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_30.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_31.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Users\KVogler\AppData\Local\Smartbar\Application\[email protected]\components\SmartbarFireFoxRemotePlugin_32.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir a variant of Win64/Systweak.A potentially unwanted application deleted - quarantined

C:\Program Files\CamStudio 2.7\BunndleOfferManager.exe a variant of Win32/Bunndle potentially unsafe application deleted - quarantined

C:\Program Files (x86)\Wisdom-soft ScreenHunter 5 Free\Toolbar.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined

C:\Users\Kaylan\AppData\Local\Google\Chrome\User Data\Default\Default\aadcdadcdjgdggdhdbdadjdcdedigedf\background.html Win32/BHO.OEI trojan cleaned by deleting - quarantined

C:\Users\Kaylan\AppData\Local\Google\Chrome\User Data\Default\Default\aadcdadcdjgdggdhdbdadjdcdedigedf\ContentScript.js Win32/BHO.OEI trojan cleaned by deleting - quarantined

C:\Users\KVogler\AppData\Roaming\Mozilla\Firefox\Profiles\guu3u9oy.default\extensions\[email protected] JS/Redirector.NCA trojan deleted - quarantined

C:\Users\KVogler\Downloads\burnsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined

C:\Users\KVogler\Downloads\cbsidlm-cbsi134-Love_AnimatIon_Cursor-ORG-10462474 (1).exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined

C:\Users\KVogler\Downloads\cbsidlm-cbsi134-Love_AnimatIon_Cursor-ORG-10462474.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined

C:\Users\KVogler\Downloads\cbsidlm-cbsi134-Unique_Gift_Maker_Greeting_Card_Free_Edition-ORG-10360997 (1).exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined

C:\Users\KVogler\Downloads\cbsidlm-cbsi134-Unique_Gift_Maker_Greeting_Card_Free_Edition-ORG-10360997.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined

C:\Users\KVogler\Downloads\cbsidlm-cbsi188-CamStudio-ORG-10067101.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined

C:\Users\KVogler\Downloads\cbsidlm-tr1_13-Minecraft-ORG-75446433.exe Win32/DownloadAdmin.G potentially unwanted application deleted - quarantined

C:\Users\KVogler\Downloads\ccsetup417.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined

C:\Users\KVogler\Downloads\cnet_divorce_exe.exe a variant of Win32/InstallCore.D potentially unwanted application deleted - quarantined

C:\Users\KVogler\Downloads\cnet_divorce_exe.exe&isDlm=1 a variant of Win32/InstallCore.D potentially unwanted application deleted - quarantined

C:\Users\KVogler\Downloads\cnet_Easy Tax Planner 2011 Version 1_0_exe.exe a variant of Win32/InstallCore.D potentially unwanted application deleted - quarantined

C:\Users\KVogler\Downloads\cnet_Easy Tax Planner 2011 Version 1_0_exe.exe&isDlm=1 a variant of Win32/InstallCore.D potentially unwanted application deleted - quarantined

C:\Users\KVogler\Downloads\digital dj.exe a variant of Win32/InstallIQ.A potentially unwanted application deleted - quarantined

C:\Users\KVogler\Downloads\katyperryteenagedream.exe a variant of Win32/InstallIQ potentially unwanted application deleted - quarantined

C:\Users\KVogler\Downloads\minecraftdl_2134.exe Win32/InstalleRex.M potentially unwanted application deleted - quarantined

C:\Users\KVogler\Downloads\Screenhunter.exe a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined

C:\Users\KVogler\Downloads\Setup (1).exe Win32/OutBrowse.G potentially unwanted application deleted - quarantined

C:\Users\KVogler\Downloads\Setup.exe MSIL/Solimba potentially unwanted application deleted - quarantined

C:\Windows\Installer\1e57e7b.msi Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

C:\Windows\Installer\1e581f1.msi Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

C:\Windows\Installer\MSI324B.tmp a variant of MSIL/Toolbar.Linkury.G potentially unwanted application deleted - quarantined

C:\_OTL\MovedFiles\09222014_124929\C_Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined

C:\_OTL\MovedFiles\09222014_124929\C_Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{6607f251-d663-1e9c-5c15-2cb413a09c1e}\components\SmartbarFireFoxRemotePlugin_25.dll a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

C:\_OTL\MovedFiles\09222014_124929\C_Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{6607f251-d663-1e9c-5c15-2cb413a09c1e}\components\SmartbarFireFoxRemotePlugin_26.dll a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

C:\_OTL\MovedFiles\09222014_124929\C_Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{6607f251-d663-1e9c-5c15-2cb413a09c1e}\components\SmartbarFireFoxRemotePlugin_27.dll a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

C:\_OTL\MovedFiles\09222014_124929\C_Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{6607f251-d663-1e9c-5c15-2cb413a09c1e}\components\SmartbarFireFoxRemotePlugin_28.dll a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

C:\_OTL\MovedFiles\09222014_124929\C_Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{6607f251-d663-1e9c-5c15-2cb413a09c1e}\components\SmartbarFireFoxRemotePlugin_29.dll a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

C:\_OTL\MovedFiles\09222014_124929\C_Users\KVogler\AppData\Roaming\mozilla\Firefox\Profiles\guu3u9oy.default\extensions\{6607f251-d663-1e9c-5c15-2cb413a09c1e}\components\SmartbarFireFoxRemotePlugin_30.dll a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined

[mom2dylkay]

Sorry.  Posted twice.  Deleting.  Above is correct.  Working on 2nd part of instructions now.  Thank you.

Edited by mom2dylkay, 07 October 2014 - 08:32 AM.

[mom2dylkay]

I just ran the scan for above MBAM and i was saving the log, but then when I tried to open it, it says I cannot locate it.  It did find some threats.  Should i try to run one more time and try to get a log again?  I saved the file as mbamscanlog.txt, and it shows it in the search window but it will not open.

[Teima]

Hello. Yes. A new scan is sufficient!

[mom2dylkay]

It just did the same thing except when I tried to export it and save it, etc., it said that MBAM had stopped working and would have to close.  What shall I do now.  It did quarantine the items it found.  Help.

[Teima]

So I assume the scan ran successfully and you just weren't able to get the log. If that's the case, see if this works

1. Open up the Malwarebytes program again. You can simply double click on the shortcut on your desktop that says "Malwarebytes Anti-Malware".
2. Click the History button as shown in the picture below.
3. Click Application Logs as shown in the picture below.
4. Put a check mark next to Scan Log as shown in the picture below.
5. Click the view button as shown in the picture below. Copy and paste into your next post. Thank you.
 

[mom2dylkay]

This is all it tells me when I export:

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

 

Update, 10/7/2014 10:36:25 AM, SYSTEM, KROSS-HP, Manual, Rootkit Database, 2014.2.20.1, 2014.9.19.1, 

Update, 10/7/2014 10:36:31 AM, SYSTEM, KROSS-HP, Manual, Malware Database, 2014.3.4.9, 2014.10.7.7, 

 

(end)

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

 

Update, 10/7/2014 10:36:25 AM, SYSTEM, KROSS-HP, Manual, Rootkit Database, 2014.2.20.1, 2014.9.19.1, 

Update, 10/7/2014 10:36:31 AM, SYSTEM, KROSS-HP, Manual, Malware Database, 2014.3.4.9, 2014.10.7.7, 

 

(end)

[mom2dylkay]

Appears when it saved the log it only saved a "protection log" and not a "scan log"?  Weird.

[Teima]

Hello. Sorry about the delay. I'm just checking something with my instructor. I'll have a response done ASAP.

[Teima]

Step One

 

Download aswMBR.exe (4.52MB) to your desktop.

Double click the aswMBR.exe to run it.

Click the "Scan" button to start the scan.
If Avast asks to download definitions, please say Yes.





On completion of the scan click save log, save it to your desktop and post it in your next reply.

[mom2dylkay]

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software

Run date: 2014-10-14 19:48:16

-----------------------------

19:48:16.688    OS Version: Windows x64 6.1.7601 Service Pack 1

19:48:16.688    Number of processors: 2 586 0x603

19:48:16.689    ComputerName: KROSS-HP  UserName: KVogler

19:48:26.012    Initialize success

19:48:26.282    VM: initialized successfully

19:48:27.191    VM: Amd CPU BiosDisabled 

19:49:04.178    VM: supported disk I/O storport.sys

19:51:18.879    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005b

19:51:18.886    Disk 0 Vendor: ST375052 HP35 Size: 715404MB BusType: 11

19:51:19.010    Disk 0 MBR read successfully

19:51:19.016    Disk 0 MBR scan

19:51:19.023    Disk 0 unknown MBR code

19:51:19.035    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048

19:51:19.051    Disk 0 default boot code

19:51:19.070    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       700217 MB offset 206848

19:51:19.099    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        15085 MB offset 1434251264

19:51:19.143    Disk 0 scanning C:\Windows\system32\drivers

19:51:29.888    Service scanning

19:51:44.304    Modules scanning

19:51:44.329    Disk 0 trace - called modules:

19:51:44.368    ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys 

19:51:44.375    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80048fa5d0]

19:51:44.382    3 CLASSPNP.SYS[fffff880019bb43f] -> nt!IofCallDriver -> [0xfffffa800487d040]

19:51:44.389    5 amd_xata.sys[fffff880010afd00] -> nt!IofCallDriver -> \Device\0000005b[0xfffffa80047ca060]

19:51:44.396    Scan finished successfully

19:52:02.906    Disk 0 MBR has been saved successfully to "C:\Users\KVogler\Desktop\MBR.dat"

19:52:02.962    The log file has been saved successfully to "C:\Users\KVogler\Desktop\aswMBR.txt"

[mom2dylkay]

I forgot to update the virus definitions.    Sorry about that.  I actually don't think it was quite done when I saved it.  Ooops.  I will re-post once this has been completed. My apologies.