Need help, have multiple pop-ups and probably a virus too
Started by
juglar21
, Dec 19 2014 04:07 PM
This topic is locked
#76
Posted 27 December 2014 - 06:09 PM
zep516
-
- Malware Removal
-
- 8,093 posts
Trusted Helper
#77
Posted 28 December 2014 - 11:00 AM
zep516
-
- Malware Removal
-
- 8,093 posts
Trusted Helper
Let me know when you have time to look at this again.
Thanks
Joe
Thanks
Joe
#78
Posted 28 December 2014 - 03:51 PM
juglar21
- Topic Starter
-
- Member
-
- 132 posts
Member
Hi Joe,
apologies if I should have checked first before downloading something!
I downloaded "IObit uninstaller" from www.cnet.com
It did a great job of getting rid of things.
Then I installed FastStone Capture from cnet.com
because I wanted to send you a pic of the two pop-up windows that used to appear after every start, but
it took me too long to understand how to work it, so I uninstalled it again and chose instead MWSnap.
which is freeware and on one of my other computers. However, during the installation process I had
to say yes to something which I didn't fully understand, so I clicked on 'No' and did not finish installation!
(In the end I used my digital camera to send you a pic)
Lastly I downloaded OpenOffice from their homepage.
Hope that helps, Thanks J
#79
Posted 28 December 2014 - 03:55 PM
zep516
-
- Malware Removal
-
- 8,093 posts
Trusted Helper
Hello,
Lets clean it up....
Please uninstall these programs from your programs an features list. If a program will not uninstall move to the next one. Keep following the instructions...
1-Recipe Hub Internet Explorer Toolbar
2-Reg Pro Cleaner version 3.0 --------- Did you purchase that ? If you did I suppose you could keep it. Never use a registry cleaner!!!!
3-Remote Desktop Access
4-Search Protect
5-WinCheck
Next instructions for below are in post #11
1-Run adwcleaner again.
2-Run Junkware removal tool again.
3-Post the log reports from those scans.
Thanks
Joe
Lets clean it up....
Please uninstall these programs from your programs an features list. If a program will not uninstall move to the next one. Keep following the instructions...
1-Recipe Hub Internet Explorer Toolbar
2-Reg Pro Cleaner version 3.0 --------- Did you purchase that ? If you did I suppose you could keep it. Never use a registry cleaner!!!!
3-Remote Desktop Access
4-Search Protect
5-WinCheck
Next instructions for below are in post #11
1-Run adwcleaner again.
2-Run Junkware removal tool again.
3-Post the log reports from those scans.
Thanks
Joe
#80
Posted 28 December 2014 - 10:48 PM
juglar21
- Topic Starter
-
- Member
-
- 132 posts
Member
Hi Joe,
went to 'Start' and then 'Control Panel', then 'Programs and Features'
uninstalled Reg Pro Cleaner (it was on the computer when I got it, so don't know if bought or not)
uninstalled Remote Desktop Access
uninstall Search Protect
uninstalled Win Check
and tried to uninstalled Recipe Hub Internet Explorer Toolbar. When using IObit Forced Uninstaller I got the message 'There was a problem.... The specified module could not be found'
When using the Windows 'Uninstall/Change' button I got the message 'An error occurred while trying to uninstall Recipe Hub Internet Explorer Toolbar. It may have already been uninstalled. .....'
more in a few minutes, Thanks J
#81
Posted 28 December 2014 - 10:49 PM
juglar21
- Topic Starter
-
- Member
-
- 132 posts
Member
Here is the report from Adwcleaner:
# AdwCleaner v4.106 - Report created 28/12/2014 at 23:45:35
# Updated 21/12/2014 by Xplode
# Database : 2014-12-28.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Kris - KRIS-PC
# Running from : C:\Users\Kris\Desktop\adwcleaner_4.106.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : rcores
***** [ Files / Folders ] *****
File Deleted : C:\Windows\rcore.exe
File Deleted : C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\nup7b7k3.default-1416660402991\user.js
File Deleted : C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\user.js
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v34.0 (x86 en-US)
-\\ Google Chrome v
-\\ Comodo Dragon v
*************************
AdwCleaner[R0].txt - [30363 octets] - [21/12/2014 14:20:16]
AdwCleaner[R1].txt - [1268 octets] - [28/12/2014 23:42:22]
AdwCleaner[S0].txt - [30478 octets] - [21/12/2014 14:29:35]
AdwCleaner[S1].txt - [1199 octets] - [28/12/2014 23:45:35]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1259 octets] ##########
#82
Posted 28 December 2014 - 11:00 PM
juglar21
- Topic Starter
-
- Member
-
- 132 posts
Member
Here is JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Kris on Sun 12/28/2014 at 23:56:20.46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 12/28/2014 at 23:58:37.60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#83
Posted 28 December 2014 - 11:01 PM
juglar21
- Topic Starter
-
- Member
-
- 132 posts
Member
Thanks for your patience with me and your perseverance!!!
Good night, J
#84
Posted 28 December 2014 - 11:04 PM
zep516
-
- Malware Removal
-
- 8,093 posts
Trusted Helper
OK. Good work. I just happen to be on, but have to get off..
Next
A few items to fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.
Thanks
Joe
Next
A few items to fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
start
CloseProcesses:
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [245056 2014-12-10] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [215360 2014-12-10] (Client Connect LTD)
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Plugin: (Shockwave Flash) - C:\program files (x86)\google\chrome\application\29.0.1547.62\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Native Client) - C:\program files (x86)\google\chrome\application\29.0.1547.62\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\program files (x86)\google\chrome\application\29.0.1547.62\pdf.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.180.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll No File
CHR Plugin: (Java™ Platform SE 6 U20) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (My Web Search Plugin Stub) - C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3320640 2014-12-10] (Client Connect LTD)
S4 LMIRescue_149ce099-4625-4038-9722-c30e91f61d82; C:\Users\Kris\AppData\Local\LogMeIn Rescue Applet\LMIR0002.tmp\LMI_Rescue_srv.exe [3087664 2014-11-17] (LogMeIn, Inc.)
S4 LMIRescue_23e0af0d-6954-4a4f-866e-75012bcc141c; C:\Users\Kris\AppData\Local\LogMeIn Rescue Applet\LMIR0003.tmp\LMI_Rescue_srv.exe [3087664 2014-11-17] (LogMeIn, Inc.)
S4 LMIRescue_73098fbd-996d-4264-9284-cc57a720938b; C:\Users\Kris\AppData\Local\LogMeIn Rescue Applet\LMIR0004.tmp\LMI_Rescue_srv.exe [3087664 2014-11-17] (LogMeIn, Inc.)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2014-01-09] (Enigma Software Group USA, LLC.)
S3 GameConsoleService; No ImagePath
S2 LMIRescue_4dfe4f39-c462-4e16-8da7-0d70430aa3eb; "C:\Users\Kris\AppData\Local\LOGMEI~1\LMIR0006.tmp\LMI_Rescue_srv.exe" -service -sid 4dfe4f39-c462-4e16-8da7-0d70430aa3eb [X]
S2 LMIRescue_f44abba4-72b6-4322-8148-61fdb289373d; "C:\Users\Kris\AppData\Local\LOGMEI~1\LMIR0005.tmp\LMI_Rescue_srv.exe" -service -sid f44abba4-72b6-4322-8148-61fdb289373d [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
2014-12-27 08:40 - 2014-12-27 08:40 - 00000000 ____D () C:\Users\Kris\AppData\Local\wincheck
2014-12-27 08:37 - 2014-12-27 08:38 - 00000000 ____D () C:\Users\Kris\AppData\Roaming\VOPackage
2014-12-27 08:37 - 2014-12-27 08:38 - 00000000 ____D () C:\Users\Kris\AppData\Local\SearchProtect
2014-12-27 08:37 - 2014-12-27 08:37 - 00000000 ____D () C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-12-27 08:37 - 2014-12-27 08:37 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-12-27 08:37 - 2014-12-27 08:37 - 00000000 ____D () C:\Program Files (x86)\Bull Softwares
2014-12-27 08:37 - 2014-12-27 04:00 - 04963840 _____ () C:\Windows\rcore.exe
2014-12-27 08:30 - 2014-12-27 08:30 - 00000000 ____D () C:\Users\Kris\AppData\Roaming\FastStone
2014-12-27 08:30 - 2014-12-27 08:30 - 00000000 ____D () C:\Users\Kris\AppData\Local\FastStone
2014-12-27 08:29 - 2014-12-27 08:29 - 02945706 _____ () C:\Users\Kris\Downloads\FSCaptureSetup80.exe
2014-12-26 13:10 - 2014-12-26 13:10 - 00000000 ____D () C:\Users\Kris\AppData\Roaming\InstallShield
Emptytemp:
reboot:
end
Click Format and ensure Wordwrap is unchecked.Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.
Thanks
Joe
#85
Posted 29 December 2014 - 06:00 AM
juglar21
- Topic Starter
-
- Member
-
- 132 posts
Member
Hi Joe,
here comes the log:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-12-2014
Ran by Kris at 2014-12-29 06:54:48 Run:6
Running from C:\Users\Kris\Desktop
Loaded Profile: Kris (Available profiles: Kris)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
CloseProcesses:
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [245056 2014-12-10] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [215360 2014-12-10] (Client Connect LTD)
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll
C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Plugin: (Shockwave Flash) - C:\program files (x86)\google\chrome\application\29.0.1547.62\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Native Client) - C:\program files (x86)\google\chrome\application\29.0.1547.62\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\program files (x86)\google\chrome\application\29.0.1547.62\pdf.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.180.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll No File
CHR Plugin: (Java™ Platform SE 6 U20) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (My Web Search Plugin Stub) - C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3320640 2014-12-10] (Client Connect LTD)
S4 LMIRescue_149ce099-4625-4038-9722-c30e91f61d82; C:\Users\Kris\AppData\Local\LogMeIn Rescue Applet\LMIR0002.tmp\LMI_Rescue_srv.exe [3087664 2014-11-17] (LogMeIn, Inc.)
S4 LMIRescue_23e0af0d-6954-4a4f-866e-75012bcc141c; C:\Users\Kris\AppData\Local\LogMeIn Rescue Applet\LMIR0003.tmp\LMI_Rescue_srv.exe [3087664 2014-11-17] (LogMeIn, Inc.)
S4 LMIRescue_73098fbd-996d-4264-9284-cc57a720938b; C:\Users\Kris\AppData\Local\LogMeIn Rescue Applet\LMIR0004.tmp\LMI_Rescue_srv.exe [3087664 2014-11-17] (LogMeIn, Inc.)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2014-01-09] (Enigma Software Group USA, LLC.)
S3 GameConsoleService; No ImagePath
S2 LMIRescue_4dfe4f39-c462-4e16-8da7-0d70430aa3eb; "C:\Users\Kris\AppData\Local\LOGMEI~1\LMIR0006.tmp\LMI_Rescue_srv.exe" -service -sid 4dfe4f39-c462-4e16-8da7-0d70430aa3eb [X]
S2 LMIRescue_f44abba4-72b6-4322-8148-61fdb289373d; "C:\Users\Kris\AppData\Local\LOGMEI~1\LMIR0005.tmp\LMI_Rescue_srv.exe" -service -sid f44abba4-72b6-4322-8148-61fdb289373d [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
2014-12-27 08:40 - 2014-12-27 08:40 - 00000000 ____D () C:\Users\Kris\AppData\Local\wincheck
2014-12-27 08:37 - 2014-12-27 08:38 - 00000000 ____D () C:\Users\Kris\AppData\Roaming\VOPackage
2014-12-27 08:37 - 2014-12-27 08:38 - 00000000 ____D () C:\Users\Kris\AppData\Local\SearchProtect
2014-12-27 08:37 - 2014-12-27 08:37 - 00000000 ____D () C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-12-27 08:37 - 2014-12-27 08:37 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-12-27 08:37 - 2014-12-27 08:37 - 00000000 ____D () C:\Program Files (x86)\Bull Softwares
2014-12-27 08:37 - 2014-12-27 04:00 - 04963840 _____ () C:\Windows\rcore.exe
2014-12-27 08:30 - 2014-12-27 08:30 - 00000000 ____D () C:\Users\Kris\AppData\Roaming\FastStone
2014-12-27 08:30 - 2014-12-27 08:30 - 00000000 ____D () C:\Users\Kris\AppData\Local\FastStone
2014-12-27 08:29 - 2014-12-27 08:29 - 02945706 _____ () C:\Users\Kris\Downloads\FSCaptureSetup80.exe
2014-12-26 13:10 - 2014-12-26 13:10 - 00000000 ____D () C:\Users\Kris\AppData\Roaming\InstallShield
Emptytemp:
reboot:
end
*****************
Processes closed successfully.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll" => Value Data not found.
"C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL" => Value Data not found.
"C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll" => File/Directory not found.
"C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
C:\program files (x86)\google\chrome\application\29.0.1547.62\PepperFlash\pepflashplayer.dll not found.
C:\program files (x86)\google\chrome\application\29.0.1547.62\ppGoogleNaClPluginChrome.dll not found.
C:\program files (x86)\google\chrome\application\29.0.1547.62\pdf.dll not found.
C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll not found.
C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll not found.
C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll not found.
C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll not found.
C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll not found.
C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll not found.
C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll not found.
c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll not found.
CltMngSvc => Service not found.
LMIRescue_149ce099-4625-4038-9722-c30e91f61d82 => Service deleted successfully.
LMIRescue_23e0af0d-6954-4a4f-866e-75012bcc141c => Service deleted successfully.
LMIRescue_73098fbd-996d-4264-9284-cc57a720938b => Service deleted successfully.
SpyHunter 4 Service => Service deleted successfully.
GameConsoleService => Service deleted successfully.
LMIRescue_4dfe4f39-c462-4e16-8da7-0d70430aa3eb => Service deleted successfully.
LMIRescue_f44abba4-72b6-4322-8148-61fdb289373d => Service deleted successfully.
SPPD => Service not found.
"C:\Users\Kris\AppData\Local\wincheck" => File/Directory not found.
"C:\Users\Kris\AppData\Roaming\VOPackage" => File/Directory not found.
"C:\Users\Kris\AppData\Local\SearchProtect" => File/Directory not found.
"C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage" => File/Directory not found.
"C:\Program Files (x86)\SearchProtect" => File/Directory not found.
"C:\Program Files (x86)\Bull Softwares" => File/Directory not found.
"C:\Windows\rcore.exe" => File/Directory not found.
C:\Users\Kris\AppData\Roaming\FastStone => Moved successfully.
C:\Users\Kris\AppData\Local\FastStone => Moved successfully.
C:\Users\Kris\Downloads\FSCaptureSetup80.exe => Moved successfully.
C:\Users\Kris\AppData\Roaming\InstallShield => Moved successfully.
EmptyTemp: => Removed 52.2 MB temporary data.
The system needed a reboot.
==== End of Fixlog 06:55:11 ====
Thanks J
#86
Posted 29 December 2014 - 06:48 AM
zep516
-
- Malware Removal
-
- 8,093 posts
Trusted Helper
Good job
Run a Malwarebytes scan here's instruction. You may not have to download it because you already have. Lets see if it finds anything.
Please download Malwarebytes Anti-Malwareto your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits
Go back to the Dashboard and select Scan Now
If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.
On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Post that log
Run a Malwarebytes scan here's instruction. You may not have to download it because you already have. Lets see if it finds anything.
Please download Malwarebytes Anti-Malwareto your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits
Go back to the Dashboard and select Scan Now
If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.
On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Post that log
#87
Posted 29 December 2014 - 02:01 PM
juglar21
- Topic Starter
-
- Member
-
- 132 posts
Member
Hi Joe,
MBAM did not detect any malicious things. Thus no log I guess?
Tried to run the Rootkit s/w, but when clicking on scan I get the message that I have to close down all the MBAM files, but none are open, so not sure what I am doing wrong here???
Thanks, J
#88
Posted 29 December 2014 - 03:00 PM
zep516
-
- Malware Removal
-
- 8,093 posts
Trusted Helper
OK.
Sorry about that post, to much information didn't mean to post all that. I'll edit it out..
How is the computer and all browsers ? Any advertizement pop ups ?
Joe
Sorry about that post, to much information didn't mean to post all that. I'll edit it out..
How is the computer and all browsers ? Any advertizement pop ups ?
Joe
#89
Posted 30 December 2014 - 10:49 AM
juglar21
- Topic Starter
-
- Member
-
- 132 posts
Member
Hi Joe,
I showed the computer to the lady who owned it before and she could not believe it!!!
Especially how fast it runs now!
The geek squad at Best Buy had told her the problem is that the hard drive keeps crashing - duh
Currently I don't have any pop-ups coming up, which is wonderful.
Occansionally when opening a website where a commercial or 'sort of' video is playing immediately,
like on yahoo sports, the computer freezes for a short moment. But not longer than 3 seconds I would say.
The other thing is when I try to install OpenOffice, after clicking on 'Unpack', I get the message
"The Windows Installer Service could not be accessed. This can occur if the Windows Installer is not correctly
installed. ....."
In one of the other threads here, there are recommendations as to what free Anti virus software etc. to
download and install. Can I do that now?
I am very happy with how it is running now and will make a donation when you close this thread.
Thanks heaps, J.
#90
Posted 30 December 2014 - 11:38 AM
zep516
-
- Malware Removal
-
- 8,093 posts
Trusted Helper
OK,
Yes. There seems to be something wrong with the windows installer we already restarted it once. I'll look into it.
As far as the Anti Virus you already have (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
Can you run this scan,
Download Security Check by screen317 from Here or Here
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.
NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.
Thanks
Joe
Yes. There seems to be something wrong with the windows installer we already restarted it once. I'll look into it.
As far as the Anti Virus you already have (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
Can you run this scan,
Download Security Check by screen317 from Here or Here
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.
NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.
Thanks
Joe
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
