Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Help with finding FIXLIST file from FRST program... [Solved]

FRST Adwcleaner JRT Fixlist

  • This topic is locked This topic is locked

#1
ronniem1

ronniem1

    Member

  • Member
  • PipPip
  • 15 posts

After reading the forum I  went ahead and downloaded the three programs

 

1. Adwcleaner

2. JRT

3. FRST

 

After running Adwcleaner, It did create a file and also a quarantine folder.  I went in and delete all the files and folders in the quarantine folder. (I hope that was the correct thing to do)

I then ran the JRT.

Last, I ran the FRST and it  generated many log files, but never created the FIXLIST file.  I even did a search on my entire PC and still was unable to find it. 

 

I was hoping if someone can help me and figure out what my log files are saying   and how do I find the FIXLISTfile and use that to run FRST to fix any issues.  Also, any other help would be much appreciated if you  find something else in the log files.

 

May Thanks,

Ronnie

[email protected]

Attached Files


  • 0

Advertisements


#2
ronniem1

ronniem1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Here is some more important information:

 

Windows 10 Home x64

DELL

Model: XPS 8300

RAM - 8GB

System Type - 64-bit OS, x64-based processor

 

When I open up task scheduler, I get five error/popup dialog messages  ( please see the attached screen shots) and I'm hoping if I may get help in fixing this:

 

I uploaded the screenshots to droplr  - and here is the link to download the screenshots of the error messages/ popups I get when opening task scheduler.

 

http://d.pr/f/flZk/58cIOw49


  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What problems are you experiencing... FRST will not create a fix list that needs to be done manually
  • 0

#4
ronniem1

ronniem1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Hi GeekU - 

 

    When I open task scheduler - It's popping up with theses errors/dialogs.  You can view the screen shots of the popups i'm getting by clicking that dropper link.   Also,  I believe or know my PC was infected with a few viruses because after running adwcleaner,  it had a lot of items quarantined, which I already deleted. 

 

http://d.pr/f/flZk/58cIOw49


  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Those appear to be gwx jobs and other minor jobs  which are related to the Windows 10 update that you have done
 
There are two minor adware elements and a corrupt Chrome  but nothing else that I can see.... What problems are you experiencing

Re-install Chrome

Unless you did this yourself, malware has changed your Chrome version update files. Among other things this allows malware to install any extension it wants. We need to resolve this.

1. If you have bookmarks, let's save them by exporting them - Export Bookmarks
2. Then I need you to go Google Sync and sign into your account
3. Scroll down until you see the "Stop and Clear" button and click on the button. At the prompt click on "Ok"
4. Now we need to uninstall chrome. Note: When asked about user data or settings you must remove this also so please check the box.
5. Restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome
6. Import your bookmarks back into Chrome
7. Sign back in to your Chrome browser so that your bookmarks sync with your online account.

NEXT

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
ProxyServer: [S-1-5-21-380936552-4258568698-4066531615-1000] => localhost:21320
2015-11-18 14:50 - 2014-07-01 16:15 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
Task: {0503EE56-3596-42D9-9445-16A3326EDE83} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {16A8228F-A16A-4A69-ADB9-929976331831} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1B057A8E-3492-4BA2-A330-0BCFAD7FB7A2} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {3BCE979A-E79B-4CC3-9C83-03BCDB6C2D3C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {47CA3761-233A-4C5E-8F82-69E5FE5A918C} - \Apple Diagnostics -> No File <==== ATTENTION
Task: {4C796A2C-79B9-4F92-8728-F94964090861} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> No File <==== ATTENTION
Task: {75F400F6-118A-4867-BE9A-DD3058382C57} - \{78F5FAB9-916A-4630-86A2-B703EE803C15} -> No File <==== ATTENTION
Task: {872F4BD1-A8D9-4525-B4AC-F8263331B4AD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8A25AB8B-E811-4324-93F5-4349FE97388E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B2DB0167-2039-4411-8C38-9331D0707FF5} - \HPCustParticipation HP Officejet Pro 8600 -> No File <==== ATTENTION
Task: {C4D2A7B2-D53C-43D1-8A17-05973429460F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C717EF7F-5974-4FEC-B106-E50904E5691D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {CE52464F-D041-4AC0-B15E-0F95A3EDC944} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D6690C5F-31CF-4913-9589-933EE5BEB0F3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {DE5EE3F6-3E80-43F3-AB61-5822AE0002DF} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E612656D-CA51-4857-AD5C-BEC0FC1566B5} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {EEBE8F5A-0582-47C4-910A-11534FFC76F6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {EF34F93B-EA40-41EC-9A4A-BB43ACEF7627} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION
Task: {EF3E711C-43C5-44E7-9179-F7075954456E} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#6
ronniem1

ronniem1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Hi GeekU -

 

    So,  I uninstalled Google Chrome. I copied and pasted your script above and pasted into a notepad and named it fixlist.txt.

Then,  I saved the fixlist.txt file where the FRST program is and I ran FRST and pressed fix.  

 

It preformed some actions,  then prompted that the PC needed to reboot.   Here's the log  it generated.   PS  I haven't re-installed google chrome as I actually never use google chrome on this PC.

 

Here's the link to download the log -  http://d.pr/f/BFvO/wVx9Apvq

 

So,  some issues I had seen in the past is that strange programs would automatically install and show up under my install/uninstall programs list.  Also,  of course I hope this is fixed now I haven't checked is when I go into task scheduler it kept prompting me with those errors.

 

 

 

Thanks,

Ronnie


  • 0

#7
ronniem1

ronniem1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

P.S  - I just checked and opened task scheduler and it no longer throws up those error messages.  Is there anything you would recommend that I run, that can generate more logs for you to review if you don't mind to make sure my PC isn't infected with anything else. 


  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Lets run a sweep for orphans now

Please download Malwarebytes Anti-Malware to your desktop
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Ensure that "Enable free trial of Malwarebytes Anti-Malware Premium" is unchecked
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

To access logs from Malwarebytes Anti-Malware 2.0:

mbamlogs.JPG

1.Open Malwarebytes Anti-Malware 2.0
2.Click History > Application Logs
3.Double-click the log you would like to open

Scan Logs record detections from manual scans, including threats detected and the actions taken against them

To save a Scan Log:

1.Open the log file you would like to save
2.Click Export
3.Choose to export to a .txt
4.Choose a folder to save the log file in, then click Save
5.Post that log here
  • 0

#9
ronniem1

ronniem1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Hey Geeku -

 

    I downloaded Malwarebytes ->  I did a scan and it did detect I believe  8 items.  I did save off that log before clicking fix.  I my PC then rebooted, and I followed your steps to export the log from the history within the scan.

 

http://d.pr/f/1ddRY/1wP4Aj51

 

http://d.pr/f/10vVN/2cXTOzAO


  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Any further problems before I tidy up ?


  • 0

#11
ronniem1

ronniem1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Any further problems before I tidy up ?

 

 

Hey Essexboy - 

 

 

Love the name by the way lol -  but, I re-ran the FRST scanner again   and if you wouldn't mind taking another look through it and if anything needs to be fixed can you create another fixlist.txt file for me please?  

 

http://d.pr/f/1fxiF/4mO0r3SG  - Shortcut log

 

http://d.pr/f/2VSR/58iI1Enu  - FRST log

 

http://d.pr/f/3nPR/2KApuRZt  - Addition log


  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
All looks good :)

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
javara.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0






Similar Topics


Also tagged with one or more of these keywords: FRST, Adwcleaner, JRT, Fixlist

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP