Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

requested resource is in use.. cannot run mc Affee or any other antivi

antivirus disabled virus cannot access files can not delete virus

  • Please log in to reply

#16
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,493 posts
Ooops. I forgot to post the following link on how to remove installed programs on Windows 10:

How to Uninstall Programs in Windows 10
  • 0

Advertisements


#17
aKay47

aKay47

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

was my computer supposed to restart immediately?


  • 0

#18
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,493 posts
Yes. Do you see the fixlog.txt located on the desktop?
  • 0

#19
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,493 posts
Hi aKay47,

Did you have any trouble running that fixlist.txt script? I did include a command that would have forced a reboot after the script was executed.
  • 0

#20
aKay47

aKay47

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

sorry... i fell asleep. i think i did it right.  i ran the program...it was very quick to reboot my computer,  my computer booted faster than it has in a very long time! then i realized i forgot about the BBQ....my ribs on fire!! barely saved them. once i eat, i am like a baby, i fall asleep.    so now what do we do?


  • 0

#21
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,493 posts
LOL! I fell asleep, too. :lol: Do you see the Fixlog.txt on the desktop anywhere that FRST64.exe generated? Please post the log for my viewing pleasure. :)

I am still going to have you download, install and run the Malwarebytes Anti-rootkit (MBAR) tool though. This tool will seem like it takes forever to complete and may appear to stall somewhere along the way. That is normal so just leave it be and let it do it's thing.

To download and install Malwarebytes Anti-Rootkit tool, please follow the instructions below:

Malwarebytes Anti-Rootkit (MBAR)
  • Please download >>Malwarebytes Anti-Rootkit<< and save the file to your Desktop <--Very Important
  • You will need to click the MBAR.JPG button on the page above.
  • Right-Click MBAR.exe and select AVOiBNU.jpgRun as administrator to run the installer.
  • Select your Desktop as the location to extract the contents and click OK. The programme should open upon completion.
  • Click Next, followed by Update. Upon update completion, click Next.
  • Ensure Drivers, Sectors & System are checked and click Scan.
  • Note: Do not use your computer during the scan.
  • Upon completion:
    • If no infection is found, close the MBAR window.
    • If an infection is found, ensure Create Restore Point is checked and click Cleanup. Reboot when prompted.
  • Two logs (mbar-log.txt and system-log.txt) will be created. Copy the contents of both logs and paste in your next reply. Both logs can be found in the MBAR folder.
  • Instructins with pictures can be found here.

  • 0

#22
aKay47

aKay47

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

already things are working better! i was actually able to connect my blue tooth speaker which i could not do yesterday!!! you are amazing and I am just so grateful that you take the time and donate yourself to this cause!! I also am a volunteer and give many hours to the local school district teaching parents.  Karma does come back around.  Is there anything else I need to do?


  • 0

#23
aKay47

aKay47

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 24-11-2017 01
Ran by April (24-11-2017 22:40:07) Run:1
Running from C:\Users\April\Desktop
Loaded Profiles: April (Available Profiles: April & Classic .NET AppPool & .NET v4.5 & DefaultAppPool & .NET v2.0 & .NET v4.5 Classic & .NET v2.0 Classic)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
() C:\Program Files (x86)\ntuserlitelist\dataup\dataup.exe
C:\Users\April\AppData\Local\ntuserlitelist
C:\Program Files (x86)\ntuserlitelist
() C:\Windows\System32\tprdpw32.exe
() C:\Users\April\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe
() C:\Users\April\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
() C:\Users\April\AppData\Local\ntuserlitelist
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
S2 Dataup; C:\Program Files (x86)\ntuserlitelist\dataup\dataup.exe [77824 2017-01-05] () [File not signed] <==== ATTENTION
R0 drmkpro64; C:\WINDOWS\System32\drivers\ndistpr64.sys [78112 2013-09-28] () [File not signed] <==== ATTENTION
S3 AppObserver; \??\C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\appobserver64.sys [X]
S1 azwtqkfi; \??\C:\WINDOWS\system32\drivers\azwtqkfi.sys [X]
S1 eoettcum; \??\C:\WINDOWS\system32\drivers\eoettcum.sys [X]
S1 hkotdgis; \??\C:\WINDOWS\system32\drivers\hkotdgis.sys [X]
S1 kzejxclx; \??\C:\WINDOWS\system32\drivers\kzejxclx.sys [X]
S1 nkbromna; \??\C:\WINDOWS\system32\drivers\nkbromna.sys [X]
S1 odvoxhdr; \??\C:\WINDOWS\system32\drivers\odvoxhdr.sys [X]
C:\WINDOWS\system32\drivers\ndistpr64.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2751042415-2246998964-2558403214-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\April\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {03516F4F-0CA0-42C0-A53F-36384E5CB315} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {08F1B00C-84DB-4F97-AC9D-6E1D1651A152} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {19B45630-1933-4C9A-AA47-8569C68A7D3B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {338D5739-A62F-48EB-825D-B3583A072594} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3F716B81-CE98-4DC4-86A2-0E034BD0274F} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {42B07A2F-EE96-4D9D-ADAA-8E058A837C38} - \McAfee\McAfee Idle Detection Task -> No File <==== ATTENTION
Task: {438FF447-4C42-4A66-9F8E-45EA37A26D8E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5C8C518B-5F80-44EE-8805-67BD1F123601} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {7E4D6F1A-F926-4D1B-9E02-1611C15F5A16} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7EE9C0AB-9F00-4AA6-84F3-49216534F39C} - \WPD\SqmUpload_S-1-5-21-2751042415-2246998964-2558403214-1001 -> No File <==== ATTENTION
Task: {87FABF81-9ADD-4872-AE58-C151210D4CD2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8BF5180A-EC42-453A-9E50-A7A74AED0B98} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {A3206F36-1B48-4A73-BFF1-56DA74FC0138} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B2A96232-71C1-48B7-A7B0-AC9AE7D8D2E9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D2DBB54F-F9FA-4E0C-A688-D60E872C26BD} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe [2017-04-18] (Microleaves) <==== ATTENTION
Task: {F037890D-BBFF-4886-8EC6-6C641AEDA471} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {FF0EE298-FC3A-4696-B70C-E4986F1C8FC5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION
Hosts:
Emptytemp:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
CMD: ipconfig /flushdns
RemoveProxy:
 
 
 
 
 
 
 
 
 
 
 
*****************

  • 0

#24
aKay47

aKay47

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

didn't see your message till now.. lol   ok sent the fixlog  proceeding with the next steps


  • 0

#25
aKay47

aKay47

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Oh my goodness gracious..... 6006 malware detected and still scanning!!? Is that a huge amount? It seems like a ridiculously large number.
  • 0

Advertisements


#26
aKay47

aKay47

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
I am sending this from my tablet...how long does this scan take? It seems to have been stuck for the last hour
  • 0

#27
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,493 posts
Not for this infection it's not. I have seen twice as many.

As I mentioned before, it will seem like the tool runs forever and may even appear to stall. Just leave it alone and let it do it's thing till complete.

You posted the wrong log above. I need to see the fixlog.txt not the fixlist.txt.

No need to find it now, I would prefer if you left the sick computer alone while the MBAR scan is running.
  • 0

#28
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,493 posts

I am sending this from my tablet...how long does this scan take? It seems to have been stuck for the last hour

There has been times that it has ran overnight. Patience please. In time, it will finish.
  • 0

#29
aKay47

aKay47

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Ok just checking to make sure ididnt do something wrong
  • 0

#30
aKay47

aKay47

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Sorryabout sending the wrong file...oops
  • 0






Similar Topics


Also tagged with one or more of these keywords: antivirus disabled, virus, cannot access files, can not delete virus

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP