just to give you an update, Malwarebytes worked well, restarted the computer, am currenlyt searching for the log
Need help, have multiple pop-ups and probably a virus too
#31
Posted 21 December 2014 - 03:20 PM
#32
Posted 21 December 2014 - 03:24 PM
- After the restart once you are back at your desktop, open MBAM once more.
- Click on the History tab > Application Logs.
- Double click on the Scan Log which shows the Date and time of the scan just performed.
- Click 'Export'.
- Click 'Text file (*.txt)'
- In the Save File dialog box which appears, click on Desktop.
- In the File name: box type a name for your scan log.
- A message box named 'File Saved' should appear stating "Your file has been successfully exported".
- Click Ok
- Post that saved log to your next reply.
#33
Posted 21 December 2014 - 03:30 PM
The 'Scanning History Log' of MBAM is bigger than the screen of my Dell laptop and I guess the button 'Export' is at the bottom, so right now I cannot click on that
Looking for a way out of this, J
#34
Posted 21 December 2014 - 03:33 PM
#35
Posted 21 December 2014 - 03:35 PM
<<Can you see if the files are quarantined, from what you can see of it ?>>
no, but at the end of the scan it first said that that many things were quarantined and then deleted, if that helps
J
#36
Posted 21 December 2014 - 03:37 PM
What if you hit F11 on your keyboard, does that help ?
#37
Posted 21 December 2014 - 03:39 PM
... but under History I can go to either Quarantine or Appolication Logs and I was at Application Logs, but now I am in Quarantine and there it says, 'These threats have been quarnatine by your MBAM produckt ....if that helps
#38
Posted 21 December 2014 - 03:42 PM
pressing F11 does not help
#39
Posted 21 December 2014 - 03:44 PM
Is there a way to move the taskbar to the top?
#40
Posted 21 December 2014 - 03:45 PM
Lets keep moving forward, maybe we can figure the log out later.
Are you in agreement with keeping Microsoft Security Essentials. And not re-installing AVG.
Joe
#41
Posted 21 December 2014 - 03:45 PM
let me try to connect an external screen
#42
Posted 21 December 2014 - 03:50 PM
sure, if that is your recommendation!
#43
Posted 21 December 2014 - 03:52 PM
I think that is the log from MBAM you needed
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 12/21/2014
Scan Time: 3:23:10 PM
Logfile:
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2014.12.21.04
Rootkit Database: v2014.12.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Kris
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 372772
Time Elapsed: 43 min, 15 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 56
PUP.Optional.SearchSnacks.A, HKU\S-1-5-21-4287490833-3400291495-2554494040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Quarantined, [ca53075c87f587afe53afbdbc939d927],
PUP.Optional.SearchSnacks.A, HKU\S-1-5-21-4287490833-3400291495-2554494040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7D1B27B2-3DE0-4F26-94A0-E14FDB06D292}, Quarantined, [ca53075c87f587afe53afbdbc939d927],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CoCreateAsync, Quarantined, [5cc10a59b5c79c9ada547625a162d32d],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CoCreateAsync.1.0, Quarantined, [4ecf23405725b87ebc72a4f7a65d3dc3],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CoreClass, Quarantined, [bf5eb7ac611b62d40f1f7c1fb54e2cd4],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CoreClass.1, Quarantined, [c35aec77a7d541f58ba3eead798ac13f],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CoreMachineClass, Quarantined, [e33a9cc71d5fb2846bc3118ae81b2dd3],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CoreMachineClass.1, Quarantined, [45d884dffd7f6ec884aa732813f008f8],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CredentialDialogMachine, Quarantined, [c8555013087469cd76b8faa109fa33cd],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.CredentialDialogMachine.1.0, Quarantined, [a27bfe65dd9fe74f53db4952847f718f],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachine, Quarantined, [2df081e23f3df24470be316a09fa24dc],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachine.1.0, Quarantined, [75a8184b05775bdbd45a4655b44fde22],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachineFallback, Quarantined, [a7765b08bfbd1224c06e782357ac41bf],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachineFallback.1.0, Quarantined, [d14c2f34e49877bfbb735447ae556d93],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassSvc, Quarantined, [e23b85de97e55adcc26ca1fa0003867a],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassSvc.1.0, Quarantined, [7e9f3330e19bda5c6ec0f6a506fd13ed],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.ProcessLauncher, Quarantined, [aa73471c601c3006210df4a73cc73ec2],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.ProcessLauncher.1.0, Quarantined, [b36a491a38443ff7141a4b508f743dc3],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3COMClassService, Quarantined, [47d65f049fdd75c1042a53485fa4936d],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3COMClassService.1.0, Quarantined, [7ba277ec1b610234200e3269f211f20e],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3WebMachine, Quarantined, [809d6df67705f343eb434b5063a0d729],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3WebMachine.1.0, Quarantined, [d24bfa692f4dd75fcd61405bb64da65a],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3WebMachineFallback, Quarantined, [2df0d48f027a7db943ebcfcce122a35d],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3WebMachineFallback.1.0, Quarantined, [8d900d562953a39380ae55460bf83dc3],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3WebSvc, Quarantined, [fb22bca77606b680d757f3a8dc27e917],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\CLASSES\ConsumerInputUpdate.Update3WebSvc.1.0, Quarantined, [8994fb68136966d0ff2f2279d62d9e62],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\RecipeHub_2j, Quarantined, [4ecfd58ebdbf132317816961a65e9070],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\WOW6432NODE\SearchSnacks, Quarantined, [3be22e35fe7e36008a4dd28e17ec9d63],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CoCreateAsync, Quarantined, [c7564c17f389e650131b316aae552dd3],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CoCreateAsync.1.0, Quarantined, [c954ce956e0e092d88a6831815eeea16],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CoreClass, Quarantined, [bb62dc871f5dec4a6cc2e1babf445ea2],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CoreClass.1, Quarantined, [6ab342213e3e3105b07e6338e81ba25e],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CoreMachineClass, Quarantined, [e835f073314bcb6b51dd514a699a5ba5],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CoreMachineClass.1, Quarantined, [a17c045fc5b763d31b13504b0ef545bb],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CredentialDialogMachine, Quarantined, [ab72ce95106cf93d76b86635a2615ba5],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.CredentialDialogMachine.1.0, Quarantined, [c95462013d3fca6c2e00643742c1d22e],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachine, Quarantined, [a5784a19d4a878be7bb3d7c40af901ff],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachine.1.0, Quarantined, [5dc0fa69710b8aac002e940719eaa45c],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachineFallback, Quarantined, [8895e380adcfca6c2608247724df7d83],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassMachineFallback.1.0, Quarantined, [ee2f6ff488f4122468c65546ac57fd03],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassSvc, Quarantined, [a479491a6616fc3a59d57d1ec142e020],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.OnDemandCOMClassSvc.1.0, Quarantined, [1eff79eab3c9f93d3bf31a8142c146ba],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.ProcessLauncher, Quarantined, [9c817be824581f1776b855461be8fb05],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.ProcessLauncher.1.0, Quarantined, [56c7d88bb9c33006b37bbeddb54e9868],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3COMClassService, Quarantined, [9e7f6300720a63d3121c4754b152d729],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3COMClassService.1.0, Quarantined, [c8553b28c7b5092d44ea405bc2413cc4],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3WebMachine, Quarantined, [fe1fc1a2a4d8d85e0826514a877ca15f],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3WebMachine.1.0, Quarantined, [42db65fe4834999d1a14900bf112b947],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3WebMachineFallback, Quarantined, [5cc1db88621a2412bb73c6d5887b23dd],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3WebMachineFallback.1.0, Quarantined, [88956af9314b80b6af7feeada162fa06],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3WebSvc, Quarantined, [f32adb88027aa78f52dc9dfe05fef60a],
PUP.Optional.Consumer.Input.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ConsumerInputUpdate.Update3WebSvc.1.0, Quarantined, [1c01fe65760667cf76b8a9f2b94aec14],
PUP.Optional.MediaPlayerEnhance.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MediaPlayerEnhance, Quarantined, [9d80491a85f79f97d8fb6331ac5737c9],
PUP.Optional.weDownload.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\weDownload Manager Pro, Quarantined, [ed309bc8364645f1cef774096d96b848],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-4287490833-3400291495-2554494040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\RecipeHub_2j, Quarantined, [2cf1471cd5a755e18910b8122fd514ec],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-4287490833-3400291495-2554494040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\RecipeHub_2j, Quarantined, [fe1f87dc0b71c27441c1b7c8a1629b65],
Registry Values: 9
PUP.Optional.MindSpark.A, HKU\S-1-5-21-4287490833-3400291495-2554494040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}, Quarantined, [31ecb1b2c1bbc274128895421be77c84],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-4287490833-3400291495-2554494040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}, øËÃëöüâF¼;ê¼rqî±, Quarantined, [31ecb1b2c1bbc274128895421be77c84]
PUP.Optional.MindSpark.A, HKU\S-1-5-21-4287490833-3400291495-2554494040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}, Quarantined, [31ecb1b2c1bbc274128895421be77c84],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-4287490833-3400291495-2554494040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}, Quarantined, [8895362dfc8056e0d8c2d9fe15ed5ca4],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-4287490833-3400291495-2554494040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{cc8ae5b8-005b-4b1a-a27d-307eddffe5c8}, Quarantined, [b16cb4af0874dd59a494825616eca759],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-4287490833-3400291495-2554494040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{CC8AE5B8-005B-4B1A-A27D-307EDDFFE5C8}, Quarantined, [b16cb4af0874dd59a494825616eca759],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{cf51de5b-eb36-4114-bb69-84df63fbadb4}, Quarantined, [eb322f34bbc195a1a29792468c766799],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{CF51DE5B-EB36-4114-BB69-84DF63FBADB4}, Quarantined, [eb322f34bbc195a1a29792468c766799],
PUP.Optional.ConsumerInput.A, HKU\S-1-5-21-4287490833-3400291495-2554494040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ConsumerInput@Compete, C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12039.xpi, Quarantined, [011cb3b0d2aa5adc91cda0c0eb189d63]
Registry Data: 0
(No malicious items detected)
Folders: 32
Rogue.Multiple, C:\ProgramData\374311380, Quarantined, [87960a59e399181e6467f41e0201619f],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack, Delete-on-Reboot, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\defaults, Delete-on-Reboot, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\defaults\preferences, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\locale, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources, Delete-on-Reboot, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\addon-kit, Delete-on-Reboot, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\addon-kit\data, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\addon-kit\lib, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\api-utils, Delete-on-Reboot, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\api-utils\data, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\api-utils\lib, Delete-on-Reboot, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\addon, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\content, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\dom, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\event, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\events, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\l10n, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\private-browsing, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\system, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\tabs, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\traits, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\utils, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\window, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\api-utils\lib\windows, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\SavingsBull, Delete-on-Reboot, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\SavingsBull\data, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\SavingsBull\lib, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.SavingsBull.A, C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\z8anwi81.default\extensions\SavingsBull@jetpack\resources\SavingsBull\tests, Quarantined, [6eaf10538af255e16996f63150b3da26],
PUP.Optional.StormAlerts.A, C:\Users\Kris\AppData\Local\Weather_Warnings_LLC, Delete-on-Reboot, [cc518fd4ccb055e1eca252eb3ac91ee2],
PUP.Optional.StormAlerts.A, C:\Users\Kris\AppData\Local\Weather_Warnings_LLC\StormAlerts.exe_Url_owwuyufusv2bxrgjszaq3udnyhgsnbrz, Delete-on-Reboot, [cc518fd4ccb055e1eca252eb3ac91ee2],
PUP.Optional.StormAlerts.A, C:\Users\Kris\AppData\Local\Weather_Warnings_LLC\StormAlerts.exe_Url_owwuyufusv2bxrgjszaq3udnyhgsnbrz\1.4.0.0, Quarantined, [cc518fd4ccb055e1eca252eb3ac91ee2],
Files: 23
PUP.Optional.StormAlert.A, C:\ProgramData\RTlMgdbphT\dat\hZohLwq.exe, Quarantined, [6eaf1152d8a4e056898adb160ff26898],
PUP.Optional.StormAlert.A, C:\ProgramData\RTlMgdbphT\dat\lSHsNr.exe, Quarantined, [1c01f56e295391a548cb05ec46bb738d],
PUP.Optional.HealthAlert.A, C:\ProgramData\RTlMgdbphT\dat\ulJBWM.dll, Quarantined, [f726e281b6c691a54878e87d927321df],
PUP.Optional.OptimunInstaller, C:\Users\Kris\AppData\Local\Temp\Tk7YscoD.exe.part, Quarantined, [d14c6df6ed8f44f2da26eb5fca3621df],
Trojan.SProtector, C:\Users\Kris\AppData\Local\Temp\18be6784_.exe, Quarantined, [c25b70f39ae22d09c7b17af46f92a65a],
PUP.Optional.AirAdInstaller, C:\Users\Kris\AppData\Local\Temp\setup.exe, Quarantined, [918ccd9627550135ddc13829b64a01ff],
PUP.Optional.AppInstaller, C:\Users\Kris\AppData\Local\Temp\n1794\FLVMPlayerSetup-c45490cb.exe, Quarantined, [9786e87b94e8f343d26a1788dd24fd03],
PUP.Optional.Babylon, C:\Users\Kris\AppData\Local\Temp\n1794\SystemSpeedUPInstaller.exe, Quarantined, [c5580261354784b2309ec100857c8878],
PUP.Optional.DownloadAssistant, C:\Users\Kris\AppData\Local\Temp\a2wXROtwpD\Zch2suF2\Setup.exe, Quarantined, [6bb24d16c3b9360082fab333af520ef2],
PUP.Optional.AirAdInstaller, C:\Users\Kris\Downloads\setup(1).exe, Quarantined, [56c7e3809fdd55e1ecb2273a17e921df],
PUP.Optional.OptimunInstaller, C:\Users\Kris\Downloads\setup.exe, Quarantined, [62bb87dcf7859e98be4253f7d7294bb5],
PUP.Optional.Inbox, C:\Users\Kris\Downloads\ClasifiedsSetup (2).exe, Quarantined, [d74687dcaece989e83e2f92eed1421df],
PUP.Optional.Inbox, C:\Users\Kris\Downloads\ClasifiedsSetup.exe, Quarantined, [46d776ed1e5eb97d3d28f4338a7735cb],
PUP.Optional.Inbox, C:\Users\Kris\Downloads\ClasifiedsSetup (1).exe, Quarantined, [cd50acb7522acf67a6bf00274cb57c84],
PUP.Optional.Conduit, C:\Users\Kris\Downloads\WiseConvert.exe, Quarantined, [c75698cb99e3c86eb63149e69c64d22e],
PUP.Optional.Solimba, C:\Users\Kris\Downloads\Metronome.exe, Quarantined, [a17c74ef225a91a5803e09d1d62b3fc1],
PUP.Optional.DownloadAssistant, C:\Users\Kris\Downloads\Avast_Setup(1).exe, Quarantined, [c05d590a3e3ece68027abf2748b93cc4],
PUP.Optional.DownloadAssistant, C:\Users\Kris\Downloads\Avast_Setup.exe, Quarantined, [031aed76017b85b13a42875fca37728e],
PUP.Optional.Vitruvian.A, C:\Users\Kris\AppData\Local\Temp\vitruvian-installer-install-v0001, Quarantined, [70ad8bd8512bd95de02e825757ad5da3],
PUP.Optional.Vitruvian.A, C:\Users\Kris\AppData\Local\Temp\vitruvian-installer-processes-v0001, Quarantined, [7e9f243fb3c94ceac6485c7d976d04fc],
PUP.Optional.Vitruvian.A, C:\Users\Kris\AppData\Local\Temp\vitruvian-installer-softwareregkeys-v0001, Quarantined, [8f8e5c0788f40c2a31dd77628282e41c],
PUP.Optional.Vitruvian.A, C:\Users\Kris\AppData\Local\Temp\vitruvian-installer-uninstall-v0001, Quarantined, [ac71adb6cfad0135d73709d09d67659b],
PUP.Optional.StormAlerts.A, C:\Users\Kris\AppData\Local\Weather_Warnings_LLC\StormAlerts.exe_Url_owwuyufusv2bxrgjszaq3udnyhgsnbrz\1.4.0.0\user.config, Quarantined, [cc518fd4ccb055e1eca252eb3ac91ee2],
Physical Sectors: 0
(No malicious items detected)
(end)
#44
Posted 21 December 2014 - 03:58 PM
First
Programs to uninstall "If found". Click start> Control panel > Programs an features.
- Java 7 Update 25
- Java™ 6 Update 18
- MyTurboPC <------------ I don't recommend this program.
- savernet
Note
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.
Please run the AVG 2015 64Bit removal tool see link below for that: 2nd one down on that web page on the right side.
http://www.avg.com/us-en/utilities
Download the tool, save the file to the desktop and run it. Let it do it's thing. This will get rid of left over AVG Files. It needs to be done even if you already uninstalled it.
Next
A few items to fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
start CloseProcesses: HKLM-x32\...\Run: [] => [X] ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File ShellIconOverlayIdentifiers-x32: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => No File ShellIconOverlayIdentifiers-x32: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => No File GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION URLSearchHook: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 - (No Name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - No File URLSearchHook: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 - (No Name) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - No File URLSearchHook: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 - (No Name) - {cc8ae5b8-005b-4b1a-a27d-307eddffe5c8} - No File SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {5F985957-0049-4210-85EA-753302A958A3} URL = http://www.bing.com/...rc=IE-SearchBox SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://groovorio.com...=1690693304&ir= SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE SearchScopes: HKLM-x32 -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {56256A51-B582-467e-B8D4-7786EDA79AE0} URL = http://search.mywebs...r={searchTerms} SearchScopes: HKLM-x32 -> {5EF5EE14-605F-4F27-B7E0-E5510E36D687} URL = http://www.bing.com/...rc=IE-SearchBox SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE SearchScopes: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> {195F4B0C-8532-4E8F-A797-7BD3525C1AFC} URL = http://websearch.ask...FF-0ECF3BF72416 SearchScopes: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> {1AC6F0D9-5B4C-423A-B201-98A06EC8B28E} URL = SearchScopes: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> {5EF5EE14-605F-4F27-B7E0-E5510E36D687} URL = SearchScopes: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE SearchScopes: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={D1B0889F-1643-4B0F-B97B-CA7A60E63D23}&mid=8551acdd3c8547d381bf69e5299db7b1-90251f1b08ece7b999cfccfa4036ef24c7d46596&lang=en&ds=ft013&coid=avgtbdisft&pr=sa&d=2013-11-17 20:39:30&v=17.1.3.1&pid=safeguard&sg=0&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> {A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD} URL = http://www.crawler.c...id=10002&lng=en SearchScopes: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox...id=80472&lng=en BHO: savernet -> {fb17d7e0-5f62-443d-aa59-0234ee02af98} -> C:\ProgramData\savernet\17viDZh78U1DWv.x64.dll () BHO-x32: No Name -> {06e3475c-5521-4de8-bb12-50720f21631c} -> No File BHO-x32: No Name -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> No File BHO-x32: No Name -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> No File BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File BHO-x32: No Name -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> No File BHO-x32: No Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> No File BHO-x32: No Name -> {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} -> No File BHO-x32: savernet -> {fb17d7e0-5f62-443d-aa59-0234ee02af98} -> C:\ProgramData\savernet\17viDZh78U1DWv.dll () Toolbar: HKLM-x32 - No Name - {cf51de5b-eb36-4114-bb69-84df63fbadb4} - No File Toolbar: HKLM-x32 - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File Toolbar: HKLM-x32 - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File Toolbar: HKLM-x32 - No Name - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - No File Toolbar: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File Toolbar: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> No Name - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - No File Toolbar: HKU\S-1-5-21-4287490833-3400291495-2554494040-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Handler: crawler - {4545C96B-15D0-4E22-8DDE-6F2CAF531281} - No File Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - No File Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - No File Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - No File FF Plugin-x32: @mywebsearch.com/Plugin -> C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll No File FF Plugin-x32: @RecipeHub_2j.com/Plugin -> C:\Program Files (x86)\RecipeHub_2j\bar\1.bin\NP2jStub.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File FF Extension: deal4me - C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\nup7b7k3.default-1416660402991\Extensions\[email protected] [2014-12-19] FF Extension: SaverAddon - C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\nup7b7k3.default-1416660402991\Extensions\[email protected] [2014-12-19] FF Extension: ProShopper - C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\nup7b7k3.default-1416660402991\Extensions\[email protected] [2014-12-21] FF Extension: Yahoo! Toolbar - C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\nup7b7k3.default-1416660402991\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-11-22] FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\MyWebSearch\bar\2.bin FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] FF Extension: No Name - ConsumerInput@Compete [Not Found] CHR dev: Chrome dev build detected! <======= ATTENTION CHR Plugin: (Native Client) - C:\program files (x86)\google\chrome\application\29.0.1547.62\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\program files (x86)\google\chrome\application\29.0.1547.62\pdf.dll No File CHR Plugin: (Java Deployment Toolkit 6.0.180.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll No File CHR Plugin: (Java™ Platform SE 6 U20) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File CHR Plugin: (Shockwave Flash) - C:\program files (x86)\google\chrome\application\29.0.1547.62\PepperFlash\pepflashplayer.dll No File CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll No File CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File CHR Plugin: (My Web Search Plugin Stub) - C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File S2 consumerinput_update; C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe /svc [X] S3 consumerinput_updatem; C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe /medsvc [X] S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe" [X] 2014-12-21 12:07 - 2014-12-21 12:07 - 00000000 ____D () C:\ProgramData\savernet 2014-12-19 16:35 - 2014-12-19 16:36 - 00000000 ____D () C:\ProgramData\SmartCompare 2014-12-19 16:35 - 2014-12-19 16:36 - 00000000 ____D () C:\ProgramData\SaverAddon 2014-12-19 16:35 - 2014-12-19 16:35 - 00000000 ____D () C:\ProgramData\faalfcfgbnpgfmbeofnfninccoiebffn 2014-12-19 16:35 - 2014-12-19 16:35 - 00000000 ____D () C:\ProgramData\BestDiscountApp 2014-12-19 16:27 - 2014-12-19 16:27 - 00000000 ____D () C:\Users\Kris\AppData\Roaming\MyTurboPC.com 2014-12-19 16:27 - 2014-12-19 16:27 - 00000000 ____D () C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyTurboPC.com 2014-12-19 16:27 - 2014-12-19 16:27 - 00000000 ____D () C:\ProgramData\MyTurboPC.com 2014-12-19 16:27 - 2014-12-19 16:27 - 00000000 ____D () C:\Program Files (x86)\MyTurboPC.com 2014-12-19 16:25 - 2014-12-19 16:26 - 06379208 _____ (MyTurboPC.com) C:\Users\Kris\Downloads\Myturbopc(1).exe 2014-12-19 16:25 - 2014-12-19 16:25 - 06379208 _____ (MyTurboPC.com) C:\Users\Kris\Downloads\Myturbopc.exe 2014-12-19 16:19 - 2014-12-19 16:19 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2014-12-19 16:15 - 2014-12-19 16:15 - 00000000 ____D () C:\ProgramData\ShoppingDealFactory 2014-12-21 13:39 - 2014-11-17 13:31 - 00000358 _____ () C:\Windows\Tasks\CIMT_S-1-5-21-4287490833-3400291495-2554494040-1000.job 2014-12-21 13:36 - 2014-11-17 13:29 - 00000962 _____ () C:\Windows\Tasks\ConsumerInputUpdateTaskMachineCore.job 2014-12-21 13:03 - 2014-11-17 13:31 - 00000000 ____D () C:\Users\Kris\AppData\Roaming\Compete 2014-12-21 13:01 - 2014-11-17 13:31 - 00000000 ____D () C:\ProgramData\TinyWallet 2014-12-21 12:45 - 2014-11-15 11:43 - 00000000 ____D () C:\Users\Kris\AppData\Roaming\systweak 2014-12-21 12:45 - 2014-11-15 11:42 - 00000000 ____D () C:\ProgramData\Systweak 2014-12-21 12:38 - 2014-11-17 10:45 - 00000000 ____D () C:\ProgramData\cea2cad3caee4f45 2014-12-21 12:34 - 2014-11-17 13:29 - 00000966 _____ () C:\Windows\Tasks\ConsumerInputUpdateTaskMachineUA.job 2014-12-21 12:34 - 2014-11-17 13:29 - 00000000 ____D () C:\Program Files (x86)\Consumer Input C:\Users\Kris\AppData\Local\Temp\18be6784_.exe C:\Users\Kris\AppData\Local\Temp\294823_.exe C:\Users\Kris\AppData\Local\Temp\avguirn_081342301626.exe C:\Users\Kris\AppData\Local\Temp\ConsumerInputSetup.exe C:\Users\Kris\AppData\Local\Temp\DseShExt-x64.dll C:\Users\Kris\AppData\Local\Temp\DseShExt-x86.dll C:\Users\Kris\AppData\Local\Temp\optprosetup.exe C:\Users\Kris\AppData\Local\Temp\psftp.exe C:\Users\Kris\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\Kris\AppData\Local\Temp\SDShelEx-x64.dll C:\Users\Kris\AppData\Local\Temp\setup.exe C:\Users\Kris\AppData\Local\Temp\UNINSTALL.EXE Task: {2CDD4B80-0EFE-4312-9777-D5B30F1AE60A} - \MediaPlayerEnhance-codedownloader No Task File <==== ATTENTION Task: {568E6BEA-F6BF-4CE7-A877-B5995D5A40A1} - \AmiUpdXp No Task File <==== ATTENTION Task: {8F14A824-0FBF-426A-A3C6-23C8EE5CB985} - System32\Tasks\AVG_SYS_TASK_1114avz => C:\ProgramData\Avg_Update_1114avz\AVG-Secure-Search-Update_1114avz.exe [2014-10-08] () Task: {943F4C85-FF7C-4116-81B9-CDFFFA5E42EB} - System32\Tasks\ConsumerInputUpdateTaskMachineUA => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe Task: {993B97E4-9A23-4A33-86A0-AC1AB92958E2} - System32\Tasks\ConsumerInputUpdateTaskMachineCore => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe Task: {AD4C203C-D0A0-407E-B1FE-09003B1D98DC} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION Task: {B6D34BB0-693F-493A-A3BC-79493FF0E55A} - \MediaPlayerEnhance-firefoxinstaller No Task File <==== ATTENTION Task: {DBE031A3-D261-4205-93D7-3C3E620DB126} - \MediaPlayerEnhance-chromeinstaller No Task File <==== ATTENTION Task: {E3531C3B-C58C-4F72-AC68-E6D0212E8F19} - \MediaPlayerEnhance-updater No Task File <==== ATTENTION Task: {E6759104-7D47-46F9-8484-D8CCFBA0F1EF} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe Task: {E6EE1F9B-1986-402B-B2D5-2D6C94569AD6} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe <==== ATTENTION Task: {EF53CF1B-10F9-4CD5-8336-9AF9D9ABB3DB} - \MediaPlayerEnhance-enabler No Task File <==== ATTENTION AlternateDataStreams: C:\ProgramData\TEMP:0CA8EFF8 HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LMIRescue_149ce099-4625-4038-9722-c30e91f61d82 => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LMIRescue_23e0af0d-6954-4a4f-866e-75012bcc141c => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LMIRescue_73098fbd-996d-4264-9284-cc57a720938b => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" CMD: ipconfig /flushdns CMD: netsh winsock reset catalog CMD: bitsadmin /reset /allusers Hosts: Emptytemp: reboot: endClick Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.
Post in your next reply:
Fixlog.txt, found on the desktop.
#45
Posted 21 December 2014 - 04:02 PM
Hi Joe,
need to pick someone up from the Airport in Fort Lauderdale, so will stop in a couple of minutes. Thanks heaps so far and will try to fulfill your tasks as soon as I can
best to you, J
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users