Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijackthis log


  • Please log in to reply
25 replies to this topic

#1 Colinito

Colinito

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:42 AM

Posted 27 May 2016 - 04:00 AM

Hello Everyone,
I have had some problems with my laptop and been advised to do a Hijackthis scan. I done this and I have saved the log - which also has a web link - but I have no idea how to deal with it. Could anyone assist me please?
Thank you, in advance for any assistance.
Regards,
Colinito.

Edited by Queen-Evie, 27 May 2016 - 07:13 AM.
moved from System Building and Upgrading to Am I Infected


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • BC Advisor
  • 12,893 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:42 PM

Posted 27 May 2016 - 05:58 AM

What problems are you having? HijackThis may be of no use.

Do not post the HijackThis scan log in this topic.

Edited by Queen-Evie, 27 May 2016 - 07:15 AM.
deleted suggestion to start a new topic in AII

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 Colinito

Colinito
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:42 AM

Posted 27 May 2016 - 12:20 PM

Hello Buddy 215,

 

Thank you for your interest in my post.

 

I live in Spain and have a Lenovo laptop G585 bought in Spain and with W7 Home Premium (in Spanish). I have AVG Free, With Malwarebytes free and SuperAntiSpyware installed and available on demand. I use Firefox 46.0.1.
 
I use my neighbours wifi connection which is exceedingly slow and weak. with a usual 2 bar signal of a possible 5 bar availability.
 
Slow response has developed from typing letters to their appearance in a word document of from 5 seconds or more.
 
Slow response to open an Internet connection when clicked on, and sometimes failure to open the link when clicked on.
 
Sometimes failure of the commands in my Yahoo Mail to 'move,' 'delete,' etc.
 
A friend recently advised that I might have an infection in the laptop and to do scans - there was nothing of note except cookies shown in the scan reports.
 
He then advised me to download Avira. I did this and then noticed that there was an even slower response from my laptop. So I removed it through the Control Panel. The Avira Launcher has remained in the Notifiable Area by the clock and I am unable to actually "find" it anywhere in order to remove it. Either by putting its name in the search box above Start, or "about:config" in the browser and it doesn't appear in the Programme List in the Control Panel.
 
I am unsure if this reply should be entered here as the messages referencing the editing from Queen Evie suggest that this might be posted in a different forum. Please forgive me if this is wrongly posted.
 
As I said, I did the Hijackthis scan and have both the Log report and the Web Adress where it can be seen. I shall not post any log in this forum unless asked to do so!
 
Regards,
 
Colinito.


#4 buddy215

buddy215

  • BC Advisor
  • 12,893 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:42 PM

Posted 27 May 2016 - 12:31 PM

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#5 Colinito

Colinito
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:42 AM

Posted 27 May 2016 - 01:08 PM

Hello Buddy 215,

Followed your instructionsd and I copy and paste the scan result under the heading of "Startup" and "Uninstall."

 

STARTUP

No    HKCU:Run    AutoStartNPSAgent    Samsung Electronics Co., Ltd.    C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
Yes    HKCU:Run    CCleaner Monitoring    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
No    HKCU:Run    Google+ Auto Backup        "C:\Users\Colin\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
No    HKCU:Run    Skype    Skype Technologies S.A.    "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
No    HKCU:Run    SmileboxTray    Smilebox, Inc.    "C:\Users\Colin\AppData\Roaming\Smilebox\SmileboxTray.exe"
No    HKCU:Run    Spotify    Spotify Ltd    "C:\Users\Colin\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
No    HKCU:Run    Spotify Web Helper    Spotify Ltd    "C:\Users\Colin\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
Yes    HKCU:Run    SUPERAntiSpyware    SUPERAntiSpyware    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
No    HKLM:Run    331BigDog    Vimicro    C:\Program Files (x86)\USB Camera\VM331_STI.EXE
No    HKLM:Run    Adobe ARM    Adobe Systems Incorporated    "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
No    HKLM:Run    ArcSoft Connection Service    ArcSoft    C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Yes    HKLM:Run    AVG_UI    AVG Technologies CZ, s.r.o.    "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
No    HKLM:Run    AvgUi    AVG Technologies CZ, s.r.o.    "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
Yes    HKLM:Run    Avira SystrayStartTrigger    Avira Operations GmbH & Co. KG    C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
Yes    HKLM:Run    cAudioFilterAgent    Conexant Systems, Inc.    C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
No    HKLM:Run    Dolby Advanced Audio v2    Dolby Laboratories Inc.    "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
Yes    HKLM:Run    Energy Management    Lenovo (Beijing) Limited    C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
Yes    HKLM:Run    EnergyUtility    Lenovo(beijing) Limited    C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
No    HKLM:Run    Lenovo EE Boot Optimizer    Lenovo    C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
No    HKLM:Run    Lenovo Registration    Lenovo, Inc.    C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
No    HKLM:Run    LockKey         C:\Program Files (x86)\LockKey\LockKey.exe
Yes    HKLM:Run    Malwarebytes Anti-Exploit    Malwarebytes Corporation    C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
No    HKLM:Run    mobilegeni daemon        C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
Yes    HKLM:Run    MSC    Microsoft Corporation    "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
No    HKLM:Run    Nikon Message Center 2    Nikon Corporation    C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
No    HKLM:Run    StartCCC    Advanced Micro Devices, Inc.    "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
No    HKLM:Run    UpdateP2GShortCut    CyberLink Corp.    "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
No    HKLM:Run    UpdatePRCShortCut    CyberLink Corp.    "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
No    HKLM:Run    VeriFaceManager    Lenovo    C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
No    HKLM:Run    YouCam Mirage    CyberLink    "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
No    HKLM:Run    YouCam Tray    CyberLink Corp.    "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
No    Startup Common    Bluetooth.lnk    Broadcom Corporation.    C:\PROGRA~1\Lenovo\BLUETO~1\BTTray.exe
Yes    Startup Common    Remote Control.lnk        C:\Program Files (x86)\SVEON Multimedia\STV27 Utilities\RTLRCtl.exe
Yes    Startup Common    TMMonitor.lnk    ArcSoft, Inc.    C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
 

 

UNINSTALL

be Acrobat Reader DC    Adobe Systems Incorporated    19/05/2016    197 MB    15.016.20041
Adobe AIR    Adobe Systems Incorporated    17/11/2015        19.0.0.241
Adobe Flash Player 21 ActiveX    Adobe Systems Incorporated    12/05/2016    5.15 MB    21.0.0.242
Adobe Flash Player 21 NPAPI    Adobe Systems Incorporated    14/05/2016    5.71 MB    21.0.0.242
AMD Catalyst Install Manager    Advanced Micro Devices, Inc.    07/06/2012    26.2 MB    3.0.859.0
ArcSoft Multimedia Email        21/03/2014        
ArcSoft Panorama Maker 6    ArcSoft    21/03/2014        6.0.8.85
ArcSoft PhotoImpression 6    ArcSoft    21/03/2014        
ArcSoft TotalMedia 3.5    ArcSoft    02/09/2015        3.5.23.345
AVG    AVG Technologies    19/05/2016        1.61.2.12974
AVG Protection    AVG Technologies    23/05/2016        2016.71.7598
Avira Launcher    Avira Operations GmbH & Co. KG    26/05/2016    14.1 MB    1.1.62.21333
Belarc Advisor 8.3    Belarc Inc.    31/08/2013        8.3.2.0
Bolt PDF Printer    NCH Software    16/08/2014        1.19
CCleaner    Piriform    27/05/2016        5.18
Compresor WinRAR        30/08/2013        
Conexant HD Audio    Conexant    07/06/2012        8.54.34.0
Control ActiveX de Windows Live Mesh para conexiones remotas    Microsoft Corporation    07/06/2012    5.57 MB    15.4.5722.2
Dolby Advanced Audio v2    Dolby Laboratories Inc    07/06/2012    12.9 MB    7.2.7000.11
Doxillion Document Converter    NCH Software    16/08/2014        2.28
Energy Management    Lenovo    07/06/2012    26.6 MB    7.0.3.4
Estudio de mejora de productos de HP Deskjet 2050 J510 series    Hewlett-Packard Co.    10/02/2016    6.90 MB    22.0.334.0
Free PDF Solutions PDF to WORD version 1.0        25/09/2014    1.77 MB    1.0
Google Chrome    Google Inc.    07/06/2012        51.0.2704.63
Google Earth    Google    16/12/2013    180 MB    7.1.2.2041
INFORAD MANAGER 3.6        30/08/2013    11.0 MB    
Lenovo Bluetooth with Enhanced Data Rate Software    Broadcom Corporation    07/06/2012    289 MB    6.5.1.2300
Lenovo EasyCamera    Vimicro    07/06/2012        13.11.1206.1
Lenovo EE Boot Optimizer    Lenovo    07/06/2012        0.0.1.9
Lenovo OneKey Recovery    CyberLink Corp.    07/06/2012        7.0.0.3712
Lenovo pointing device    ELAN Microelectronic Corp.    07/06/2012        10.4.2.8
Lenovo Registration    Lenovo Inc.    07/06/2012    4.13 MB    1.0.4
Lenovo Solution Center    Lenovo Group Limited    07/06/2012    18.7 MB    1.1.005.00
Lenovo Welcome    Lenovo Group Limited    07/06/2012    9.38 MB    3.1.0011.00
Lenovo YouCam    CyberLink Corp.    07/06/2012    135 MB    3.1.3728
Lenovo_Wireless_Driver    Lenovo    07/06/2012        1.02.01
LockKey    Lenovo    07/06/2012    317 KB    1.38.1.2
Malwarebytes Anti-Exploit version 1.8.1.1196    Malwarebytes    07/05/2016    6.47 MB    1.8.1.1196
Malwarebytes Anti-Malware version 2.2.1.1043    Malwarebytes    19/04/2016    66.8 MB    2.2.1.1043
Microsoft .NET Framework 4.5.2 (español)    Microsoft Corporation    07/07/2015    2.93 MB    4.5.51209
Microsoft .NET Framework 4.6.1    Microsoft Corporation    25/02/2016    38.8 MB    4.6.01055
Microsoft ASP.NET MVC 4 Runtime    Microsoft Corporation    25/02/2016    1.59 MB    4.0.40804.0
Microsoft Expression Encoder 4 Screen Capture Codec    Microsoft Corporation    16/08/2015    672 KB    4.0.4276.0
Microsoft Office Professional Plus 2010    Microsoft Corporation    04/09/2013        14.0.7015.1000
Microsoft Security Essentials    Microsoft Corporation    25/02/2016        4.9.218.0
Microsoft Silverlight    Microsoft Corporation    02/02/2016    298 MB    5.1.41212.0
Microsoft SQL Server 2005 Compact Edition [ENU]    Microsoft Corporation    07/06/2012    1.69 MB    3.1.0000
Microsoft Visual C++ 2005 Redistributable    Microsoft Corporation    30/08/2013    300 KB    8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17    Microsoft Corporation    04/12/2013    788 KB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161    Microsoft Corporation    06/12/2013    788 KB    9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219    Microsoft Corporation    21/03/2015    1.44 MB    10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219    Microsoft Corporation    21/03/2015    12.2 MB    10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)    Microsoft Corporation    21/03/2015        10.0.50903
Mozilla Firefox 46.0.1 (x86 en-GB)    Mozilla    10/05/2016    91.2 MB    46.0.1
Mozilla Maintenance Service    Mozilla    10/05/2016    341 KB    46.0.1.5966
MSXML 4.0 SP2 (KB954430)    Microsoft Corporation    20/07/2014    1.27 MB    4.20.9870.0
MSXML 4.0 SP2 (KB973688)    Microsoft Corporation    20/07/2014    1.33 MB    4.20.9876.0
MSXML 4.0 SP2 Parser and SDK    Microsoft Corporation    19/07/2014    1.22 MB    4.20.9818.0
Nero 8.3.2.1    Bj @ WinuE    29/08/2013        8.3.2.1
Nikon Message Center 2    Nikon    21/03/2014    9.42 MB    2.1.0
Nikon Movie Editor    Nikon    21/03/2014    33.4 MB    2.9.0
OneKey Recovery    CyberLink Corp.    07/08/2015        7.0.0.3712
Paquete de controladores de Windows - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1)    Lenovo    07/06/2012        12/15/2011 7.1.0.1
Paquete de controladores de Windows - Nokia pccsmcfd  (08/22/2008 7.0.0.0)    Nokia    19/07/2014        08/22/2008 7.0.0.0
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN    Microsoft Corporation    21/03/2015        10.0.50903
PC Connectivity Solution    Nokia    19/07/2014    17.5 MB    8.47.7.0
PhotoImpression        21/03/2014        
Picasa 3    Google, Inc.    22/11/2015    85.2 MB    3.9.141.259
Picture Control Utility x64    Nikon    21/03/2014    29.2 MB    1.5.0
Pixillion Image Converter    NCH Software    16/08/2014        2.75
PL-2303 USB-to-Serial    Prolific Technology INC    30/08/2013        1.0.6.26
Power2Go    CyberLink Corp.    07/06/2012        5.6.0.7303
Prism Video File Converter    NCH Software    16/08/2014        2.18
Realtek Ethernet Controller Driver    Realtek    07/06/2012        7.54.309.2012
Realtek USB 2.0 Reader Driver    Realtek Semiconductor Corp.    07/06/2012        6.1.7601.39016
Recuva    Piriform    14/07/2015        1.52
Samsung New PC Studio    Samsung Electronics Co., Ltd.    20/07/2014    296 MB    1.00.0000
SAMSUNG USB Driver for Mobile Phones    SAMSUNG Electronics Co., Ltd.    20/07/2014    43.3 MB    1.3.650.0
SamsungConnectivityCableDriver    Samsung    19/07/2014    741 KB    6.83.6.2.1
Screen Recorder    Sketchman Studio    24/09/2015    1.60 MB    2.1
Skype Click to Call    Microsoft Corporation    07/05/2016    19.2 MB    8.1.0.9134
Skype™ 7.23    Skype Technologies S.A.    11/05/2016    298 MB    7.23.105
Smilebox        21/11/2013        
Software básico del dispositivo HP Deskjet 2050 J510 series    Hewlett-Packard Co.    10/02/2016    95.4 MB    22.0.334.0
Spotify    Spotify AB    22/05/2016        1.0.15.133.gf21970bd
SugarSync Manager    SugarSync, Inc.    07/06/2012        1.9.49.86082
SUPERAntiSpyware    SUPERAntiSpyware.com    29/01/2014    36.1 MB    5.7.1018
SVEON STV27 Driver        02/09/2015        
SVEON STV27 Utilities    SVEON Multimedia    02/09/2015        3.0.0.0
Switch Sound File Converter    NCH Software    16/08/2014        4.60
UserGuide    Lenovo    07/06/2012    51.3 MB    1.0.0.6
VeriFace    Lenovo    07/06/2012        4.0.1.1230
ViewNX 2    Nikon    21/03/2014    64.8 MB    2.9.0
Visual Studio 2010 x64 Redistributables    AVG Technologies    30/08/2013    12.4 MB    13.0.0.1
Visual Studio 2012 x64 Redistributables    AVG Technologies    05/09/2013    12.9 MB    14.0.0.1
Visual Studio 2012 x86 Redistributables    AVG Technologies CZ, s.r.o.    05/09/2013    10.5 MB    14.0.0.1
Windows Live Essentials    Microsoft Corporation    07/06/2012        15.4.3508.1109
Windows Live Mesh ActiveX Control for Remote Connections    Microsoft Corporation    31/08/2013    5.37 MB    15.4.5722.2
WinX YouTube Downloader 4.0.3    Digiarty Software, Inc.    09/11/2015    61.6 MB    
XviD Video Codec (remove only)        24/09/2015        
µTorrent    BitTorrent Inc.    21/03/2014        3.4.0.30660



#6 buddy215

buddy215

  • BC Advisor
  • 12,893 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:42 PM

Posted 27 May 2016 - 02:00 PM

Post the Scheduled Tasks list....it's missing.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#7 buddy215

buddy215

  • BC Advisor
  • 12,893 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:42 PM

Posted 27 May 2016 - 02:19 PM

Disable these Windows Startups: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes    HKCU:Run    CCleaner Monitoring    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

Yes    HKCU:Run    SUPERAntiSpyware    SUPERAntiSpyware    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

Yes    Startup Common    TMMonitor.lnk    ArcSoft, Inc.    C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
 

Delete this Windows Startup: Yes    HKLM:Run    Avira SystrayStartTrigger    Avira Operations GmbH & Co. KG    C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe

 

Uninstall these programs:

Skype Click to Call    Microsoft Corporation    07/05/2016    19.2 MB    8.1.0.9134

SUPERAntiSpyware    SUPERAntiSpyware.com    29/01/2014    36.1 MB    5.7.1018

Windows Live Essentials    Microsoft Corporation    07/06/2012        15.4.3508.1109
Windows Live Mesh ActiveX Control for Remote Connections    Microsoft Corporation    31/08/2013    5.37 MB    15.4.5722.2

µTorrent    BitTorrent Inc.    21/03/2014        3.4.0.30660

 

Run these scans after posting the Scheduled Tasks and performing the above. It is likely you have adware

on the computer.

 

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#8 Colinito

Colinito
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:42 AM

Posted 27 May 2016 - 05:24 PM

Hello Buddy 215,

 

Apologies, here is the Scheduled Tasks scan result. I shall do the others tomorrow and and post them afterwards, there was a medical emergency here and I have only just returned.

 

Regards,

 

Colinito.

 

 

Yes    Task    Adobe Acrobat Update Task    Adobe Systems Incorporated    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes    Task    Adobe Flash Player Updater    Adobe Systems Incorporated    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes    Task    AVGPCTuneUp_Task_BkGndMaintenance        C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0)
Yes    Task    CCleanerSkipUAC    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes    Task    CreateHardwareScanTask    Flextronics    "C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe" WMI WMIController CreateFirstHWSchedule
Yes    Task    GoogleUpdateTaskMachineCore    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskMachineUA    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    HPCustParticipation HP Deskjet 2050 J510 series    Hewlett-Packard Co.    "C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe" /UA 9.0 /DDV 0x0800
Yes    Task    SidebarExecute    Microsoft Corporation    C:\Program Files\Windows Sidebar\sidebar.exe /addGadget
Yes    Task    {8406E65C-B9D5-43E2-B1D2-DF0697698548}    Microsoft Corporation    C:\Windows\system32\pcalua.exe -a F:\QuickInstall.exe
Yes    Task    {A11E5BE2-3165-471B-A2D4-7947A8B25D7C}    Microsoft Corporation    C:\Windows\system32\pcalua.exe -a C:\Users\Colin\Desktop\vcredist_x64.exe -d C:\Users\Colin\Desktop
Yes    Task    {B1556E5F-BF0D-442D-A33C-6135F39AF96C}        C:\Users\Colin\Desktop\GenuineCheck.exe
Yes    Task    {D1B6978F-3963-42C7-8E2B-8D4A62922718}    Mozilla Corporation    "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/7.2.0.103/en/go/help.faq.installer?LastError=1618
Yes    Task    {F9229828-EE7B-4A62-AD2C-F7A4E25C0F41}    Mozilla Corporation    "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.18.0.106/en/abandoninstall?page=tsMain
 



#9 buddy215

buddy215

  • BC Advisor
  • 12,893 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:42 PM

Posted 27 May 2016 - 08:19 PM

Uninstall AVG    AVG Technologies    19/05/2016        1.61.2.12974

 

Disable these Tasks: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes    Task    Adobe Acrobat Update Task    Adobe Systems Incorporated    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

Yes    Task    AVGPCTuneUp_Task_BkGndMaintenance        C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0) (Might not show after uninstalling 1.61.2.12974)

Yes    Task    CreateHardwareScanTask    Flextronics    "C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe" WMI WMIController CreateFirstHWSchedule
Yes    Task    GoogleUpdateTaskMachineCore    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskMachineUA    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    HPCustParticipation HP Deskjet 2050 J510 series    Hewlett-Packard Co.    "C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe" /UA 9.0 /DDV 0x0800
Yes    Task    SidebarExecute    Microsoft Corporation    C:\Program Files\Windows Sidebar\sidebar.exe /addGadget
Yes    Task    {8406E65C-B9D5-43E2-B1D2-DF0697698548}    Microsoft Corporation    C:\Windows\system32\pcalua.exe -a F:\QuickInstall.exe
Yes    Task    {A11E5BE2-3165-471B-A2D4-7947A8B25D7C}    Microsoft Corporation    C:\Windows\system32\pcalua.exe -a C:\Users\Colin\Desktop\vcredist_x64.exe -d C:\Users\Colin\Desktop

Yes    Task    {B1556E5F-BF0D-442D-A33C-6135F39AF96C}        C:\Users\Colin\Desktop\GenuineCheck.exe

Yes    Task    {D1B6978F-3963-42C7-8E2B-8D4A62922718}    Mozilla Corporation    "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/7.2.0.103/en/go/help.faq.installer?LastError=1618
Yes    Task    {F9229828-EE7B-4A62-AD2C-F7A4E25C0F41}    Mozilla Corporation    "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.18.0.106/en/abandoninstall?page=tsMain


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#10 Colinito

Colinito
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:42 AM

Posted 28 May 2016 - 03:43 AM

Hello Buddy 215,
 
It is Saturday morning - 1000 CET -  and I have found your latest post.
 
You gave instructions in the post dated 9.19 last evening, regarding
Disable these Windows Startups: Use CCleaner by clicking on each item and choosing Disable on the right.
Yes    HKCU:Run    CCleaner Monitoring    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR....etc, and Run these scans after posting the Scheduled Tasks.
 
Do you wish me to complete these tasks before following the instructions contained in your post of 0319 this morning regarding -
 
"Uninstall AVG    AVG Technologies    19/05/2016        1.61.2.12974
 
Disable these Tasks: Use CCleaner by clicking on each item and choosing Disable on the right.
Yes    Task    Adobe Acrobat Update Task    Adobe Systems Incorporated    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"...etc?
 
(For interest, I have now actually uninstalled all the AVG files and I found the Avira Launcher and uninstalled that also.)
 
Regards,
 
Colinito.


#11 buddy215

buddy215

  • BC Advisor
  • 12,893 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:42 PM

Posted 28 May 2016 - 08:32 AM

Best when referring to certain posts to use the Post number in the upper right hand corner. Times you see and I see

are not the same.

 

In brief, once you have completed the Disabling and Uninstalling, run scans using AdwCleaner and Junkware Removal Tool. Post

the results per instructions...thanks.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#12 Colinito

Colinito
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:42 AM

Posted 28 May 2016 - 02:34 PM

With regard to your post #7

 

Couldn’t find the following under Tools / Startup -

Skype Click to Call    Microsoft Corporation    07/05/2016    19.2 MB    8.1.0.9134

Windows Live Essentials    Microsoft Corporation    07/06/2012        15.4.3508.1109

Windows Live Mesh ActiveX Control for Remote Connections    Microsoft Corporation    31/08/2013    5.37 MB    15.4.5722.2

µTorrent    BitTorrent Inc.    21/03/2014        3.4.0.30660

 

After disabling the programmes –

Yes    HKCU:Run    CCleaner Monitoring    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

Yes    HKCU:Run    SUPERAntiSpyware    SUPERAntiSpyware    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

Yes    Startup Common    TMMonitor.lnk    ArcSoft, Inc.    C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe

I found that most of the programmes are now disabled – I attach a copy of the scan – have I done something wrong? If so how may I correct this?

 

No    HKCU:Run    AutoStartNPSAgent    Samsung Electronics Co., Ltd.    C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
No    HKCU:Run    CCleaner Monitoring    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
No    HKCU:Run    Google+ Auto Backup        "C:\Users\Colin\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
No    HKCU:Run    Skype    Skype Technologies S.A.    "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
No    HKCU:Run    SmileboxTray    Smilebox, Inc.    "C:\Users\Colin\AppData\Roaming\Smilebox\SmileboxTray.exe"
No    HKCU:Run    Spotify    Spotify Ltd    "C:\Users\Colin\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
No    HKCU:Run    Spotify Web Helper    Spotify Ltd    "C:\Users\Colin\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
No    HKLM:Run    331BigDog    Vimicro    C:\Program Files (x86)\USB Camera\VM331_STI.EXE
No    HKLM:Run    Adobe ARM    Adobe Systems Incorporated    "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
No    HKLM:Run    ArcSoft Connection Service    ArcSoft    C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
No    HKLM:Run    AvgUi        "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
Yes    HKLM:Run    cAudioFilterAgent    Conexant Systems, Inc.    C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
No    HKLM:Run    Dolby Advanced Audio v2    Dolby Laboratories Inc.    "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
Yes    HKLM:Run    Energy Management    Lenovo (Beijing) Limited    C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
Yes    HKLM:Run    EnergyUtility    Lenovo(beijing) Limited    C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
No    HKLM:Run    Lenovo EE Boot Optimizer    Lenovo    C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
No    HKLM:Run    Lenovo Registration    Lenovo, Inc.    C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
No    HKLM:Run    LockKey         C:\Program Files (x86)\LockKey\LockKey.exe
Yes    HKLM:Run    Malwarebytes Anti-Exploit    Malwarebytes Corporation    C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
No    HKLM:Run    mobilegeni daemon        C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
Yes    HKLM:Run    MSC    Microsoft Corporation    "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
No    HKLM:Run    Nikon Message Center 2    Nikon Corporation    C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
No    HKLM:Run    StartCCC    Advanced Micro Devices, Inc.    "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
No    HKLM:Run    UpdateP2GShortCut    CyberLink Corp.    "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
No    HKLM:Run    UpdatePRCShortCut    CyberLink Corp.    "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
No    HKLM:Run    VeriFaceManager    Lenovo    C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
No    HKLM:Run    YouCam Mirage    CyberLink    "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
No    HKLM:Run    YouCam Tray    CyberLink Corp.    "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
No    Startup Common    Bluetooth.lnk    Broadcom Corporation.    C:\PROGRA~1\Lenovo\BLUETO~1\BTTray.exe
Yes    Startup Common    Remote Control.lnk        C:\Program Files (x86)\SVEON Multimedia\STV27 Utilities\RTLRCtl.exe
No    Startup Common    TMMonitor.lnk    ArcSoft, Inc.    C:\PROGRA~2\ArcSoft\TOTALM~1.5\TMMONI~1.EXE
 



#13 buddy215

buddy215

  • BC Advisor
  • 12,893 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:42 PM

Posted 28 May 2016 - 03:31 PM

Have you Disabled the Tasks I listed? I only ask that because you didn't mention it.

 

Please run the two scans....AdwCleaner and Junkware Removal Tool...post the results per the instructions for each in

my post # 7.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#14 Colinito

Colinito
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:42 AM

Posted 28 May 2016 - 04:33 PM

Hello Buddy 215,

 

As I mentioned in my post No.12, I disabled what I was able to disable, but there were some that you advised me to disable that I could not find.

I tried to shut dowen my protection software but was only able to disable SupertAntiSpyware. I could not disable either Malwarebytes free or Microspft Security, so I took a chance and did both scans.

I copy and paste their respective results here.

 

# AdwCleaner v5.118 - Logfile created 28/05/2016 at 22:58:41
# Updated 23/05/2016 by Xplode
# Database : 2016-05-26.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Colin - COLIN-PC
# Running from : C:\Users\Colin\Desktop\AdwCleaner.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\myfree codec
[-] Folder Deleted : C:\Program Files (x86)\Common Files\Speedbit

***** [ Files ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\mobilegeni daemon
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ExpatSrv
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ExpatWd

***** [ Web browsers ] *****

[-] [C:\Users\Colin\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : yahoo.com Search

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1373 bytes] - [28/05/2016 22:58:41]
C:\AdwCleaner\AdwCleaner[R0].txt - [2458 bytes] - [28/11/2013 12:19:27]
C:\AdwCleaner\AdwCleaner[R1].txt - [4165 bytes] - [07/08/2015 10:08:30]
C:\AdwCleaner\AdwCleaner[S0].txt - [2209 bytes] - [28/11/2013 12:22:26]
C:\AdwCleaner\AdwCleaner[S1].txt - [5498 bytes] - [07/08/2015 10:13:51]
C:\AdwCleaner\AdwCleaner[S2].txt - [1690 bytes] - [28/05/2016 22:51:43]
C:\AdwCleaner\AdwCleaner[S3].txt - [1763 bytes] - [28/05/2016 22:57:01]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1884 bytes] ##########
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Home Premium x64
Ran by Colin (Administrator) on 28/05/2016 at 23:17:14.03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 18

Successfully deleted: C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\9y8hqq7f.default\extensions\newtabtools@darktrojan.net.xpi (File)
Successfully deleted: C:\Users\Colin\AppData\Roaming\Mozilla\Firefox\Profiles\9y8hqq7f.default\user.js (File)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6T8OZGGO (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7VQH3OZN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJRSBXM8 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Colin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SFMXBFGP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6T8OZGGO (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7VQH3OZN (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HJRSBXM8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SFMXBFGP (Temporary Internet Files Folder)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28/05/2016 at 23:24:24.43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

Thank you

 

Colinito.



#15 buddy215

buddy215

  • BC Advisor
  • 12,893 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:42 PM

Posted 28 May 2016 - 05:55 PM

Has what you have done helped any with the problem you were experiencing?

If the answer is still having problems....run two more scans as the last two did find and remove some junk.

 

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
  • Click the Remove Selected button.
  • MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR  REVIEW.

 

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users