Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

computer running painfully slow [Solved]

Started by gmcube , Feb 28 2014 11:54 PM

  • This topic is locked This topic is locked

#31
gmcube
Posted 07 March 2014 - 08:32 PM

gmcube

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 176 posts
I'm not entirely sure I have the right mbam log, there are several listed.

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.03.07.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Tonya :: TONYA-PC [administrator]

Protection: Enabled

3/7/2014 6:17:36 PM
mbam-log-2014-03-07 (18-17-36).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 220208
Time elapsed: 7 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKCU\Software\AppDataLow\Software\Savings Bull (PUP.Optional.SavingsBull.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\SEARCHPROTECTINT (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\SavingsbullFilter (PUP.Optional.SavingsBull.A) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\Software\SearchProtectINT|Install (PUP.Optional.SearchProtect.A) -> Data: 1 -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Tonya\Downloads\Adobe_Flash.exe (PUP.Optional.Outbrowse) -> Quarantined and deleted successfully.

(end)






ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a15cc1f4d0b03a418fdb31fac18a81a6
# engine=17289
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-03-03 09:05:57
# local_time=2014-03-03 04:05:57 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1043 16777213 100 87 0 80028341 0 0
# compatibility_mode=5893 16776574 100 94 19355320 145381007 0 0
# scanned=223150
# found=19
# cleaned=0
# scan_time=8800
sh=CA248F6B8BAB3D74DF178518F23AACBFFE96C0FF ft=1 fh=ff147e3ab0aab30a vn="Win32/TrojanDownloader.Zortob.F trojan" ac=I fn="C:\FRST\Quarantine\fbtdmgtk.exe02-03-2014_17-33-37"
sh=BDCDE0039CC1843FC092456A34C2C67F06F4F6C4 ft=1 fh=aa79b23cba164300 vn="Win32/Injector.AYUU trojan" ac=I fn="C:\FRST\Quarantine\icppaxrj.exe02-03-2014_17-33-43"
sh=BDCDE0039CC1843FC092456A34C2C67F06F4F6C4 ft=1 fh=aa79b23cba164300 vn="Win32/Injector.AYUU trojan" ac=I fn="C:\FRST\Quarantine\incjxaph.exe02-03-2014_17-33-45"
sh=38F70B055DA68396D8D7BF3F0DDB45B0D1E40F2D ft=1 fh=8796bfdd1863d02d vn="a variant of Win32/Injector.AYES trojan" ac=I fn="C:\FRST\Quarantine\kjudtmpn.exe02-03-2014_17-33-47"
sh=7AE6AF194181409CE3BAAC29AC87ACCCF96356F1 ft=1 fh=f42213fdedce7160 vn="a variant of Win32/Wajam.F potentially unwanted application" ac=I fn="C:\FRST\Quarantine\Video_Converter_TSV2382ZX.exe02-03-2014_17-33-50"
sh=18F5DBBEEC487515314106A13B6FACB16FB27E4C ft=1 fh=ff147e3afb8fd20c vn="a variant of Win32/Kryptik.BVKP trojan" ac=I fn="C:\FRST\Quarantine\xgmuxkgb.exe02-03-2014_17-33-39"
sh=8751D16071C4E65C93D9F9631BD788BFD9C36644 ft=1 fh=c70610e421d5bbdf vn="a variant of Win32/Toolbar.MyWebSearch.W potentially unwanted application" ac=I fn="C:\FRST\Quarantine\RadioRage_4j02-03-2014_17-33-32\bar\1.bin\4jbar.dll"
sh=0F78FE90AF015B0A511EDE007BD1791A341E891E ft=1 fh=d4fd6df3b7cf992d vn="Win32/Toolbar.MyWebSearch.W potentially unwanted application" ac=I fn="C:\FRST\Quarantine\RadioRage_4j02-03-2014_17-33-32\bar\1.bin\4jbrmon.exe"
sh=374E378A91209732B48C8416D1E9805E98FDCFA9 ft=1 fh=6da58ad1308c1c96 vn="Win64/Toolbar.MyWebSearch.A potentially unwanted application" ac=I fn="C:\FRST\Quarantine\RadioRage_4j02-03-2014_17-33-32\bar\1.bin\AppIntegratorStub64.dll"
sh=3D7CD376DFDB97512A376E85FBB7F04344C051B6 ft=1 fh=e0ed2601e18686d8 vn="Win64/Toolbar.MyWebSearch.A potentially unwanted application" ac=I fn="C:\FRST\Quarantine\RadioRage_4j02-03-2014_17-33-32\bar\1.bin\Hpg64.dll"
sh=0F97FB08E6FC4500F86E64D3285C171C6462BD61 ft=1 fh=acbbffe185c36761 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Tonya\Downloads\ccsetup410.exe"
sh=D6017D77664585F90D404A444351996AB953C11F ft=1 fh=a8042a05c167d9b1 vn="a variant of Win32/AdInstaller potentially unwanted application" ac=I fn="C:\Users\Tonya\Downloads\CouponAlert.exe"
sh=B794727FD00DE9D98B8DBD000D0D8D522E6BC314 ft=1 fh=37df74da43563a86 vn="Win32/AdInstaller potentially unwanted application" ac=I fn="C:\Users\Tonya\Downloads\MyFunCards(2).exe"
sh=B794727FD00DE9D98B8DBD000D0D8D522E6BC314 ft=1 fh=37df74da43563a86 vn="Win32/AdInstaller potentially unwanted application" ac=I fn="C:\Users\Tonya\Downloads\MyFunCards.exe"
sh=39EC0A716440469F45F25447DD6D2961AD3FE45B ft=0 fh=0000000000000000 vn="a variant of Win32/Kryptik.BVUB trojan" ac=I fn="C:\Users\Tonya\Downloads\Record_Milford_(302)4587378.zip"
sh=CB20DFD703B61B9470BBB3B1BE157D47A8C0849A ft=1 fh=63788d9fe9c2f077 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Tonya\Downloads\Shockwave_Installer_Slim.exe"
sh=C5DDCD82C8258716E8C81A5CF34B9843DAA66A62 ft=1 fh=d361263e103ce75a vn="a variant of Win32/AdInstaller potentially unwanted application" ac=I fn="C:\Users\Tonya\Downloads\Webfetti.exe"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Windows\System32\Adobe\Shockwave 12\gt.exe"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a15cc1f4d0b03a418fdb31fac18a81a6
# engine=17364
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-03-08 02:22:03
# local_time=2014-03-07 09:22:03 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 19763086 145788773 0 0
# scanned=204472
# found=16
# cleaned=0
# scan_time=9339
sh=123041555D1636D53F2A484789A866C88E47C6FF ft=1 fh=15f8eda88615b937 vn="a variant of Win32/Injector.AYUE trojan" ac=I fn="C:\FRST\Quarantine\ajcpvvoe.exe06-03-2014_22-35-15"
sh=123041555D1636D53F2A484789A866C88E47C6FF ft=1 fh=15f8eda88615b937 vn="a variant of Win32/Injector.AYUE trojan" ac=I fn="C:\FRST\Quarantine\bfmelspa.exe06-03-2014_22-35-14"
sh=D1679F1D38A78ACCC9AF0395231845B050780D68 ft=1 fh=8843105b30913fde vn="Win32/Injector.AYTR trojan" ac=I fn="C:\FRST\Quarantine\fqicqolt.exe06-03-2014_22-35-09"
sh=123041555D1636D53F2A484789A866C88E47C6FF ft=1 fh=15f8eda88615b937 vn="a variant of Win32/Injector.AYUE trojan" ac=I fn="C:\FRST\Quarantine\gamnbprj.exe06-03-2014_22-35-13"
sh=109A8FD01A5971B6A40082433364D2BBD87DB586 ft=1 fh=bfa7679ea14c60ef vn="a variant of Win32/Injector.AZDB trojan" ac=I fn="C:\FRST\Quarantine\jgudehox.exe06-03-2014_22-35-13"
sh=109A8FD01A5971B6A40082433364D2BBD87DB586 ft=1 fh=bfa7679ea14c60ef vn="a variant of Win32/Injector.AZDB trojan" ac=I fn="C:\FRST\Quarantine\nglscrjo.exe06-03-2014_22-35-12"
sh=109A8FD01A5971B6A40082433364D2BBD87DB586 ft=1 fh=bfa7679ea14c60ef vn="a variant of Win32/Injector.AZDB trojan" ac=I fn="C:\FRST\Quarantine\nvqtgrgj.exe06-03-2014_22-35-11"
sh=D1679F1D38A78ACCC9AF0395231845B050780D68 ft=1 fh=8843105b30913fde vn="Win32/Injector.AYTR trojan" ac=I fn="C:\FRST\Quarantine\oeuehmkg.exe06-03-2014_22-35-08"
sh=D1679F1D38A78ACCC9AF0395231845B050780D68 ft=1 fh=8843105b30913fde vn="Win32/Injector.AYTR trojan" ac=I fn="C:\FRST\Quarantine\prcswgxt.exe06-03-2014_22-35-07"
sh=109A8FD01A5971B6A40082433364D2BBD87DB586 ft=1 fh=bfa7679ea14c60ef vn="a variant of Win32/Injector.AZDB trojan" ac=I fn="C:\FRST\Quarantine\puqhghcs.exe06-03-2014_22-35-10"
sh=109A8FD01A5971B6A40082433364D2BBD87DB586 ft=1 fh=bfa7679ea14c60ef vn="a variant of Win32/Injector.AZDB trojan" ac=I fn="C:\FRST\Quarantine\skhfbkcm.exe06-03-2014_22-35-10"
sh=D1679F1D38A78ACCC9AF0395231845B050780D68 ft=1 fh=8843105b30913fde vn="Win32/Injector.AYTR trojan" ac=I fn="C:\FRST\Quarantine\xdfmjlwf.exe06-03-2014_22-35-06"
sh=80DC1B8044FE7F2BC57777F9559C5050B1DF5736 ft=1 fh=3a2e66d2f7d1673f vn="a variant of Win32/AdWare.Adpeak.D application" ac=I fn="C:\FRST\Quarantine\Level Quality Watcher06-03-2014_22-35-06\v1.01\levelqualitywatcher32.exe"
sh=408E4906C3F215C0E44282D24B340DAF03D014A4 ft=1 fh=94d81bcdb603e2f9 vn="a variant of Win64/Adware.Adpeak.C application" ac=I fn="C:\FRST\Quarantine\Level Quality Watcher06-03-2014_22-35-06\v1.01\levelqualitywatcher64.exe"
sh=6205DDE47C041E3B67EFC540F89F24344835EE11 ft=0 fh=0000000000000000 vn="Win32/AdWare.Adpeak.B application" ac=I fn="C:\temp\t.msi"
sh=C662A89E2318810A6012EF702A9C39F6E0AC3B36 ft=1 fh=e8789dd77b481b56 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Tonya\Downloads\ccsetup411.exe"
  • 0

Advertisements

#32
pystryker
Posted 07 March 2014 - 08:42 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
The MBAM log is right, but the ESET log is from the earlier scan. We've already removed those threats. Let's do this: Go into this directory C:\Program Files(x86)\ESET\EsetOnlineScanner and delete all the logs in there. Then re-run the ESET scan and we'll have a fresh log. :thumbsup:
  • 0

#33
gmcube
Posted 07 March 2014 - 11:44 PM

gmcube

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 176 posts
Ok, trying this again.

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a15cc1f4d0b03a418fdb31fac18a81a6
# engine=17364
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-03-08 05:15:36
# local_time=2014-03-08 12:15:36 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 19773499 145799186 0 0
# scanned=204486
# found=16
# cleaned=0
# scan_time=8351
sh=123041555D1636D53F2A484789A866C88E47C6FF ft=1 fh=15f8eda88615b937 vn="a variant of Win32/Injector.AYUE trojan" ac=I fn="C:\FRST\Quarantine\ajcpvvoe.exe06-03-2014_22-35-15"
sh=123041555D1636D53F2A484789A866C88E47C6FF ft=1 fh=15f8eda88615b937 vn="a variant of Win32/Injector.AYUE trojan" ac=I fn="C:\FRST\Quarantine\bfmelspa.exe06-03-2014_22-35-14"
sh=D1679F1D38A78ACCC9AF0395231845B050780D68 ft=1 fh=8843105b30913fde vn="Win32/Injector.AYTR trojan" ac=I fn="C:\FRST\Quarantine\fqicqolt.exe06-03-2014_22-35-09"
sh=123041555D1636D53F2A484789A866C88E47C6FF ft=1 fh=15f8eda88615b937 vn="a variant of Win32/Injector.AYUE trojan" ac=I fn="C:\FRST\Quarantine\gamnbprj.exe06-03-2014_22-35-13"
sh=109A8FD01A5971B6A40082433364D2BBD87DB586 ft=1 fh=bfa7679ea14c60ef vn="a variant of Win32/Injector.AZDB trojan" ac=I fn="C:\FRST\Quarantine\jgudehox.exe06-03-2014_22-35-13"
sh=109A8FD01A5971B6A40082433364D2BBD87DB586 ft=1 fh=bfa7679ea14c60ef vn="a variant of Win32/Injector.AZDB trojan" ac=I fn="C:\FRST\Quarantine\nglscrjo.exe06-03-2014_22-35-12"
sh=109A8FD01A5971B6A40082433364D2BBD87DB586 ft=1 fh=bfa7679ea14c60ef vn="a variant of Win32/Injector.AZDB trojan" ac=I fn="C:\FRST\Quarantine\nvqtgrgj.exe06-03-2014_22-35-11"
sh=D1679F1D38A78ACCC9AF0395231845B050780D68 ft=1 fh=8843105b30913fde vn="Win32/Injector.AYTR trojan" ac=I fn="C:\FRST\Quarantine\oeuehmkg.exe06-03-2014_22-35-08"
sh=D1679F1D38A78ACCC9AF0395231845B050780D68 ft=1 fh=8843105b30913fde vn="Win32/Injector.AYTR trojan" ac=I fn="C:\FRST\Quarantine\prcswgxt.exe06-03-2014_22-35-07"
sh=109A8FD01A5971B6A40082433364D2BBD87DB586 ft=1 fh=bfa7679ea14c60ef vn="a variant of Win32/Injector.AZDB trojan" ac=I fn="C:\FRST\Quarantine\puqhghcs.exe06-03-2014_22-35-10"
sh=109A8FD01A5971B6A40082433364D2BBD87DB586 ft=1 fh=bfa7679ea14c60ef vn="a variant of Win32/Injector.AZDB trojan" ac=I fn="C:\FRST\Quarantine\skhfbkcm.exe06-03-2014_22-35-10"
sh=D1679F1D38A78ACCC9AF0395231845B050780D68 ft=1 fh=8843105b30913fde vn="Win32/Injector.AYTR trojan" ac=I fn="C:\FRST\Quarantine\xdfmjlwf.exe06-03-2014_22-35-06"
sh=80DC1B8044FE7F2BC57777F9559C5050B1DF5736 ft=1 fh=3a2e66d2f7d1673f vn="a variant of Win32/AdWare.Adpeak.D application" ac=I fn="C:\FRST\Quarantine\Level Quality Watcher06-03-2014_22-35-06\v1.01\levelqualitywatcher32.exe"
sh=408E4906C3F215C0E44282D24B340DAF03D014A4 ft=1 fh=94d81bcdb603e2f9 vn="a variant of Win64/Adware.Adpeak.C application" ac=I fn="C:\FRST\Quarantine\Level Quality Watcher06-03-2014_22-35-06\v1.01\levelqualitywatcher64.exe"
sh=6205DDE47C041E3B67EFC540F89F24344835EE11 ft=0 fh=0000000000000000 vn="Win32/AdWare.Adpeak.B application" ac=I fn="C:\temp\t.msi"
sh=C662A89E2318810A6012EF702A9C39F6E0AC3B36 ft=1 fh=e8789dd77b481b56 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Tonya\Downloads\ccsetup411.exe"


Edit: crap, looks like I didn't disable AGV. Fresh log.


ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a15cc1f4d0b03a418fdb31fac18a81a6
# engine=17364
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-03-08 08:24:59
# local_time=2014-03-08 03:24:59 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 19784862 145810549 0 0
# scanned=204506
# found=16
# cleaned=0
# scan_time=8062
sh=123041555D1636D53F2A484789A866C88E47C6FF ft=1 fh=15f8eda88615b937 vn="a variant of Win32/Injector.AYUE trojan" ac=I fn="C:\FRST\Quarantine\ajcpvvoe.exe06-03-2014_22-35-15"
sh=123041555D1636D53F2A484789A866C88E47C6FF ft=1 fh=15f8eda88615b937 vn="a variant of Win32/Injector.AYUE trojan" ac=I fn="C:\FRST\Quarantine\bfmelspa.exe06-03-2014_22-35-14"
sh=D1679F1D38A78ACCC9AF0395231845B050780D68 ft=1 fh=8843105b30913fde vn="Win32/Injector.AYTR trojan" ac=I fn="C:\FRST\Quarantine\fqicqolt.exe06-03-2014_22-35-09"
sh=123041555D1636D53F2A484789A866C88E47C6FF ft=1 fh=15f8eda88615b937 vn="a variant of Win32/Injector.AYUE trojan" ac=I fn="C:\FRST\Quarantine\gamnbprj.exe06-03-2014_22-35-13"
sh=109A8FD01A5971B6A40082433364D2BBD87DB586 ft=1 fh=bfa7679ea14c60ef vn="a variant of Win32/Injector.AZDB trojan" ac=I fn="C:\FRST\Quarantine\jgudehox.exe06-03-2014_22-35-13"
sh=109A8FD01A5971B6A40082433364D2BBD87DB586 ft=1 fh=bfa7679ea14c60ef vn="a variant of Win32/Injector.AZDB trojan" ac=I fn="C:\FRST\Quarantine\nglscrjo.exe06-03-2014_22-35-12"
sh=109A8FD01A5971B6A40082433364D2BBD87DB586 ft=1 fh=bfa7679ea14c60ef vn="a variant of Win32/Injector.AZDB trojan" ac=I fn="C:\FRST\Quarantine\nvqtgrgj.exe06-03-2014_22-35-11"
sh=D1679F1D38A78ACCC9AF0395231845B050780D68 ft=1 fh=8843105b30913fde vn="Win32/Injector.AYTR trojan" ac=I fn="C:\FRST\Quarantine\oeuehmkg.exe06-03-2014_22-35-08"
sh=D1679F1D38A78ACCC9AF0395231845B050780D68 ft=1 fh=8843105b30913fde vn="Win32/Injector.AYTR trojan" ac=I fn="C:\FRST\Quarantine\prcswgxt.exe06-03-2014_22-35-07"
sh=109A8FD01A5971B6A40082433364D2BBD87DB586 ft=1 fh=bfa7679ea14c60ef vn="a variant of Win32/Injector.AZDB trojan" ac=I fn="C:\FRST\Quarantine\puqhghcs.exe06-03-2014_22-35-10"
sh=109A8FD01A5971B6A40082433364D2BBD87DB586 ft=1 fh=bfa7679ea14c60ef vn="a variant of Win32/Injector.AZDB trojan" ac=I fn="C:\FRST\Quarantine\skhfbkcm.exe06-03-2014_22-35-10"
sh=D1679F1D38A78ACCC9AF0395231845B050780D68 ft=1 fh=8843105b30913fde vn="Win32/Injector.AYTR trojan" ac=I fn="C:\FRST\Quarantine\xdfmjlwf.exe06-03-2014_22-35-06"
sh=80DC1B8044FE7F2BC57777F9559C5050B1DF5736 ft=1 fh=3a2e66d2f7d1673f vn="a variant of Win32/AdWare.Adpeak.D application" ac=I fn="C:\FRST\Quarantine\Level Quality Watcher06-03-2014_22-35-06\v1.01\levelqualitywatcher32.exe"
sh=408E4906C3F215C0E44282D24B340DAF03D014A4 ft=1 fh=94d81bcdb603e2f9 vn="a variant of Win64/Adware.Adpeak.C application" ac=I fn="C:\FRST\Quarantine\Level Quality Watcher06-03-2014_22-35-06\v1.01\levelqualitywatcher64.exe"
sh=6205DDE47C041E3B67EFC540F89F24344835EE11 ft=0 fh=0000000000000000 vn="Win32/AdWare.Adpeak.B application" ac=I fn="C:\temp\t.msi"
sh=C662A89E2318810A6012EF702A9C39F6E0AC3B36 ft=1 fh=e8789dd77b481b56 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Tonya\Downloads\ccsetup411.exe"

Edited by gmcube, 08 March 2014 - 02:27 AM.

  • 0

#34
pystryker
Posted 08 March 2014 - 06:26 AM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Looks good, I only see a couple of things that need to be removed. :thumbsup: Let's get rid of them and clean out the temp files.




Step 1: FRST Fix


  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

Start
C:\temp\t.msi
C:\Users\Tonya\Downloads\ccsetup411.exe
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Step 2: Temporary File Cleaner


Download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.


Things I need to see in your next post:

FRST Fix Log
  • 0

#35
gmcube
Posted 08 March 2014 - 04:55 PM

gmcube

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 176 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-03-2014
Ran by Tonya at 2014-03-08 17:46:50 Run:2
Running from C:\Users\Tonya\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
C:\temp\t.msi
C:\Users\Tonya\Downloads\ccsetup411.exe
End
*****************

C:\temp\t.msi => Moved successfully.
C:\Users\Tonya\Downloads\ccsetup411.exe => Moved successfully.

==== End of Fixlog ====
  • 0

#36
pystryker
Posted 08 March 2014 - 05:33 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Hello :)

Great news, your logs are CLEAN! :thumbsup: :) That last fix did the trick. :)


  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    Posted Image
  • Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply

  • You can uninstall ESET Online Scanner at this time.
  • I'd recommend keeping Malwarebytes Anti-Malware installed. Make sure to update it and run it at least once a week.

Any further remaining issues I can assist you with?
  • 0

#37
gmcube
Posted 08 March 2014 - 06:04 PM

gmcube

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 176 posts
I guess that should do it if I really am clean this time.

Here's that log.


# DelFix v10.6 - Logfile created 08/03/2014 at 18:55:44
# Updated 11/11/2013 by Xplode
# Username : Tonya - TONYA-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Tonya\Desktop\adwcleaner.exe
Deleted : C:\Users\Tonya\Desktop\Fixlog.txt
Deleted : C:\Users\Tonya\Desktop\Fixlogsave.txt
Deleted : C:\Users\Tonya\Desktop\FRST.txt
Deleted : C:\Users\Tonya\Desktop\FRST64.exe
Deleted : C:\Users\Tonya\Desktop\JRT.exe
Deleted : C:\Users\Tonya\Desktop\JRT.txt
Deleted : C:\Users\Tonya\Desktop\TFC.exe
Deleted : C:\Users\Tonya\Downloads\Addition.txt
Deleted : C:\Users\Tonya\Downloads\esetsmartinstaller_enu(1).exe
Deleted : C:\Users\Tonya\Downloads\esetsmartinstaller_enu.exe
Deleted : C:\Users\Tonya\Downloads\FRST.exe
Deleted : C:\Users\Tonya\Downloads\FRST.txt
Deleted : C:\Users\Tonya\Downloads\TFC (1).exe
Deleted : C:\Users\Tonya\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #238 [End of disinfection | 03/06/2014 01:47:10]
Deleted : RP #239 [Installed AVG 2014 | 03/07/2014 01:39:43]
Deleted : RP #240 [Installed AVG 2014 | 03/07/2014 01:41:19]
Deleted : RP #241 [Installed Java 7 Update 51 (64-bit) | 03/07/2014 02:44:58]

New restore point created !

########## - EOF - ##########



Thanks again. :)
  • 0

#38
pystryker
Posted 08 March 2014 - 06:05 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts

Thanks again. :)


You're very much welcome :) If you need us again, don't hesitate to come back. :thumbsup:
  • 0

#39
pystryker
Posted 08 March 2014 - 10:09 PM

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP