Jump to content


Photo

virus infected daughter's computer


  • This topic is locked This topic is locked
27 replies to this topic

#1 woodshopfun

woodshopfun

    Member

  • Members
  • Pip
  • 29 posts

Posted 01 December 2013 - 08:18 PM

Not sure what all is not good, my daughter tried to download the generic Office, and said her computer isn't working correctly now.



#2 flashh4

flashh4

    UberTechie

  • Moderator
  • 1584 posts
  • Location:Wyoming
  • Operating System:W7 on 1 & W8.1 on 1

Posted 01 December 2013 - 08:38 PM

Howdy woodshopfun and welcome to BestTechie !!!  

My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your daughters computer.

Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !!

If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!
Do Not Remove anything or run any tools/programs until advised to do so !

Perform all actions in the order given.

Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up !  

Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections.  

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.  


===================================


AdwCleaner
       
Please download adwcleaner by Xplode onto your desktop.
Double click on AdwCleaner.exe to run the tool again.
       Windows XP : Double click on the icon to run it.

       Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

    *Click on the Scan button.
    *AdwCleaner will begin to scan your computer like it did before.
    *After the scan has finished .......
    
    This time, click on the Clean button.
    
    *Press OK when asked to close all programs and follow the onscreen prompts.
    *Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    *After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
    *Copy and paste the contents of that logfile in your next reply.
    *A copy of that logfile will also be saved in the C:\AdwCleaner folder.



NEXT

thisisujrt-1.gif
    Please download Junkware Removal Tool and save to your desk top.

    Shut down your protection software now to avoid potential conflicts.

    * Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    * The tool will open and start scanning your system.
    * Please be patient as this can take a while to complete depending on your system's specifications.
    * On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    * Post the contents of JRT.txt into your next reply !

Re-Boot your computer now !!


NEXT


MALWAREBYTES with Pics:

Please download Malwarebytes' Anti-Malware to your desktop.


    * Double-click  mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to  Update Malwarebytes' Anti-Malware and  Launch Malwarebytes' Anti-Malware, then click  Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select  Perform quick scan, then click Scan.

mbam-1.jpg


When the scan is complete, click  OK, then  Show Results to view the results.

scan-finished.jpg

    *  Then click  Remove Selected .
    * When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
    * Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
    Or via the Logs tab when the application is started.



Please don't attach the scans / logs, use "copy/paste".


Post next:
1. AdwCleaner Log
2. Junkware Removal Log
3. Malwarebytes log

 

Thanks
Chuck
 



#3 woodshopfun

woodshopfun

    Member

  • Members
  • Pip
  • 29 posts

Posted 01 December 2013 - 10:22 PM

# AdwCleaner v3.014 - Report created 01/12/2013 at 19:28:50
# Updated 01/12/2013 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Kristi - JENSEN
# Running from : C:\Users\Kristi\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : DefaultTabUpdate

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Iminent
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\Iminent
Folder Deleted : C:\Program Files (x86)\Movdap
Folder Deleted : C:\Program Files (x86)\LyricsParty-1
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Kristi\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Kristi\AppData\Local\DefineExt
Folder Deleted : C:\Users\Kristi\AppData\Local\Temp\AirInstaller
Folder Deleted : C:\Users\Kristi\AppData\Local\Temp\Iminent
Folder Deleted : C:\Users\Kristi\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Kristi\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Kristi\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Kristi\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Kristi\AppData\Roaming\Iminent
Folder Deleted : C:\Users\Kristi\AppData\Roaming\Movdap
Folder Deleted : C:\Users\Kristi\AppData\Roaming\Mozilla\Firefox\Profiles\8cd4ocyk.default\Extensions\[email protected]f2f1ac42.com
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\StartWeb.xml
File Deleted : C:\Users\Kristi\AppData\Roaming\Mozilla\Firefox\Profiles\8cd4ocyk.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\968bd9b738e917
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v24.0 (en-US)

[ File : C:\Users\Kristi\AppData\Roaming\Mozilla\Firefox\Profiles\8cd4ocyk.default\prefs.js ]

Line Deleted : user_pref("browser.search.order.1", "Delta Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Delta Search");

*************************

AdwCleaner[R0].txt - [7588 octets] - [01/12/2013 19:23:26]
AdwCleaner[S0].txt - [7087 octets] - [01/12/2013 19:28:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7147 octets] ##########

#4 flashh4

flashh4

    UberTechie

  • Moderator
  • 1584 posts
  • Location:Wyoming
  • Operating System:W7 on 1 & W8.1 on 1

Posted 01 December 2013 - 10:54 PM

Good start woods, it should clean up pretty good when we are done !!

 

Post other logs when you get them !

 

Thanks

Chuck



#5 woodshopfun

woodshopfun

    Member

  • Members
  • Pip
  • 29 posts

Posted 02 December 2013 - 12:33 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8 x64
Ran by Kristi on Sun 12/01/2013 at 21:20:33.13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-731434280-73576831-2629088662-1002\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3DFDE1BC-B865-4085-8FEC-BC7E80203BB5}

 

~~~ Files

 

~~~ Folders

 

~~~ FireFox

Successfully deleted: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]"
Successfully deleted: [Folder] C:\Users\Kristi\AppData\Roaming\mozilla\firefox\profiles\8cd4ocyk.default\extensions\[email protected]

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 12/01/2013 at 21:46:49.10
End of JRT log



#6 flashh4

flashh4

    UberTechie

  • Moderator
  • 1584 posts
  • Location:Wyoming
  • Operating System:W7 on 1 & W8.1 on 1

Posted 02 December 2013 - 08:08 AM

Woods, send the Malwarebytes log when you get time !

 

Then i need you to run these AFTER the Malwarebytes log is posted !

 

Security Check

Please download and save SecurityCheck.exe to your Desktop from one of the links below.

Link 1 >>> http://screen317.spy...curityCheck.exe.

Link 2 >>> http://screen317.cha...curityCheck.exe

    * Double click SecurityCheck.exe and follow the onscreen instructions inside the black box.
    * A Notepad document should open automatically called checkup.txt
    * Please post the contents of that document in your next reply.

 

 

 

 

 

NEXT

 

 

 

 

Download DDS and save it to your Desktop.  >>> DDS


    Double click dds.scr to run the tool.
    If using Vista or Windows 7 you will be prompted by UAC, please allow the prompt.
    DDS will now scan your computer.
    When the scan is complete, DDS will open two (2) logs:
        DDS.txt
        Attach.txt
    If not saved these logs will be automatically deleted when closed, so save both to your Desktop.
    Please note it is important that you post BOTH logs in your topic.


Please note: DDS will ask you to attach the second log (Attach.txt), please ignore this notice and post the log instead.


Any problems downloading or running DDS.scr, try THIS alternate (DDS.com) version of DDS http://download.blee...om/sUBs/dds.com
 

 

 

 

 

NEXT

 

 

 

 

 

Download OldTimer to your desk top !
Links: http://oldtimer.geekstogo.com/OTL.com http://oldtimer.geekstogo.com/OTL.scr  
 
If you already have a copy of OTL delete it and use this version.  (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).

* Double click OTL.exe to launch the program.
* Check the following.

o Scan all users.
o Standard Output. o Lop check.
o Purity check. oExtra Registry > Use SafeList  

* Under Extra Registry section, select Use SafeList
* Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
* When finished it will produce two logs.

o OTL.txt (open on your desktop).
o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL.

* Please post me both logs. This may have to be broken into more than one post !   


 

Post next:

1. Malwarebytes log

2. SecurityCheck log

3. DDS log(s)

4. OTL log

 

 

Thank Ya !

Chuck



#7 flashh4

flashh4

    UberTechie

  • Moderator
  • 1584 posts
  • Location:Wyoming
  • Operating System:W7 on 1 & W8.1 on 1

Posted 05 December 2013 - 06:35 PM

Woods are you still in need of help ??

 

Chuck



#8 flashh4

flashh4

    UberTechie

  • Moderator
  • 1584 posts
  • Location:Wyoming
  • Operating System:W7 on 1 & W8.1 on 1

Posted 06 December 2013 - 11:33 PM

No reply for 5 days ! I will close this topic, if you need it re-opened please PM me or another Mod !

 

Thanks

Chuck



#9 flashh4

flashh4

    UberTechie

  • Moderator
  • 1584 posts
  • Location:Wyoming
  • Operating System:W7 on 1 & W8.1 on 1

Posted 07 December 2013 - 10:45 AM

I have unlocked this by request !!!

 

Chuck



#10 woodshopfun

woodshopfun

    Member

  • Members
  • Pip
  • 29 posts

Posted 07 December 2013 - 11:15 AM

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.07.04

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16736
Kristi :: JENSEN [administrator]

Protection: Enabled

12/7/2013 8:50:28 AM
mbam-log-2013-12-07 (08-50-28).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 209144
Time elapsed: 10 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 14
C:\Users\Kristi\AppData\Local\Temp\5EF2F933-BAB0-7891-B8E1-EA8BC25F9AAB\Setup.exe (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Kristi\AppData\Local\Temp\5EF2F933-BAB0-7891-B8E1-EA8BC25F9AAB\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Kristi\AppData\Local\Temp\5EF2F933-BAB0-7891-B8E1-EA8BC25F9AAB\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Kristi\AppData\Local\Temp\5EF2F933-BAB0-7891-B8E1-EA8BC25F9AAB\Latest\BUSolution.dll (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully.
C:\Users\Kristi\AppData\Local\Temp\5EF2F933-BAB0-7891-B8E1-EA8BC25F9AAB\Latest\ccp.exe (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Kristi\AppData\Local\Temp\5EF2F933-BAB0-7891-B8E1-EA8BC25F9AAB\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Kristi\AppData\Local\Temp\5EF2F933-BAB0-7891-B8E1-EA8BC25F9AAB\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Kristi\AppData\Local\Temp\5EF2F933-BAB0-7891-B8E1-EA8BC25F9AAB\Latest\MyDeltaTB.exe (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
C:\Users\Kristi\AppData\Local\Temp\5EF2F933-BAB0-7891-B8E1-EA8BC25F9AAB\Latest\NTRedirect.dll (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Kristi\AppData\Local\Temp\5EF2F933-BAB0-7891-B8E1-EA8BC25F9AAB\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Kristi\AppData\Local\Temp\is1275519350\DefaultTabSetup.exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\Kristi\AppData\Local\Temp\is1275519350\DeltaTB.exe (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
C:\Users\Kristi\AppData\Local\Temp\is1275519350\safe-saver.exe (PUP.Optional.CrossRider) -> Quarantined and deleted successfully.
C:\Users\Kristi\AppData\Local\Temp\is1275519350\wajam_validate.exe (PUP.Optional.Wajam.A) -> Quarantined and deleted successfully.

(end)



#11 flashh4

flashh4

    UberTechie

  • Moderator
  • 1584 posts
  • Location:Wyoming
  • Operating System:W7 on 1 & W8.1 on 1

Posted 07 December 2013 - 11:28 AM

Thanks woods now continue with the step 6 above & post the logs !!

 

Chuck



#12 woodshopfun

woodshopfun

    Member

  • Members
  • Pip
  • 29 posts

Posted 07 December 2013 - 12:00 PM

 Results of screen317's Security Check version 0.99.77 
   x64 (UAC is enabled) 
 Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Windows Defender         
Norton AntiVirus Online  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300 
 Mozilla Firefox 24.0 Firefox out of Date! 
````````Process Check: objlist.exe by Laurent```````` 
 Norton ccSvcHst.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Norton AntiVirus Norton AntiVirus Engine 20.4.0.40\ccSvcHst.exe
 Malwarebytes' Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````



#13 flashh4

flashh4

    UberTechie

  • Moderator
  • 1584 posts
  • Location:Wyoming
  • Operating System:W7 on 1 & W8.1 on 1

Posted 07 December 2013 - 12:04 PM

Ok, don't worry about up dating those now that's out of date we will take care of them when we are done with the cleaning !!

 

Chuck



#14 woodshopfun

woodshopfun

    Member

  • Members
  • Pip
  • 29 posts

Posted 07 December 2013 - 12:05 PM

So, on to the DDS?



#15 flashh4

flashh4

    UberTechie

  • Moderator
  • 1584 posts
  • Location:Wyoming
  • Operating System:W7 on 1 & W8.1 on 1

Posted 07 December 2013 - 12:12 PM

Yes please then continue with DDS & OTL !!

 

Chuck






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users