Sponsored By

natebiv

Members
  • Content Count

    7
  • Joined

  • Last visited

About natebiv

  • Rank
    Member
  1. Thank you so much. She will be so happy. You are the best.
  2. # DelFix v1.011 - Logfile created 27/12/2015 at 15:39:11 # Updated 18/08/2015 by Xplode # Username : biven - DESKTOP-8S8J809 # Operating System : Windows 10 Home (64 bits) ~ Removing disinfection tools ... Deleted : C:\_OTL Deleted : C:\AdwCleaner Deleted : C:\Users\biven\Desktop\JRT.exe Deleted : C:\Users\biven\Desktop\JRT.txt Deleted : C:\Users\biven\Downloads\adwcleaner_5.026.exe Deleted : HKLM\SOFTWARE\OldTimer Tools Deleted : HKLM\SOFTWARE\AdwCleaner ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #2 [Windows Modules Installer | 12/25/2015 07:43:35] Deleted : RP #3 [Windows Modules Installer | 12/25/2015 07:44:02] Deleted : RP #4 [JRT Pre-Junkware Removal | 12/27/2015 21:44:01] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ##########
  3. this is exactly what I copied. if you see something wrong help me. :OTL PRC - File not found -- IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {7E5207C2-1FA7-499C-88EE-FCE834450114} IE:64bit: - HKLM\..\SearchScopes\{7E5207C2-1FA7-499C-88EE-FCE834450114}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRDLC1&src=IE11TR&pc=DCTE IE - HKLM\..\SearchScopes,DefaultScope = {7E5207C2-1FA7-499C-88EE-FCE834450114} IE - HKU\S-1-5-21-2875059968-196611492-1916212712-1001\..\SearchScopes,DefaultScope = {7E5207C2-1FA7-499C-88EE-FCE834450114} CHR - Extension: No name found = C:\Users\biven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\ CHR - Extension: No name found = C:\Users\biven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: No name found = C:\Users\biven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: No name found = C:\Users\biven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: No name found = C:\Users\biven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. :Commands [emptyjava] [emptyflash] [EMPTYTEMP] [RESETHOSTS] [CREATERESTOREPOINT] [Reboot]
  4. here is the old timer logs. OTL.Txt Extras.Txt
  5. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.1 (11.24.2015) Operating System: Windows 10 Home x64 Ran by biven (Administrator) on Sun 12/27/2015 at 13:43:59.83 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 25 Failed to delete: C:\Program Files (x86)\google\chrome\application\chrome.bat (File) Failed to delete: C:\Program Files (x86)\internet explorer\iexplore.bat (File) Failed to delete: C:\Windows\system32\drivers\bsdriver.sys (File) Failed to delete: C:\Windows\system32\drivers\cherimoya.sys (File) Failed to delete: C:\Windows\system32\Drivers\swsedrvr_vw_1_10_0_25.sys (File) Successfully deleted: C:\Program Files (x86)\gmsd_us_005010185 (Folder) Successfully deleted: C:\ProgramData\28341ff220e0446c9fff27c4493d622e (Folder) Successfully deleted: C:\ProgramData\flashbeat (Folder) Successfully deleted: C:\ProgramData\Service1291 (Folder) Successfully deleted: C:\ProgramData\Start Menu\Programs\search.lnk (Shortcut) Successfully deleted: C:\ProgramData\tvtime (Folder) Successfully deleted: C:\Users\biven\AppData\Local\gmsd_us_005010185 (Folder) Successfully deleted: C:\Users\biven\AppData\Local\tvtime (Folder) Successfully deleted: C:\Users\biven\Appdata\LocalLow\company (Folder) Successfully deleted: C:\Users\biven\AppData\Roaming\aspackage (Folder) Successfully deleted: C:\Users\biven\AppData\Roaming\tsearch (Folder) Successfully deleted: C:\Windows\system32\Tasks\PCDEventLauncherTask (Task) Successfully deleted: C:\Windows\system32\Tasks\PCDoctorBackgroundMonitorTask (Task) Successfully deleted: C:\Users\biven\AppData\Local\Temp\vitruvian-installer-hardwareprofile-v0001 (File) Successfully deleted: C:\Users\biven\AppData\Local\Temp\vitruvian-installer-install-v0003 (File) Successfully deleted: C:\Users\biven\AppData\Local\Temp\vitruvian-installer-processes-v0002 (File) Successfully deleted: C:\Users\biven\AppData\Local\Temp\vitruvian-installer-scheduledtasks-v0001 (File) Successfully deleted: C:\Users\biven\AppData\Local\Temp\vitruvian-installer-softwareregkeys-v0002 (File) Successfully deleted: C:\Users\biven\AppData\Local\Temp\vitruvian-installer-uninstall-v0002 (File) Successfully deleted: C:\Users\biven\AppData\Roaming\Bubble Dock.boostrap.log (File) Registry: 5 Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_us_005010185 (Registry Value) Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\cherimoya (Registry Key) Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\swsedrvr_vw_1_10_0_25 (Registry Key) Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7E5207C2-1FA7-499C-88EE-FCE834450114} (Registry Key) Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{7E5207C2-1FA7-499C-88EE-FCE834450114} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sun 12/27/2015 at 13:45:53.90 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  6. I need help removing a malware called tuto4pc. Very nasty malware has infected ever program on the system.