dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Nov 29, 2014 21:34:33 GMT -8
Did you delete the one on the desktop and select the Addition.txt in the Optional Scan section of FRST?
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Nov 29, 2014 21:50:41 GMT -8
Just to be on the safe side of things, please run the following script:
You may want to read carefully all of this message first before starting the steps.
NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Download the script file that is attached by right clicking on it and selecting "Save Target As..." or "Save Link As ...." (depends on the browser you are using). Please make sure that the file type is set as Text File and the files name is Fixlist.txt , have it on the Desktop, so that fixlist.txt is next to FRST64.exe,
DO NOT DRAG AND DROP to download the script, it won't work properly for FRST.
The script tells FRST what to do.
Start FRST that is on the desktop by right clicking on file and selecting "Run as Administrator..."
When the tool opens click Yes to disclaimer. (if it still does)
Press the Fix button just once and wait. The script will be processed and your system restarted to complete the removal / breakage of the malware.
The tool will make a log on the Desktop (Fixlog.txt) please post it to your reply (attach or paste)
|
|
|
Post by gailjr on Nov 30, 2014 6:57:14 GMT -8
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Nov 30, 2014 15:15:07 GMT -8
Well that did not find any evidence of Poweliks at all so we will move on. It is possble that Norton is trying to remove something that is not there anymore and the reference is stuck in the queue to be removed. Let me know if you keep getting a popup to remove Poweliks.
This next step may take a while (just to warn you) ..... ESET Online does not work with IE 11 (Internet Explorer) at the moment (a few weeks ago anyway) so if you have IE 11, Chrome or Firefox has to be used instead. ESET Online does work with IE 10 and earlier. You can leave Norton Enabled even though ESET may warn about it. just makes the scan take longer. The pictures below showing what to click may be blue instead of green on the ESET website now, but the procedure is still the same Please read carefully and Slowly, Notice all the settings listed below to check before starting the scan. Stop and ask if you have any questions.Take note of the NO tick in the Remove found threats setting below at it needs to have the tick removed.
Hold down Control key and click on the following link to open ESET OnlineScan in a new window. Link =>> ESET Online Scanner << Click the Run ESET Online Scanner located on the left side of the page (not the free trial). For browsers other than Internet Explorer only: (Microsoft Internet Explorer users can skip this step) Click on the esetsmartinstaller link in the popup window that opens. Save it to your desktop. Double click on the icon on your desktop. Check (accept) the Terms of Use. Click the START button. Accept any security warnings from your browser. Now in the Computer scan settings window that appears:- Make sure that the option Enable detection of potentially unwanted applications is selected. Now click on Advanced Settings and configure the options as follows: Remove found threats is Not checkedScan archives is checkedScan for potentially unsafe applications is checkedEnable Anti-Stealth Technology is checkedNow click on: StartESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. When the scan is finished, if any threats are found you will see the screen below. Click to view the found threats. At the bottom of the listed threats, there is an option to save the results to a text file. Please do this so you can attach the results here for review and removal of the items that are not false positives (these will be scripted out so do not worry). Once the log text file is saved, return to the Scan Finished screen by clicking "<<Back", then click on the uninstall button and click Finish. Attach the saved log file in your next reply please. Thanks.
|
|
|
Post by gailjr on Dec 1, 2014 4:26:19 GMT -8
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Dec 1, 2014 21:27:46 GMT -8
Hi! The file you posted a lonk to is actually a PDF file about Caloric Weight Loss (looks like a German site?). Can you try once again? Perhaps wikisend.com messed up?
|
|
|
Post by gailjr on Dec 2, 2014 4:13:55 GMT -8
Good Lord! Are you kidding? lol Here is the new log, hope it has the correct info: new log.txt
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Dec 2, 2014 7:22:30 GMT -8
That worked; although the first link was really interesting also! Moving on to the matter at hand ... If you did not do so at the end of the scan, please uninstall ESET Online Scanner at this time. Next, we need to remove the tools we've used during cleaning your machine. [/a] [*]Ensure the following is ticked: - Activate UAC
- Remove disinfection tools
- Create registry backup
- Purge system restore
- Reset system settings
[/ul] Then click Run. The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply. Once you have the log file saved, please reboot your system to complete the clean up process. Your system looks clean and your logs are fine. Unless Quads wants something else done, you are done and free to go.Final word from me: Surf safely, and watch when installing or letting anything add itself to your system. Remember, the best security is not on your system but in the chair in front of it. Take care and thanks for sticking with us in this rushed time. One more thing; You may want to check out the following software and site. They will help keep you from having those surprise extras every time you download and install software. Unchecky is a small service that runs in the background to help keep those "extra toolbars" and tag along search engines from automatically installing. By automatically directing you to a custom install with all the options unchecked, only what you manually choose and confirm gets installed. Ninite.com - a bundle installer that strips the adware and junk from the selected software before you get it. Check them out - ninite.com/
|
|
|
Post by gailjr on Dec 2, 2014 14:44:29 GMT -8
here is the last log. And thank you so very much! DelFix.txt
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Dec 2, 2014 18:25:51 GMT -8
You're welcome! Stay safe!
|
|