Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jan 1, 2015 0:50:41 GMT -8
It is not FRST
Microsoft for Vista / Windows 7 Give this
Step 1: Computer could be in selective startup mode (Third party services and Startup items are disabled), I would suggest you to put the computer back to normal startup. To do this, follow the steps below:
a) Click on Start, type in MSCONFIG in the Search box and hit Enter b) This opens up System Configuration window > Ensure that “Normal Startup” is selected under Startup selection on the general tab. c) Click Apply and Ok
If the issue persists,
Step 2: Start the Windows Audio Service and set it to automatic.To do this, follow these steps:
1. Click on Start-Run, type services.msc, the click on OK. 2. When the Services window loads, navigate to the "Windows Audio Service", the double click on it to open it, 3. Make sure the "Startup Type" says "Automatic" and started. If it doesn't, use the drop down menu to change it. 4. If it already says: "Automatic", then click on the "Recovery" tab at the top, and change the "First Failure" line to "Restart the Service", then click on "apply", then OK.
Quads
|
|
nooby
New Helpee
Posts: 24
|
Post by nooby on Jan 1, 2015 4:49:01 GMT -8
Thanks Quads! It works now! AM I also virus-free? Is my computer all set to go?
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jan 1, 2015 15:32:25 GMT -8
On with step 4, Complete system check for any file and cleanup of items and tools used. Special attention to the different settings I have asked for below You can leave Norton Enabled even though ESET may warn about it. just makes the scan take longer. The pictures below showing what to click may be blue instead of green on the ESET website now, but the procedure is still the same Please read carefully and Slowly, Notice all the settings listed below to check before starting the scan. Take note of the NO tick in the Remove found threats setting below at it needs to have the tick removed.
Hold down Control and click on the following link to open ESET OnlineScan in a new window. ESET OnlineScan
Click the For alternate browsers only: (Microsoft Internet Explorer users can skip these steps) Click on Posted Image to download the ESET Smart Installer. Save it to your desktop. Double click on the icon on your desktop. Check Click the button. Accept any security warnings from your browser. Under scan settings, check DON'T (NO)</font></b> check Remove found threats (reason for this is we don't want something deleted and then Windows won't load).
Click Advanced settings and select the following: Scan potentially unwanted applications Scan for potentially unsafe applications Enable Anti-Stealth technology
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. Attach the resulting log in your next reply The scanner screen gives me the option of saving the results to a .txt file as part of the options after the scan has finished. Screenshot of part of the finished scan dialog box by ESET showing the options. List found threats and at the bottom of the listings is the options to save the list. Quads
|
|
nooby
New Helpee
Posts: 24
|
Post by nooby on Jan 2, 2015 2:14:31 GMT -8
|
|
nooby
New Helpee
Posts: 24
|
Post by nooby on Jan 7, 2015 1:54:59 GMT -8
Hi Quads,
Sorry I don't mean to rush the queque..just making sure this thread hasn't been buried. Is my computer malware-free from what you can see from the list?
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jan 7, 2015 14:49:20 GMT -8
You may want to read carefully all of this message first before starting the steps. NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemDownload the script attached, needs to be the same file name as well (fixlist.txt), have it on the Desktop, so that fixlist.txt is next to FRST.exe, DO NOT DRAG AND DROP to download the script, it won't work for FRST (Right click on the attachment link (not the normal left click) and from the menu choose Save As or Save Link as.)
The script tells FRST what to do. Start FRST that is on the desktop
When the tool opens click Yes to disclaimer. (if it still does) Press the Fix button just once and wait.The tool will make a log on the Desktop (Fixlog.txt) please post it to your reply (attach or paste) Quads Attachments:fixlist.txt (3.38 KB)
|
|
nooby
New Helpee
Posts: 24
|
Post by nooby on Jan 12, 2015 3:28:38 GMT -8
Dear Quads,
When I right click, it only has the option to save as 4096.html again, even though I opened it in Internet explorer..
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jan 12, 2015 9:51:25 GMT -8
Try Chrome or Firefox
You have correctly saved fixlist.txt before
Quads
|
|
nooby
New Helpee
Posts: 24
|
Post by nooby on Jan 26, 2015 1:20:32 GMT -8
Hi Quads,
I tried Chrome, Firefox and Internet Explorer and all they do is give the option to save as an html.
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jan 26, 2015 19:33:17 GMT -8
Press the + R Keys on your keyboard at the same time. Type notepad and click OK. Copy the entire content of the codebox below and paste into the notepad (Including start and end) Start C:\Users\Noel\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000 C:\Users\Noel\AppData\Local\Temp\1034\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GXDP16DI\sd1[1].htm C:\Users\Noel\AppData\Local\Temp\1b48\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YR0ZGVNF\sss[1].htm C:\Users\Noel\AppData\Local\Temp\d30\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ROQBYIQS\sd1[1].htm D:\backup\4109\$RECYCLE.BIN\S-1-5-21-1002276465-1142272141-2277484193-1000\$R8PPB1S.exe D:\backup\4109\Program Files\agth\agth.dll D:\backup\4109\Program Files\agth D:\backup\4109\Program Files\Application Updater\ApplicationUpdater.exe D:\backup\4109\Program Files\Application Updater D:\backup\4109\Program Files\Ask.com\GenericAskToolbar.dll D:\backup\4109\Program Files\Ask.com\precache.exe D:\backup\4109\Program Files\Ask.com\SaUpdate.exe D:\backup\4109\Program Files\Ask.com\UpdateTask.exe D:\backup\4109\Program Files\Ask.com\Updater\Updater.exe D:\backup\4109\Program Files\Ask.com D:\backup\4109\Program Files\Common Files\DVDVideoSoft\AskTB\ApnIC.dll D:\backup\4109\Program Files\Common Files\DVDVideoSoft\AskTB\ApnStub.exe D:\backup\4109\Program Files\Common Files\DVDVideoSoft\AskTB\ApnToolbarInstaller.exe D:\backup\4109\Program Files\Common Files\DVDVideoSoft\AskTB D:\backup\4109\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe D:\backup\4109\Program Files\Common Files\Spigot D:\backup\4109\Program Files\Conduit\Community Alerts\Alert.dll D:\backup\4109\Program Files\Conduit D:\backup\4109\Program Files\ConduitEngine\ConduitEngine.dll D:\backup\4109\Program Files\ConduitEngine D:\backup\4109\Program Files\GameHi_USA\SuddenAttackNA\launcher.exe D:\backup\4109\Program Files\GameHi_USA\SuddenAttackNA\suddenattack.exe D:\backup\4109\Program Files\GameHi_USA D:\backup\4109\Program Files\IObit Toolbar\WidgiHelper.exe D:\backup\4109\Program Files\IObit Toolbar\IE\4.5\iobitToolbarIE.dll D:\backup\4109\Program Files\IObit Toolbar D:\backup\4109\Program Files\NCH Software\VideoPad\uninst.exe D:\backup\4109\Program Files\NCH Software\VideoPad\videopad.exe a variant D:\backup\4109\Program Files\NCH Software\VideoPad\vpsetup_v2.30.exe D:\backup\4109\Program Files\NCH Software D:\backup\4109\Program Files\Veoh Networks\VeohWebPlayer\qlipso-qlipso-silent-us.exe D:\backup\4109\Program Files\Veoh Networks D:\backup\4109\Program Files\Veoh_Web_Player\tbVeoh.dll D:\backup\4109\Program Files\Veoh_Web_Player D:\backup\4109\Program Files\Vuze_Remote\tbVuze.dll D:\backup\4109\Program Files\Vuze_Remote D:\backup\4109\ProgramData\ReviverSoft\RegistryReviver\InstallCache\{63E13B95-3168-481C-A8DF-FBE0DCDF5699}\Registry Reviver.msi D:\backup\4109\ProgramData\ReviverSoft D:\backup\4109\ProgramData\{9CD61942-8DA1-4781-925C-4FE1471E0820}\iLividSetupV1.res D:\backup\4109\ProgramData\{9CD61942-8DA1-4781-925C-4FE1471E0820} D:\backup\4109\Users\mkwon\AppData\LocalLow\AskToolbar\setup.exe D:\backup\4109\Users\mkwon\AppData\LocalLow\AskToolbar D:\backup\4109\Users\mkwon\AppData\LocalLow\ConduitEngine\ConduitEngine.dll D:\backup\4109\Users\mkwon\AppData\LocalLow\ConduitEngine D:\backup\4109\Users\mkwon\AppData\LocalLow\Veoh_Web_Player\tbVeoh.dll D:\backup\4109\Users\mkwon\AppData\LocalLow\Veoh_Web_Player D:\backup\4109\Windows\Installer\3e4e47b.msi D:\backup\4109\Windows\Installer\f5ca32.msi end Click File, Save As and type fixlist (.txt may be seen on the end depending on the system setup) as the File Name. Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
Right-click on icon and select Run as Administrator to start FRST. (XP users click run after receipt of Windows Security Warning - Open File). Press the button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop, called Fixlog.txt. To paste or attach back here Quads
|
|