Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Feb 2, 2015 21:18:01 GMT -8
Press the + R Keys on your keyboard at the same time. Type notepad and click OK. Copy the entire content of the codebox below and paste into the notepad (Including start and end) start C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSS.exe C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSHelper.dll C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegistryOptimizer.exe C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSSystemCleaner.exe C:\Program Files\WinZip\Utils\WzSysScan C:\Users\Matt\AppData\Local\Temp\~spE5C4.tmp C:\Users\Matt\AppData\Local\Temp\Low\AUX6.dll C:\Users\Matt\AppData\Local\Temp\Low C:\Users\Matt\AppData\Local\Temp\MigWizL0\cryptbase.dll C:\Users\Matt\AppData\Local\Temp\MigWizL0 C:\Users\Matt\Downloads\Comcast_Desktop_Software_1305.exe C:\Users\Matt\Downloads\dffsetup-msvcp100.exe C:\Users\Matt\Downloads\WinZip170_1.exe C:\Windows\Installer\5aabe13a.msi end Click File, Save As and type fixlist (.txt may be seen on the end depending on the system setup) as the File Name. Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
Right-click on icon and select Run as Administrator to start FRST. (XP users click run after receipt of Windows Security Warning - Open File). Press the button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop, called Fixlog.txt. To paste or attach back here Quads
|
|
|
Post by mjkeenan89 on Feb 2, 2015 21:51:42 GMT -8
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-02-2015 Ran by Matt at 2015-02-02 21:51:00 Run:3 Running from C:\Users\Matt\Desktop Loaded Profiles: Matt (Available profiles: Matt & DefaultAppPool) Boot Mode: Normal ==============================================
Content of fixlist: ***************** start C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSS.exe C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSHelper.dll C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegistryOptimizer.exe C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSSystemCleaner.exe C:\Program Files\WinZip\Utils\WzSysScan C:\Users\Matt\AppData\Local\Temp\~spE5C4.tmp C:\Users\Matt\AppData\Local\Temp\Low\AUX6.dll C:\Users\Matt\AppData\Local\Temp\Low C:\Users\Matt\AppData\Local\Temp\MigWizL0\cryptbase.dll C:\Users\Matt\AppData\Local\Temp\MigWizL0 C:\Users\Matt\Downloads\Comcast_Desktop_Software_1305.exe C:\Users\Matt\Downloads\dffsetup-msvcp100.exe C:\Users\Matt\Downloads\WinZip170_1.exe C:\Windows\Installer\5aabe13a.msi end *****************
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSS.exe => Moved successfully. C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSHelper.dll => Moved successfully. C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe => Moved successfully. C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe => Moved successfully. C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegistryOptimizer.exe => Moved successfully. C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSSystemCleaner.exe => Moved successfully. C:\Program Files\WinZip\Utils\WzSysScan => Moved successfully. C:\Users\Matt\AppData\Local\Temp\~spE5C4.tmp => Moved successfully. C:\Users\Matt\AppData\Local\Temp\Low\AUX6.dll => Moved successfully. C:\Users\Matt\AppData\Local\Temp\Low => Moved successfully. C:\Users\Matt\AppData\Local\Temp\MigWizL0\cryptbase.dll => Moved successfully. C:\Users\Matt\AppData\Local\Temp\MigWizL0 => Moved successfully. C:\Users\Matt\Downloads\Comcast_Desktop_Software_1305.exe => Moved successfully. C:\Users\Matt\Downloads\dffsetup-msvcp100.exe => Moved successfully. C:\Users\Matt\Downloads\WinZip170_1.exe => Moved successfully. C:\Windows\Installer\5aabe13a.msi => Moved successfully.
==== End of Fixlog 21:51:02 ====
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Feb 2, 2015 21:54:42 GMT -8
The TEMP folders and caches. (use the program below to do so) Download TFC www.bleepingcomputer.com/download/tfc/ the instrctions are on that page below the blue download button and screenshots. Quads
|
|
|
Post by mjkeenan89 on Feb 3, 2015 17:06:04 GMT -8
Don't know if you need this log, but here it is:
Getting user folders. Stopping running processes. Emptying Temp folders. User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: DefaultAppPool ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Matt ->Temp folder emptied: 756392341 bytes ->Temporary Internet Files folder emptied: 8497989281 bytes ->Java cache emptied: 97200 bytes ->FireFox cache emptied: 437624014 bytes ->Flash cache emptied: 67939 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 832944267 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46828 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78039 bytes Emptying RecycleBin. Do not interrupt. RecycleBin emptied: 2891885352 bytes Process complete! Total Files Cleaned = 12,796.00 mb
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Feb 3, 2015 17:34:30 GMT -8
Tools and Quarantines we used to be removed Please download DelFix by Xplode to your Desktop. toolslib.net/downloads/viewdownload/2-delfix/Double-click to run the program; Note: Windows Vista/7/8 users right-click and choose Run as administratorMake sure the Remove Disinfection tools is ticked / selected in the list Click RunA log will be opened after the operation is finished Copy and Paste it in your next reply Quads
|
|
|
Post by mjkeenan89 on Feb 3, 2015 21:38:24 GMT -8
# DelFix v10.8 - Logfile created 03/02/2015 at 21:38:02 # Updated 29/07/2014 by Xplode # Username : Matt - MATT-PC # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\Users\Matt\Desktop\FRST-OlderVersion Deleted : C:\Users\Matt\Desktop\Addition.txt Deleted : C:\Users\Matt\Desktop\AdwCleaner.exe Deleted : C:\Users\Matt\Desktop\AdwCleaner[S0].txt Deleted : C:\Users\Matt\Desktop\esetsmartinstaller_enu.exe Deleted : C:\Users\Matt\Desktop\Fixlog.txt Deleted : C:\Users\Matt\Desktop\FRST.txt Deleted : C:\Users\Matt\Desktop\FRST64.exe Deleted : C:\Users\Matt\Desktop\TFC.exe Deleted : HKLM\SOFTWARE\OldTimer Tools Deleted : HKLM\SOFTWARE\AdwCleaner
########## - EOF - ##########
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Feb 3, 2015 23:17:05 GMT -8
You are free to go on your merry way. You are now fixed / Solved.
Quads
|
|
|
Post by mjkeenan89 on Feb 7, 2015 19:49:24 GMT -8
Thanks so much for all of your help. I really appreciate it!
|
|