|
Post by mynn30 on Mar 30, 2015 20:40:14 GMT -8
When I open the list, there's like 35 thireat found, but it won't let me copy and paste etc? Not sure what I am doing wrong, I asked my daughter and she had no idea either
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Mar 30, 2015 20:48:01 GMT -8
When the scan is finished, if any threats are found you will see the screen below. Click to view the found threats. At the bottom of the listed threats, there is an option to save the results to a text file. Please do this so you can attach the results here for review and removal of the items that are not false positives (these will be scripted out so do not worry).
|
|
|
Post by mynn30 on Mar 30, 2015 20:59:48 GMT -8
Sorry I did try that but it wouldn't save. I have retried and here are results
C:\AdwCleaner\Quarantine\C\Users\Ellllliiieeee\AppData\LocalLow\ConduitEngine\ConduitEngin.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Ellllliiieeee\AppData\LocalLow\ConduitEngine\ldrConduitEngin.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Jessikaah\AppData\Local\Google\Chrome\User Data\Default\Extensions\iapmgeefjjdeofmglpelkaipeolfkefe\1.1\c2xD.js.vir Win32/Adware.MultiPlug.H application C:\AdwCleaner\Quarantine\C\Users\Jessikaah\AppData\LocalLow\ConduitEngine\ConduitEngin.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Jessikaah\AppData\LocalLow\ConduitEngine\ldrConduitEngin.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Melinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\iapmgeefjjdeofmglpelkaipeolfkefe\1.1\c2xD.js.vir Win32/Adware.MultiPlug.H application C:\FRST\Quarantine\C\Users\Melinda\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll.xBAD Win32/Toolbar.Conduit.Y potentially unwanted application C:\FRST\Quarantine\C\Users\Melinda\AppData\Local\Conduit\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.1.dll Win32/Toolbar.Conduit.Y potentially unwanted application C:\FRST\Quarantine\C\Users\Melinda\AppData\Local\Conduit\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.2.dll Win32/Toolbar.Conduit.Y potentially unwanted application C:\FRST\Quarantine\C\Users\Melinda\AppData\Local\iLivid\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application C:\FRST\Quarantine\C\Users\Melinda\AppData\Local\iLivid\Uninstall.exe a variant of Win32/Toolbar.SearchSuite.G potentially unwanted application C:\Users\Ellllliiieeee\AppData\LocalLow\FLV_Runner\ldrtbFLV_.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application C:\Users\Ellllliiieeee\AppData\LocalLow\FLV_Runner\tbFLV1.dll a variant of Win32/Toolbar.Conduit.Y potentially unwanted application C:\Users\Ellllliiieeee\AppData\LocalLow\FLV_Runner\tbFLV_.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application C:\Users\Ellllliiieeee\AppData\LocalLow\FLV_Runner\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll a variant of Win32/PriceGong.A potentially unwanted application C:\Users\Ellllliiieeee\AppData\LocalLow\uTorrentBar\ldrtbuTor.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application C:\Users\Ellllliiieeee\AppData\LocalLow\uTorrentBar\tbuTor.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application C:\Users\Ellllliiieeee\AppData\LocalLow\uTorrentBar\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.0\bin\PriceGongIE.dll a variant of Win32/PriceGong.A potentially unwanted application C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B\ldrtbWise.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B\tbWis1.dll a variant of Win32/Toolbar.Conduit.Y potentially unwanted application C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B\tbWise.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.8\bin\PriceGongIE.dll a variant of Win32/PriceGong.A potentially unwanted application C:\Users\Ellllliiieeee\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-5.1.5.windows.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application C:\Users\Ellllliiieeee\Documents\FrostWire\Incomplete\T-4223976-running back jessica maulboy MTV.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan C:\Users\Ellllliiieeee\Downloads\frostwire-4.21.3.windows.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application C:\Users\Jessikaah\AppData\LocalLow\FLV_Runner\ldrtbFLV_.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application C:\Users\Jessikaah\AppData\LocalLow\FLV_Runner\tbFLV1.dll Win32/Toolbar.Conduit.Y potentially unwanted application C:\Users\Jessikaah\AppData\LocalLow\FLV_Runner\tbFLV_.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application C:\Users\Jessikaah\AppData\LocalLow\FLV_Runner\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll a variant of Win32/PriceGong.A potentially unwanted application C:\Users\Jessikaah\AppData\LocalLow\uTorrentBar\ldrtbuTor.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application C:\Users\Jessikaah\AppData\LocalLow\uTorrentBar\tbuTor.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application C:\Users\Jessikaah\AppData\LocalLow\uTorrentBar\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.0\bin\PriceGongIE.dll a variant of Win32/PriceGong.A potentially unwanted application C:\Users\Melinda\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\178f3914-307f3a2c a variant of Java/Mocup.D trojan C:\Users\Melinda\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\21b83968-46d0f5f3 a variant of Java/Mocup.D trojan C:\Users\Melinda\Music\iTunes\iLividSetup-r394-n-bi.exe Win32/iLivid.A potentially unwanted application
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Mar 30, 2015 21:10:07 GMT -8
Press the + R Keys on your keyboard at the same time. Type notepad and click OK. Copy the entire content of the codebox below and paste into the notepad (Including start and end) start C:\Users\Ellllliiieeee\AppData\LocalLow\FLV_Runner\ldrtbFLV_.dll C:\Users\Ellllliiieeee\AppData\LocalLow\FLV_Runner\tbFLV1.dll C:\Users\Ellllliiieeee\AppData\LocalLow\FLV_Runner\tbFLV_.dll C:\Users\Ellllliiieeee\AppData\LocalLow\FLV_Runner\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll C:\Users\Ellllliiieeee\AppData\LocalLow\uTorrentBar\ldrtbuTor.dll C:\Users\Ellllliiieeee\AppData\LocalLow\uTorrentBar\tbuTor.dll C:\Users\Ellllliiieeee\AppData\LocalLow\uTorrentBar\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.0\bin\PriceGongIE.dll C:\Users\Ellllliiieeee\AppData\LocalLow\uTorrentBar C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B\ldrtbWise.dll C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B\tbWis1.dll C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B\tbWise.dll C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.8\bin\PriceGongIE.dll C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B C:\Users\Ellllliiieeee\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-5.1.5.windows.exe C:\Users\Ellllliiieeee\Documents\FrostWire\Incomplete\T-4223976-running back jessica maulboy MTV.mp3 C:\Users\Ellllliiieeee\Downloads\frostwire-4.21.3.windows.exe C:\Users\Jessikaah\AppData\LocalLow\FLV_Runner\ldrtbFLV_.dll C:\Users\Jessikaah\AppData\LocalLow\FLV_Runner\tbFLV1.dll C:\Users\Jessikaah\AppData\LocalLow\FLV_Runner\tbFLV_.dll C:\Users\Jessikaah\AppData\LocalLow\FLV_Runner\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll C:\Users\Jessikaah\AppData\LocalLow\uTorrentBar\ldrtbuTor.dll C:\Users\Jessikaah\AppData\LocalLow\uTorrentBar\tbuTor.dll C:\Users\Jessikaah\AppData\LocalLow\uTorrentBar\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.0\bin\PriceGongIE.dll C:\Users\Jessikaah\AppData\LocalLow\uTorrentBar C:\Users\Melinda\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\178f3914-307f3a2c C:\Users\Melinda\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\21b83968-46d0f5f3 C:\Users\Melinda\Music\iTunes\iLividSetup-r394-n-bi.exe end Click File, Save As and type fixlist (.txt may be seen on the end depending on the system setup) as the File Name. Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
Right-click on icon and select Run as Administrator to start FRST. (XP users click run after receipt of Windows Security Warning - Open File). Press the button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop, called Fixlog.txt. To paste or attach back here Quads
|
|
|
Post by mynn30 on Mar 30, 2015 21:20:44 GMT -8
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015 Ran by Melinda at 2015-03-31 16:17:24 Run:2 Running from C:\Users\Melinda\Desktop Loaded Profiles: Melinda (Available profiles: UpdatusUser & Melinda & Jessikaah & Ellllliiieeee) Boot Mode: Normal ==============================================
Content of fixlist: ***************** start C:\Users\Ellllliiieeee\AppData\LocalLow\FLV_Runner\ldrtbFLV_.dll C:\Users\Ellllliiieeee\AppData\LocalLow\FLV_Runner\tbFLV1.dll C:\Users\Ellllliiieeee\AppData\LocalLow\FLV_Runner\tbFLV_.dll C:\Users\Ellllliiieeee\AppData\LocalLow\FLV_Runner\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll C:\Users\Ellllliiieeee\AppData\LocalLow\uTorrentBar\ldrtbuTor.dll C:\Users\Ellllliiieeee\AppData\LocalLow\uTorrentBar\tbuTor.dll C:\Users\Ellllliiieeee\AppData\LocalLow\uTorrentBar\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.0\bin\PriceGongIE.dll C:\Users\Ellllliiieeee\AppData\LocalLow\uTorrentBar C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B\ldrtbWise.dll C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B\tbWis1.dll C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B\tbWise.dll C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.8\bin\PriceGongIE.dll C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B C:\Users\Ellllliiieeee\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-5.1.5.windows.exe C:\Users\Ellllliiieeee\Documents\FrostWire\Incomplete\T-4223976-running back jessica maulboy MTV.mp3 C:\Users\Ellllliiieeee\Downloads\frostwire-4.21.3.windows.exe C:\Users\Jessikaah\AppData\LocalLow\FLV_Runner\ldrtbFLV_.dll C:\Users\Jessikaah\AppData\LocalLow\FLV_Runner\tbFLV1.dll C:\Users\Jessikaah\AppData\LocalLow\FLV_Runner\tbFLV_.dll C:\Users\Jessikaah\AppData\LocalLow\FLV_Runner\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll C:\Users\Jessikaah\AppData\LocalLow\uTorrentBar\ldrtbuTor.dll C:\Users\Jessikaah\AppData\LocalLow\uTorrentBar\tbuTor.dll C:\Users\Jessikaah\AppData\LocalLow\uTorrentBar\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.0\bin\PriceGongIE.dll C:\Users\Jessikaah\AppData\LocalLow\uTorrentBar C:\Users\Melinda\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\178f3914-307f3a2c C:\Users\Melinda\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\21b83968-46d0f5f3 C:\Users\Melinda\Music\iTunes\iLividSetup-r394-n-bi.exe end *****************
C:\Users\Ellllliiieeee\AppData\LocalLow\FLV_Runner\ldrtbFLV_.dll => Moved successfully. C:\Users\Ellllliiieeee\AppData\LocalLow\FLV_Runner\tbFLV1.dll => Moved successfully. C:\Users\Ellllliiieeee\AppData\LocalLow\FLV_Runner\tbFLV_.dll => Moved successfully. C:\Users\Ellllliiieeee\AppData\LocalLow\FLV_Runner\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll => Moved successfully. C:\Users\Ellllliiieeee\AppData\LocalLow\uTorrentBar\ldrtbuTor.dll => Moved successfully. C:\Users\Ellllliiieeee\AppData\LocalLow\uTorrentBar\tbuTor.dll => Moved successfully. C:\Users\Ellllliiieeee\AppData\LocalLow\uTorrentBar\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.0\bin\PriceGongIE.dll => Moved successfully. C:\Users\Ellllliiieeee\AppData\LocalLow\uTorrentBar => Moved successfully. C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B\ldrtbWise.dll => Moved successfully. C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B\tbWis1.dll => Moved successfully. C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B\tbWise.dll => Moved successfully. C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.8\bin\PriceGongIE.dll => Moved successfully. C:\Users\Ellllliiieeee\AppData\LocalLow\WiseConvert_B => Moved successfully. C:\Users\Ellllliiieeee\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-5.1.5.windows.exe => Moved successfully. C:\Users\Ellllliiieeee\Documents\FrostWire\Incomplete\T-4223976-running back jessica maulboy MTV.mp3 => Moved successfully. C:\Users\Ellllliiieeee\Downloads\frostwire-4.21.3.windows.exe => Moved successfully. C:\Users\Jessikaah\AppData\LocalLow\FLV_Runner\ldrtbFLV_.dll => Moved successfully. C:\Users\Jessikaah\AppData\LocalLow\FLV_Runner\tbFLV1.dll => Moved successfully. C:\Users\Jessikaah\AppData\LocalLow\FLV_Runner\tbFLV_.dll => Moved successfully. C:\Users\Jessikaah\AppData\LocalLow\FLV_Runner\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll => Moved successfully. C:\Users\Jessikaah\AppData\LocalLow\uTorrentBar\ldrtbuTor.dll => Moved successfully. C:\Users\Jessikaah\AppData\LocalLow\uTorrentBar\tbuTor.dll => Moved successfully. "C:\Users\Jessikaah\AppData\LocalLow\uTorrentBar\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.0\bin\PriceGongIE.dll " => File/Directory not found. C:\Users\Jessikaah\AppData\LocalLow\uTorrentBar => Moved successfully. C:\Users\Melinda\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\178f3914-307f3a2c => Moved successfully. C:\Users\Melinda\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\21b83968-46d0f5f3 => Moved successfully. C:\Users\Melinda\Music\iTunes\iLividSetup-r394-n-bi.exe => Moved successfully.
==== End of Fixlog 16:17:27 ====
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Mar 30, 2015 21:23:55 GMT -8
Tools and Quarantines we used to be removed Please download DelFix by Xplode to your Desktop. toolslib.net/downloads/viewdownload/2-delfix/Double-click to run the program; Note: Windows Vista/7/8 users right-click and choose Run as administratorMake sure the Remove Disinfection tools is ticked / selected in the list Click RunA log will be opened after the operation is finished Copy and Paste it in your next reply Quads
|
|
|
Post by mynn30 on Mar 30, 2015 21:28:34 GMT -8
# DelFix v10.9 - Logfile created 31/03/2015 at 16:27:42 # Updated 27/02/2015 by Xplode # Username : Melinda - MELINDA-PC # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\sc-cleaner.txt Deleted : C:\Users\Melinda\Desktop\Addition.txt Deleted : C:\Users\Melinda\Desktop\AdwCleaner.exe Deleted : C:\Users\Melinda\Desktop\esetsmartinstaller_enu.exe Deleted : C:\Users\Melinda\Desktop\Fixlog.txt Deleted : C:\Users\Melinda\Desktop\FRST.txt Deleted : C:\Users\Melinda\Desktop\FRST64.exe Deleted : C:\Users\Melinda\Desktop\sc-cleaner.exe Deleted : C:\Users\Melinda\Desktop\scan.txt Deleted : HKLM\SOFTWARE\AdwCleaner
########## - EOF - ##########
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Mar 30, 2015 21:32:15 GMT -8
Your little Missy's have to be carefully of free programs and downloads that come others bundled inside
You are free to go on your merry way. You are now fixed / Solved.
Quads
|
|
|
Post by mynn30 on Mar 30, 2015 21:36:58 GMT -8
Thank you soo much, I really appreciate everything that you have helped with! I will definitely tell them to be more careful!! Thank you
|
|