dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on May 4, 2015 21:11:38 GMT -8
Thank you for the screenshots; they show that the file found has already been handled by AdwCleaner and will be removed from your system shortly when we clean the tools off the computer.
Open notepad by pressing the Windows Key + R key, typing notepad in the Run box and pressing Enter. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. Save it to your desktop as fixlist.txtNOTE. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemStart FRST that is on the desktop by right clicking on file and selecting "Run as Administrator..." and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
|
|
|
Post by tonto on May 5, 2015 10:45:52 GMT -8
Sorry if this is a less than obvious answer, but, do I need to delete the fixlist.txt file on the desktop for the earlier scan? Or will it know which one to use?
Edit: OK, I just read in another thread that FRST overwrites the previous log. I'll run it when I get home.
|
|
|
Post by tonto on May 5, 2015 19:39:55 GMT -8
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on May 5, 2015 22:32:12 GMT -8
If you did not do so at the end of its scan, please uninstall ESET Online Scanner at this time. Next, we need to remove the tools we've used during cleaning your machine. [/a] Ensure the following is ticked: - Activate UAC
- Remove disinfection tools
- Create registry backup
- Purge system restore
- Reset system settings
[/ul] Then click Run. The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply. Once you have the log file saved, please reboot your system to complete the clean up process. Your system looks clean and your logs are fine. Unless Quads wants something else done, you are done and free to go.Final word from me: Surf safely, and watch when installing or letting anything add itself to your system. Remember, the best security is not on your system but in the chair in front of it. Take care and thanks for sticking with us in this rushed time.
|
|
|
Post by tonto on May 6, 2015 5:23:52 GMT -8
Thanks dbrisen, can I use the "add/remove programs" in the control panel or go back and run the software to get to that page with the uninstall box?
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on May 7, 2015 13:59:41 GMT -8
For the ESET Online Scanner, you can use the Control Panel 'Add / Remove Programs' or 'Programs and Features' utility to uninstall it.
|
|
|
Post by tonto on May 7, 2015 14:20:30 GMT -8
Hello dbrisen, I decided to run the scan again to get to the uninstall tick box (figured they knew best how to uninstall their software. It finished & there are now 3 entries. Still wont save, the first is the same plus these 2
C:\Windows\Installer\MS|2A1C.tmp a variant of Win32/Bundled.Toolbar.Ask.M potentially... C:\Windows\Installer\MS|CA5A.tmp a variant of Win32/Bundled.Toolbar.Ask.M potentially...
How to proceed?
Edit: Again, I posted this while you were responding.
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on May 7, 2015 14:34:37 GMT -8
Did you uninstall ESET at the end of the scan this time? The two new files are tmp (temporary data files) that are leftovers from past malware. They are inactive and most likely a FP due to new virus definitions that need to be tweaked. Please continue with the DelFix run and log posting; this will wrap up the cleaning by not only removing the tools we used but also clearing the malware those tools have quarantined. After the DelFix run (don't forget to save the log to reply with here [thanks]), you may want to consider the following program for your system: Unchecky is a small service that runs in the background to help keep those "extra toolbars" and tag along search engines from automatically installing. By automatically directing you to a custom install with all the options unchecked, only what you manually choose and confirm gets installed.
|
|
|
Post by tonto on May 8, 2015 5:11:47 GMT -8
Thanks dbrisen, I will finish this up when I get home tonight. I did not uninstall it after running the 1st time. My daughter inadvertently shut the computer down. Which is why I was asking about which uninstall method to use (I'll do that now). I will run DelFix & post the log back. Thanks for the link!
|
|
|
Post by tonto on May 8, 2015 19:46:23 GMT -8
Here is the log file:
# DelFix v1.010 - Logfile created 08/05/2015 at 23:42:28 # Updated 26/04/2015 by Xplode # Username : Calli Nicole - CALLINICOLE-HP # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Activating UAC ... OK
~ Removing disinfection tools ...
Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\Users\Calli Nicole\Desktop\FRST-OlderVersion Deleted : C:\Users\Calli Nicole\Desktop\Addition.txt Deleted : C:\Users\Calli Nicole\Desktop\adwcleaner_4.202.exe Deleted : C:\Users\Calli Nicole\Desktop\esetsmartinstaller_enu.exe Deleted : C:\Users\Calli Nicole\Desktop\Fixlog.txt Deleted : C:\Users\Calli Nicole\Desktop\FRST.txt Deleted : C:\Users\Calli Nicole\Desktop\FRST64.exe Deleted : C:\Users\Calli Nicole\Downloads\JRT.exe Deleted : HKLM\SOFTWARE\AdwCleaner
~ Creating registry backup ... OK
~ Cleaning system restore ...
Deleted : RP #161 [Scheduled Checkpoint | 04/26/2015 18:47:58] Deleted : RP #163 [Restore Point Created by FRST | 04/29/2015 06:03:46] Deleted : RP #165 [Restore Point Created by FRST | 05/06/2015 03:15:46]
New restore point created !
~ Resetting system settings ... OK
########## - EOF - ##########
|
|