dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 23, 2014 0:05:54 GMT -8
I would not leave this running all night. Force a reboot as FRST is hanging on deleting your temp files somewhere. When the system starts again, delete the FRST.txt file and the Addition.txt file on your desktop. [/b] to disclaimer.[/*] [*]If an update is available, the program will inform you and download the update. Allow it do this please.[/*] [*]Please select the Addition.txt box in the Optional Scans section.[/*] [*]Press the Scan button.[/*] [*]It will produce a log called FRST.txt in the same directory the tool is run from. [/*] [*]Please copy and paste log back here.[/*] [*]This time the tool will generate another log ( Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.[/*] [/ul] Again, you will have to use wikisend.com to upload the Addition.txt file. Thank you.
|
|
|
Post by davidmdahl on Oct 23, 2014 0:25:59 GMT -8
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 23, 2014 6:21:53 GMT -8
Read carefullyDownload Adwcleaner from here to your desktop and run a scan. You may have to right click adwcleaner.exe and choose "Run as Administrator" from the menu. (Click the Scan button to start the scanning). It will create a log after it is finished scanning. If not (or if it just asks for you to uncheck what you don't wanted deleted), there is a Report button in the middle of the main window; click that and it will make the log file. Once the report file is made, you can leave AdwCleaner running (but don't delete anything yet) or you can close it down (we can always get a fresh scan done before the deletions). ONE SCAN ONLY, PLEASEAttach or paste the log back here for review and further instructions. Thanks.
|
|
|
Post by davidmdahl on Oct 23, 2014 6:41:03 GMT -8
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 23, 2014 14:22:46 GMT -8
Please run AdwCleaner again (if you don't have it running from the last scan) and
a) Click the Scan Button and wait for the scan to finish, (If Adwcleaner has been left open at the finish of the scan this is already done).
b) Make sure in your case all the items under each TAB are ticked / checked EXCEPT for the following:
Folder Found : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Folder Found : C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
(These items belong to Norton and should be left alone.)
c) Click the Clean Button and Adwcleaner will process all the items ticked / checked and then may ask for the system to be restarted.
d) It should create a new log afterwards (with S0 in the name).
e) Please attach or copy the log into your reply here.
|
|
|
Post by davidmdahl on Oct 23, 2014 16:57:12 GMT -8
All appears to have gone well with the Clean process with ADW Cleaner. The resultant log is attached.
Attachment Deleted
Please let me know if there is anything left to do. I am not seeing out-of-control dllhost.exe processes or virus warnings from Norton.
Thank you!
Best wishes,
David
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 23, 2014 17:21:53 GMT -8
See if there is a AdwCleaner[S0].txt file in the C:\AdwCleaner folder or the C:\AdwCleaner\Logs folder. We need the S0 log; the R0 log is the scan log.
|
|
|
Post by davidmdahl on Oct 23, 2014 17:42:39 GMT -8
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 23, 2014 20:05:07 GMT -8
Step1 - Malwarebytes' Anti-MalwareYour version of MBAM could be out of date. Please check and run a scan only for now; we will check the results and make a decision on what to do. Please download the latest version of Malwarebytes' Anti-Malware from HereDouble Click on the mbam-setup.exe file to install the application. Do not check on the Trial of Professional version. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. When the main screen opens, if the database is out of date, you can click on the Fix Now banner or the Update Now link Once the program has loaded and updated, select " Scan Now >>" to start the scan. The scan may take some time to finish, so please be patient. If any malware is found, you will be presented with a screen like the one below. Please click on the Export Log button and select the As text file from the dropdown list. I would suggest you save the file on your desktop (as we need the report attached here for review and it is easy to find on the desktop). After you have saved the report file, return to the Potential Threats Detected page and click on Cancel. You can close MBAM after that. Please attach the report file to a post here; I will review the file and script what needs to be removed.
|
|
|
Post by davidmdahl on Oct 23, 2014 21:47:35 GMT -8
|
|