Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Nov 24, 2014 23:23:48 GMT -8
Although I only took some PUP items, without Poweliks running now your system should be acting a lot better without dllhost being over active??
Quads
|
|
|
Post by rocky14 on Nov 28, 2014 6:34:21 GMT -8
Yes, however Powershell.exe continues to hammer away doing things that I suspect are bad when I log in as non-administrator . Can we do the remaining steps to remove the bad stuff? Very much appecreciating your help, Quads.
Rocky14
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Dec 19, 2014 15:42:41 GMT -8
Pull the PUP's out Read carefully
Download Adwcleaner www.bleepingcomputer.com/download/adwcleaner/ on to your desktop The Blue Download Now @bleeping Computer button and run a scan ( Scan Button). It will create a log after. Or there is a Report button, ONE SCAN ONLY
Attach or paste the log back here Quads
|
|
|
Post by rocky14 on Dec 25, 2014 9:06:48 GMT -8
# AdwCleaner v4.106 - Report created 25/12/2014 at 12:00:39 # Updated 21/12/2014 by Xplode # Database : 2014-12-21.4 [Live] # Operating System : Windows 7 Professional Service Pack 1 (64 bits) # Username : adlzpmc6 - TRVLUGLT1 # Running from : C:\Users\lzpmc6\Downloads\AdwCleaner.exe # Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Google Chrome v39.0.2171.95
*************************
AdwCleaner[R1].txt - [613 octets] - [25/12/2014 12:00:39]
########## EOF - \AdwCleaner\AdwCleaner[R1].txt - [672 octets] ##########
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Dec 25, 2014 15:51:08 GMT -8
On with step 4, Complete system check for any file and cleanup of items and tools used. Special attention to the different settings I have asked for below You can leave Norton Enabled even though ESET may warn about it. just makes the scan take longer. The pictures below showing what to click may be blue instead of green on the ESET website now, but the procedure is still the same Please read carefully and Slowly, Notice all the settings listed below to check before starting the scan. Take note of the NO tick in the Remove found threats setting below at it needs to have the tick removed.
Hold down Control and click on the following link to open ESET OnlineScan in a new window. ESET OnlineScan
Click the For alternate browsers only: (Microsoft Internet Explorer users can skip these steps) Click on Posted Image to download the ESET Smart Installer. Save it to your desktop. Double click on the icon on your desktop. Check Click the button. Accept any security warnings from your browser. Under scan settings, check DON'T (NO)</font></b> check Remove found threats (reason for this is we don't want something deleted and then Windows won't load).
Click Advanced settings and select the following: Scan potentially unwanted applications Scan for potentially unsafe applications Enable Anti-Stealth technology
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. Attach the resulting log in your next reply The scanner screen gives me the option of saving the results to a .txt file as part of the options after the scan has finished. Screenshot of part of the finished scan dialog box by ESET showing the options. List found threats and at the bottom of the listings is the options to save the list. Quads
|
|
|
Post by rocky14 on Jan 5, 2015 17:45:15 GMT -8
ESET threats attached. Thank you for your time in helping us all.
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jan 6, 2015 15:23:06 GMT -8
You may want to read carefully all of this message first before starting the steps. NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemDownload the script attached, needs to be the same file name as well (fixlist.txt), have it on the Desktop, so that fixlist.txt is next to FRST64.exe, DO NOT DRAG AND DROP to download the script, it won't work for FRST (Right click on the attachment link (not the normal left click) and from the menu choose Save As or Save Link as.)
The script tells FRST what to do. Start FRST that is on the desktop
When the tool opens click Yes to disclaimer. (if it still does) Press the Fix button just once and wait.The tool will make a log on the Desktop (Fixlog.txt) please post it to your reply (attach or paste) Quads Attachments:fixlist.txt (1.88 KB)
|
|
|
Post by rocky14 on Jan 7, 2015 16:34:13 GMT -8
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jan 7, 2015 17:35:44 GMT -8
|
|
|
Post by rocky14 on Jan 8, 2015 15:12:14 GMT -8
I got a Windows "blue-screen-of-death" when I ran TFC.exe. I even right clicked it and ran it as administrator.
Any recommendations on how to run it successfully?
Rocky14
|
|