Post by dbrisen on Oct 9, 2016 21:47:30 GMT -8
Sounds like we are making progress but I still want to make sure the malware association is removed.
FIRST >>>>
Run a search with FRST.
Type C:\WINDOWS\system32\mshta.exe into the Search Box.
Press the Search Registry button.
It will produce a log called search.txt or SearchReg.txt in the same directory the tool is run from.
Please attach the log file back here.
[/ul]
SECOND >>>>
AdwCleaner by Xplode
Download AdwCleaner from here. Save the file to the desktop.
NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.
Close all open windows and browsers.
You will see the following console:
Click the Scan button and wait for the scan to finish.
After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Waiting for action. Please uncheck elements you don't want to remove.
Click the Clean button.
Everything checked will be deleted.
When the program has finished cleaning a report appears.
Once done it will ask to reboot, allow this
On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[C#].txt
[/ul]
Optional:
NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.
LAST >>>>
Malwarebytes' Anti-Malware
Please download the latest version of Malwarebytes' Anti-Malware from Here.
Double Click on the mbam-setup.exe file to install the application.
Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
When the main screen opens, if the database is out of date, you can click on the Fix Now banner or the Update Now link
Once updated, please select Settings > Detection and Protection. Please ensure that "Scan for Rootkits" is selected along with Non-Malware Protection PUP and PUM are set to "Treat detections as malware"
Once the program has loaded, updated and the Settings are correct, select "Scan Now >>" to start the scan (from the Main Screen).
The scan may take some time to finish, so please be patient.
If any malware is found, you will be presented with a screen like the one below.
If any malware is found, make sure that everything is checked, and click Remove Selected.
When the scan is complete, click View detailed log >> to view the results.
The report screen will open.
At the bottom click on Export and select as txt file, save the file to your desktop and click OK. When the export is complete, select OPEN.
The log file will be opened in your default text file viewer (usually Notepad); select the whole text (Ctrl + A) and copy (Ctrl + c) it to paste here in a reply.
FIRST >>>>
Run a search with FRST.
Type C:\WINDOWS\system32\mshta.exe into the Search Box.
Press the Search Registry button.
It will produce a log called search.txt or SearchReg.txt in the same directory the tool is run from.
Please attach the log file back here.
[/ul]
SECOND >>>>
AdwCleaner by Xplode
Download AdwCleaner from here. Save the file to the desktop.
NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.
Close all open windows and browsers.
You will see the following console:
Click the Scan button and wait for the scan to finish.
After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Waiting for action. Please uncheck elements you don't want to remove.
Click the Clean button.
Everything checked will be deleted.
When the program has finished cleaning a report appears.
Once done it will ask to reboot, allow this
On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[C#].txt
[/ul]
Optional:
NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.
LAST >>>>
Malwarebytes' Anti-Malware
Please download the latest version of Malwarebytes' Anti-Malware from Here.
Double Click on the mbam-setup.exe file to install the application.
Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
When the main screen opens, if the database is out of date, you can click on the Fix Now banner or the Update Now link
Once updated, please select Settings > Detection and Protection. Please ensure that "Scan for Rootkits" is selected along with Non-Malware Protection PUP and PUM are set to "Treat detections as malware"
Once the program has loaded, updated and the Settings are correct, select "Scan Now >>" to start the scan (from the Main Screen).
The scan may take some time to finish, so please be patient.
If any malware is found, you will be presented with a screen like the one below.
If any malware is found, make sure that everything is checked, and click Remove Selected.
When the scan is complete, click View detailed log >> to view the results.
The report screen will open.
At the bottom click on Export and select as txt file, save the file to your desktop and click OK. When the export is complete, select OPEN.
The log file will be opened in your default text file viewer (usually Notepad); select the whole text (Ctrl + A) and copy (Ctrl + c) it to paste here in a reply.