Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91734 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Mutiple computer issues [Solved]


  • This topic is locked This topic is locked
32 replies to this topic

#16 thesopranosaurus

thesopranosaurus

    New Member

  • Authentic Member
  • Pip
  • 17 posts
  • Interests:video games, making video games, Guitar/singing, yummy food

Posted 28 December 2013 - 08:21 PM

I have always been able to run the computer in normal mode,  but am still having issues. (not sure if that answers your question???)

 

I attached the picture. I was replying at the bottom of the page instead of clicking "reply to this topic"....erm.... whoops lol.

 

 

So my other issue is that I ran my avg out of curiousity to see our progress and it detected one threat. it had to do with the Toshiba chipset? I have no idea what it meant, so I attached a screen of that as well. What's next to clean this pos...i mean.. lovely laptop up?

Attached Thumbnails

  • dialer.jpg
  • threat.jpg

    Advertisements

Register to Remove


#17 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 29 December 2013 - 08:41 AM

Ok let's come back to those....the AVG thing is really nothing to worry about though.  :)
 
VBJ9QO9.jpgJava

Please go to Start > Control Panel > Programs and Features > uninstall all the Java Programs you see, now download the latest Java from the following link and install it:

http://java.com/en/download/index.jsp
----------

See this page for instructions on how to clear java's cache.

Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup)

  • Under Temporary Internet Files, click the Delete Files button.
  • There are three options in the window to clear the cache - Leave ALL 3 Checked

    • Downloaded Applets
      Downloaded Applications
      Installed Applications and Applets
  • Click OK on Delete Temporary Files Window
    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
  • Click OK to leave the Java Control Panel.

----------
 
GUZVCQN.jpg Please download Malwarebytes Anti-Malware to your desktop.

  • Right-click and Run as Administrator mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan as shown below.

          A3npGzM.jpg
        
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.

The log can also be found here:

Windows 2000 & Windows XP:
C:\Documents and Settings\<USERNAME>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs

Windows Vista & Win7:
C:\Users\<USERNAME>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs
----------
 
ESET Online Scanner

Go here to run an online scannner from ESET. Windows Vista/Windows 7 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.

----------


Posted Image
 
 

#18 thesopranosaurus

thesopranosaurus

    New Member

  • Authentic Member
  • Pip
  • 17 posts
  • Interests:video games, making video games, Guitar/singing, yummy food

Posted 29 December 2013 - 12:12 PM

Hi again,

 

I uninstalled, reinstalled, and cleared the cache of Java with no issues.

 

Here are the scripts you requested:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.29.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Ayla :: AYLA-PC [administrator]

12/29/2013 9:57:17 AM
mbam-log-2013-12-29 (09-57-17).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 208291
Time elapsed: 9 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 7
HKCR\AppID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE} (Trojan.BHO) -> Quarantined and deleted successfully.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA} (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{517E0D3E-17A4-4592-926E-A082DB43B7D3} (PUP.FaceTheme) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|ConduitFloatingPlugin_iekjmlcgpmcjigljdiagaibfjfaideal (Trojan.Agent) -> Data: "C:\Windows\system32\Rundll32.exe" "C:\Users\Ayla\AppData\Local\Temp\CT3307181\plugins\TBVerifier.dll",RunConduitFloatingPlugin iekjmlcgpmcjigljdiagaibfjfaideal -> Quarantined and deleted successfully.

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit.A) -> Bad: (http://search.condui...EEE43726D&SSPV=) Good: (http://www.google.com) -> Quarantined and repaired successfully.

Folders Detected: 8
C:\Users\Ayla\AppData\Local\temp\ct3307181 (PUP.Optional.Conduit.A) -> Delete on reboot.
C:\Users\Ayla\AppData\Local\temp\ct3307181\plugins (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\xpi\defaults (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\Conduit\IE (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\Conduit\IE\CT3307181 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\GorillaPrice (PUP.Optional.GorillaPrice) -> Quarantined and deleted successfully.

Files Detected: 47
C:\Users\Ayla\AppData\Local\temp\nsn24D4.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\nsn34FD.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\nsnD3CB.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\nspB59F.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\SPStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\nsd6EA0.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\nsd8223.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\nsiA163.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\AU\SPSetup.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\AU\SPUpdater.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\chLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\ffLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\spch.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\spff.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows\temp\nsdEB8C.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows\temp\nsiDF7C.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\temp\nso4D00.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Windows\temp\nsyE4BB.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\Local Settings\Temporary Internet Files\Content.IE5\0OE5CV2S\appmarket-[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\Local Settings\Temporary Internet Files\Content.IE5\0OE5CV2S\conduitinstaller[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\Local Settings\Temporary Internet Files\Content.IE5\0OE5CV2S\reg[1].exe (PUP.Optional.RegCleanerPro) -> Quarantined and deleted successfully.
C:\Users\Ayla\Local Settings\Temporary Internet Files\Content.IE5\0OE5CV2S\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\Local Settings\Temporary Internet Files\Content.IE5\1OIS1K62\mconduitinstaller[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\Local Settings\Temporary Internet Files\Content.IE5\EI6ODSHE\appmarket-[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\Local Settings\Temporary Internet Files\Content.IE5\EI6ODSHE\appmarket_[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\Local Settings\Temporary Internet Files\Content.IE5\EI6ODSHE\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\Local Settings\Temporary Internet Files\Content.IE5\EI6ODSHE\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Windows\System32\roboot.exe (PUP.Optional.PCPerformer.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\conduit.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\CT3307181.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\CT3307181.xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\initdata.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\manifest.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\version.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\plugins\TBVerifier.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\xpi\install.rdf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Ayla\AppData\Local\temp\ct3307181\xpi\defaults\preferences\defaults.js (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\Conduit\IE\CT3307181\UninstallerUI.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\GorillaPrice\GorillaPrice.exe (PUP.Optional.GorillaPrice) -> Quarantined and deleted successfully.
C:\ProgramData\GorillaPrice\GPHelper.dll (PUP.Optional.GorillaPrice) -> Quarantined and deleted successfully.
C:\ProgramData\GorillaPrice\{a131ab52-77f3-4bd7-acc7-e2dfdfd298f0}.xpi (PUP.Optional.GorillaPrice) -> Quarantined and deleted successfully.

(end)

 

ESET

 

C:\Program Files\WxDownload\sprotector.dll    a variant of Win32/SProtector.A application
C:\Qoobox\Quarantine\C\ProgramData\wxDownload\fmiggnfmiifpmfdbnddleidkohbgloap.crx.vir    Win32/Adware.MultiPlug.H application
C:\Qoobox\Quarantine\C\Users\Ayla\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmiggnfmiifpmfdbnddleidkohbgloap\4_1\50b7c59d2dd946.27954078.js.vir    Win32/Adware.MultiPlug.H application
C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1OIS1K62\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}[1].cpi    a variant of Win32/PriceGong.A application
C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EI6ODSHE\mypc[1].exe    Win32/MyPCBackup.A application
C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZ2KFKMM\SpeedUpMyPC-standalone-setup[1].exe    multiple threats
C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZ2KFKMM\speed[1].exe    Win32/SpeedUpMyPC.A application
C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EUTPIVVN\ocmuigc[1].htm    JS/Agent.NLC trojan
C:\Users\Ayla\AppData\Local\temp\tbappm.dll    a variant of Win32/Toolbar.Conduit.B application

 



#19 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 29 December 2013 - 12:18 PM

Great job!
 
ComboFix

  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

    ClearJavaCache::

    File::
    C:\Program Files\WxDownload\sprotector.dll    
    C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1OIS1K62\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}[1].cpi    
    C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EI6ODSHE\mypc[1].exe    
    C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZ2KFKMM\SpeedUpMyPC-standalone-setup[1].exe    
    C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZ2KFKMM\speed[1].exe    
    C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EUTPIVVN\ocmuigc[1].htm    
    C:\Users\Ayla\AppData\Local\temp\tbappm.dll

  • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

    CFScriptB-4.gif
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix may request an update; please allow it.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
----------

Post the new ComboFix log and let me know how your system is running now.  :)


Posted Image
 
 

#20 thesopranosaurus

thesopranosaurus

    New Member

  • Authentic Member
  • Pip
  • 17 posts
  • Interests:video games, making video games, Guitar/singing, yummy food

Posted 30 December 2013 - 02:17 PM

Hey Jeff,

 

I tried to run Combofix again and its just not working for me. It got to the same place yet again and stopped. I made sure that I touched nothing, no other programs were running etc. I even sat the laptop in a safe spot and let it stay on overnight undisturbed, yet it still was on  the same screen when i picked it up just now. :huh:



#21 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 30 December 2013 - 02:56 PM

Ok no worries....we can do it this way.
 
Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt
 

C:\Program Files\WxDownload\sprotector.dll    
C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1OIS1K62\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}[1].cpi    
C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EI6ODSHE\mypc[1].exe    
C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZ2KFKMM\SpeedUpMyPC-standalone-setup[1].exe    
C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZ2KFKMM\speed[1].exe    
C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EUTPIVVN\ocmuigc[1].htm    
C:\Users\Ayla\AppData\Local\temp\tbappm.dll

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
----------


Posted Image
 
 

#22 thesopranosaurus

thesopranosaurus

    New Member

  • Authentic Member
  • Pip
  • 17 posts
  • Interests:video games, making video games, Guitar/singing, yummy food

Posted 30 December 2013 - 08:27 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-12-2013 01
Ran by SYSTEM at 2013-12-30 20:21:56 Run:2
Running from G:\
Boot Mode: Recovery

==============================================

Content of fixlist:
*****************
C:\Program Files\WxDownload\sprotector.dll    
C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1OIS1K62\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}[1].cpi    
C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EI6ODSHE\mypc[1].exe    
C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZ2KFKMM\SpeedUpMyPC-standalone-setup[1].exe    
C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZ2KFKMM\speed[1].exe    
C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EUTPIVVN\ocmuigc[1].htm    
C:\Users\Ayla\AppData\Local\temp\tbappm.dll
*****************

C:\Program Files\WxDownload\sprotector.dll => Moved successfully.
"C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1OIS1K62\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}[1].cpi" => File/Directory not found.
"C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EI6ODSHE\mypc[1].exe" => File/Directory not found.
"C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZ2KFKMM\SpeedUpMyPC-standalone-setup[1].exe" => File/Directory not found.
"C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JZ2KFKMM\speed[1].exe" => File/Directory not found.
C:\Users\Ayla\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EUTPIVVN\ocmuigc[1].htm => Moved successfully.
"C:\Users\Ayla\AppData\Local\temp\tbappm.dll" => File/Directory not found.

==== End of Fixlog ====



#23 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 30 December 2013 - 08:33 PM

Good!!  What remaining malware related problems are you having?  :)


Posted Image
 
 

#24 thesopranosaurus

thesopranosaurus

    New Member

  • Authentic Member
  • Pip
  • 17 posts
  • Interests:video games, making video games, Guitar/singing, yummy food

Posted 30 December 2013 - 09:11 PM

The only thing that pops up right now, other than that dialup thingy is now when you first try to load Firefox, it tries to install an add-on with no title. When I close Firefox and restart it doesn't ask again. I've only gotten it to reproduce when I restart the computer. Otherwise the computer is working soooooo much better!! :yeah:



#25 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 31 December 2013 - 08:27 AM

Ok...the dial-up connection popup...is that only on reboot?


Posted Image
 
 

    Advertisements

Register to Remove


#26 thesopranosaurus

thesopranosaurus

    New Member

  • Authentic Member
  • Pip
  • 17 posts
  • Interests:video games, making video games, Guitar/singing, yummy food

Posted 31 December 2013 - 05:09 PM

Yes, both the dial-up connection and now this Firefox addon business are every time I restart.



#27 thesopranosaurus

thesopranosaurus

    New Member

  • Authentic Member
  • Pip
  • 17 posts
  • Interests:video games, making video games, Guitar/singing, yummy food

Posted 31 December 2013 - 05:12 PM

I think the dialup connection popup may have something to do with my school's network (you had to download Cisco NAC agent to log your computer into their wireless network), so maybe something in those settings are set to auto dial? If it isn't too much trouble, can we also take a look at my start-up programs to see if I can eliminate any of them from the startup? I don't want to be too much trouble!!!! :blush:



#28 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 01 January 2014 - 03:38 PM

No trouble.  :)

 

Visit the page here for a program called Startup Lite.  Download, install and run the program and follow any directions given from the program.  Once complete, let me know if that helped out.  :)


Posted Image
 
 

#29 thesopranosaurus

thesopranosaurus

    New Member

  • Authentic Member
  • Pip
  • 17 posts
  • Interests:video games, making video games, Guitar/singing, yummy food

Posted 01 January 2014 - 08:56 PM

I downloaded the program and ran it. However it didn't run for me correctly. The program auto-selected what it considered to be unecessary startup programs, but when I clicked to continue to disable them, the same error message popped up for each selected item. I attached a picture of the error message.

Attached Thumbnails

  • startup.jpg


#30 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 02 January 2014 - 06:26 AM

For that error message, please select No Action and see if that helps. :)


Posted Image
 
 

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users