Quantcast
Channel: Tech Support Guy - Virus & Other Malware Removal
Viewing all 4746 articles
Browse latest View live

Windows 8.1 really slow

0
0
Hi.

My Windows 8.1 is acting ridiculously slow.

Chrome takes forever to load and opening files/programmes feel sluggish.

I'm convinced i've been hijacked. I've ran AVAST and Malwarebyte - It picks up random things at times which i clean up, but it doesn't make much difference...

Please could you give me some advice on a check up...
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: AMD A10-4655M APU with Radeon(tm) HD Graphics, AMD64 Family 21 Model 16 Stepping 1
Processor Count: 4
RAM: 7366 Mb
Graphics Card: AMD Radeon HD 7620G + 8600M Dual Graphics, 768 Mb
Hard Drives: C: Total - 929536 MB, Free - 840842 MB; D: Total - 23092 MB, Free - 2334 MB;
Motherboard: Hewlett-Packard, 216C
Antivirus: Windows Defender, Disabled

computer super slow and sluggish after booting and periodically during the day

0
0
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: AMD Sempron(tm) 140 Processor, AMD64 Family 16 Model 6 Stepping 2
Processor Count: 1
RAM: 1790 Mb
Graphics Card: ATI Radeon HD 4200, 256 Mb
Hard Drives: C: Total - 293485 MB, Free - 219479 MB;
Motherboard: Dell Inc., 04GJJT
Antivirus: avast! Antivirus, Updated and Enabled

http://imgur.com/Q0VU8l0 - task manager

The physical memory on this goes up really high, and stays there with maybe a little drop for about 20 minutes. It also goes up real high once every few days. It wasn't really an issue in the winter.. i don't turn off my computer but now it's stormy and I will be each night if there is even a slight chance of rain and waiting half an hour to use this is really freaking inconvenient.

This has been going on for months. I have used avast, malwarbytes, and this trendmicro thing numerous times and nothing ever comes up. Everything was fine up till about a year ago. Then it started taking forever to sort itself out and let me do anything. I'm an nearly to the point where I'm willing to try to install more RAM(?) .. but I shouldn't need to do that. The PM shouldn't be so high in the first place! Something is causing it... some setting or something I installed maybe or turned off to get it to start up quicker...

Anyway.. posted in here even though i probably wont get an answer because years ago when I did have a virus it did the same thing, except to a much greater extent that never resolved.

Bit defender keeps turning off; can't use system restore.

0
0
I received help here, then I tried to use Tweaking.com. I'm sure I didn't do it correctly, and then I couldn't get online except with safe mode. I finally got online, but bit defender keeps turning off and I'm worried about malware.

Thanks,

Boyd Bilbo.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 4043 Mb
Graphics Card: Intel(R) HD Graphics Family, 1797 Mb
Hard Drives: C: Total - 584792 MB, Free - 259470 MB; D: Total - 21422 MB, Free - 2275 MB; E: Total - 4055 MB, Free - 10 MB;
Motherboard: Hewlett-Packard, 1695
Antivirus: Bitdefender Antivirus Free Edition, Disabled

Possible Virus or Malware......PLEASE HELP!

0
0
Weird objects are appearing on photos and when I'm typing emails.....virus scan has come out clean. Here's my log: Thank you!

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5-2390T CPU @ 2.70GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 4
RAM: 8174 Mb
Graphics Card: HP Remote Graphics Driver, 5 Mb
Hard Drives: C: Total - 942252 MB, Free - 792532 MB; D: Total - 11513 MB, Free - 1399 MB;
Motherboard: PEGATRON CORPORATION, 2AC2
Antivirus: PC Cleaner Pro, Updated: Yes, On-Demand Scanner: Disabled

Super Drivers Updater by Systuit, Inc

0
0
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz, Intel64 Family 6 Model 60 Stepping 3
Processor Count: 4
RAM: 12204 Mb
Graphics Card: Intel(R) HD Graphics 4600, 1024 Mb
Hard Drives: C: Total - 933569 MB, Free - 860813 MB;
Motherboard: Dell Inc., 088DT1
Antivirus: Microsoft Security Essentials, Updated and Enabled


Hello guys,


The above is the information on my relatively new Dell desktop PC. Somehow, or other either I or my wife has picked up Super Drivers Updater.


I can't find it either in my new Programs or in the Control Panel's Programs and Features; to uninstall this so-called utility.


My Malware Malwarebytes ant-spyware software can't seem to get rid of it; but whenever we attempt to look at our e-mails, or access the internet this ad for Super Drivers Updater continues to pop-up.


Please tell me what I must do to get rid of this software.


Thanks,


Mikelox

Weak ransomware?

0
0
I went on a site that shall remain nameless, one with a lot of free ebooks. I always have a lot of pop-ups there but today, one such popop told me that my computer was held for ransom and that it was locked. I was shocked. I tried shutting down the browser but it would not, so I closed the computer. When I re-opened and rebooted it said that my computer was locked. I decided to try if I could accesss system restore. I was able and through this went back partially it seems only to last month. I then went tried my avg and it came back clean. I then went into safe mode and ran avg again and saw that it noted that my files were locked, yet I am able to do and use everything on my computer. Was it some sort of weak ransomware? Do I still have something?

HP computer running win xp very slowing. Helping a friend

0
0
Hi, I have an old desktop HP that has win xp (using it to write this). It belongs to my sister who does not
have much money to buy a new machine. I was able to get it running and ran Super Anti Virus on it and it removed about 500 Spyware files. I did a disk cleanup that ran for almost an hour and removed a bunch of files.

It is still running fairly sluggish when opening FF and just in general. Is there anything else I can do to get this to run any better? any help is greatly appreciated..

Here are the specs:
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit
Processor: AMD Athlon(tm) 64 Processor 3400+, x86 Family 15 Model 47 Stepping 0
Processor Count: 1
RAM: 894 Mb
Graphics Card: ATI RADEON Xpress 200 Series, 128 Mb
Hard Drives: C: Total - 182569 MB, Free - 130568 MB; D: Total - 8194 MB, Free - 1267 MB;
Motherboard: MSI, ALBACORE
Antivirus: Kaspersky Anti-Virus, Updated: Yes, On-Demand Scanner: Enabled

Regards,

Remove BING from Firefox new tab selection

0
0
I had adaware and malware which I have removed but there is a residual effect that I want fixed and cannot work out how to do it.

The annoying search tool BING is the webpage Firefox reverts to when I select the + sign to open a new tab. My home page was BING but I managed to fix this so it is back to Google. However I cannot get the new tabs to open to my homepage.

I'm sure it is something simple I've just missed in my clean up.

Help would be appreciated.

Thx

Computer EXTREMELY slow... no pop ups

0
0
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz, Intel64 Family 6 Model 58 Stepping 9
Processor Count: 4
RAM: 3983 Mb
Graphics Card: Intel(R) HD Graphics 4000, 1799 Mb
Hard Drives: C: Total - 454712 MB, Free - 347729 MB;
Motherboard: Dell Inc., 06RYX8
Antivirus: Ad-Aware Antivirus, Not Updated

IE Locking Up At Times

0
0
Hi HaroRider,

It appears that you are still having difficulties.

Run the scan tool and post each log in a separate post, please.

DDS Scan
  1. Please download DDS ... by sUBs. Save it to your desktop. Alternate download link here.
    Disable any script blocking software you have running before running DDS.
  2. Please right mouse click and select "Run As Administrator" on dds.com to run the tool. (File name will be different if alternate download used).
    If you are using DDS.com, a black window will open with some additional instructions and comments... There is no need to change the default settings.
  3. When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  4. Please post both the DDS.txt and Attach.txt files in your next reply.

Possible Parasitic Malware?

0
0
Hello, I think I might have a really tricky malware infection. I noticed a while back that I was having a lot more processor activity on my computer then I do when everything is healthy so I set up my task manager and watched things while I read. After the computer had been inactive for a while I looked up and noticed that the Blender 3D game engine player was running as a background process. As far as I know this is not suppose to happen. I uninstalled Blender and Nvidia's Shadow Player in case that was also being abused but I'm still getting a lot of background activity and general weirdness.

I was using Essets Internet Security Package and the time and since my subscription was about to expire I installed Kaspersky but that didn't find a thing so I installed Norton. That didn't seem to find anything a first but when I updated it the program immediately flagged and deleted the OctaneRender, IndigoRender, and Purebasic installer programs (it didn't seem to have any problem with the installed programs). There were a few other installers that were also flagged.

I'm still having a lot of activity. conhost.exe and Windows Interrupt processes are usually the most active things. I might have seen a run32dll.exe process at one time but my memory is bad so I can't say for sure. At any rate, there doesn't seem to be any sign of it now.

Here is my SysInfo readout....

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, 64 bit
Processor: AMD Athlon(tm) II X2 245 Processor, AMD64 Family 16 Model 6 Stepping 3
Processor Count: 2
RAM: 4094 Mb
Graphics Card: NVIDIA GeForce GTX 750 Ti, -2048 Mb
Hard Drives: C: Total - 462756 MB, Free - 356377 MB;
Motherboard: Dell Inc., 04GJJT
Antivirus: Norton Internet Security, Updated and Enabled

Thanks

Downloads End Abnormally

0
0
moved to malware removal
Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to download and run the 64 bit version
  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

remove bitcryptor ransom virus and decrypt locked files

0
0
My computer has been infected with Bitcryptor ransom virus and it is asking for Bitcoin payments to unlock/decrypt my files.

The last thing I downloaded was a jpg from a client email. Now all of my files are encrypted and cannot be opened.

Please help me get rid of this virus/trojan (without formatting the system) and if possible any help in recovering some of the text/excel files.

All of my important data was on D drive and in onedrive/dropbox so I can restore the previous versions from there, but some other stuff was not stored in cloud storage hence I would like some help in descrypting these files.

I have restarted the PC since then in Safe Mode and am typing this message from another computer.

Quote:

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
Processor: AMD Athlon(tm) II X2 260 Processor, AMD64 Family 16 Model 6 Stepping 3
Processor Count: 2
RAM: 5887 Mb
Graphics Card: ATI Radeon HD 4250, 256 Mb
Hard Drives: C: Total - 374538 MB, Free - 300478 MB; D: Total - 102298 MB, Free - 78903 MB;
Motherboard: MSI, 880GM-E35 (MS-7641)
Antivirus: None

Requesting Help with My Computer's Infection

0
0
That is showing what appears to be a pirated version of windows, where a hack is being used to bypass activation and validation checks


We do not offer help, or support to pirated versions of windows
Topic closed
Quote:

of Service will be closed or removed.
Use of Pirated Software - Because we do not support pirated software, we may request that you provide validation to confirm that your copy of Windows or other software is not pirated. If you are unable or unwilling to provide this validation, your thread may be closed.

SHortcut VIrus ...

0
0
i have a shortcut virus in my pen drive i tried many ways to remove it
by cmd {attrib command} method by editing registry by downloading software
i too have an updated antivirus and anti malware spyware by Microsoft
That antivirus cant detect any virus in my pendrive i m uploading some
screen shots of that virus please help me... Urgent
I have windows 7 32 bit

Can I get a final diagnosis?

0
0
So I had a virus on my computer for a bit and it decided to attack one day, it was about 20 days ago, I used multiple anti-viruses and other software of the kind. (Including: MalwareBytes, Unhackme and hitmanpro), all other malware was easy to destroy but this one virus was quite difficult to destroyed it is the: Netengine.exe I removed it 2 times with unhackme and when I decided, today, to do another scan(I just scan at random times for no reason)
I found that: Netengine.exe was back and I removed it with unhackme
And Malware bytes found 4 other things inside of the temp files.
To the light of the fact I didn't clean my temp files I found this forum and downloaded the following: () and Started theses up.
Logs for all of the things is below the security check was done after ALL that.

Now the current anti viruses I have are... well the default windows defender and Malwarebytes, at one point I got AVG but it's crap and was destroyed in one attack I think(Or was just corrupted by an update it tried to do to itself).

But I have A WHOLE LOT of anti-viruses wares, also including a key to boot up the PC if it can no longer boot itself up.
All the softwares are on my computer and on an USB Key I decided to call "The Destroyer"... cuz it sounds cool(And cheesy!) and I can get rid of most viruses with it.

So what I'm asking currently is: If I can get a little diagnosis on if my computer safe atm based on the current logs provided.(Excluding Java I am updating it now) If you need more info feel free to ask!(Since it's for mah safety!)
(I will now also provide the Logs of earlier attacks on my computer)



This is the log for the Security Check: (To the light of the Out-of date message I will now update my JAVA.)

Results of screen317's Security Check version 1.002
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 55
Java version 32-bit out of Date!
Adobe Flash Player 17.0.0.169
Adobe Reader XI
Google Chrome (42.0.2311.135)
Google Chrome (42.0.2311.152)
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
Malwarebytes Anti-Malware mbam.exe
Christopher Desktop fighting viruses SecurityCheck.exe
Windows Defender MpCmdRun.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````



This is the log for Malwarebytes 4 detections:
Code:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2015-05-19
Scan Time: 5:25:39 AM
Logfile:
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.19.01
Rootkit Database: v2015.05.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Christopher

Scan Type: Custom Scan
Result: Cancelled
Objects Scanned: 880215
Time Elapsed: 10 hr, 1 min, 48 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 4
PUP.Optional.Tuto4PC.A, C:\Users\Christopher\AppData\Local\Temp\setup_gmsd_ca.exe, Quarantined, [324b197c404a2e08376d3b2145c1bc44],
PUP.Optional.Goobzo.SIDA, C:\Users\Christopher\AppData\Local\Temp\tu17p84.exe, Quarantined, [97e60095eaa030062e6eb9a37294be42],
PUP.Optional.Somoto.SID.A, C:\Users\Christopher\AppData\Local\Temp\nswCC94.tmp, Quarantined, [5c21d2c3503a0c2a9de746168e782ed2],
PUP.Optional.Goobzo.SIDA, C:\Users\Christopher\AppData\Local\Temp\Install_15840\ins_smk.exe, Quarantined, [0974c8cd6e1c7cba742878e47b8b817f],

Physical Sectors: 0
(No malicious items detected)


(end)

THIS IS THE JUNKWARE REMOVAL LOG
Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.4 (05.19.2015:1)
OS: Windows 8.1 x64
Ran by Christopher on 2015-05-19 at 15:33:24.02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1121267219-1145382535-3596252993-1001
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1121267219-1145382535-3596252993-1004
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1121267219-1145382535-3596252993-500



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\APN PIP



~~~ Files

Successfully deleted: [File] C:\end
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_lyrics.wikia.com_0.localstorage
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_lyrics.wikia.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_st.chatango.com_0.localstorage
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_st.chatango.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_static.audienceinsights.net_0.localstorage
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_static.audienceinsights.net_0.localstorage-journal
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_www.ask.com_0.localstorage
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_www.ask.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage
Successfully deleted: [File] C:\Users\Christopher\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage-journal



~~~ Folders

Successfully deleted: [Folder] C:\WINDOWS\syswow64\ai_recyclebin



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Christopher\appdata\local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2015-05-19 at 15:40:35.73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OLDER LOGS ABOUT THE TIME I GOT ATTACKED ABOUT A MONTH AGO:

MALWAREBYTES: (REMOVED UNNECESSARY INFO)
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2015-04-22
Scan Time: 3:38:33 AM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.04.22.01
Rootkit Database: v2015.04.21.01
License: Free

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 1664320
Time Elapsed: 15 hr, 38 min, 34 sec

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 5
RiskWare.Tool.CK, C:\Program Files (x86)\Ubisoft\Heroes of the Pacific\cracktro.exe, Quarantined, [ee4ced8278123df97bc0245e4fb18e72],
PUP.Optional.CrossRider, C:\Users\Christopher\AppData\Local\Microsoft\Windows\INetCache\IE\0F2431SK\ setup[1].exe, Quarantined, [0c2e4926c7c32313bf3c12d0ae5347b9],
PUP.Optional.Somoto.A, C:\Users\Christopher\AppData\Local\Temp\appshat_generic.exe, Quarantined, [1822f7786e1cdb5b4c230d1752aea65a],
PUP.Optional.BreakingNewsAlert.A, C:\Users\Christopher\AppData\Local\Temp\Setup.exe, Quarantined, [300a2a453654fe38e719db8e6f9127d9],
PUP.Optional.Somoto, C:\Users\Christopher\AppData\Local\Temp\bitool.dll, Quarantined, [c07af57ac3c70036bf88cd9e936f32ce],

Physical Sectors: 0
(No malicious items detected)


(end)

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2015-04-21
Scan Time: 1:51:33 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.04.21.05
Rootkit Database: v2015.04.20.01
License: Free

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 556325
Time Elapsed: 10 min, 52 sec

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 4
PUP.Optional.Goobzo, C:\Program Files\Common Files\Goobzo, Delete-on-Reboot, [2217640b1377c6709d335256ac579d63],
PUP.Optional.Goobzo, c:\program files\common files\goobzo\gbupdateplus, Quarantined, [2217640b1377c6709d335256ac579d63],
PUP.Optional.GamesDesktop.A, c:\users\christopher\appdata\local\gmsd_ca_404, Quarantined, [31088de2a6e4979fc438773cbb48a858],
PUP.Optional.GamesDesktop.A, c:\program files (x86)\gmsd_ca_404, Quarantined, [e851640b6d1d0e2815e8a50e0102af51],

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2015-04-21
Scan Time: 1:33:16 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.04.21.05
Rootkit Database: v2015.04.20.01
License: Free

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 552926
Time Elapsed: 3 min, 52 sec

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 10
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\25286, Quarantined, [0f2aaac51674dd592b2e9d6739cb4bb5],
PUP.Optional.AppLid.A, HKLM\SOFTWARE\WOW6432NODE\App Lid, Quarantined, [96a35718f7933204214cd900719241bf],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [e75239361a70e0565d47467ad72c3ac6],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\25286, Quarantined, [95a4224dc7c346f07adfd034030108f8],
PUP.Optional.Tuto4Pc.A, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS, Quarantined, [a39656196921f343b83cbd93de27f20e],
PUP.Optional.SearchModule.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SMUPDPLUS, Quarantined, [80b989e6256537ffd0883499fc0725db],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1121267219-1145382535-3596252993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [4ced442b0981dd598677d366ce37a55b],
PUP.Optional.MultiIE.A, HKU\S-1-5-21-1121267219-1145382535-3596252993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, Quarantined, [2d0cdd92652594a2884d53ef4bba12ee],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1121267219-1145382535-3596252993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\25286, Quarantined, [70c91b54048648eec8f6538e14ef3cc4],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1121267219-1145382535-3596252993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Lid, Quarantined, [70c92748494172c41f51578206fdf60a],

Registry Values: 2
PUP.Optional.Tuto4Pc.A, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS|HostGUID, 96A2792B-7020-4941-937D-C6959D57E272, Quarantined, [a39656196921f343b83cbd93de27f20e]
PUP.Optional.SearchModule.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SMUPDPLUS|ImagePath, C:\Program Files\Common Files\Goobzo\GBUpdatePlus\smu.exe /service, Quarantined, [80b989e6256537ffd0883499fc0725db]

Registry Data: 0
(No malicious items detected)

Folders: 6
PUP.Optional.BrowserHelper.A, C:\Users\Christopher\AppData\Local\BrowserHelper, Quarantined, [3ffa185794f65ed841ebbb07689b0ef2],
PUP.Optional.Goobzo, C:\Program Files\Common Files\Goobzo, Delete-on-Reboot, [43f6d897e3a753e3329e3f69986b31cf],
PUP.Optional.Goobzo, c:\program files\common files\goobzo\gbupdateplus, Quarantined, [43f6d897e3a753e3329e3f69986b31cf],
PUP.Optional.GamesDesktop.A, c:\users\christopher\appdata\local\gmsd_ca_404, Quarantined, [8bae7af536542b0b20dc63506e9504fc],
PUP.Optional.GamesDesktop.A, c:\program files (x86)\gmsd_ca_404, Quarantined, [d66395da127890a616e7149fd132b44c],
PUP.Optional.SearchModulePlus.A, C:\ProgramData\SearchModulePlus, Quarantined, [a198f37cdfab9a9c44ce9b25986b36ca],

Files: 2
PUP.Optional.BrowserHelper.A, C:\Users\Christopher\AppData\Local\BrowserHelper\BrowserHelperBk.txt, Quarantined, [3ffa185794f65ed841ebbb07689b0ef2],
PUP.Optional.BrowserHelper.A, C:\Users\Christopher\AppData\Local\BrowserHelper\BrowserHelper.txt, Quarantined, [3ffa185794f65ed841ebbb07689b0ef2],

Physical Sectors: 0
(No malicious items detected)

(end)
ACTUALLY MOST OF THESES CONSIST OF THE SAME RESULTS, I JUST POSTED IT SO YOU CAN SEE WHAT ATTACKED MY SYSTEM AND SEE IF IT WAS SNEAKIER THEN IT LOOKED.

Task Manager and Malware Bytes Disabled &W32 Files Missing

0
0
Lets try running FRST in the Recovery Environment.

Please download Farbar Recovery Scan Tool and save it to a flash drive.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Plug the flash drive into the infected PC.
  • If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

    If you are using Vista or Windows 7 enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
  • Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
    To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials...sc-create.html



    To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
  • On the System Recovery Options menu you will get the following options:
  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt
  • Select Command Prompt

    Once in the Command Prompt:
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Help to remove "PUP" from my laptop.

0
0
We have a Lenovo laptop and today I was looking at golf clubs when a window popped up and said I had an infection of some kind and I should call this 1-888 number and they would fix the problem. I don't think so! So now when I try to get back on again it keeps me from making any kind of movement. We have windows 7 professional installed. What can I do to remedy this? Thanks...........I am using our other laptop to write this message. Thank you!

No audio, I think a virus my be affecting it?

0
0
Hello, last night I turned off my computer to clean my GPU. After I turned it back on I had no sound coming through my headset. I've tried a few other headphones and they didn't work either. In my volume tray it shows sound playing but I hear nothing, I've already tried multiple solutions like re-installing my audio drivers and running Malware-bytes and Microsoft security essentials and a couple others I read online. The only thing I can think of what caused it was last night I ran a virus called NETSHOW.exe and installed by accident but I think I've removed it and I have no idea why I have no sound. Help would be very much appreciated.

(I don't think this has anything to do with it but I plugged my monitor into my other GPU slot that I don't use and that's when it stopped working, then I plugged it back in to the other one and still no audio.)

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
Processor: AMD FX(tm)-6300 Six-Core Processor, AMD64 Family 21 Model 2 Stepping 0
Processor Count: 6
RAM: 16284 Mb
Graphics Card: NVIDIA GeForce GTX 550 Ti, 1024 Mb
Hard Drives: C: Total - 953766 MB, Free - 341598 MB;
Motherboard: ASUSTeK COMPUTER INC., M5A97 LE R2.0
Antivirus: Microsoft Security Essentials, Updated and Enabled

Adobe

0
0
I just downloaded Adobe update. Now Adobe tries to open ALL files that I want to open, IE11, Recovery. Then an error window opens and tells me that Adobe cannot open this type of file ( .exe. etc.) I cannot use that computer. SafeMode also uses Adobe when I try to reach Recovery. Can anyone help me?
Viewing all 4746 articles
Browse latest View live




Latest Images