Welcome to WindowsInstructed Forums

Welcome to the WindowsInstructed Forums

Sign-up for an account today to receive free malware removal help. Personal Windows help and much more. Or continue as a guest and ask any question you would like to ask us! Please do remember that being a member you get advantages like notifications of replies and faster replies from most members. Also members don't see ads ;) 

We hope to help you with your issues.

The WindowsInstructed Forums Staff

Kris

Forum Administrator
  • Content count

    2,291
  • Joined

  • Last visited

Everything posted by Kris

  1. This forum is now dead please inquire elsewhere.
  2. Lets clean up all the old drivers related to your USB devices. Remove All usb connected items from the computer, only leave the mouse and keyboard installed. Download drivecleanup.zip to your desktop. CLICK HERE to determine whether you’re running 32-bit or 64-bit for Windows. Once the determination has been made, open either the 32-bit or 64-bit folder. Right Click the .exe on the inside of the folder, and Run as Administrator. A command prompt window will open, telling you what has been removed upon completion. Reboot your machine. Check the issue. Run a check disk on the drive. chkdsk C: /f /r Replace C: with the letter of the drive...
  3. Sorry for the delay, you still having issues?
  4. Reverse your clean boot -- then reboot the machine -- then run this tool. Disable your Antivirus & Anti spyware applications!! Download Autologger to your desktop. Unzip it there. Right click Autologger and run as admin. AVZ4 will open and scan your machine, allow this to complete. Upload Collectionlog.zip to your next reply.
  5. Sorry for the delay. Are you still in need of help?
  6. No. What issues are you having with your machine?
  7. I have to go out so please run this... ESET Online Scanner Important note: This scan may take an extended amount of time, make certain your machine does not go to sleep. Click here to download the installer for ESET Online Scanner and save it to your Desktop. Disable all your antivirus and antimalware software - see how to do that here. Right click on esetsmartinstaller_enu.exe and select Run as Administrator. Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components. Select Enable detection of potentially unwanted applications. Click Advanced Settings, then place a checkmark in the following: Remove found threats Scan archives Scan for potentially unsafe applications Enable Anti-Stealth technology Click Start to begin scanning. ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time. When the scan is done, click List threats (only available if ESET Online Scanner found something). Click Export, then save the file to your desktop. Click Back, then Finish to exit ESET Online Scanner. ZHP Diag Scan to get a more in depth look into your machine. Download ZHP Diag to your desktop. 1. Right Click Run as Admin. 2. Click the Scanner button. When complete please push the report button. A notepad will open... copy and paste the report in your next reply.
  8. The program.
  9. Zemana Deep Scan. Right click on Zemana and run as admin. Click the Cog/Sproket Wheel, at the top right of Zemana Select Advanced - I have read the warning and wish to proceed. Place a tick next to Detect Suspicious (Root CA) Certificates. Then click the house icon in Zemana. Then hit your start button at the lower left hand corner of your desktop. Then left click on Computer. Drag Local Disk C: Into the area of Zemana that reads Drag and drop files here to scan them. Once the scan has completed click graph icon on the top right of the programs User interface. Double click to open the latest log-file. Copy it to your clipboard. Post the log here in your next reply. JRT Scan. Please download Junkware Removal Tool and save it on your desktop. Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts. Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator. The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications. On completion, a log is saved to your desktop and will automatically open. Please post the JRT log. Rogue Killer Scan. Download RogueKiller from one of the following links and save it to your Desktop: Link 1 Link 2 Close all the running programs Double click on downloaded setup.exe file to install the program. Click on Start Scan button. Click on another Start Scan button. Wait until the Status box shows Scan Finished Click on Delete. Wait until the Status box shows Deleting Finished. Click on Report and copy/paste the content of the Notepad into your next reply. RKreport.txt could also be found on your desktop. If more than one log is produced post all logs. Adware Cleaner Scan. Please download AdwCleaner by Xplode onto your desktop. Close all open programs and internet browsers. Double click on adwcleaner.exe to run the tool. Click on Scan button. When the scan has finished click on Clean button. Your computer will be rebooted automatically. A text file will open after the restart. Please post the contents of that logfile with your next reply. You can find the logfile at C:\AdwCleaner[S1].txt as well. After the above scans lets check for remaining malware.
  10. Get this file. Iso To USB Then grab this file. Windows download tool.
  11. You are welcome.
  12. Follow the suggestions of the security check tool. Update programs with Patch My PC If there are no more issues then I can mark this as solved?
  13. @Deadelf So I assume that there are no more issues and your machine is running fine. The issues are resolved? I'd just like a conformation. All that I ask in return.
  14. The USB fix log? If there are no more issue with your machine. You can either re install Mcafee or go with one of the following: Panda Free Antivirus. Sophos Home 360 Total Security All of which will offer better protection than Mcafee, and they are free. Glad to have helped!! Please tell a friend ...... or two about us. Suggest the following in place of adblock. Alternate DNS Server. Ad Blocking DNS. Ublock Origin. Anti Ad Block Killer. Also, keep your browsing private with these tools: Self Destructing Cookies. Self Destructing Cookies Chrome. Some items to keep you safe on the internet. VooDoo Shield. control of what is running on your machine Qualys BrowserCheck To update plugins. Web Of Trust To Avoid Shady Websites. Unchecky To Avoid Bundled Software. Privazer To Clean up your mahcine. Now Lets Clean up the tools we used and remove old restore points. Download DelFix by "Xplode" to your Desktop. Right Click the tool and Run as Admin ( Xp Users Double Click) Put a check mark next the items below: Remove disinfection tools Create registry backup Purge System Restore Now click on "Run" button. allow the program to complete its work. all the tools we used will be removed. Tool will create and open a log report (DelFix.txt) Note: The report can be located at the following location C:\DelFix.txt
  15. Quick Diag Fix. First please create a restore point! Right click in Quick Diag Run as Admin. Copy the content of the code box below to your clipboard. Click on the S within the User Interface of the program. Then click on Script. Allow completion. Post the log created in your next reply. Key:: [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfencbdc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfencbdc.sys] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5054EC7-B9CB-4ad5-9F95-D8171A6D6BFA}] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD18A03F-31CC-4CC0-B52D-9E199122923D}] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5054EC7-B9CB-4ad5-9F95-D8171A6D6BFA}] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD18A03F-31CC-4CC0-B52D-9E199122923D}] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB9524B3-24F4-48fa-91C5-B8EEF1C0A14F}] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] [HKLM\Software\WOW6432Node\McAfeeInstaller] [HKLM\Software\WOW6432Node\mcafeeupdater] [HKLM\Software\WOW6432Node\WildTangent] file:: C:\ProgramData\ClickFreeTformer\reminder\SacReminder.exe C:\Users\Roger\Downloads\openfreely_1296.exe C:\Users\Roger\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7XF49HKN\GoogleEarthSetup.exe C:\Program Files (x86)\WildTangent Games C:\Windows\ØõK C:\Windows\Installer\8ef45cc.msi C:\Windows\System32\gatherNetworkInfo.vbs C:\Users\Roger\AppData\OICE_15_974FA576_32C1D314_22E2 C:\Users\Roger\AppData\OICE_15_974FA576_32C1D314_1C76 C:\Users\Roger\AppData\Local\TempTaskUpdateDetection2D9F0AD3-3577-4D40-85ED-0964DB7A4436 C:\Users\Roger\AppData\Local\TempTaskUpdateDetectionF6C143C1-E34E-4F04-8B66-DC420C3C9F66 C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 C:\ProgramData\WildTangent C:\Program Files\Common files\McAfeeFPDetect C:\Windows\System32\Tasks\Apple C:\Windows\System32\Tasks\McAfee C:\Windows\System32\Tasks\HP Officejet 6600.exe_{9F56CCD2-6867-434B-BE74-58291499D7C4} CMD:: ADS:: C:\ProgramData\Temp Clean:: yes
  16. Alright, I will have your fix for Quick Diag up later on.
  17. Download CCleaner from here. After installing click options. Go to monitoring. Uncheck all monitoring items. Go to advanced tab -- Click close program after cleaning. Go to settings -- Click run Ccleaner when the computer starts. Now that you have Ccleaner installed and set-up: Open the program. Go to Tools Go to Startup Now double click each item. To Disable. Leave only your antivirus enabled & the programs mentioned before. Then disable All items in your Scheduled Task as well. Unless they are related to Windows Defender Also leave in your startup your backup software and your Wireless adapter startup. Looking over this log will take some time. A final scan while I check over the logs... 9-Lab Scan. Download 9-Lab Removal Tool. CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows. Install the program onto your computer, then right click the icon run as administrator. Update the program and then run a Quick scan! Make sure the program updates, might be better to install it update reboot and check for updates again. You need to make sure the database updates!!! Upon Scan Completion Click on Show Results. Then Click On Clean Then Click on Save Log. Save it to your desktop, copy and paste the contents of the log here in your next reply.
  18. As far as your USB lets clean it next. Download USB fix from here. Save it to your desktop. Right click Run as admin a new shortcut will appear on your desktop. Right click Run that new one as admin. Click Research. Follow instructions to attach the USB. Click OK. Once the check is complete. Click Clean. Allow completion. Reboot if requested. Post the log created.
  19. The program scanned your entire HDD... The other programs are much faster.
  20. FRST Fix. Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply. Instead of a fresh FRST log.... Go ahead and Run Quick Diag after the fix... Quick Diag Scan. Download Quick Diag to your desktop. Disable your Antivirus/Antispyware prior to scanning. Right Click Run as Administrator. Select the Extended Scan. Post the log that is generated in your next post. Click here to download fixlist.txt
  21. Update old programs with Patch My PC then.... Please uninstall the programs listed below with Geek Uninstaller. Use force mode if something refuses to uninstall. These programs are either outdated or just plain useless using resources on your machine for no reason. Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated) Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0609.2011 - Acer Incorporated) Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated) Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation) HP Officejet 6600 Product Improvement Study (HKLM\...\{9DD732B9-9B16-4F28-8E21-4AB5E40AF7DE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation) McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 15.0.179 - McAfee, Inc.) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.474.2 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.124 - McAfee, Inc.) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Wajam (HKLM-x32\...\WaIntEnhance) (Version: 2.23.2.8 (i2.6) - WaIntEnhance) <==== ATTENTION Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated) Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.) Yontoo 1.12.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.12.02 - Yontoo LLC) <==== ATTENTION
  22. Glad to have helped!! Please tell a friend ...... or two about us. suggest the following in place of adblock. Alternate DNS Server. Ad Blocking DNS. Ublock Origin. Anti Ad Block Killer. Also, keep your browsing private with these tools: Self Destructing Cookies. Self Destructing Cookies Chrome. Some items to keep you safe on the internet. VooDoo Shield. control of what is running on your machine Qualys BrowserCheck To update plugins. Web Of Trust To Avoid Shady Websites. Unchecky To Avoid Bundled Software. Privazer To Clean up your mahcine. Now Lets Clean up the tools we used and remove old restore points. Download DelFix by "Xplode" to your Desktop. Right Click the tool and Run as Admin ( Xp Users Double Click) Put a check mark next the items below: Remove disinfection tools Create registry backup Purge System Restore Now click on "Run" button. allow the program to complete its work. all the tools we used will be removed. Tool will create and open a log report (DelFix.txt) Note: The report can be located at the following location C:\DelFix.txt
  23. Once these logs are posted please post an updated FRST & Addition.txt log. I will then remove anything that may remain. I will be online for a good while tonight, we will try and get everything solved tonight if you have the time.
  24. With the link provided are you able to get into the recovery options? Are there files you wish to retrieve from this machine? Do you have your windows disk?
  25. Lets clean a bit more trash before I make your script. Zemana Deep Scan. Right click on Zemana and run as admin. Click the Cog/Sproket Wheel, at the top right of Zemana Select Advanced - I have read the warning and wish to proceed. Place a tick next to Detect Suspicious (Root CA) Certificates. Then click the house icon in Zemana. Then hit your start button at the lower left hand corner of your desktop. Then left click on Computer. Drag Local Disk C: Into the area of Zemana that reads Drag and drop files here to scan them. Once the scan has completed click graph icon on the top right of the programs User interface. Double click to open the latest log-file. Copy it to your clipboard. Post the log here in your next reply. JRT Scan. Please download Junkware Removal Tool and save it on your desktop. Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts. Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator. The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications. On completion, a log is saved to your desktop and will automatically open. Please post the JRT log. ZHP Scan. Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator. 2. Once you have started the program, you will need to click the scanner button. The program will close all open browsers! 3. Once the scan is completed, the you will want to click the Repair button. At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop. Copy and paste the report here in your next reply. Adware Cleaner Scan. Please download AdwCleaner by Xplode onto your desktop. Close all open programs and internet browsers. Double click on adwcleaner.exe to run the tool. Click on Scan button. When the scan has finished click on Clean button. Your computer will be rebooted automatically. A text file will open after the restart. Please post the contents of that logfile with your next reply. You can find the logfile at C:\AdwCleaner[S1].txt as well.

WindowsInstructed Forums

Welcome on the WindowsInstructed Forums. If you have any Windows question or Malware related question then this is the place to be. All your connections are securely encrypted with our server so your privacy is protected as well!