1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Virus, Malware Bad problem

Discussion in 'Virus & Other Malware Removal' started by panuts, Apr 11, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. panuts

    panuts Thread Starter

    Joined:
    Dec 29, 2006
    Messages:
    112
    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
    Processor: AMD Athlon(tm) II X4 630 Processor, AMD64 Family 16 Model 5 Stepping 2
    Processor Count: 4
    RAM: 5887 Mb
    Graphics Card: NVIDIA GeForce 9100, 256 Mb
    Hard Drives: C: Total - 942583 MB, Free - 817431 MB; D: Total - 11182 MB, Free - 1337 MB;
    Motherboard: PEGATRON CORPORATION, VIOLET6
    Antivirus: Microsoft Security Essentials, Updated and Enabled


    It has almost a week and no response from you guys. I need assistance please. My computer is not acting right.
    Even when I F8 there are two loaded that are blank. please help.


    Thank you in advance.
     
  2. panuts

    panuts Thread Starter

    Joined:
    Dec 29, 2006
    Messages:
    112
    I am in need of expert help.
     
  3. panuts

    panuts Thread Starter

    Joined:
    Dec 29, 2006
    Messages:
    112
    Having serious problems please I need someone who can help. Infected with a bug or something.
    I truly would appreciate some help.
     
  4. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Sorry for the delay, and welcome :)

    Please download Farbar Recovery Scan Tool and save it to your desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Make sure that under Optional Scans, there is a checkmark on Addition.txt.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The tool will also produce another log (Addition.txt ). Please attach this to your reply.
     
  5. panuts

    panuts Thread Starter

    Joined:
    Dec 29, 2006
    Messages:
    112
    Scan result of Farbar Recovery Scan Tool
     

    Attached Files:

  6. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Please download the attached file and save it in the same directory as FRST.
    • Start FRST with Administrator privileges.
    • Press the Fix button.
    • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
      Please copy and paste its contents in your next reply.
     

    Attached Files:

  7. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    In addition:

    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.

    Download AdwCleaner from here. Save the file to the desktop.


    NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

    Close all open windows and browsers.
    • XP users: Double click the AdwCleaner icon to start the program.
    • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
      You will see the following console:
    [​IMG]
    • Click the Scan button and wait for the scan to finish.
    • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
    • Click the Clean button.
    • Everything checked will be deleted.
    • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this
    [​IMG]
    • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt

    [​IMG] Please download Malwarebytes Anti-Malware to your desktop
    • Double-click mbam-setup-version.exe and follow the prompts to install the program.
    • At the end, be sure a check-mark is placed next to the following:
      1. Enable free trial of Malwarebytes Anti-Malware Premium
      2. Launch Malwarebytes Anti-Malware
    • Then click Finish.
    • If an update is found, you will be prompted to download and install the latest version.
    • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
    • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
    • Reboot your computer if prompted.
    Extra Note:

    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

    The log is available throughout History ->Application logs. Please post it contents in your next reply.
     
  8. panuts

    panuts Thread Starter

    Joined:
    Dec 29, 2006
    Messages:
    112
    I am starting this now. I will not be able to complete til tommorw. But will. Thank you for your help. I will post results in am.
     
  9. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    No problem. :)
     
  10. panuts

    panuts Thread Starter

    Joined:
    Dec 29, 2006
    Messages:
    112
    Here is the log.
     

    Attached Files:

  11. panuts

    panuts Thread Starter

    Joined:
    Dec 29, 2006
    Messages:
    112
    # AdwCleaner v4.203 - Logfile created 04/05/2015 at 10:34:15
    # Updated 30/04/2015 by Xplode
    # Database : 2015-05-02.1 [Server]
    # Operating system : Windows 7 Home Premium Service Pack 1 (x64)
    # Username : Cindy - CINDY-HOME
    # Running from : C:\Users\Cindy\Desktop\adwcleaner_4.203.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Found : C:\Program Files\Uninstaller
    Folder Found : C:\ProgramData\ParetoLogic
    Folder Found : C:\Users\Cindy\AppData\Roaming\Solvusoft
    Folder Found : C:\Users\Cindys's\AppData\Roaming\ParetoLogic

    ***** [ Scheduled tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
    Key Found : HKCU\Software\Reimage
    Key Found : [x64] HKCU\Software\Reimage
    Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
    Key Found : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
    Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
    Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
    Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
    Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
    Key Found : HKLM\SOFTWARE\Conduit
    Key Found : HKLM\SOFTWARE\MetaStream
    Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
    Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
    Key Found : HKLM\SOFTWARE\ParetoLogic
    Key Found : HKLM\SOFTWARE\Viewpoint
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}

    ***** [ Web browsers ] *****

    -\\ Internet Explorer v11.0.9600.17728


    -\\ Google Chrome v42.0.2311.135

    [C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
    [C:\Users\Cindy\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

    *************************

    AdwCleaner[R0].txt - [2804 bytes] - [18/03/2015 18:40:32]
    AdwCleaner[R1].txt - [2890 bytes] - [21/03/2015 07:24:29]
    AdwCleaner[R2].txt - [2715 bytes] - [21/03/2015 07:34:02]
    AdwCleaner[R3].txt - [3633 bytes] - [09/04/2015 12:45:45]
    AdwCleaner[R4].txt - [3193 bytes] - [04/05/2015 10:34:15]
    AdwCleaner[S0].txt - [2995 bytes] - [18/03/2015 18:43:17]
    AdwCleaner[S1].txt - [3098 bytes] - [21/03/2015 07:30:08]
    AdwCleaner[S2].txt - [3841 bytes] - [09/04/2015 12:54:08]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [3429 bytes] ##########
     
  12. panuts

    panuts Thread Starter

    Joined:
    Dec 29, 2006
    Messages:
    112
    Let me know what you want me to clean. Please
     
  13. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    All. Click the Clean button.
     
  14. panuts

    panuts Thread Starter

    Joined:
    Dec 29, 2006
    Messages:
    112
    did that and cleaned it. Now what do you want me to do?What started this all was downloading Blender and getting a PUBENV virus or trojan. I removed it but it left my system screwed up. and when I searched on the internet if said PUBENV.DLL (Spy.770) was a virus or trojan.

    My computer is still slow and when I do a chkdsk it states it can not repair and when it loads drivers there are blank spots.


    ran MalwareBytes and it showed nothing.
     
  15. JSntgRvr

    JSntgRvr Retired Moderator and Malware Specialist

    Joined:
    Jul 1, 2003
    Messages:
    18,552
    First Name:
    José
    Please download ListChkDskResult by SleepyDude and save it to your desktop.
    • Right-click on [​IMG] icon and select [​IMG] Run as Administrator to start the tool.
    • A message about checking Windows Event Log will pop-up. Click OK.
    • Wait patiently until a notepad window will open. This won't take long.
    • The displayed logfile will be also saved to your desktop as ListChkDskResult.txt.
    Please include the content of this file in your next reply.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1146447

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice