LiquidTension

OK. Please do the following. STEP 1 Farbar Recovery Scan Tool (FRST) Scan Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.Right-Click FRST.exe / FRST64.exe and select Run as administrator to run the programme.Click Yes to the disclaimer.Ensure the Addition.txt box is checked.Click the Scan button and let the programme run.Upon completion, click OK, then OK on the Addition.txt pop up screen.Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. STEP 2 TDSSKiller Scan Please download TDSSKiller and save the file to your Desktop.Right-Click TDSSKiller.exe and select Run as administrator to run the programme.Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.​Click Start Scan. Do not use the computer during the scan.If objects are found, change the action to skip.Click Continue and close the window.A log will be created and saved to the root directory (usually C:\). Attach the file in your next reply. ====================================================== STEP 3 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. FRST.txtAddition.txtTDSSKiller log (attached)

Hello, Follow these instructions on how to Backup Chrome Bookmarks. STEP 1 Uninstall Software Press the Windows Key + r on your keyboard at the same time. Type appwiz.cpl and click OK.Search for the following programmes, right-click and click Uninstall.Google ChromeFollow the prompts.Reboot if necessary.Download and reinstall Google Chrome. STEP 2 Farbar Recovery Scan Tool (FRST) Script Press the Windows Key + r on your keyboard at the same time. Type Notepad and click OK.Copy the entire contents of the codebox below and paste into the Notepad document. startHKLM-x32\...\Run: [] => [X]HKU\S-1-5-21-147233123-3521469473-2772016130-1000\...\MountPoints2: {8b3cb8c9-8441-11e3-9ac9-806e6f6e6963} - E:\setup.exeGroupPolicy: Group Policy on Chrome detected <======= ATTENTIONCHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION2014-10-18 21:20 - 2014-01-31 16:36 - 00000000 ____D () C:\ProgramData\boost_interprocessFolder: C:\ProgramData\271f85faaf2ec0adCMD: ipconfig /flushdnsCMD: netsh winsock reset allCMD: netsh int ipv4 resetCMD: netsh int ipv6 resetCMD: bitsadmin /reset /allusersEmptyTemp:endClick File, Save As and type fixlist.txt as the File Name. Important: The file must be saved in the same location as FRST64.exe. NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System. Right-Click FRST64.exe and select Run as administrator to run the programme.Click Fix.A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply. STEP 3 Farbar Recovery Scan Tool (FRST) Scan Right-Click FRST64.exe and select Run as administrator to run the programme.Click Yes to the disclaimer.Ensure the Addition.txt box is checked.Click the Scan button and let the programme run.Upon completion, click OK, then OK on the Addition.txt pop up screen.Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. ====================================================== STEP 4 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. Did Chrome uninstall/reinstall successfully?Fixlog.txtFRST.txtAddition.txt

Hello vkprabhakar, welcome to Malwarebytes' Malware Removal forum! My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems. If you would allow me to call you by your first name I would prefer that. General P2P/Piracy Notice: ====================================================== Please read through the points below to ensure this process moves as quickly and efficiently as possible. Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.Please backup important documents before proceeding with my instructions.If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.Ensure you are following this topic. Click at the top of the page.====================================================== Unfortunately, your computer is infected with a rootkit. As such, I must issue the following warning. Please let me know how you wish to proceed.

Hi Shanon, No problem with running ComboFix twice, or attaching the logs. Please work your way through the following. STEP 1 Malwarebytes Anti-Malware (MBAM) Please download and install the updated Malwarebytes Anti-Malware.Open Malwarebytes Anti-Malware and click Update Now.Once updated, click the Settings tab and tick Scan for rootkits.Click the Scan tab, ensure Threat Scan is checked and click Scan Now.Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.Upon completion of the scan (or after the reboot), click the History tab.Click Application Logs and double-click the Scan Log.Click Copy to Clipboard and paste the log in your next reply. STEP 2 AdwCleaner Please download AdwCleaner and save the file to your Desktop..Right-Click AdwCleaner.exe and select Run as administrator to run the programme.Follow the prompts. Click Scan. Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. Ensure anything you know to be legitimate does not have a checkmark, and click Clean. Follow the prompts and allow your computer to reboot. After rebooting, a log (AdwCleaner[s0].txt) will open. Copy the contents of the log and paste in your next reply.-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt. STEP 3 Junkware Removal Tool (JRT) Please download Junkware Removal Tool and save the file to your Desktop.Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.Temporarily disable your anti-virus software. For instructions, please refer to the following link.Right-Click JRT.exe and select Run as administrator to run the programme.Follow the prompts and allow the scan to run uninterrupted. Upon completion, a log (JRT.txt) will open on your desktop.Re-enable your anti-virus software.Copy the contents of JRT.txt and paste in your next reply. STEP 4 Farbar Recovery Scan Tool (FRST) Scan Right-Click FRST64.exe and select Run as administrator to run the programme.Click Yes to the disclaimer.Ensure the Addition.txt box is checked.Click the Scan button and let the programme run.Upon completion, click OK, then OK on the Addition.txt pop up screen.Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. ====================================================== STEP 5 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. MBAM logAdwCleaner[s0].txtJRT.txtFRST.txtAddition.txt

Hello, Please consider the following warnings, and proceed with the instructions below. Did you install the following Firefox extensions? FF Extension: WBE PasteFF Extension: Starfield Zoom STEP 1 Uninstall Software Press the Windows Key + r on your keyboard at the same time. Type appwiz.cpl and click OK.Search for the following programmes, right-click and click Uninstall.Note: Ensure you decline offers of additional software if applicable.Spybot - Search & DestroyWise PC 1stAid 1.35Wise Registry Cleaner 8.23Yahoo! Toolbar Follow the prompts.Reboot if necessary. STEP 2 Farbar Recovery Scan Tool (FRST) Script Press the Windows Key + r on your keyboard at the same time. Type Notepad and click OK.Copy the entire contents of the codebox below and paste into the Notepad document. startHKU\S-1-5-21-4185530137-3615135834-1674662940-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - DefaultScope value is missing.SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKCU - {AE927076-6E8B-4E85-B166-B5295ED6AFDC} URL = SearchScopes: HKCU - {DBF98313-4A9D-4969-B9D5-5D5B3D5BB783} URL = BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No FileBHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No FileBHO-x32: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No FileToolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FileToolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No FileHandler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No FileHKU\S-1-5-21-4185530137-3615135834-1674662940-1000\Software\Classes\exefile: <===== ATTENTION!Folder: C:\Users\dub_cm_autoreg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdAwareTray" /fCMD: ipconfig /flushdnsCMD: netsh winsock reset allCMD: netsh int ipv4 resetCMD: netsh int ipv6 resetCMD: bitsadmin /reset /allusersEmptyTemp:endClick File, Save As and type fixlist.txt as the File Name. Important: The file must be saved in the same location as FRST64.exe. NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System. Right-Click FRST64.exe and select Run as administrator to run the programme.Click Fix.A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply. STEP 3 AdwCleaner Please download AdwCleaner and save the file to your Desktop.Right-Click AdwCleaner.exe and select Run as administrator to run the programme.Follow the prompts. Click Scan. Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. Ensure anything you know to be legitimate does not have a checkmark, and click Clean. Follow the prompts and allow your computer to reboot. After rebooting, a log (AdwCleaner[s0].txt) will open. Copy the contents of the log and paste in your next reply.-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt. STEP 4 Junkware Removal Tool (JRT) Please download Junkware Removal Tool and save the file to your Desktop.Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.Temporarily disable your anti-virus software. For instructions, please refer to the following link.Right-Click JRT.exe and select Run as administrator to run the programme.Follow the prompts and allow the scan to run uninterrupted. Upon completion, a log (JRT.txt) will open on your desktop.Re-enable your anti-virus software.Copy the contents of JRT.txt and paste in your next reply. ====================================================== STEP 5 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. Did you install the FF extensions?Did the programmes uninstall OK?Fixlog.txtAdwCleaner[s0].txtJRT.txt

Hello Day9mademe, welcome to Malwarebytes' Malware Removal forum! My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems. If you would allow me to call you by your first name I would prefer that. General P2P/Piracy Notice: ====================================================== Please read through the points below to ensure this process moves as quickly and efficiently as possible. Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.Please backup important documents before proceeding with my instructions.If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.Ensure you are following this topic. Click at the top of the page. ====================================================== STEP 1 TDSSKiller Scan Please download TDSSKiller and save the file to your Desktop.Right-Click TDSSKiller.exe and select Run as administrator to run the programme.Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.​Click Start Scan. Do not use the computer during the scan.If objects are found, change the action to skip.Click Continue and close the window.A log will be created and saved to the root directory (usually C:\). Attach the file in your next reply. STEP 2 AdwCleaner Please download AdwCleaner and save the file to your Desktop..Right-Click AdwCleaner.exe and select Run as administrator to run the programme.Follow the prompts. Click Scan. Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. Ensure anything you know to be legitimate does not have a checkmark, and click Clean. Follow the prompts and allow your computer to reboot. After rebooting, a log (AdwCleaner[s0].txt) will open. Copy the contents of the log and paste in your next reply.-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt. STEP 3 Junkware Removal Tool (JRT) Please download Junkware Removal Tool and save the file to your Desktop.Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.Temporarily disable your anti-virus software. For instructions, please refer to the following link.Right-Click JRT.exe and select Run as administrator to run the programme.Follow the prompts and allow the scan to run uninterrupted. Upon completion, a log (JRT.txt) will open on your desktop.Re-enable your anti-virus software.Copy the contents of JRT.txt and paste in your next reply. STEP 4 Farbar Recovery Scan Tool (FRST) Scan Right-Click FRST64.exe and select Run as administrator to run the programme.Click Yes to the disclaimer.Ensure the Addition.txt box is checked.Click the Scan button and let the programme run.Upon completion, click OK, then OK on the Addition.txt pop up screen.Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. ====================================================== STEP 5 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. TDSSKiller log (attached)AdwCleaner[s0].txtJRT.txtFRST.txtAddition.txt

Hello markv1, welcome to Malwarebytes' Malware Removal forum! My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems. If you would allow me to call you by your first name I would prefer that. General P2P/Piracy Notice: ====================================================== Please read through the points below to ensure this process moves as quickly and efficiently as possible. Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.Please backup important documents before proceeding with my instructions.If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.Ensure you are following this topic. Click at the top of the page. ====================================================== STEP 1 AdwCleaner Please download AdwCleaner and save the file to your Desktop..Right-Click AdwCleaner.exe and select Run as administrator to run the programme.Follow the prompts. Click Scan. Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. Ensure anything you know to be legitimate does not have a checkmark, and click Clean. Follow the prompts and allow your computer to reboot. After rebooting, a log (AdwCleaner[s0].txt) will open. Copy the contents of the log and paste in your next reply.-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt. STEP 2 Junkware Removal Tool (JRT) Please download Junkware Removal Tool and save the file to your Desktop.Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.Temporarily disable your anti-virus software. For instructions, please refer to the following link.Right-Click JRT.exe and select Run as administrator to run the programme.Follow the prompts and allow the scan to run uninterrupted. Upon completion, a log (JRT.txt) will open on your desktop.Re-enable your anti-virus software.Copy the contents of JRT.txt and paste in your next reply. STEP 3 Farbar Recovery Scan Tool (FRST) Scan Right-Click FRST64.exe and select Run as administrator to run the programme.Click Yes to the disclaimer.Ensure the Addition.txt box is checked.Click the Scan button and let the programme run.Upon completion, click OK, then OK on the Addition.txt pop up screen.Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. ====================================================== STEP 4 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. AdwCleaner[s0].txtJRT.txtFRST.txtAddition.txt

OK. Let me know how you get on.

Hello billyfiveoh, welcome to Malwarebytes' Malware Removal forum! My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems. If you would allow me to call you by your first name I would prefer that. General P2P/Piracy Notice: ====================================================== Please read through the points below to ensure this process moves as quickly and efficiently as possible. Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.Please backup important documents before proceeding with my instructions.If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.Ensure you are following this topic. Click at the top of the page. ====================================================== What issues are you experiencing? STEP 1 Malwarebytes Anti-Malware (MBAM) Open Malwarebytes Anti-Malware and click Update Now.Once updated, click the Settings tab and tick Scan for rootkits.Click the Scan tab, ensure Threat Scan is checked and click Scan Now.Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.Upon completion of the scan (or after the reboot), click the History tab.Click Application Logs and double-click the Scan Log.Click Copy to Clipboard and paste the log in your next reply. STEP 2 AdwCleaner Please download AdwCleaner and save the file to your Desktop..Right-Click AdwCleaner.exe and select Run as administrator to run the programme.Follow the prompts. Click Scan. Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. Ensure anything you know to be legitimate does not have a checkmark, and click Clean. Follow the prompts and allow your computer to reboot. After rebooting, a log (AdwCleaner[s0].txt) will open. Copy the contents of the log and paste in your next reply.-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt. STEP 3 Junkware Removal Tool (JRT) Please download Junkware Removal Tool and save the file to your Desktop.Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.Temporarily disable your anti-virus software. For instructions, please refer to the following link.Right-Click JRT.exe and select Run as administrator to run the programme.Follow the prompts and allow the scan to run uninterrupted. Upon completion, a log (JRT.txt) will open on your desktop.Re-enable your anti-virus software.Copy the contents of JRT.txt and paste in your next reply. STEP 4 Farbar Recovery Scan Tool (FRST) Scan Right-Click FRST64.exe and select Run as administrator to run the programme.Click Yes to the disclaimer.Ensure the Addition.txt box is checked.Click the Scan button and let the programme run.Upon completion, click OK, then OK on the Addition.txt pop up screen.Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. ====================================================== STEP 5 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. MBAM logAdwCleaner[s0].txtJRT.txtFRST.txtAddition.txt

Hello Aphelion, welcome to Malwarebytes' Malware Removal forum! My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems. If you would allow me to call you by your first name I would prefer that. General P2P/Piracy Notice: ====================================================== Please read through the points below to ensure this process moves as quickly and efficiently as possible. Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.Please backup important documents before proceeding with my instructions.If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.Ensure you are following this topic. Click at the top of the page. ====================================================== The malware has changed your Chrome to the dev build, so we'll end up having to uninstall and reinstall Chrome. STEP 1 Malwarebytes Anti-Malware (MBAM) Downloaded and install the latest Malwarebytes Anti-Malware update (installs on top of your current version). Open Malwarebytes Anti-Malware and click Update Now.Once updated, click the Settings tab and tick Scan for rootkits.Click the Scan tab, ensure Threat Scan is checked and click Scan Now.Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.Upon completion of the scan (or after the reboot), click the History tab.Click Application Logs and double-click the Scan Log.Click Copy to Clipboard and paste the log in your next reply. STEP 2 AdwCleaner Please download AdwCleaner and save the file to your Desktop..Right-Click AdwCleaner.exe and select Run as administrator to run the programme.Follow the prompts. Click Scan. Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. Ensure anything you know to be legitimate does not have a checkmark, and click Clean. Follow the prompts and allow your computer to reboot. After rebooting, a log (AdwCleaner[s0].txt) will open. Copy the contents of the log and paste in your next reply.-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt. STEP 3 Junkware Removal Tool (JRT) Please download Junkware Removal Tool and save the file to your Desktop.Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.Temporarily disable your anti-virus software. For instructions, please refer to the following link.Right-Click JRT.exe and select Run as administrator to run the programme.Follow the prompts and allow the scan to run uninterrupted. Upon completion, a log (JRT.txt) will open on your desktop.Re-enable your anti-virus software.Copy the contents of JRT.txt and paste in your next reply. STEP 4 Farbar Recovery Scan Tool (FRST) Scan Right-Click FRST64.exe and select Run as administrator to run the programme.Click Yes to the disclaimer.Ensure the Addition.txt box is checked.Click the Scan button and let the programme run.Upon completion, click OK, then OK on the Addition.txt pop up screen.Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. ====================================================== STEP 5 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. MBAM logAdwCleaner[s0].txtJRT.txtFRST.txtAddition.txt

MaxiumusTX, Is that the full ComboFix log? It's incomplete. Please check.

Hi Shanon, OK. Lets proceed. I'd like you to do the following. STEP 1 ComboFix Note: Please read through these instructions before running ComboFix. Please download ComboFix and save the file to your Desktop. << Important!Temporarily disable your anti-virus software. For instructions, please refer to the following link.Right-Click ComboFix.exe and select Run as administrator to run the programme.Follow the prompts. Allow ComboFix to complete it's removal routine (please refer to Important Notes:).Upon completion, a log (ComboFix.txt) will be created in the root directory (C:\). Copy the contents of the log and paste in your next reply.Re-enable your anti-virus software. Important Notes: Do NOT mouse click ComboFix's window whilst it is running. This may cause the programme to stall.Do NOT use your computer whilst ComboFix is running.Your Desktop/taskbar may disappear whilst ComboFix is running; this is normal. If you get the message Illegal operation attempted on registry key that has been marked for deletion please reboot your computer.ComboFix will disconnect your machine from the Internet as soon as it starts.Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.If you are unable to access the Internet after running ComboFix, please reboot your computer. STEP 2 Farbar Recovery Scan Tool (FRST) Scan Right-Click FRST64.exe and select Run as administrator to run the programme.Click Yes to the disclaimer.Ensure the Addition.txt box is checked.Click the Scan button and let the programme run.Upon completion, click OK, then OK on the Addition.txt pop up screen.Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. ====================================================== STEP 3 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. ComboFix.txtFRST.txtAddition.txt

That's OK then. I am satisfied your computer is not infected. All Clean! Congratulations, your computer appears clean! I see no signs of malware on your computer, and feel satisfied that our work here is done. The steps below will remove the tools we have used, and reset any settings changed. I have also provided a list of resources and tools that you may find useful. My help will always be free. But if you are happy with the help provided, and would like to support my fight against malware and/or buy me a beer, please consider a donation. DelFix Please download DelFix and save the file to your Desktop.Double-click DelFix.exe to run the programme.Place a checkmark next to the following items:Activate UACRemove disinfection toolsCreate registry backupPurge system restoreReset system settingsClick the Run button.-- This will remove the specialised tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete). ====================================================== I have compiled below a list of resources you may find useful. The articles document information on computer security, common infection vectors and how you can stay safe on the Internet. Answers to common security questions - Best Practices by quietman7, MVPHow Malware Spreads - How did I get infected? by quietman7, MVPSimple and easy ways to keep your computer safe and secure on the Internet by Lawrence Abrams, MVPHow to Prevent Malware by miekiemoes, MVPHow to backup and restore your data using Cobian Backup by YourHighnessSlow Computer/browser? It May Not Be Malware by quietman7, MVP The following programmes come highly recommended in the security community. AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads. Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software. Malwarebytes Anti-Malware Premium (MBAM) incorporates real-time protection and is designed to run alongside your Anti-Virus. NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology. Sandboxie isolates programmes of your choice, preventing files from writing to your HDD unless you approve the file. Secuina PSI will scan your computer for vulnerable software that is outdated, and automatically find the latest update for you. SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies. Unchecky automatically removes checkmarks for additional software in programme installers, helping you avoid adware and PUPs. Web of Trust (WOT) is a browser add-on designed to alert the user before interacting with a potentially malicious website. -- Please feel free to ask if you have any questions or concerns on computer security or the programmes above. ====================================================== Please confirm you have no outstanding issues, and are happy with the state of your computer. Once I have confirmation things are in order, we can wrap things up and I will close this thread. Thank you for using Malwarebytes. Safe Surfing. Adam (LiquidTension).

Hi Shanon, Unfortunately, I have some bad news. Your computer is infected with a rootkit that opens backdoor on the compromised machine. As such, I must issue you the following warning. Please let me know what you think, and how you wish to proceed. We can remove the identified infection, but the only way to guarantee the trustworthiness of your machine is to reformat/reinstall.

Hello sherri_zhu, welcome to Malwarebytes' Malware Removal forum! My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems. If you would allow me to call you by your first name I would prefer that. General P2P/Piracy Notice: ====================================================== Please read through the points below to ensure this process moves as quickly and efficiently as possible. Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.Please backup important documents before proceeding with my instructions.If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.Ensure you are following this topic. Click at the top of the page. ====================================================== STEP 1 Malwarebytes Anti-Malware (MBAM) If you have not downloaded and installed the updated Malwarebytes Anti-Malware 2.0 please do so now. Open Malwarebytes Anti-Malware and click Update Now.Once updated, click the Settings tab and tick Scan for rootkits.Click the Scan tab, ensure Threat Scan is checked and click Scan Now.Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.Upon completion of the scan (or after the reboot), click the History tab.Click Application Logs and double-click the Scan Log.Click Copy to Clipboard and paste the log in your next reply. STEP 2 AdwCleaner Please download AdwCleaner and save the file to your Desktop..Right-Click AdwCleaner.exe and select Run as administrator to run the programme.Follow the prompts. Click Scan. Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. Ensure anything you know to be legitimate does not have a checkmark, and click Clean. Follow the prompts and allow your computer to reboot. After rebooting, a log (AdwCleaner[s0].txt) will open. Copy the contents of the log and paste in your next reply.-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt. STEP 3 Junkware Removal Tool (JRT) Please download Junkware Removal Tool and save the file to your Desktop.Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.Temporarily disable your anti-virus software. For instructions, please refer to the following link.Right-Click JRT.exe and select Run as administrator to run the programme.Follow the prompts and allow the scan to run uninterrupted. Upon completion, a log (JRT.txt) will open on your desktop.Re-enable your anti-virus software.Copy the contents of JRT.txt and paste in your next reply. STEP 4 Farbar Recovery Scan Tool (FRST) Scan Right-Click FRST64.exe and select Run as administrator to run the programme.Click Yes to the disclaimer.Ensure the Addition.txt box is checked.Click the Scan button and let the programme run.Upon completion, click OK, then OK on the Addition.txt pop up screen.Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. ====================================================== STEP 5 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. MBAM logAdwCleaner[s0].txtJRT.txtFRST.txtAddition.txt

Hello SadisticInsanity, welcome to Malwarebytes' Malware Removal forum! My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems. If you would allow me to call you by your first name I would prefer that. General P2P/Piracy Notice: ====================================================== Please read through the points below to ensure this process moves as quickly and efficiently as possible. Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.Please backup important documents before proceeding with my instructions.If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.Ensure you are following this topic. Click at the top of the page. ====================================================== STEP 1 Malwarebytes Anti-Malware (MBAM) If you have not downloaded and installed the updated Malwarebytes Anti-Malware 2.0 please do so now. Open Malwarebytes Anti-Malware and click Update Now.Once updated, click the Settings tab and tick Scan for rootkits.Click the Scan tab, ensure Threat Scan is checked and click Scan Now.Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.Upon completion of the scan (or after the reboot), click the History tab.Click Application Logs and double-click the Scan Log.Click Copy to Clipboard and paste the log in your next reply. STEP 2 TDSSKiller Scan Please download TDSSKiller and save the file to your Desktop.Right-Click TDSSKiller.exe and select Run as administrator to run the programme.Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.​Click Start Scan. Do not use the computer during the scan.If objects are found, change the action to skip.Click Continue and close the window.A log will be created and saved to the root directory (usually C:\). Copy the contents of the log and paste in your next reply. ====================================================== STEP 3 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. MBAM logTDSSKiller log

Hello, This is a false-positive, and can be safely ignored. Norton must also be disabled whilst running ComboFix. STEP 1 ComboFix Note: Please read through these instructions before running ComboFix. Please download ComboFix and save the file to your Desktop. << Important!Temporarily disable your anti-virus software. For instructions, please refer to the following link.Right-Click ComboFix.exe and select Run as administrator to run the programme.Follow the prompts. Allow ComboFix to complete it's removal routine (please refer to Important Notes:).Upon completion, a log (ComboFix.txt) will be created in the root directory (C:\). Copy the contents of the log and paste in your next reply.Re-enable your anti-virus software. Important Notes: Do NOT mouse click ComboFix's window whilst it is running. This may cause the programme to stall.Do NOT use your computer whilst ComboFix is running.Your Desktop/taskbar may disappear whilst ComboFix is running; this is normal. If you get the message Illegal operation attempted on registry key that has been marked for deletion please reboot your computer.ComboFix will disconnect your machine from the Internet as soon as it starts.Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.If you are unable to access the Internet after running ComboFix, please reboot your computer. STEP 2 Farbar Recovery Scan Tool (FRST) Scan Right-Click FRST64.exe and select Run as administrator to run the programme.Click Yes to the disclaimer.Ensure the Addition.txt box is checked.Click the Scan button and let the programme run.Upon completion, click OK, then OK on the Addition.txt pop up screen.Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. ====================================================== STEP 3 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. ComboFix.txtFRST.txtAddition.txt

Hello fivealive, welcome to Malwarebytes' Malware Removal forum! My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems. If you would allow me to call you by your first name I would prefer that. General P2P/Piracy Notice: ====================================================== Please read through the points below to ensure this process moves as quickly and efficiently as possible. Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.Please backup important documents before proceeding with my instructions.If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.Ensure you are following this topic. Click at the top of the page. ====================================================== The detection by avast! is a false-positive, and your FRST logs are clean. Unless you are experiencing any other issues, there is no reason to suspect your machine is infected. However, we can run the following scans to double-check. STEP 1 Malwarebytes Anti-Malware (MBAM) Open Malwarebytes Anti-Malware and click Update Now.Once updated, click the Settings tab and tick Scan for rootkits.Click the Scan tab, ensure Threat Scan is checked and click Scan Now.Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.Upon completion of the scan (or after the reboot), click the History tab.Click Application Logs and double-click the Scan Log.Click Copy to Clipboard and paste the log in your next reply. STEP 2 TDSSKiller Scan Please download TDSSKiller and save the file to your Desktop.Right-Click TDSSKiller.exe and select Run as administrator to run the programme.Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.​Click Start Scan. Do not use the computer during the scan.If objects are found, change the action to skip.Click Continue and close the window.A log will be created and saved to the root directory (usually C:\). Copy the contents of the log and paste in your next reply. ====================================================== STEP 3 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. MBAM logTDSSKiller log

Hello mrace222, welcome to Malwarebytes' Malware Removal forum! My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems. If you would allow me to call you by your first name I would prefer that. General P2P/Piracy Notice: ====================================================== Please read through the points below to ensure this process moves as quickly and efficiently as possible. Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.Please backup important documents before proceeding with my instructions.If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.Ensure you are following this topic. Click at the top of the page. ====================================================== STEP 1 Farbar Recovery Scan Tool (FRST) Scan Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.Right-Click FRST.exe / FRST64.exe and select Run as administrator to run the programme.Click Yes to the disclaimer.Ensure the Addition.txt box is checked.Click the Scan button and let the programme run.Upon completion, click OK, then OK on the Addition.txt pop up screen.Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. STEP 2 TDSSKiller Scan Please download TDSSKiller and save the file to your Desktop.Right-Click TDSSKiller.exe and select Run as administrator to run the programme.Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.​Click Start Scan. Do not use the computer during the scan.If objects are found, change the action to skip.Click Continue and close the window.A log will be created and saved to the root directory (usually C:\). Attach the file in your next reply. ====================================================== STEP 3 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. FRST.txtAddition.txtTDSSKiller log (attached)

Unfortunately, your computer is infected with a rootkit. As such, I must issue the following warning. Please let me know how you wish to proceed.

Hello NathanielJS, welcome to Malwarebytes' Malware Removal forum! My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems. If you would allow me to call you by your first name I would prefer that. General P2P/Piracy Notice: ====================================================== Please read through the points below to ensure this process moves as quickly and efficiently as possible. Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.Please backup important documents before proceeding with my instructions.If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.Ensure you are following this topic. Click at the top of the page. ====================================================== Please delete (right-click + Delete) the executable (.exe) file for each of these programmes. STEP 1 Malwarebytes Anti-Malware (MBAM) If you have not downloaded and installed the updated Malwarebytes Anti-Malware 2.0 please do so now. Open Malwarebytes Anti-Malware and click Update Now.Once updated, click the Settings tab and tick Scan for rootkits.Click the Scan tab, ensure Threat Scan is checked and click Scan Now.Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.Upon completion of the scan (or after the reboot), click the History tab.Click Application Logs and double-click the Scan Log.Click Copy to Clipboard and paste the log in your next reply. STEP 2 TDSSKiller Scan Please download TDSSKiller and save the file to your Desktop.Right-Click TDSSKiller.exe and select Run as administrator to run the programme.Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.​Click Start Scan. Do not use the computer during the scan.If objects are found, change the action to skip.Click Continue and close the window.A log will be created and saved to the root directory (usually C:\). Copy the contents of the log and paste in your next reply. ====================================================== STEP 3 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. MBAM logTDSSKiller log

Hello MaximusTX, welcome to Malwarebytes' Malware Removal forum! My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems. If you would allow me to call you by your first name I would prefer that. General P2P/Piracy Notice: ====================================================== Please read through the points below to ensure this process moves as quickly and efficiently as possible. Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.Please backup important documents before proceeding with my instructions.If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.Ensure you are following this topic. Click at the top of the page. ====================================================== STEP 1 Farbar Recovery Scan Tool (FRST) Scan Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.Right-Click FRST.exe / FRST64.exe and select Run as administrator to run the programme.Click Yes to the disclaimer.Ensure the Addition.txt box is checked.Click the Scan button and let the programme run.Upon completion, click OK, then OK on the Addition.txt pop up screen.Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. STEP 2 TDSSKiller Scan Please download TDSSKiller and save the file to your Desktop.Right-Click TDSSKiller.exe and select Run as administrator to run the programme.Click Change parameters. Place a checkmark next to Detect TDLFS file system and Verify file digital signatures.​Click Start Scan. Do not use the computer during the scan.If objects are found, change the action to skip.Click Continue and close the window.A log will be created and saved to the root directory (usually C:\). Attach the file in your next reply. ====================================================== STEP 3 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. FRST.txtAddition.txtTDSSKiller log (attached)

Hi Daryl, Please provide an update on the computer after completing the steps below. Are there any outstanding issues? STEP 1 Farbar Recovery Scan Tool (FRST) Script Press the Windows Key + r on your keyboard at the same time. Type Notepad and click OK.Copy the entire contents of the codebox below and paste into the Notepad document. startSearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKCU - DefaultScope {BA6CE4DD-3242-40CC-91FE-7CC64A5CEC3D} URL =SearchScopes: HKCU - {8D9AEFFF-9B2F-4905-8D5C-34A70723DE60} URL = http://www.search.ask.com/web?tpid=ORJ-V7C&o=APN11405&pf=V7&p2=^BBD^OSJ000^YY^US&gct=&itbv=12.7.0.15&apn_uid=AD71785D-D892-4866-9098-1D06B867B4AE&apn_ptnrs=BBD&apn_dtid=^OSJ000^YY^US&apn_dbr=ie_10.0.9200.16736&doi=2013-11-26&trgb=IE&q={searchTerms}&psv=SearchScopes: HKCU - {BA6CE4DD-3242-40CC-91FE-7CC64A5CEC3D} URL =BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No FileBHO-x32: No Name -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> No FileBHO-x32: No Name -> {67EC1BB4-1AC3-4B5E-9CAD-DA52013E7C31} -> No FileToolbar: HKLM-x32 - No Name - {4F524A2D-5637-4300-76A7-7A786E7484D7} - No FileHandler: eimage - {1A3912E1-209D-40E8-98AF-078096837F75} - No FileFilter: application/xhtml+xml - {32F66A26-7614-11D4-BD11-00104BD3F987} - No FileFilter: application/xhtml+xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - No FileFilter: application/xhtml+xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - No FileFilter: text/xml; charset=iso-8859-1 - {32F66A26-7614-11D4-BD11-00104BD3F987} - No FileFilter: text/xml; charset=utf-8 - {32F66A26-7614-11D4-BD11-00104BD3F987} - No File2014-10-16 07:55 - 2014-10-16 07:55 - 00079820 ____H () C:\Users\Lindsey Bouma\Downloads\~WRL0288.tmpHKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\98034895.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\98034895.sys => ""="Driver"C:\Program Files (x86)\AskPartnerNetworkreg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnTBMon" /fCMD: ipconfig /flushdnsCMD: netsh winsock reset allCMD: netsh int ipv4 resetCMD: netsh int ipv6 resetCMD: bitsadmin /reset /allusersEmptyTemp:endClick File, Save As and type fixlist.txt as the File Name. Important: The file must be saved in the same location as FRST64.exe. NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System. Right-Click FRST64.exe and select Run as administrator to run the programme.Click Fix.A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply. STEP 2 AdwCleaner Please download AdwCleaner and save the file to your Desktop.Right-Click AdwCleaner.exe and select Run as administrator to run the programme.Follow the prompts. Click Scan. Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. Ensure anything you know to be legitimate does not have a checkmark, and click Clean. Follow the prompts and allow your computer to reboot. After rebooting, a log (AdwCleaner[s0].txt) will open. Copy the contents of the log and paste in your next reply.-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt. STEP 3 Junkware Removal Tool (JRT) Please download Junkware Removal Tool and save the file to your Desktop.Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.Temporarily disable your anti-virus software. For instructions, please refer to the following link.Right-Click JRT.exe and select Run as administrator to run the programme.Follow the prompts and allow the scan to run uninterrupted. Upon completion, a log (JRT.txt) will open on your desktop.Re-enable your anti-virus software.Copy the contents of JRT.txt and paste in your next reply. ====================================================== STEP 4 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. Fixlog.txtAdwCleaner[s0].txtJRT.txt

Jim, I would recommend one of the following. avast! Free Anti-Virus (free) Avira Free Anti-Virus (free) ESET NOD32 Anti-Virus (paid) Kaspersky Anti-Virus (paid) Emsisoft Internet Security (paid)For a paid solution, my choice of anti-virus is ESET NOD32, and for a free solution, my choice of anti-virus is avast!. Please be aware that there is no universal "one size fits all" solution that works for everyone and there is no single best anti-virus. What works for one person may not work for another. If you choose to replace Norton, please ensure you read the following article first. ------------------ How is your computer performing? Are there any outstanding issues?

Hi Jim, Try resetting Internet Explorer if you wish to continue using the browser. However, Google Chrome is a good browser, and of course, you have the option of installing Mozilla Firefox as well. I use both Chrome and Firefox. As for Norton, I am not familiar with the programme so cannot comment on the functionality of it. You can try asking on the Norton Forum, or consider switching to a different Anti-Virus. I'm not really an advocate of Norton, and will recommend other Anti-Virus software to users. Let me know what you think. Browser Reset Instructions on how to backup your Favourites/Bookmarks and other data can be found below. Backup Internet Explorer FavouritesProceed with the reset once done. Internet Explorer: How to reset Internet Explorer settings