Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer. I am working under the guidance of one of the specialist of this forum so it may take a bit longer to process your logs.
1. I will be working on your
Malware issues. This
may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please
DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.
Sorry for being so late in getting to your post.Download
Disable/Remove Windows Messenger to the desktop to remove Windows Messenger.
Do not confuse
Windows Messenger with
MSN Messenger because they are not the same.
Windows Messenger is a frequent cause of popups.
Unzip the file on the desktop. Open the
MessengerDisable.exe and choose the bottom box -
Uninstall Windows Messenger and click
Apply.Exit out of
MessengerDisable then delete the two files that were put on the desktop.
==================================
You have
Viewpoint installed.
Viewpoint Media Player/Manager/Toolbar is considered as
Foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad".
More information:
*
ViewMgr.exe - Useless*
Viewpoint to Plunge Into AdwareIt is suggested to remove the program now. Go to
Start > Control Panel > Add/Remove Programs - (Vista & Win7 is
Programs and Features) and remove the following programs if present.
* Viewpoint
* Viewpoint Manager
* Viewpoint Media Player
* Viewpoint Toolbar
* Viewpoint Experience Technology====================================
Open
HijackThis and select
Do a system scan onlyPlace a check mark next to the following entries: (if there)
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (rootkit-scan)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKUS\S-1-5-21-1161266217-414376869-1902029748-1008\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Jeff')
O4 - HKUS\S-1-5-21-1161266217-414376869-1902029748-1011\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Reba')
O8 - Extra context menu item: &Search - ?p=ZUxdm265SGUS
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: auras - {f0d4f88e-e1f8-460f-a41c-6cfb7f73af79} - (no file)
Important: Close all open windows except for
HijackThis and then click
Fix checked.Once completed, exit
HijackThis.==================================
Please uninstall your version of MBAM, download and run this one. Please download Malwarebytes Anti-Malware from
here.
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Full Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
- Please save the log to a location you will remember.
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy and paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.===================================
Please download
ComboFix from
BleepingComputer.comAlternate link: GeeksToGo.comRename ComboFix.exe to commy.exe before you save it to your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
A guide to do this can be found hereClick
Start>Run then copy paste the following command into the Run box & click
OK "%userprofile%\desktop\commy.exe" /stepdelAs part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console[/list]
Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the contents of
C:\ComboFix.txt in your next reply.
If you have problems with ComboFix usage, see
How to use ComboFixPlease copy and paste your logs.