We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Would someone be so kind as to look at my HijackThis log?
Comments
-
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59F36534-33DB-48D8-8774-0F13BD249749}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: C:\Users\Alan\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\Alan\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{3a3526f1-8e5f-11de-a5b4-001d72cb24db}\Shell - "" = AutoRun
O33 - MountPoints2\{3a3526f1-8e5f-11de-a5b4-001d72cb24db}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{f91dc25f-e2d2-11df-812b-001d72cb24db}\Shell - "" = AutoRun
O33 - MountPoints2\{f91dc25f-e2d2-11df-812b-001d72cb24db}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/04/11 14:41:12 | 000,000,000 | ---D | C] -- C:\Users\Alan\Desktop\New folder (2)
[2012/04/10 15:58:35 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/04/10 15:58:35 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/04/10 15:28:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Streamer
[2012/04/10 13:49:09 | 000,000,000 | ---D | C] -- C:\Users\Alan\Desktop\VA-UKTop40-08042012-320
[2012/04/10 08:19:34 | 000,000,000 | ---D | C] -- C:\Users\Alan\Desktop\11 - David Guetta - Nothing But The Beat
[2012/03/31 23:37:56 | 000,000,000 | ---D | C] -- C:\Users\Alan\Desktop\60_ N_ O_ O _T_S
[2012/03/30 13:58:27 | 000,000,000 | ---D | C] -- C:\Users\Alan\Desktop\TheOfficial.UK.Top40.25.03
[2012/03/29 15:52:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/03/29 09:54:15 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\AVG2012
[2012/03/29 09:04:32 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012/03/29 09:04:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2012/03/28 19:26:04 | 000,000,000 | ---D | C] -- C:\Users\Alan\AppData\Roaming\Malwarebytes
[2012/03/28 14:51:05 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012/03/28 14:45:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012/03/28 14:45:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012/03/28 14:41:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2012/03/28 14:19:50 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2012/03/28 13:56:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/03/28 13:56:05 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/03/27 15:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/03/26 14:17:50 | 000,000,000 | ---D | C] -- C:\Users\Alan\Desktop\Dixie Chicks - The Very Best Of [2010-MP3-cov]
[2012/03/26 14:17:38 | 000,000,000 | ---D | C] -- C:\Users\Alan\Desktop\The Pogues - Just Look Them Straight In The Eye And Say... Pogue Mahone
[2012/03/26 14:17:25 | 000,000,000 | ---D | C] -- C:\Users\Alan\Desktop\The Very Best of The Pogues
[2012/03/23 17:56:14 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2012/03/19 22:34:42 | 000,000,000 | ---D | C] -- C:\Users\Alan\Desktop\Sonik Kicks
[2012/03/19 20:35:52 | 000,000,000 | ---D | C] -- C:\Users\Alan\Desktop\nokia pics
========== Files - Modified Within 30 Days ==========
[2012/04/11 16:54:47 | 000,628,024 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/04/11 16:54:47 | 000,110,208 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/04/11 16:50:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/11 16:50:23 | 2359,971,840 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/11 16:12:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1939006039-2866257580-2663649926-1000UA.job
[2012/04/11 16:10:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/11 16:00:00 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job
[2012/04/11 14:28:03 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1939006039-2866257580-2663649926-1000UA.job
[2012/04/11 09:12:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1939006039-2866257580-2663649926-1000Core.job
[2012/04/11 02:10:00 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/11 00:24:36 | 094,463,646 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/04/10 20:28:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1939006039-2866257580-2663649926-1000Core.job
[2012/04/10 17:31:00 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\AWC Update.job
[2012/04/10 16:23:38 | 000,146,870 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/04/10 15:58:35 | 000,002,959 | ---- | M] () -- C:\Users\Alan\Desktop\HiJackThis.lnk
[2012/04/10 14:59:50 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/10 14:59:50 | 000,011,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/10 14:53:04 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012/04/03 15:27:32 | 000,011,760 | ---- | M] () -- C:\Users\Alan\Desktop\5630_photo_gallery_thumb_1_4e7b6a5654758.jpg
[2012/03/29 15:52:02 | 000,001,757 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/29 09:05:06 | 000,000,939 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/03/27 17:20:07 | 000,000,036 | ---- | M] () -- C:\Users\Alan\AppData\Local\housecall.guid.cache
[2012/03/16 10:51:53 | 525,340,713 | ---- | M] () -- C:\Users\Alan\Desktop\We.Bought.a.Zoo.2011.DVDRip.500MB.ShAaNiG.com.mkv
[2012/03/15 04:37:55 | 000,419,360 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/03/12 23:15:29 | 000,101,962 | ---- | M] () -- C:\Users\Alan\Desktop\425760_10150716717175792_627225791_11879847_2055788874_n.jpg
========== Files Created - No Company Name ==========
[2012/04/11 00:24:36 | 094,463,646 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/04/10 16:23:38 | 000,146,870 | ---- | C] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/04/10 15:58:35 | 000,002,959 | ---- | C] () -- C:\Users\Alan\Desktop\HiJackThis.lnk
[2012/04/03 15:27:39 | 000,011,760 | ---- | C] () -- C:\Users\Alan\Desktop\5630_photo_gallery_thumb_1_4e7b6a5654758.jpg
[2012/03/29 15:52:02 | 000,001,757 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/29 09:05:06 | 000,000,939 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/03/27 17:20:07 | 000,000,036 | ---- | C] () -- C:\Users\Alan\AppData\Local\housecall.guid.cache
[2012/03/17 18:33:46 | 525,340,713 | ---- | C] () -- C:\Users\Alan\Desktop\We.Bought.a.Zoo.2011.DVDRip.500MB.ShAaNiG.com.mkv
[2012/03/12 23:15:37 | 000,101,962 | ---- | C] () -- C:\Users\Alan\Desktop\425760_10150716717175792_627225791_11879847_2055788874_n.jpg
[2011/06/15 22:00:51 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/11/15 20:51:04 | 000,007,168 | ---- | C] () -- C:\Users\Alan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/08/25 19:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2010/05/13 06:39:16 | 000,000,570 | ---- | C] () -- C:\Users\Alan\AppData\Roaming\wklnhst.dat
[2010/04/23 21:35:10 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
========== LOP Check ==========
[2010/03/03 20:09:41 | 000,000,000 | -HSD | M] -- C:\Users\Alan\AppData\Roaming\.#
[2010/03/03 20:09:41 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Acer GameZone Console
[2010/11/19 18:54:52 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\AnvSoft
[2012/03/31 15:58:52 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\AVG2012
[2010/01/31 12:43:13 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Copernic
[2010/04/06 19:12:00 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\DMCache
[2010/03/03 20:09:59 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\FloodLightGames
[2011/04/11 20:59:45 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\FrostWire
[2012/03/28 22:13:03 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\General Downloader
[2012/03/31 15:58:52 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\GetRightToGo
[2011/01/28 07:59:17 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\GlarySoft
[2012/01/27 10:32:16 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Hobbyist Software
[2010/04/06 20:58:45 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\IDM
[2012/03/31 15:58:52 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\IObit
[2011/09/07 23:42:50 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\J River
[2010/11/29 11:32:55 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\JAM Software
[2011/01/28 07:59:21 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\LimeWire
[2011/01/06 15:23:57 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\NCH Swift Sound
[2012/03/31 15:58:47 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Nokia
[2011/01/28 07:59:29 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Nokia Ovi Suite
[2010/05/12 21:08:59 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\PC Suite
[2010/03/03 20:10:41 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\PCDJ
[2010/03/03 20:10:41 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\PlayFirst
[2012/02/27 19:45:17 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\redsn0w
[2011/01/07 07:55:55 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Rovio
[2010/03/31 17:56:59 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\SharePod
[2012/03/31 15:58:46 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Spotify
[2010/05/13 06:39:19 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Template
[2012/03/31 15:58:46 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\TeraCopy
[2010/03/03 20:10:41 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\TuneUp Software
[2012/03/31 15:58:46 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\uTorrent
[2010/03/03 20:10:42 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\WinBatch
[2012/03/31 15:58:46 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\WindSolutions
[2010/03/25 06:48:36 | 000,000,000 | ---D | M] -- C:\Users\Alan\AppData\Roaming\Xilisoft Corporation
[2012/04/11 16:00:00 | 000,000,508 | ---- | M] () -- C:\Windows\Tasks\1-Click Maintenance.job
[2012/04/10 17:31:00 | 000,000,386 | ---- | M] () -- C:\Windows\Tasks\AWC Update.job
[2012/04/10 20:28:00 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1939006039-2866257580-2663649926-1000Core.job
[2012/04/11 14:28:03 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1939006039-2866257580-2663649926-1000UA.job
[2012/04/10 14:53:04 | 000,000,310 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2011/11/24 23:47:12 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========A shadowy flight into the dangerous world of a man who does not exist.
A young loner on a crusade to champion the cause of the innocent,
the helpless, the powerless, in a world of criminals who operate above the law.0 -
There should be more to post after the purity check. Looks ok so far though apart from the usual toolbar associated crap - browser/search settings etc.0
-
Have you tried what I suggested in post #7 yet?
https://forums.moneysavingexpert.com/discussion/comment/52401121#Comment_524011210 -
Yes waddler did both,also removed avast and tried to reinstall but its just hanging at 100% so wont finish installing.
Malwarebytes shows the following,its reccomending removing everything but not the pup.vshareredir for some reason?
Malwarebytes Anti-Malware 1.61.0.1400
https://www.malwarebytes.org
Database version: v2012.04.11.05
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Alan :: ALAN-PC [limited]
11/04/2012 17:57:39
mbam-log-2012-04-11 (17-57-39).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 466391
Time elapsed: 3 hour(s), 22 minute(s), 17 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 22
HKCR\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken.
HKCR\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} (PUP.VShareRedir) -> No action taken.
HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} (PUP.VShareRedir) -> No action taken.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO.1 (PUP.VShareRedir) -> No action taken.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO (PUP.VShareRedir) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> No action taken.
HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> No action taken.
HKCR\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.VShareRedir) -> No action taken.
HKCR\MyNewsBarLauncher.IE5BarLauncher (PUP.VShareRedir) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> No action taken.
HKCR\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKCR\GenCrawl.GenCrawler (Trojan.Downloader) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Videocan (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\ZagrebLand (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registry Values Detected: 4
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Data: ;!ÃzÊ;XA³0öm»Áµ -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Data: VShareTB -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Data: -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Data: -> No action taken.
Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bad: (http://startsear.ch/?aff=1) Good: (http://www.google.com) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bad: (http://startsear.ch/?aff=1) Good: (http://www.google.com) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 2
C:\Program Files\vShare.tv plugin\BarLcher.dll (PUP.VShareRedir) -> No action taken.
C:\Users\Alan\AppData\Roaming\General Downloader\Extensions\GenCrawl.dll (Trojan.Downloader) -> Quarantined and deleted successfully.A shadowy flight into the dangerous world of a man who does not exist.
A young loner on a crusade to champion the cause of the innocent,
the helpless, the powerless, in a world of criminals who operate above the law.0 -
Refers to the vShare toolbar. PUP- Potentially Unwanted Program - If you're happy to have it installed - leave it, if not - check it and have mbam remove it.PUP.VShareRedir
Just run a quick scan - don't bother with the full.0 -
Let me know your thoughts on the vShare toolbar & I can give you an OTL script to clear the rest up.0
-
I don't even know what the vshare tool bar is to be honest so I'll get rid of it. I noticed after running mwb that I still can't open iTunes even though I've uninstalled and re installed it and avast still won't reinstall. Also I ran the suggested sophos software and it just hung in the middle of the programme,I restarted the system and sophos won't run at all now. Its as if something's attacking the .exe files ?A shadowy flight into the dangerous world of a man who does not exist.
A young loner on a crusade to champion the cause of the innocent,
the helpless, the powerless, in a world of criminals who operate above the law.0 -
I don't think it's malware related. OTL.exe ran successfully, as did mbam once you'd reinstalled it.
Run chkdsk first.
http://windows.microsoft.com/en-GB/windows7/Check-a-drive-for-errors
Then run aswMBR & post the log. Download it and save it to your desktop.
http://public.avast.com/~gmerek/aswMBR.exe
When you've downloaded it...- Right click aswMBR.exe & choose "Run as Administrator" to run it.
- If prompted, click YES to scan with Avast! virus definitions.
- Set the AVscan to Quick Scan & click the Scan button.
- When the scan reports "Scan finished successfully", click Save log & save the log to your desktop.
- Click OK when prompted. aswMBR.txt & MBR.dat will be appear on your desktop.
- Click EXIT.
- Copy & paste the contents of aswMBR.txt here.
0 -
waddler,going away now for the weekend but ill do this as soon as i get back thanks for your continued help.A shadowy flight into the dangerous world of a man who does not exist.
A young loner on a crusade to champion the cause of the innocent,
the helpless, the powerless, in a world of criminals who operate above the law.0 -
No problem.ajbrynoffa wrote: »waddler,going away now for the weekend but ill do this as soon as i get back thanks for your continued help.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352K Banking & Borrowing
- 253.5K Reduce Debt & Boost Income
- 454.2K Spending & Discounts
- 245K Work, Benefits & Business
- 600.6K Mortgages, Homes & Bills
- 177.4K Life & Family
- 258.8K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards