Morag64 Posted October 27, 2013 Author Posted October 27, 2013 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-10-2013 Ran by Graham at 2013-10-27 12:40:57 Run:1 Running from C:\Users\Graham\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** MountPoints2: {7c2fcce2-9187-11e2-86f7-88ae1def6285} - F:\AutoRun.exe SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - DefaultScope {27C172C1-F365-45C9-B284-11113C331F08} URL = SearchScopes: HKCU - {10964299-F8C2-46C4-B2BB-F2BDDEFA185C} URL = SearchScopes: HKCU - {27C172C1-F365-45C9-B284-11113C331F08} URL = Task: {0C035735-C042-4FAC-903A-08854F0AD2A9} - \BonanzaDealsUpdate No Task File Task: {514E21C8-4334-4A08-A78D-7947A2AD7EBE} - \BonanzaDealsLiveUpdateTaskMachineCore No Task File Task: {C1EB4FA6-06A0-4966-B10D-75A132BB4066} - \MySearchDial No Task File Task: {FAD5F106-9C9A-4D82-935C-13D4C00BDEFC} - \BonanzaDealsLiveUpdateTaskMachineUA No Task File AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 ***************** HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c2fcce2-9187-11e2-86f7-88ae1def6285} => Key deleted successfully. HKCR\CLSID\{7c2fcce2-9187-11e2-86f7-88ae1def6285} => Key not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{10964299-F8C2-46C4-B2BB-F2BDDEFA185C} => Key deleted successfully. HKCR\CLSID\{10964299-F8C2-46C4-B2BB-F2BDDEFA185C} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{27C172C1-F365-45C9-B284-11113C331F08} => Key deleted successfully. HKCR\CLSID\{27C172C1-F365-45C9-B284-11113C331F08} => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C035735-C042-4FAC-903A-08854F0AD2A9} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C035735-C042-4FAC-903A-08854F0AD2A9} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsUpdate => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{514E21C8-4334-4A08-A78D-7947A2AD7EBE} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{514E21C8-4334-4A08-A78D-7947A2AD7EBE} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineCore => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C1EB4FA6-06A0-4966-B10D-75A132BB4066} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1EB4FA6-06A0-4966-B10D-75A132BB4066} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MySearchDial => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FAD5F106-9C9A-4D82-935C-13D4C00BDEFC} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAD5F106-9C9A-4D82-935C-13D4C00BDEFC} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineUA => Key deleted successfully. C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully. ==== End of Fixlog ==== How do I give you an update on my system? I keep being asked to update the adobe flashplayer, at least 3 times in last 2 days and each time it wants to install an extra feature. Quote
Starbuck Posted October 27, 2013 Posted October 27, 2013 How do I give you an update on my system? By letting me know if you removed Spybot, did you reset Chrome and if so has it resolved the issue, did you update Java and was there any problems. Also a general idea on how the system is behaving. I keep being asked to update the adobe flashplayer, at least 3 times in last 2 days and each time it wants to install an extra feature. What is it asking to install? ......... McAfee Security Scan?, if so don't let it install this. You should be able to untick the box so that McAfee Security Scan is not installed. Quote Member of:UNITE
Morag64 Posted October 27, 2013 Author Posted October 27, 2013 Ok Spybot uninstalled Chrome reset Java updated but it says its not verified MacAfee uninstalled I didn't uncheck the box!!!!! On the whole the computer is running much, much better. The browsers are both opening and responding quite quickly as are other programmes. The issues I still have are 1 the overheating 2 the flashplayer stopping things working until I reinstall it. Today it asked me to install something else alongside flash but I unchecked it and it ran the flash installing window again. I haven't had any issues with it switching off. Thank you for all your help so far Quote
Starbuck Posted October 27, 2013 Posted October 27, 2013 Thanks for that. Java updated but it says its not verified Nothing to worry about, seems everyone has had that message. ( even i had it) The browsers are both opening and responding quite quickly as are other programmes. So the reset sorted out the Chrome problem. So the main issue now is the overheating? If so, we can remove the tools we used. Step 1 Restart MBAM. Click on the Quarantine tab http://img.photobucket.com/albums/v708/starbuck50/malwqua_zps3f437f52.png If there are items in quarantine..... Make sure everything is selected and then click Delete All. Close MBAM. Step 2 Double click on AdwCleaner.exe to run the tool again. Click on the Uninstall button. Click Yes when asked are you sure you want to uninstall. Both AdwCleaner.exe, its folder and all logs will be removed. JRT and FRST can now be removed also. (right click on the corresponding icon and select delete) I will ask Ken to help look into the overheating problem for you. Quote Member of:UNITE
Armageddon Posted October 27, 2013 Posted October 27, 2013 Hi Morag when you have finished with the instructions from Starbuck can you re-run " Speccy" and post the temps please Quote Google is your friend We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs. Get help with computer problems. Join Free PC Help here Donations are welcome. Read Here
Morag64 Posted October 27, 2013 Author Posted October 27, 2013 Hi Starbuck I have unistalled/deleted as requested I ran malware and there was a further PUP log below alwarebytes Anti-Malware (Trial) 1.75.0.1300 www.malwarebytes.org Database version: v2013.10.27.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16721 Graham :: GRAHAM-TOSH [administrator] Protection: Enabled 27/10/2013 15:58:02 MBAM-log-2013-10-27 (17-00-01).txt Scan type: Full scan (C:\|D:\|E:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 360322 Time elapsed: 58 minute(s), 19 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Windows\Installer\3f5b36.msi (PUP.Optional.SmartBar.A) -> No action taken. (end) Thank you for all the help Quote
Morag64 Posted October 27, 2013 Author Posted October 27, 2013 The temps showed as CPU 84-87 without the cooling pad on and 60-70 with it. The hard drive is 40 and 37 with the cooling pad. It cut out when I took the cooling fan off! Quote
Plastic Nev Posted October 27, 2013 Posted October 27, 2013 Hi Morag, have you since gone back to Malwarebytes and told it to remove that PUP? Starbuck will want to know no doubt so please follow any further suggestions from him regarding that. Now for the heat issue, you did say a friend had a look some time since, it may require another clean out, and also the heat sink on the CPU may need reseating with new thermal paste, as those temperatures are too high. I will also say the extra cooling pads having their own fans can be a good thing for cooling, though they do have one drawback which is that if in a dusty atmosphere they tend to push even more dust into the laptop, therefore cleaning the dust out may require to be done more frequently. Nev. Quote Need help with your computer problems? Then why not join Free PC Help. Register here. If Free PC Help has helped you then please consider a donation. Click here We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs. -------------------------------------------------------------------- I have installed Windows, now how do I install the curtains? 😄
Starbuck Posted October 27, 2013 Posted October 27, 2013 I ran malware and there was a further PUP log below Files Detected: 1 C:\Windows\Installer\3f5b36.msi (PUP.Optional.SmartBar.A) -> No action taken. Just let MBAM remove it...... it's probably just a leftover. Don't forget: When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found". Click OK to close the message box and continue with the removal process. Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found. Make sure that everything is checked, and click Remove Selected. Quote Member of:UNITE
Morag64 Posted October 27, 2013 Author Posted October 27, 2013 Yes I removed the malware and closed it. Is there anything I should be doing regularly to keep my computer safe? The issues I have with this computer are similar to ones I had with a previous laptop particularly the overheating,therefore I wonder if it is something I am doing or not doing? Is the thermal paste something I can do myself or do I need to take it somewhere? Is it safe for me to open up the case to clean dust out or is it ok just to use the compressed air? Quote
Plastic Nev Posted October 27, 2013 Posted October 27, 2013 Hi, I will leave Starbuck to finish off regarding things such as regular scans with various softwares. As far as the dismantling of your laptop is concerned we do not normally recommend anyone without experience to do so as they can be fiddly, and even if dismantled in the wrong order, can finish up breaking something. If you have access to and understand the full service manual and experienced with dismantling equipment, it is entirely up to you, however if you are unsure, and your friend is willing having done it before, let him do it for you. Failing that it is a trip to recognised and reputable repairers. Nev. Quote Need help with your computer problems? Then why not join Free PC Help. Register here. If Free PC Help has helped you then please consider a donation. Click here We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs. -------------------------------------------------------------------- I have installed Windows, now how do I install the curtains? 😄
KenB Posted October 28, 2013 Posted October 28, 2013 Is the thermal paste something I can do myself or do I need to take it somewhere? Just to add to Nev's comments: I too wouldn't advise you to take the laptop apart. Your problem certainly sounds like over-heating and could be down to a build up of dust. I would be inclined to take the panels that are in the base of the machine off and use the can of compresses air through them. Use short blasts as prolonged blasts will result in the contents of the can liquefying and you will get liquid spraying onto the electronic parts. I certainly do not recommend taking the CPU out - ( not an easy job ) Quote There is an email going around offering processed pork - gelatin - and salt in a can ......this is simply SPAM !! MiniToolBoxNetwork TestWireless Test
Morag64 Posted October 28, 2013 Author Posted October 28, 2013 Thank you all. I really appreciated all the help you gave to me and will take all the advise on board :) Quote
Starbuck Posted October 28, 2013 Posted October 28, 2013 Hi Morag, Is there anything I should be doing regularly to keep my computer safe? I waited while the other guys were advising on the overheating problem. To find out how you may get infected....read this topic: How did i get infected? Please follow these simple steps in order to keep your computer clean and secure: Use an AntiVirus Software Only install one AntiVirus program Update your AntiVirus Software regularly Use a Firewall Only install one software Firewall Scan regularly with a 'Stand Alone' Anti-Malware scanner: Installing another scanner that you can run once or twice a week is always beneficial. Something like: Malwarebytes Anti-Malware SUPERAntiSypware Remember to update these programs each time before running. You can install more than one of these if you only run them as stand alone programs. Use an alternative browser to Internet Explorer: Some excellent alternatives to MS Internet Explorer are: Firefox For added security, add the NoScript extension to this browser: Allow active content to run only from sites you trust, and protect yourself against XSS and Clickjacking attacks also consider adding: WOT - Safe Browsing Tool Web of Trust warns you about risky sites that cheat customers, deliver malware or send spam. Millions of members of the WOT community rate sites based on their experience, giving you an extra layer of protection when browsing or searching the Web. Btw: you don't have to make a contribution. Opera They offer better security, more stability, and better speed. Keep a backup of your registry Keeping a regular backup of your registry will help when something goes wrong. Use a program like: Erunt A full tutorial on how to set up and use Erunt can be found here: Erunt tutorial Keep your system clean of temp files etc, using a 'Cleaner': Cleaners are programs that will help to clean out your: Windows temp files Current user temp files Cookies Temporary Internet flies Browser history Recycle bin Etc....... In other words.... all the rubbish that you accumalate over the course of your browsing and day to day usage of your pc. Programs like: TFC by OldTimer ATF Cleaner Visit Microsoft's Windows Update Site Frequently - It is important that you visit Windowsupdate regularly. Alternatively, turn on the Automatic Updates. Peer to Peer programs Don't be tempted to use Peer to Peer programs. Many of the downloads are bundled with malware. Update all your 'Security' programs regularly - Without regular updates you WILL NOT be protected when new malicious programs are released. Follow this list and your potential for being infected again will reduce dramatically. Quote Member of:UNITE
Armageddon Posted October 29, 2013 Posted October 29, 2013 Hi Morag just to say if your looking for compressed air certain stores like Wilkinsons sell it cheaply , much cheaper than a some PC shops Quote Google is your friend We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs. Get help with computer problems. Join Free PC Help here Donations are welcome. Read Here
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.