Posts: 4,727
Threads: 311
Joined: Sep 2014
Reputation:
102
145ah can you please run Emsisoft Emergency Kit as requested by GuiltySpark
Please
Download Emsisoft Emergency Kit to your desktop.
· Please double click
EmsisoftEmergencyKit.exe this will install
Emsisoft Emergency Kit
· Next choose
Extract it will put program in
C:\EEK
· Navigate to
C:\EEK then click "
Start Emergency Kit Scanner .exe"
· Click
Yes to
User Account Control (UAC)
· Click
Yes to
Update Signature Definitions
· Now click "
Smart Scan "and select
Yes" to "
Detect Potently Unwanted Programs (PuPs) "
· Click
Delete Selected then click
View Report and save as
EEK.log.
· Click
Finish and post
EEK.log on next post.
<left><form action="https://www.paypal.com/cgi-bin/webscr" method="post">If you are satisfied with my help, consider a donation. Thank you so much for your continued support!
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="Y4ZDLXGFS4F8Q">
<input type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal — The safer, easier way to pay online.">
<img alt="" border="0" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="0" height="0">
</form>
</div></left>
Posts: 17
Threads: 1
Joined: Jan 2015
Reputation:
0
hi, GuiltySpark I will keep the following programs Advanced SystemCare 8, Auslogics DiskDefrag, Defraggler, IObit Malware Fighter, nurago web meter, Qmee, Smart Defrag 3, SmartSHOW 2.0,SmartSHOW 2.0 because I use them
Posts: 17
Threads: 1
Joined: Jan 2015
Reputation:
0
did the Emsisoft Emergency Scan but for got to put View Report and save as EEK.log, SORRY GuiltySpark I will do one more tomorrow
Posts: 17
Threads: 1
Joined: Jan 2015
Reputation:
0
hi, GuiltySpark thank you for your help so far, below is the Emergency Scan still can't get rid of mysearchdial.com
Emsisoft Emergency Kit - Version 9.0
Last update: 10/01/2015 23:42:59
User account: ant-PC\ant
Scan settings:
Scan type: Smart Scan
Objects: Rootkits, Memory, Traces, C:\Windows\, C:\Program Files\, C:\Program Files (x86)\
Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
Scan start: 10/01/2015 23:43:21
Key: HKEY_USERS\S-1-5-21-2908333697-2003391469-1437793153-1004\SOFTWARE\BROWSERCOMPANION detected: Application.InstallAd (A)
Key: HKEY_USERS\S-1-5-21-2908333697-2003391469-1437793153-1004\SOFTWARE\FILETYPEASSISTANT detected: Application.InstallAd (A)
Scanned 267034
Found 2
Scan end: 11/01/2015 00:57:54
Scan time: 1:14:33
Posts: 17
Threads: 1
Joined: Jan 2015
Reputation:
0
hi, GuiltySpark sorry I am bit confused how do you
Navigate to HKEY_USERS\S-1-5-21-2908333697-2003391469-1437793153-1004\SOFTWARE\BROWSERCOMPANION detected: Application.InstallAd (A)
Navigate to HKEY_USERS\S-1-5-21-2908333697-2003391469-1437793153-1004\SOFTWARE\FILETYPEASSISTANT detected: Application.InstallAd (A)
I did this Hold Winkey+R and Type "Regedit and then paste and copy under edit and find and but couldn't the them
sorry about please can you tell me what doing wrong, thank you
Posts: 4,727
Threads: 311
Joined: Sep 2014
Reputation:
102
Please try this
Step 1
- Fix with FRST
Make sure that you still have FRST.exe on your Desktop. If you do not have it, download the suitable version from here to your Desktop.
- Open Notepad.exe. Do not use any other text editor software;
- Copy and Paste the contents inside the code-box to your Notepad --
Code: [Select]
Code:
Start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:
HKLM-x32\...\Run: [] => [X]
HKEY_USERS\S-1-5-21-2908333697-2003391469-1437793153-1004\SOFTWARE\BROWSERCOMPANION
HKEY_USERS\S-1-5-21-2908333697-2003391469-1437793153-1004\SOFTWARE\FILETYPEASSISTANT
CMD: ipconfig /flushdns
End
- Click on File > Save as...
- Inside the File Name box type fixlist.txt
- From the Save as type drop down list, choose All Files
- Save the file to your Desktop;
- Re-run FRST.exe and click Fix;
- Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.
- After the completion, a log will be produced;
- Attach the log in your next reply.
<left><form action="https://www.paypal.com/cgi-bin/webscr" method="post">If you are satisfied with my help, consider a donation. Thank you so much for your continued support!
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="Y4ZDLXGFS4F8Q">
<input type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal — The safer, easier way to pay online.">
<img alt="" border="0" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="0" height="0">
</form>
</div></left>
Posts: 17
Threads: 1
Joined: Jan 2015
Reputation:
0
thank you very much Britec for your help I try what you told me but mysearchdial.com is back below is the FRST.exe log
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-01-2015 02
Ran by ant at 2015-01-13 23:18:11 Run:1
Running from C:\Users\ant\Desktop
Loaded Profile: ant (Available profiles: ant & all)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:
HKLM-x32\...\Run: [] => [X]
HKEY_USERS\S-1-5-21-2908333697-2003391469-1437793153-1004\SOFTWARE\BROWSERCOMPANION
HKEY_USERS\S-1-5-21-2908333697-2003391469-1437793153-1004\SOFTWARE\FILETYPEASSISTANT
CMD: ipconfig /flushdns
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKEY_USERS\S-1-5-21-2908333697-2003391469-1437793153-1004\SOFTWARE\BROWSERCOMPANION => Error: No automatic fix found for this entry.
HKEY_USERS\S-1-5-21-2908333697-2003391469-1437793153-1004\SOFTWARE\FILETYPEASSISTANT => Error: No automatic fix found for this entry.
========= ipconfig /flushdns =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
EmptyTemp: => Removed 929.1 MB temporary data.
The system needed a reboot.
==== End of Fixlog 23:19:51 ====