Welcome to MalwareRemoval.com, What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.
MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
I did step 1, I have been trying to delete white smoke but I keep getting a prompt that I need to restart the PC I tried restarting many times and I always get the same prompt as soon as the pc comes back on. It says I need to restart to uninstall white smoke. I tried that many times but it would not uninstall it.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-12-2014 02 Ran by Mark at 2014-12-08 12:06:04 Run:1 Running from C:\Users\Mark\Desktop Loaded Profile: Mark (Available profiles: Mark) Boot Mode: Normal ==============================================
Content of fixlist: ***************** GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION Toolbar: HKU\S-1-5-21-1592174307-3943232130-657400462-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found] FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha944\ff [Not Found] FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta946\ff [Not Found] FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha264\ff [Not Found] FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1671\ff [Not Found] FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5453\ff [Not Found] FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2473\ff [Not Found] FF Extension: No Name - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home1000\ff [Not Found] FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode8086\ff [Not Found] FF Extension: No Name - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release426\ff [Not Found] FF Extension: No Name - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1267\ff [Not Found] Task: {301E4433-C40F-49F0-A992-8E9306515A66} - System32\Tasks\Test TimeTrigger => C:\Users\Mark\AppData\Local\Temp\Runner.exe <==== ATTENTION AlternateDataStreams: C:\ProgramData\Temp:58A5270D AlternateDataStreams: C:\ProgramData\Temp:A5C00DEE C:\Users\Mark\jagex_cl_oldschool_LIVE.dat C:\Users\Mark\random.dat EmptyTemp:
*****************
C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. HKU\S-1-5-21-1592174307-3943232130-657400462-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully. "HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found. C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff not found. C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha944\ff not found. C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta946\ff not found. C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha264\ff not found. C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1671\ff not found. C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5453\ff not found. C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha2473\ff not found. C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home1000\ff not found. C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode8086\ff not found. C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release426\ff not found. C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha1267\ff not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{301E4433-C40F-49F0-A992-8E9306515A66}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{301E4433-C40F-49F0-A992-8E9306515A66}" => Key deleted successfully. C:\Windows\System32\Tasks\Test TimeTrigger => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Test TimeTrigger" => Key deleted successfully. C:\ProgramData\Temp => ":58A5270D" ADS removed successfully. C:\ProgramData\Temp => ":A5C00DEE" ADS removed successfully. C:\Users\Mark\jagex_cl_oldschool_LIVE.dat => Moved successfully. C:\Users\Mark\random.dat => Moved successfully. EmptyTemp: => Removed 513.2 MB temporary data.
Okie dokie than about the whitesmoke i have now been running systemlook for quite a awhile now i would say about two hours now and it is still scanning and im curious about this. Is there something wrong should i be worried D: Yup it is still saying scanning...
Due to a failure to respond for 72 hours or more, this topic is now closed.
If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
Users browsing this forum: No registered users and 588 guests
Contact us:
Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.