Author Topic: EMERGENCY!!!  (Read 2197 times)

0 Members and 1 Guest are viewing this topic.

Offline Moses

  • Full Member
  • ***
  • Posts: 149
    • View Profile
Re: EMERGENCY!!!
« Reply #60 on: August 11, 2017, 04:40:45 AM »
Hi Corrine,

 I did what you asked however, when I clicked and opened the file, here is the picture of what I got.  So, there was no "scan it" button to choose.

Offline Moses

  • Full Member
  • ***
  • Posts: 149
    • View Profile
Re: EMERGENCY!!!
« Reply #61 on: August 11, 2017, 10:32:38 AM »
Just wanted to keep you busy.. :)

I was just on a website and clicked the "contact" button.

All of a sudden my IE went crazy and windows were opening up one after the other.

PLease see the pictures attached.

I did see one small window that said "the default email was installed improperly...."

Offline Moses

  • Full Member
  • ***
  • Posts: 149
    • View Profile
Re: EMERGENCY!!!
« Reply #62 on: August 11, 2017, 10:34:03 AM »
Here is another picture of task manager

Offline techie

  • LzD Friends
  • Sr. Member
  • *****
  • Posts: 462
    • View Profile
Re: EMERGENCY!!!
« Reply #63 on: August 11, 2017, 12:17:33 PM »
Just for curiosity, do you get any errors in Firefox?

Offline Moses

  • Full Member
  • ***
  • Posts: 149
    • View Profile
Re: EMERGENCY!!!
« Reply #64 on: August 11, 2017, 12:25:55 PM »
Haven't used it in a long time.

Maybe I'll try.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 17956
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: EMERGENCY!!!
« Reply #65 on: August 11, 2017, 12:42:22 PM »
Have you run the FRST script from my instructions here yet? 


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline Moses

  • Full Member
  • ***
  • Posts: 149
    • View Profile
Re: EMERGENCY!!!
« Reply #66 on: August 11, 2017, 01:36:09 PM »
yes, I did it and posted both logs yesterday evening.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 17956
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: EMERGENCY!!!
« Reply #67 on: August 11, 2017, 01:44:09 PM »
I think I'm losing it.  :D  I'll get back to you shortly.





Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 17956
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: EMERGENCY!!!
« Reply #68 on: August 11, 2017, 02:08:25 PM »
I don't think I had enough coffee earlier today.  :)  I had instructions awaiting for the results of the Virus Total scan, updated after you replied and all I can figure is I got distracted and didn't click the post button.  Anyway, (as I thought I posted earlier), don't be alarmed at the number of the files to be removed.  There are some remnants and a lot of a random generated empty data.

Please do the following to run FRST:

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Please select the entire contents of the code box below, from the "Start::" line to "End", including both lies.  Right-click and select "Copy ".
Code: [Select]
Start::
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
2017-08-10 19:29 - 2017-08-10 19:29 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2017-08-10 17:11 - 2017-08-10 17:11 - 000000000 ____D C:\Users\Me\AppData\Local\{B00911BF-D408-41AD-BE9E-43D1F4D6EFA5}
2017-08-10 10:45 - 2017-08-10 10:45 - 000000000 ____D C:\Users\Me\AppData\Local\{4A5AB992-B212-4968-B0BA-E3A41E34930B}
2017-08-10 08:22 - 2017-08-10 08:22 - 000000000 ____D C:\Users\Me\AppData\Local\{05EA1DF3-ABA0-44BD-A3A5-E3579AF74930}
2017-08-09 23:26 - 2017-08-09 23:26 - 000000000 ____D C:\Users\Me\AppData\Local\{F1DD11D8-5EFE-4F84-99C2-14CF695DF8C9}
2017-08-09 23:22 - 2017-08-09 23:22 - 000000000 ____D C:\Users\Me\AppData\Roaming\Sun
2017-08-09 20:15 - 2017-08-09 20:15 - 000000000 ____D C:\Users\Me\AppData\Local\{8FE66117-AA84-4463-8443-25681E472C8B}
2017-08-09 19:39 - 2017-08-09 19:39 - 000000020 _____ C:\Windows\È÷±
2017-08-09 17:50 - 2017-08-09 17:50 - 000000000 ____D C:\Users\Me\AppData\Local\{11FEDDE6-EFD1-4AD8-A8D5-142FB28F2F51}
2017-08-09 13:02 - 2017-08-09 13:02 - 000000000 ____D C:\Users\Me\AppData\Local\{C02A0389-078C-4785-ABF3-8CC056C036D7}
2017-08-09 09:51 - 2017-08-09 09:51 - 000000000 ____D C:\Users\Me\AppData\Local\{04A10720-FC08-445A-BE91-A48FC9AA1E0C}
2017-08-09 07:39 - 2017-08-09 07:39 - 000000000 ____D C:\Users\Me\AppData\Local\{4C062A90-177F-44D5-8FDF-C68139E42C86}
2017-08-08 22:03 - 2017-08-08 22:03 - 000000000 ____D C:\Users\Me\AppData\Local\{A6A23E6E-31A4-407E-99B8-AC3978E47406}
2017-08-08 14:56 - 2017-08-08 14:56 - 000000000 ____D C:\Users\Me\AppData\Local\{F5A31D31-A8F8-4130-82D7-F71463F254C1}
2017-08-08 12:11 - 2017-08-08 12:11 - 000000000 ____D C:\Users\Me\AppData\Local\{460AC32A-7C0F-4519-9DC8-BC7017192261}
2017-08-08 12:05 - 2017-08-08 12:05 - 000000000 ____D C:\Users\Me\AppData\Local\{6686DC8E-7E48-4884-8965-DBCFF667EFF2}
2017-08-08 11:32 - 2017-08-08 11:32 - 000000000 ____D C:\Users\Me\AppData\Local\{C149CBA7-08B3-4088-830B-5A5384F46F39}
2017-08-08 10:57 - 2017-08-08 10:57 - 000000000 ____D C:\Users\Me\AppData\Local\{09B79CEF-EC1D-49DC-AFDA-DCA763E6FD38}
2017-08-08 07:34 - 2017-08-08 07:34 - 000000000 ____D C:\Users\Me\AppData\Local\{892DC713-11FD-4598-9B33-97C214C95629}
2017-08-07 21:57 - 2017-08-07 21:57 - 000000000 ____D C:\Users\Me\AppData\Local\{3402C467-DA41-4DA9-9F79-B22C8278FFE1}
2017-08-07 19:33 - 2017-08-07 19:33 - 000000000 ____D C:\Users\Me\AppData\Local\{EB0E6458-6E5F-4C6B-A676-766A120FFA80}
2017-08-07 17:52 - 2017-08-07 17:52 - 000000000 ____D C:\Users\Me\AppData\Local\{8E53314F-C9D3-4571-A693-D59D9660AD4D}
2017-08-07 13:54 - 2017-08-07 13:54 - 000000000 ____D C:\Users\Me\AppData\Local\{029119A8-A770-4641-88CC-111ADE7A2EFC}
2017-08-07 09:02 - 2017-08-07 09:02 - 000000000 ____D C:\Users\Me\AppData\Local\{5ED359C8-D5C2-4DFF-A908-E04D8ED9A76B}
2017-08-07 08:25 - 2017-08-07 08:25 - 000000000 ____D C:\Users\Me\AppData\Local\{DA86E741-5EC1-4583-A0EE-1FFD499139AB}
2017-08-06 20:25 - 2017-08-06 20:25 - 000000000 ____D C:\Users\Me\AppData\Local\{DD947DDF-A5C8-4FAC-8223-36A4406F10AC}
2017-08-06 18:27 - 2017-08-06 18:27 - 000000000 ____D C:\Users\Me\AppData\Local\{29D7ECDB-1A41-4B74-9A1E-7B3519C86DB3}
2017-08-06 17:27 - 2017-08-06 17:27 - 000000000 ____D C:\Users\Me\AppData\Local\{04855CD3-987A-469D-8800-A168C0727F9C}
2017-08-06 16:45 - 2017-08-06 16:45 - 000000000 ____D C:\Users\Me\AppData\Local\{1EACED71-E7AC-4381-8E5C-D7A13B2EBA0E}
2017-08-06 16:39 - 2017-08-06 16:39 - 000000000 ____D C:\Users\Me\AppData\Local\{14DE0BCF-0A55-40D5-BC25-48FF704CE579}
2017-08-06 15:00 - 2017-08-06 15:00 - 000000000 ____D C:\Users\Me\AppData\Local\{E2EC4A38-7119-42C8-9F84-05594859BB07}
2017-08-06 14:22 - 2017-08-06 14:22 - 000000000 ____D C:\Users\Me\AppData\Local\{19D2D708-C20F-4C74-B30B-11867ACC0E78}
2017-08-06 13:54 - 2017-08-06 13:54 - 000000000 ____D C:\Users\Me\AppData\Local\{796A265F-3352-43C2-A433-BB1F6BE0251C}
2017-08-06 12:08 - 2017-08-06 12:08 - 000000000 ____D C:\Users\Me\AppData\Local\{BE07BFCD-F33A-4F35-8881-F1BB66116206}
2017-08-06 10:20 - 2017-08-06 10:20 - 000000000 ____D C:\Users\Me\AppData\Local\{9F57EF30-0817-4D79-AA9E-E2A480FAD9D5}
2017-08-06 08:23 - 2017-08-06 08:23 - 000000000 ____D C:\Users\Me\AppData\Local\{96531027-51C9-4821-8A8F-0164FC3F5DE6}
2017-08-05 23:24 - 2017-08-05 23:24 - 000000000 ____D C:\Users\Me\AppData\Local\{AB9E373B-76A3-48E5-A2F7-18502D58E863}
2017-08-05 21:17 - 2017-08-05 21:18 - 000000000 ____D C:\Users\Me\AppData\Local\{347ABC91-F403-48D7-A323-5D36DEE28715}
2017-08-05 21:17 - 2017-08-05 21:17 - 000000000 ____D C:\Users\Me\AppData\Local\{30EB5069-2892-45E5-BB6B-A306726477BB}
2017-08-04 16:27 - 2017-08-04 16:27 - 000000000 ____D C:\Users\Me\AppData\Local\{55712B2D-6889-461C-9426-73AE8A4C6A18}
2017-08-04 11:30 - 2017-08-04 11:30 - 000000000 ____D C:\Users\Me\AppData\Local\{C295AFDE-244B-40FA-BA5A-F471C1839C5A}
2017-08-04 09:10 - 2017-08-10 21:03 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-08-04 09:10 - 2017-08-10 19:29 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-08-04 08:30 - 2017-08-04 08:30 - 000000000 ____D C:\Users\Me\AppData\Local\{59434F80-5F08-42E5-BFB9-A287D4AABF9C}
2017-08-03 21:51 - 2017-08-03 21:51 - 000000000 ____D C:\Users\Me\AppData\Local\{0DB1A0ED-E4E5-4878-BF25-C0F44C15F673}
2017-08-03 19:16 - 2017-08-03 19:16 - 000000000 ____D C:\Users\Me\AppData\Local\{90FC95E7-5CFE-488F-A312-04DB6A99A6AF}
2017-08-03 19:05 - 2017-08-03 19:05 - 000000000 ____D C:\Users\Me\AppData\Local\{1153D0D3-A802-4867-9FBF-9942C199372D}
2017-08-03 17:40 - 2017-08-03 17:40 - 000000000 ____D C:\Users\Me\AppData\Local\{FD0C385E-67D4-4D7C-9BB8-DFF4B32A13CA}
2017-08-03 16:30 - 2017-08-03 16:30 - 000000000 ____D C:\Users\Me\AppData\Local\{53D7D38C-E109-476C-B06B-DE61EA8DB6A3}
2017-08-02 23:44 - 2017-08-02 23:44 - 000000000 ____D C:\Users\Me\AppData\Local\{79AB745E-EEB1-4696-AC7E-872B7E95A08D}
2017-08-02 23:26 - 2017-08-02 23:26 - 000000000 ____D C:\Users\Me\AppData\Local\{0801CB3A-E4B3-4F17-B625-8969FB9D63F9}
2017-08-02 22:01 - 2017-08-02 22:01 - 000000000 ____D C:\Users\Me\AppData\Local\{08D51DE5-250E-4C47-8B6F-E40C0C080773}
2017-08-02 21:39 - 2017-08-02 21:39 - 000000000 ____D C:\Users\Me\AppData\Local\{75F6B19C-17C4-4696-B449-ABEB8F0ECDAB}
2017-08-02 20:08 - 2017-08-02 20:08 - 000000020 _____ C:\Windows\¨ô—
2017-08-02 19:36 - 2017-08-02 19:36 - 000003246 _____ C:\Windows\System32\Tasks\{A370589A-2F81-4005-A949-A5EFD4F307A0}
2017-08-02 19:25 - 2017-08-02 19:25 - 000000000 ____D C:\Users\Me\AppData\Local\{FBB5F706-C0E2-4B39-AC63-547EAC699F77}
2017-07-31 15:44 - 2017-07-31 15:44 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
GeekBuddy (HKLM-x32\...\{DF554A50-ABE5-4091-A1E9-2D2E7E5254B7}) (Version: 4.18.122 - Comodo Security Solutions Inc)
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
EmptyTemp:
End::
  • Please right-click on FRST/FRST64 to run as administrator.  When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST/FRST64.exe
  • Please post the log in your next reply.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline Moses

  • Full Member
  • ***
  • Posts: 149
    • View Profile
Re: EMERGENCY!!!
« Reply #69 on: August 11, 2017, 02:57:31 PM »
Here ya go.

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-08-2017
Ran by Me (11-08-2017 18:47:48) Run:2
Running from C:\Users\Me\Desktop\Repair
Loaded Profiles: Me (Available Profiles: Me)
Boot Mode: Normal
==============================================

fixlist content:
*****************

CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
2017-08-10 19:29 - 2017-08-10 19:29 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2017-08-10 17:11 - 2017-08-10 17:11 - 000000000 ____D C:\Users\Me\AppData\Local\{B00911BF-D408-41AD-BE9E-43D1F4D6EFA5}
2017-08-10 10:45 - 2017-08-10 10:45 - 000000000 ____D C:\Users\Me\AppData\Local\{4A5AB992-B212-4968-B0BA-E3A41E34930B}
2017-08-10 08:22 - 2017-08-10 08:22 - 000000000 ____D C:\Users\Me\AppData\Local\{05EA1DF3-ABA0-44BD-A3A5-E3579AF74930}
2017-08-09 23:26 - 2017-08-09 23:26 - 000000000 ____D C:\Users\Me\AppData\Local\{F1DD11D8-5EFE-4F84-99C2-14CF695DF8C9}
2017-08-09 23:22 - 2017-08-09 23:22 - 000000000 ____D C:\Users\Me\AppData\Roaming\Sun
2017-08-09 20:15 - 2017-08-09 20:15 - 000000000 ____D C:\Users\Me\AppData\Local\{8FE66117-AA84-4463-8443-25681E472C8B}
2017-08-09 19:39 - 2017-08-09 19:39 - 000000020 _____ C:\Windows\È÷±
2017-08-09 17:50 - 2017-08-09 17:50 - 000000000 ____D C:\Users\Me\AppData\Local\{11FEDDE6-EFD1-4AD8-A8D5-142FB28F2F51}
2017-08-09 13:02 - 2017-08-09 13:02 - 000000000 ____D C:\Users\Me\AppData\Local\{C02A0389-078C-4785-ABF3-8CC056C036D7}
2017-08-09 09:51 - 2017-08-09 09:51 - 000000000 ____D C:\Users\Me\AppData\Local\{04A10720-FC08-445A-BE91-A48FC9AA1E0C}
2017-08-09 07:39 - 2017-08-09 07:39 - 000000000 ____D C:\Users\Me\AppData\Local\{4C062A90-177F-44D5-8FDF-C68139E42C86}
2017-08-08 22:03 - 2017-08-08 22:03 - 000000000 ____D C:\Users\Me\AppData\Local\{A6A23E6E-31A4-407E-99B8-AC3978E47406}
2017-08-08 14:56 - 2017-08-08 14:56 - 000000000 ____D C:\Users\Me\AppData\Local\{F5A31D31-A8F8-4130-82D7-F71463F254C1}
2017-08-08 12:11 - 2017-08-08 12:11 - 000000000 ____D C:\Users\Me\AppData\Local\{460AC32A-7C0F-4519-9DC8-BC7017192261}
2017-08-08 12:05 - 2017-08-08 12:05 - 000000000 ____D C:\Users\Me\AppData\Local\{6686DC8E-7E48-4884-8965-DBCFF667EFF2}
2017-08-08 11:32 - 2017-08-08 11:32 - 000000000 ____D C:\Users\Me\AppData\Local\{C149CBA7-08B3-4088-830B-5A5384F46F39}
2017-08-08 10:57 - 2017-08-08 10:57 - 000000000 ____D C:\Users\Me\AppData\Local\{09B79CEF-EC1D-49DC-AFDA-DCA763E6FD38}
2017-08-08 07:34 - 2017-08-08 07:34 - 000000000 ____D C:\Users\Me\AppData\Local\{892DC713-11FD-4598-9B33-97C214C95629}
2017-08-07 21:57 - 2017-08-07 21:57 - 000000000 ____D C:\Users\Me\AppData\Local\{3402C467-DA41-4DA9-9F79-B22C8278FFE1}
2017-08-07 19:33 - 2017-08-07 19:33 - 000000000 ____D C:\Users\Me\AppData\Local\{EB0E6458-6E5F-4C6B-A676-766A120FFA80}
2017-08-07 17:52 - 2017-08-07 17:52 - 000000000 ____D C:\Users\Me\AppData\Local\{8E53314F-C9D3-4571-A693-D59D9660AD4D}
2017-08-07 13:54 - 2017-08-07 13:54 - 000000000 ____D C:\Users\Me\AppData\Local\{029119A8-A770-4641-88CC-111ADE7A2EFC}
2017-08-07 09:02 - 2017-08-07 09:02 - 000000000 ____D C:\Users\Me\AppData\Local\{5ED359C8-D5C2-4DFF-A908-E04D8ED9A76B}
2017-08-07 08:25 - 2017-08-07 08:25 - 000000000 ____D C:\Users\Me\AppData\Local\{DA86E741-5EC1-4583-A0EE-1FFD499139AB}
2017-08-06 20:25 - 2017-08-06 20:25 - 000000000 ____D C:\Users\Me\AppData\Local\{DD947DDF-A5C8-4FAC-8223-36A4406F10AC}
2017-08-06 18:27 - 2017-08-06 18:27 - 000000000 ____D C:\Users\Me\AppData\Local\{29D7ECDB-1A41-4B74-9A1E-7B3519C86DB3}
2017-08-06 17:27 - 2017-08-06 17:27 - 000000000 ____D C:\Users\Me\AppData\Local\{04855CD3-987A-469D-8800-A168C0727F9C}
2017-08-06 16:45 - 2017-08-06 16:45 - 000000000 ____D C:\Users\Me\AppData\Local\{1EACED71-E7AC-4381-8E5C-D7A13B2EBA0E}
2017-08-06 16:39 - 2017-08-06 16:39 - 000000000 ____D C:\Users\Me\AppData\Local\{14DE0BCF-0A55-40D5-BC25-48FF704CE579}
2017-08-06 15:00 - 2017-08-06 15:00 - 000000000 ____D C:\Users\Me\AppData\Local\{E2EC4A38-7119-42C8-9F84-05594859BB07}
2017-08-06 14:22 - 2017-08-06 14:22 - 000000000 ____D C:\Users\Me\AppData\Local\{19D2D708-C20F-4C74-B30B-11867ACC0E78}
2017-08-06 13:54 - 2017-08-06 13:54 - 000000000 ____D C:\Users\Me\AppData\Local\{796A265F-3352-43C2-A433-BB1F6BE0251C}
2017-08-06 12:08 - 2017-08-06 12:08 - 000000000 ____D C:\Users\Me\AppData\Local\{BE07BFCD-F33A-4F35-8881-F1BB66116206}
2017-08-06 10:20 - 2017-08-06 10:20 - 000000000 ____D C:\Users\Me\AppData\Local\{9F57EF30-0817-4D79-AA9E-E2A480FAD9D5}
2017-08-06 08:23 - 2017-08-06 08:23 - 000000000 ____D C:\Users\Me\AppData\Local\{96531027-51C9-4821-8A8F-0164FC3F5DE6}
2017-08-05 23:24 - 2017-08-05 23:24 - 000000000 ____D C:\Users\Me\AppData\Local\{AB9E373B-76A3-48E5-A2F7-18502D58E863}
2017-08-05 21:17 - 2017-08-05 21:18 - 000000000 ____D C:\Users\Me\AppData\Local\{347ABC91-F403-48D7-A323-5D36DEE28715}
2017-08-05 21:17 - 2017-08-05 21:17 - 000000000 ____D C:\Users\Me\AppData\Local\{30EB5069-2892-45E5-BB6B-A306726477BB}
2017-08-04 16:27 - 2017-08-04 16:27 - 000000000 ____D C:\Users\Me\AppData\Local\{55712B2D-6889-461C-9426-73AE8A4C6A18}
2017-08-04 11:30 - 2017-08-04 11:30 - 000000000 ____D C:\Users\Me\AppData\Local\{C295AFDE-244B-40FA-BA5A-F471C1839C5A}
2017-08-04 09:10 - 2017-08-10 21:03 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-08-04 09:10 - 2017-08-10 19:29 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-08-04 08:30 - 2017-08-04 08:30 - 000000000 ____D C:\Users\Me\AppData\Local\{59434F80-5F08-42E5-BFB9-A287D4AABF9C}
2017-08-03 21:51 - 2017-08-03 21:51 - 000000000 ____D C:\Users\Me\AppData\Local\{0DB1A0ED-E4E5-4878-BF25-C0F44C15F673}
2017-08-03 19:16 - 2017-08-03 19:16 - 000000000 ____D C:\Users\Me\AppData\Local\{90FC95E7-5CFE-488F-A312-04DB6A99A6AF}
2017-08-03 19:05 - 2017-08-03 19:05 - 000000000 ____D C:\Users\Me\AppData\Local\{1153D0D3-A802-4867-9FBF-9942C199372D}
2017-08-03 17:40 - 2017-08-03 17:40 - 000000000 ____D C:\Users\Me\AppData\Local\{FD0C385E-67D4-4D7C-9BB8-DFF4B32A13CA}
2017-08-03 16:30 - 2017-08-03 16:30 - 000000000 ____D C:\Users\Me\AppData\Local\{53D7D38C-E109-476C-B06B-DE61EA8DB6A3}
2017-08-02 23:44 - 2017-08-02 23:44 - 000000000 ____D C:\Users\Me\AppData\Local\{79AB745E-EEB1-4696-AC7E-872B7E95A08D}
2017-08-02 23:26 - 2017-08-02 23:26 - 000000000 ____D C:\Users\Me\AppData\Local\{0801CB3A-E4B3-4F17-B625-8969FB9D63F9}
2017-08-02 22:01 - 2017-08-02 22:01 - 000000000 ____D C:\Users\Me\AppData\Local\{08D51DE5-250E-4C47-8B6F-E40C0C080773}
2017-08-02 21:39 - 2017-08-02 21:39 - 000000000 ____D C:\Users\Me\AppData\Local\{75F6B19C-17C4-4696-B449-ABEB8F0ECDAB}
2017-08-02 20:08 - 2017-08-02 20:08 - 000000020 _____ C:\Windows\¨ô—
2017-08-02 19:36 - 2017-08-02 19:36 - 000003246 _____ C:\Windows\System32\Tasks\{A370589A-2F81-4005-A949-A5EFD4F307A0}
2017-08-02 19:25 - 2017-08-02 19:25 - 000000000 ____D C:\Users\Me\AppData\Local\{FBB5F706-C0E2-4B39-AC63-547EAC699F77}
2017-07-31 15:44 - 2017-07-31 15:44 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
GeekBuddy (HKLM-x32\...\{DF554A50-ABE5-4091-A1E9-2D2E7E5254B7}) (Version: 4.18.122 - Comodo Security Solutions Inc)
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
EmptyTemp:

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key removed successfully
C:\Windows\System32\Tasks\Safer-Networking => moved successfully
C:\Users\Me\AppData\Local\{B00911BF-D408-41AD-BE9E-43D1F4D6EFA5} => moved successfully
C:\Users\Me\AppData\Local\{4A5AB992-B212-4968-B0BA-E3A41E34930B} => moved successfully
C:\Users\Me\AppData\Local\{05EA1DF3-ABA0-44BD-A3A5-E3579AF74930} => moved successfully
C:\Users\Me\AppData\Local\{F1DD11D8-5EFE-4F84-99C2-14CF695DF8C9} => moved successfully
C:\Users\Me\AppData\Roaming\Sun => moved successfully
C:\Users\Me\AppData\Local\{8FE66117-AA84-4463-8443-25681E472C8B} => moved successfully
C:\Windows\È÷± => moved successfully
C:\Users\Me\AppData\Local\{11FEDDE6-EFD1-4AD8-A8D5-142FB28F2F51} => moved successfully
C:\Users\Me\AppData\Local\{C02A0389-078C-4785-ABF3-8CC056C036D7} => moved successfully
C:\Users\Me\AppData\Local\{04A10720-FC08-445A-BE91-A48FC9AA1E0C} => moved successfully
C:\Users\Me\AppData\Local\{4C062A90-177F-44D5-8FDF-C68139E42C86} => moved successfully
C:\Users\Me\AppData\Local\{A6A23E6E-31A4-407E-99B8-AC3978E47406} => moved successfully
C:\Users\Me\AppData\Local\{F5A31D31-A8F8-4130-82D7-F71463F254C1} => moved successfully
C:\Users\Me\AppData\Local\{460AC32A-7C0F-4519-9DC8-BC7017192261} => moved successfully
C:\Users\Me\AppData\Local\{6686DC8E-7E48-4884-8965-DBCFF667EFF2} => moved successfully
C:\Users\Me\AppData\Local\{C149CBA7-08B3-4088-830B-5A5384F46F39} => moved successfully
C:\Users\Me\AppData\Local\{09B79CEF-EC1D-49DC-AFDA-DCA763E6FD38} => moved successfully
C:\Users\Me\AppData\Local\{892DC713-11FD-4598-9B33-97C214C95629} => moved successfully
C:\Users\Me\AppData\Local\{3402C467-DA41-4DA9-9F79-B22C8278FFE1} => moved successfully
C:\Users\Me\AppData\Local\{EB0E6458-6E5F-4C6B-A676-766A120FFA80} => moved successfully
C:\Users\Me\AppData\Local\{8E53314F-C9D3-4571-A693-D59D9660AD4D} => moved successfully
C:\Users\Me\AppData\Local\{029119A8-A770-4641-88CC-111ADE7A2EFC} => moved successfully
C:\Users\Me\AppData\Local\{5ED359C8-D5C2-4DFF-A908-E04D8ED9A76B} => moved successfully
C:\Users\Me\AppData\Local\{DA86E741-5EC1-4583-A0EE-1FFD499139AB} => moved successfully
C:\Users\Me\AppData\Local\{DD947DDF-A5C8-4FAC-8223-36A4406F10AC} => moved successfully
C:\Users\Me\AppData\Local\{29D7ECDB-1A41-4B74-9A1E-7B3519C86DB3} => moved successfully
C:\Users\Me\AppData\Local\{04855CD3-987A-469D-8800-A168C0727F9C} => moved successfully
C:\Users\Me\AppData\Local\{1EACED71-E7AC-4381-8E5C-D7A13B2EBA0E} => moved successfully
C:\Users\Me\AppData\Local\{14DE0BCF-0A55-40D5-BC25-48FF704CE579} => moved successfully
C:\Users\Me\AppData\Local\{E2EC4A38-7119-42C8-9F84-05594859BB07} => moved successfully
C:\Users\Me\AppData\Local\{19D2D708-C20F-4C74-B30B-11867ACC0E78} => moved successfully
C:\Users\Me\AppData\Local\{796A265F-3352-43C2-A433-BB1F6BE0251C} => moved successfully
C:\Users\Me\AppData\Local\{BE07BFCD-F33A-4F35-8881-F1BB66116206} => moved successfully
C:\Users\Me\AppData\Local\{9F57EF30-0817-4D79-AA9E-E2A480FAD9D5} => moved successfully
C:\Users\Me\AppData\Local\{96531027-51C9-4821-8A8F-0164FC3F5DE6} => moved successfully
C:\Users\Me\AppData\Local\{AB9E373B-76A3-48E5-A2F7-18502D58E863} => moved successfully
C:\Users\Me\AppData\Local\{347ABC91-F403-48D7-A323-5D36DEE28715} => moved successfully
C:\Users\Me\AppData\Local\{30EB5069-2892-45E5-BB6B-A306726477BB} => moved successfully
C:\Users\Me\AppData\Local\{55712B2D-6889-461C-9426-73AE8A4C6A18} => moved successfully
C:\Users\Me\AppData\Local\{C295AFDE-244B-40FA-BA5A-F471C1839C5A} => moved successfully
C:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully
C:\ProgramData\Spybot - Search & Destroy => moved successfully
C:\Users\Me\AppData\Local\{59434F80-5F08-42E5-BFB9-A287D4AABF9C} => moved successfully
C:\Users\Me\AppData\Local\{0DB1A0ED-E4E5-4878-BF25-C0F44C15F673} => moved successfully
C:\Users\Me\AppData\Local\{90FC95E7-5CFE-488F-A312-04DB6A99A6AF} => moved successfully
C:\Users\Me\AppData\Local\{1153D0D3-A802-4867-9FBF-9942C199372D} => moved successfully
C:\Users\Me\AppData\Local\{FD0C385E-67D4-4D7C-9BB8-DFF4B32A13CA} => moved successfully
C:\Users\Me\AppData\Local\{53D7D38C-E109-476C-B06B-DE61EA8DB6A3} => moved successfully
C:\Users\Me\AppData\Local\{79AB745E-EEB1-4696-AC7E-872B7E95A08D} => moved successfully
C:\Users\Me\AppData\Local\{0801CB3A-E4B3-4F17-B625-8969FB9D63F9} => moved successfully
C:\Users\Me\AppData\Local\{08D51DE5-250E-4C47-8B6F-E40C0C080773} => moved successfully
C:\Users\Me\AppData\Local\{75F6B19C-17C4-4696-B449-ABEB8F0ECDAB} => moved successfully
C:\Windows\¨ô— => moved successfully
C:\Windows\System32\Tasks\{A370589A-2F81-4005-A949-A5EFD4F307A0} => moved successfully
C:\Users\Me\AppData\Local\{FBB5F706-C0E2-4B39-AC63-547EAC699F77} => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
GeekBuddy (HKLM-x32\...\{DF554A50-ABE5-4091-A1E9-2D2E7E5254B7}) (Version: 4.18.122 - Comodo Security Solutions Inc) => Error: No automatic fix found for this entry.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 69511132 B
Java, Flash, Steam htmlcache => 4715 B
Windows/system/drivers => 2218926 B
Edge => 0 B
Chrome => 13480394 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Me => 407961314 B

RecycleBin => 1490657063 B
EmptyTemp: => 1.9 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:49:35 ====

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 17956
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: EMERGENCY!!!
« Reply #70 on: August 11, 2017, 04:03:33 PM »
Nicely done!  Note:  1.9 GB temporary data Removed.

Unfortunately, GeekBuddy is still there.  However, as we work together here at LzD, Techie did some research and found that it and other Comodo programs are not easy to remove.  However, he also found an uninstaller for it.  This includes the download link as well as instructions.  Select GeekBuddy and any other Comodo programs you wish to remove with it:  Uninstaller Tool for Comodo Products, inc CIS v5 - Install / Setup / Configuration FAQ - CIS.  (Thanks, Techie!)

Let us know how you make out with the uninstaller tool, please.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline techie

  • LzD Friends
  • Sr. Member
  • *****
  • Posts: 462
    • View Profile
Re: EMERGENCY!!!
« Reply #71 on: August 11, 2017, 07:59:35 PM »
This is what the uninstall program will look like. Once you click on uninstall, say geek buddy, a command prompt screen will popup and ask 1 for yes, 2 for no. It is a our community project and provides warnings. I don't know of anyone having problems. It is the same for any Comodo software you want to uninstall.



Offline Moses

  • Full Member
  • ***
  • Posts: 149
    • View Profile
Re: EMERGENCY!!!
« Reply #72 on: August 12, 2017, 05:50:58 PM »
I must be missing something, besides a screw loose.

I went to the page and could not find any link (that worked ) which brought me to a working download page.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 17956
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: EMERGENCY!!!
« Reply #73 on: August 12, 2017, 05:57:13 PM »
I agree that it is difficult to find.  It is in the section under "Download" and redirects to Google docs:
Quote
Download:
Link: Google Sites (Hosting v0.3b)

File Name: Setup.zip
Size: 5,075,834 (5.0 MB)
SHA1: CCA2EA280790C43E1098D0604311DB4A027F00A0
MD5: 33B0932C8C9BF6BDE0B3544DFB98AA7D



Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline Moses

  • Full Member
  • ***
  • Posts: 149
    • View Profile
Re: EMERGENCY!!!
« Reply #74 on: August 13, 2017, 04:23:31 AM »
Hi,

 Well, I did it buy by the 2 screen shots I am posting it appears that it didn't find or do anything.

I chose on the first screen shot # 1 (that I understood the risk) and then pushed enter. The second screen shots shows the results.