Already posted this in spanish section - perhaps someone could help a beginner!?

[REDACTED]

Hello, I hope there is someone here who can help!

I am in the terrible position of speaking really poor spanish (my reading and writing are worse!) I have a dell laptop and Windows 7 - 32 bit in spanish

I also have Avast anti virus which hasnt done me wrong yet.

I have done several scans on my full system as I have two files I can do nothing with - i cant repair, delete, quarantine NADA!

Does anyone recognise the names of them??... I have screen shots but Im not sure how to add them!

I understand this is the spanish section but everything the programme and laptop is saying to me is in spanish!!!!

Any Spanglish knights in shining armour out there!

Im half way through a uni course and cant afford to loose all my work!



The files are

C:\Windows\winsxs\x86_microsoft-windows-shell-previewhost_31bf3856ad364e35_6.1.7601.17562_none_450cbede5f4b17f1\prevhost.exe

C\Windows\sysWOW64\prevhost.exe

Both have Error: Error de datos (comprobacion de redundancia ciclica) (23) next to them

I have an awful lot going on in the back ground LOADS of processes and services.

Does it sound like i have a virus??? I just reinstalled fire fox and updated java and flash due to a plug in playing up..

Could anyone help??

[REDACTED]

I have just downloaded Malwarebytes Anti Malware and found several crap PUP things... Is this not looking good?? they have probably been there for months!

[REDACTED]

Follow this guide: http://forum.avast.com/index.php?topic=53253.0
and attach ( Do not copy/paste ) logs for Malwarebytes', Farbar Recovery Scan Tool, and aswMBR.exe.

[REDACTED]

You are the best... Im going to do my best impression of all the things you have told me to do and im following the link youve sent me.. Rerunning another scan on MBAM nothing seems to have come up at all on the last log...

Cheers Dude xxx

PEri

[REDACTED]

Hi there,

I ran the scans you requested here are my results.. Not going to start panicking aobut what i dont understand but i dont think it looks promising, through my lay eyes!

Who ever is amazingly kind enough to look at it for me could you please be ruthless with me.

Im doing a law degree and i am also self employed so i dont want to get in trouble for not protecting me data adequately.....


So here are my scan logs attached below... I have also attached a pic of the scan results on avast. (just waiting for last two scans to finish... they will follow shortly)

If i have done anything incorrectly please let me know and ill fix it ASAP, im so greatful for your help i dont want to mess anyone around



CHEERS DUDES
 

Peri xxxx

[REDACTED]

As promised ....

once ASWmbr is finished scanning do i just log the scan and attach here? or do i take any further action??? it is giving me the option to fix.... shall i do this? i dont want to click anything coz the scans taken hours... I started this at midnight.... its now just short of 5 am ..

Could someone please let me know?

[REDACTED]

Last one!

[REDACTED]

The log for the scan in which MBAM found some "PUP things" would have been better.

Calling a specialist. Wait up.

[essexboy]

An SFC scan will probably cure the CRC errors

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1048486353-1070921811-1876442479-1000 -> DefaultScope {0CF2D87D-88D3-474A-A1BE-9DE616C36141} URL =
SearchScopes: HKU\S-1-5-21-1048486353-1070921811-1876442479-1000 -> {0CF2D87D-88D3-474A-A1BE-9DE616C36141} URL =
SearchScopes: HKU\S-1-5-21-1048486353-1070921811-1876442479-1000 -> {E897F6FD-37ED-4D73-B135-E0905D310573} URL =
SearchScopes: HKU\S-1-5-21-1048486353-1070921811-1876442479-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0CF2D87D-88D3-474A-A1BE-9DE616C36141} URL =
SearchScopes: HKU\S-1-5-21-1048486353-1070921811-1876442479-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0CF2D87D-88D3-474A-A1BE-9DE616C36141} URL =
SearchScopes: HKU\S-1-5-21-1048486353-1070921811-1876442479-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E897F6FD-37ED-4D73-B135-E0905D310573} URL =
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKU\S-1-5-21-1048486353-1070921811-1876442479-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-1048486353-1070921811-1876442479-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
2014-11-29 15:17 - 2014-11-29 15:17 - 00000000 ____D () C:\Users\Peri\AppData\Local\{A6721920-9AEB-48EB-B28C-A3966755EE3B}
2014-11-28 23:56 - 2014-11-28 23:56 - 00000000 ____D () C:\Users\Peri\AppData\Local\{5ED48142-B866-44E1-8C21-1F5B58DE3D4F}
2014-11-28 10:04 - 2014-11-28 10:04 - 00000000 ____D () C:\Users\Peri\AppData\Local\{0A9AAA95-DFA8-44FD-A0F3-49280F1086C1}
2014-11-12 14:40 - 2014-11-12 14:40 - 00000000 ____D () C:\Users\Peri\AppData\Local\{C6182E3E-9360-4E34-B253-A52ABEB19071}
2014-11-04 16:32 - 2014-11-04 16:32 - 00000000 ____D () C:\Users\Peri\AppData\Local\{D6422F06-D282-4FF0-83AE-E5E067C717FC}
2014-11-03 16:43 - 2014-11-03 16:43 - 00000000 ____D () C:\Users\Peri\AppData\Local\{8EF1655F-87CE-4353-B682-EA6ADCABF9E1}

EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
  
• Click on Scan.
  
• After the scan is complete click on "Clean"
• Confirm each time with Ok.
  
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.
  

[Pondus]

I have done several scans on my full system as I have two files I can do nothing with - i cant repair, delete, quarantine NADA!

C:\Windows\winsxs\x86_microsoft-windows-shell-previewhost_31bf3856ad364e35_6.1.7601.17562_none_450cbede5f4b17f1\prevhost.exe
C\Windows\sysWOW64\prevhost.exe
Both have Error: Error de datos (comprobacion de redundancia ciclica) (23) next to them

this is a error message and not a detection .... avast is a antivirus program and will only take action on infected files
How do I handle files that avast! can’t scan?  https://blog.avast.com/2014/02/28/how-do-i-handle-files-that-avast-cant-scan/


What is prevhost.exe also known as Preview Handler Surrogate Host process   https://www.youtube.com/watch?v=YeY3shKCwVs

follow Essexboys instructions .....

[REDACTED]

Hi sorry for the delay... am back on it now!!!

Just reading through the instructions!

Thank you both VERY VERY much...

Does it look really harmful??..... The first scan on MBAM that turned up the 11 PUPs.. theres no details in the scan log AT ALL.....

On the history when i click on the scan log and empty page comes up.. when i convert it to text its just a blank page will include on here..

Will double check anything before implementing in case i boob it up!

[REDACTED]

Fix log ....

Just closing everything down to run final scan with the last program recommended

[essexboy]

SFC details http://www.sevenforums.com/tutorials/1538-sfc-scannow-command-system-file-checker.html

[REDACTED]

Essex boy here are the last logs for the adwcleaner program..

Can i please check.. i notice an infection notification in red (INFECTION) when scanning with FRST last night it was called Mstore10.mgc i think... would that be removed now??

Im just taking hede of the last few comments made and will come back if ive got any problems... Is there much more of this process to go?(NOT complaining at all - just curious!)

xxxx
PERI

[REDACTED]

Just finishing the SFC/SCANNOW command in administrador:simbolo de sistema...

How do i know if im clean now... computer isnt as jittery but still concerned about the mstore10.mgc that popped up and every time i down load a new AV or Scanner more seems to be identified on my C drive! Am i riddled?

What do i do now Essexboy?? the Scannow seems to be telling me there are damaged files it can do nothing about X