I need some help with Malware, also! Please help!

[REDACTED]

My Farbar log(s) attached.  (Hope I did that right.)   Any help greatly appreciated!

[REDACTED]

Let me analyze the logs first. In the meantime, please, delineate the issue(s) you are facing.

[REDACTED]

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: SPYWAREfighter (Enabled - Up to date) {11BFB622-B506-BBFD-BBD5-E74259B04899}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

Uninstall SPYWAREfighter. Enable either avast! or Windows Defender.

• Step #1 Fix with FRST
  Make sure that you still have FRST.exe on your Desktop. If you do not have it, download the suitable version from here to your Desktop.
  • Open Notepad.exe. Do not use any other text editor software;
    
  • Copy and Paste the contents inside the code-box to your Notepad --
    

Code: [Select]

Start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:
HKLM-x32\...\Run: [] => [X]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> {087ECDE0-2678-4713-83CE-C7CFDC1AC1E5} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {087ECDE0-2678-4713-83CE-C7CFDC1AC1E5} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKU\.DEFAULT -> DefaultScope {D2F9C81E-95C9-4711-B2BC-A61C844E3817} URL =
SearchScopes: HKU\S-1-5-21-3365975631-2316306639-3436556479-1001 -> {087ECDE0-2678-4713-83CE-C7CFDC1AC1E5} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
C:\Program Files (x86)\AVG\
2015-05-25 19:49 - 2015-05-25 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneSystemCare
2015-05-25 19:48 - 2015-05-25 19:59 - 00000000 ____D C:\Program Files (x86)\RapidMediaConverter
2015-05-25 19:48 - 2015-05-25 19:48 - 00000000 ____D C:\Users\Glen's 2010 PC\AppData\Local\RapidMediaConverter
2015-05-25 19:45 - 2015-05-25 19:45 - 00000000 ____D C:\Users\Glen's 2010 PC\AppData\Local\BreakingNewsAlert
2015-05-25 19:44 - 2015-05-25 20:14 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro 3.93
2015-05-25 19:44 - 2015-05-25 19:44 - 00000000 ____D C:\Users\Glen's 2010 PC\AppData\Roaming\Optimizer Pro
2015-05-25 19:41 - 2015-05-25 19:59 - 00000000 ____D C:\Program Files (x86)\CinemaPlus-3.2cV25.05
2015-05-25 19:40 - 2015-05-25 19:59 - 00000000 ____D C:\Users\Glen's 2010 PC\AppData\Local\avabvcxvyx
2015-05-25 19:40 - 2015-05-25 19:41 - 00000000 ____D C:\Users\Glen's 2010 PC\AppData\Local\SearchProtect
2015-05-25 19:40 - 2015-05-25 19:40 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2015-05-25 19:28 - 2015-05-25 20:00 - 00000000 ____D C:\ProgramData\kUDSPkiudU
2015-05-25 19:28 - 2015-05-25 19:59 - 00000000 ____D C:\ProgramData\BreakingNewsAlert
2015-05-25 19:30 - 2015-05-25 19:30 - 00000000 ____D C:\Program Files (x86)\predm
2015-05-25 19:28 - 2015-05-25 19:59 - 00000000 ____D C:\Program Files (x86)\PepperZip
2015-05-25 19:27 - 2015-05-25 19:59 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-05-25 19:27 - 2015-05-25 19:27 - 00000000 __SHD C:\Users\Glen's 2010 PC\AppData\Roaming\AnyProtectEx
2015-05-25 19:26 - 2015-05-25 19:59 - 00000000 ____D C:\Program Files (x86)\Pro PC Cleaner
2015-05-25 19:26 - 2015-05-25 19:27 - 00000000 ____D C:\Users\Glen's 2010 PC\Documents\ProPCCleaner
2015-05-25 19:25 - 2015-05-25 19:25 - 00000000 ____D C:\Users\Glen's 2010 PC\AppData\Roaming\Pro PC Cleaner
2015-05-25 19:22 - 2015-05-25 19:22 - 00000000 ____D C:\Users\Glen's 2010 PC\Documents\Optimizer Pro
2015-05-25 19:25 - 2015-05-25 20:14 - 00000000 ____D C:\Program Files (x86)\Ninja Loader
2015-05-25 19:25 - 2015-05-25 19:27 - 00000000 ____D C:\Users\Glen's 2010 PC\AppData\Local\Ninja Loader
2015-05-25 19:22 - 2015-05-25 19:59 - 00000000 ____D C:\Users\Glen's 2010 PC\AppData\Local\gmsd_us_619
2015-05-25 19:22 - 2015-05-25 19:59 - 00000000 ____D C:\Program Files (x86)\gmsd_us_619
2015-05-25 19:22 - 2015-05-25 19:22 - 00000000 ____D C:\Users\Glen's 2010 PC\Documents\Optimizer Pro
2015-05-25 19:19 - 2015-05-25 19:19 - 00000000 ____D C:\Users\Glen's 2010 PC\AppData\Local\Crossbrowse
2015-05-25 19:18 - 2015-05-25 19:18 - 00000000 ____D C:\ProgramData\InstallSightSDK
2015-05-25 19:17 - 2015-05-25 19:59 - 00000000 ____D C:\Program Files\WebBar
2015-05-25 19:17 - 2015-05-25 19:17 - 00000000 ____D C:\Program Files (x86)\Crossbrowse
C:\Users\Glen's 2010 PC\AppData\Local\Temp\00e2txxs.dll
C:\Users\Glen's 2010 PC\AppData\Local\Temp\19a3kgcn.dll
C:\Users\Glen's 2010 PC\AppData\Local\Temp\3pxuvmkb.dll
C:\Users\Glen's 2010 PC\AppData\Local\Temp\5wayfxwj.dll
C:\Users\Glen's 2010 PC\AppData\Local\Temp\aexa5x6o.dll
C:\Users\Glen's 2010 PC\AppData\Local\Temp\bchgdflk.dll
C:\Users\Glen's 2010 PC\AppData\Local\Temp\bhahrgc2.dll
C:\Users\Glen's 2010 PC\AppData\Local\Temp\fiec5nhn.dll
C:\Users\Glen's 2010 PC\AppData\Local\Temp\hkj1mfd3.dll
C:\Users\Glen's 2010 PC\AppData\Local\Temp\install_flashplayer15x32au_gtbd_chrd_dn_aaa_aih.exe
C:\Users\Glen's 2010 PC\AppData\Local\Temp\install_flashplayer16x32_mssa_aaa_aih.exe
C:\Users\Glen's 2010 PC\AppData\Local\Temp\install_flashplayer16x32_mssd_aaa_aih.exe
C:\Users\Glen's 2010 PC\AppData\Local\Temp\install_flashplayer16x32_mssd_aaa_aih_1.exe
C:\Users\Glen's 2010 PC\AppData\Local\Temp\install_flashplayer16x32_mssd_aaa_aih_2.exe
C:\Users\Glen's 2010 PC\AppData\Local\Temp\install_flashplayer17x32au_gtbd_chrd_dn_aaa_aih.exe
C:\Users\Glen's 2010 PC\AppData\Local\Temp\install_flashplayer17x32au_gtbd_chrd_dn_aaa_aih_1.exe
C:\Users\Glen's 2010 PC\AppData\Local\Temp\install_reader11_en_mssd_aaa_aih.exe
C:\Users\Glen's 2010 PC\AppData\Local\Temp\iv7sxqe4.dll
C:\Users\Glen's 2010 PC\AppData\Local\Temp\knvmb67c.dll
C:\Users\Glen's 2010 PC\AppData\Local\Temp\rjb8vuul.dll
C:\Users\Glen's 2010 PC\AppData\Local\Temp\xj5j2bqs.dll
C:\Users\Glen's 2010 PC\AppData\Local\Temp\yak5ktkd.dll
2015-05-25 19:07 - 2015-05-25 19:07 - 00000000 ____D C:\ProgramData\Kromtech
End

• Click on File > Save as...
  
  • Inside the File Name box type fixlist.txt
    
  • From the Save as type drop down list, choose All Files
• Save the file to your Desktop;
  
• Re-run FRST.exe and click Fix;
  
  • Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.
• After the completion, a log will be produced;
• Attach the log in your next reply.

• Step #2 Fix with AdwCleaner
  
  • Download AdwCleaner by Xplode to your Desktop from the following link.
    
    • Download Link #1
      
    • Download Link #2
  • Right-click on AdwCleaner.exe and choose Run as administrator;
    
  • Click on Scan and let the program run unhindered;
    
  • When done, click on Clean and allow the system to reboot after it is done;
    
  • A log will be opened automatically after the restart;
  • Attach the log in your reply.

• Required Log(s):
  
  • FRST Fix Log
  • AdwCleaner Log

Regards,
Valinorum

[REDACTED]

"In the meantime, please, delineate the issue(s) you are facing." I've been getting the Avast pop-ups with the audible "Threat Detected" warnings, with various sites listed. (opticguardzip.net, anythicago.com, alwaysisobar.com)

AdwCleaner Log attached.

I think I'm having trouble getting a "Fix" log.  When I click on "Fix" , it tells me "No Fixlist.txt found."  Also, "the Fixlist.txt should be in the same folder/directory the tool is located."     Not sure what I'm doing wrong.  Everything is saved to my desktop.

[REDACTED]

Oh yes, and I've Uninstalled SPYWAREfighter, Enabled avast! and disabled Windows Defender.

[REDACTED]

Your FRST.exe is located in C:\Users\Glen's 2010 PC\Downloads. Copy it to your Desktop and the fixlist.txt too. Then click on 'Fix'.

[REDACTED]

FRST.exe and fixlist.txt are both on my desktop, but I keep getting "No Fixlist.txt found."   "the Fixlist.txt should be in the same folder/directory the tool is located."

Did I miss a step?

[REDACTED]

Make a new folder and put both of them inside that folder. Try to run the fix afterwards.

[REDACTED]

Okay, still same problem - still won't "fix" , even though files are in their own folder.  Attached are new scan results.  Where to go from here?   Sorry to be a pain.....

[Eddy]

If FRST.exe and fixlist.txt are in the same folder it will work.
Make sure you have not named it fixlist.txt.txt or something.

[REDACTED]

All files ("FRST64", "fixlist" and "Addition") are now in my Downloads folder.  Double-clicked on FRST64, Clicked "Fix" and I get:  "Warning:  Looks you don't know what to do.   To prevent damage to the system the tool will exit."

Saving me from myself!   

[Eddy]

Try it with the attached fixlist.

[REDACTED]

Tried with attached fixlist and got same result.  Tried with the file on Desktop and in Downloads folder. 

Do I need to start over?   

Pulling my hair out!  (And my head is shaved.)

[REDACTED]

Hi,

Let's try something different.

• Step #3 Run Zoek
  Temporary disable your security software i.e. anti-virus, anti-malware. Peruse this if you are unsure. Download Zoek.exe by smeenk from one of the following locations listed below --
  Download Link #1
  Download Link #2
  
  • Right-click and choose Run as administrator to run the program.
    
    • Note: The program may not appear instantaneously. Await few minutes for the program to start if that happens
  • Copy and Paste the following content inside the code box into Zoek's box --
    

Code: [Select]

autoclean;
standardsearch;
iedefaults;
CHRdefaults;
FFdefaults;
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneSystemCare;fp
C:\Program Files (x86)\RapidMediaConverter;fp
C:\Users\Glen's 2010 PC\AppData\Local\RapidMediaConverter;fp
C:\Users\Glen's 2010 PC\AppData\Local\BreakingNewsAlert;fp
C:\Program Files (x86)\Optimizer Pro 3.93;fp
C:\Users\Glen's 2010 PC\AppData\Roaming\Optimizer Pro;fp
C:\Program Files (x86)\CinemaPlus-3.2cV25.05;fp
C:\Users\Glen's 2010 PC\AppData\Local\avabvcxvyx;fp
C:\Users\Glen's 2010 PC\AppData\Local\SearchProtect;fp
C:\Program Files (x86)\SearchProtect;fp
C:\Program Files (x86)\predm;fp
C:\ProgramData\kUDSPkiudU;fp
C:\ProgramData\BreakingNewsAlert;fp
C:\Program Files (x86)\PepperZip;fp
C:\Program Files (x86)\AnyProtectEx;fp
C:\Users\Glen's 2010 PC\AppData\Roaming\AnyProtectEx;fp
C:\Program Files (x86)\Pro PC Cleaner;fp
C:\Users\Glen's 2010 PC\Documents\ProPCCleaner;fp
C:\Program Files (x86)\Ninja Loader;fp
C:\Users\Glen's 2010 PC\AppData\Local\Ninja Loader;fp
C:\Users\Glen's 2010 PC\AppData\Roaming\Pro PC Cleaner;fp
C:\Users\Glen's 2010 PC\AppData\Local\gmsd_us_619;fp
C:\Program Files (x86)\gmsd_us_619;fp
C:\Users\Glen's 2010 PC\Documents\Optimizer Pro;fp
C:\Users\Glen's 2010 PC\AppData\Local\Crossbrowse;fp
C:\Program Files\WebBar;fp
C:\Program Files (x86)\Crossbrowse;fp
C:\ProgramData\Kromtech;fp
C:\Users\Glen's 2010 PC\AppData\Local\EmieBrowserModeList;fp
C:\Users\Glen's 2010 PC\AppData\Local\EmieUserList;fp
C:\Users\Glen's 2010 PC\AppData\Local\EmieSiteList;fp
ipconfig /flushdns;b
ipconfig /release;b
ipconfig /renew;b
netsh winsock reset catalog;b
bitsadmin /reset /allusers;b


• Close all open Windows including your web-browser.
• Click on Run Script.
  
• Your system may reboot and a log file will open which is also located in your systemdrive.
• Copy and Paste the contents of the log in your next reply.

[REDACTED]

You should not make shortcut of the file and the fixlist like you did here:

2015-06-18 00:34 - 2015-06-18 00:32 - 00060877 _____ C:\Users\Glen's 2010 PC\Desktop\fixlist - Copy.txt
2015-06-18 00:34 - 2015-06-18 00:26 - 00001563 _____ C:\Users\Glen's 2010 PC\Desktop\FRST64(5) - Shortcut - Copy.lnk
2015-06-18 00:23 - 2015-06-18 00:49 - 00001243 _____ C:\Users\Glen's 2010 PC\Desktop\FRST64(5) - Shortcut.lnk

You were to copy the FRST.exe and put it into your Desktop. You were to download/make the Fixlist.txt and saved it to your Desktop without renaming such as fixlist - Copy.txt.

An example would be the following scenario:
You have the following files in the Desktop like:

C:\Users\Glen's 2010 PC\Desktop\fixlist.txt
C:\Users\Glen's 2010 PC\Desktop\FRST64.exe

You run FRST64.exe as an administrator and click on 'Fix'. The fix should work then.

Regards,
Valinorum