Fixing Pop-up Window Issue with Windows Script Host - Missing Script File

Question

Hello, for several days I have encountered a pop-up window (attachment), could someone help me fix it? ; /

Kolobos · Answer

Use AdwCleaner, Scan and Clean / Search and Delete option: Include in the attachment the logs from FRST (Frst.txt and Addition.txt): Make a full scan with Mbam and delete what it detects:

czarny21223 · Answer

Please, scan results; d

Anonymous · Answer

1 Scan your system well with anti-virus and anti-malware programs. 2 Registry editor find this name and remove it starting in the registry. 3 Check the autostart and run msconfig in the run window, disable this entry if you find it.

czarny21223 · Answer

@chemikpionki I did not understand much what you wrote xd I ended up with the registry editor

Kolobos · Answer

Oczywiscie musiales grzebac w opcjach FRST?

Odinstaluj:
AVG PC TuneUp

Zrob kopie zakladek z Chrome, skrypt usunie katalog profilu przegladarki.

Podany Fixlist dla FRST wykonaj w trybie awaryjnym.

Obok frst.exe utworz plik Fixlist.txt z podana zawartoscia:
Task: {530AD3CB-8A41-4B7B-BE0A-464F195CC2B8} - System32\Tasks\DSdeGlr6TY => C:\DSdeGlr6TYDSdeGlr6TY\DSdeGlr6TY.vbs
Task: {71C15350-0024-4D24-9966-22A4058632C4} - System32\Tasks\UCBrowserSecureUpdater => C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe [2017-03-09] (UC Web Inc.) pcalua.exe -a C:\Users\Patryk\AppData\Local\Microsoft\Windows\INetCache\IE\6YCR1X1N\GTA_V_Launcher_1_0_877_1.exe -d C:\Users\Patryk\Desktop
Task: {9FABD5C4-85DD-4ED0-9C90-13EAE8A27705} - System32\Tasks\Update => C:\Users\Patryk\AppData\Roaming\Microsoft\taskhw.exe
Task: {B9D703FE-F93D-4D16-AEB6-E84068ED00F3} - System32\Tasks\{72237B9E-9250-4B2D-8C14-A1CEE8D26E5F} => Iexplore.exe hxxps://ui.skype.com/ui/0/7.29.0.102/pl/abandoninstall?page=tsProgressBar
Task: {BE04BAB7-305B-4001-A0DA-489F6A2656F7} - System32\Tasks\{565F1667-DBEF-418A-905D-77EF1DCBA866} => pcalua.exe -a "C:\Users\Patryk\Downloads\GTA_V_Launcher_1_0_877_1 (3).exe" -d C:\Users\Patryk\Downloads
Task: {D8FAE531-A598-4A16-89F0-FDC208E20472} - System32\Tasks\{C202F571-E5F1-4C57-AE8E-B63553A53F0C} => pcalua.exe -a C:\Users\Patryk\Desktop\pandora\patcher\PandoraMT2.exe -d C:\Users\Patryk\Desktop\pandora\patcher
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (Brak pliku)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stаrt Тоr Вrоwsеr.lnk -> C:\Users\Patryk\Desktop\Tor Browser\Browser\firefox.bat (Brak pliku)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks\WоrldоfТаnks.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (Brak pliku)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (Brak pliku)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (Brak pliku)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WоrldоfТаnks.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (Brak pliku)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (Brak pliku)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (Brak pliku)
Shortcut: C:\Users\Patryk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (Brak pliku)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (Brak pliku)
ShortcutWithArgument: C:\Users\Patryk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Majuu - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
AlternateDataStreams: C:\WINDOWS\system32\drivers:ucdrv-x64.sys [25444]
AlternateDataStreams: C:\WINDOWS\system32\drivers:x64 [1498914]
AlternateDataStreams: C:\WINDOWS\system32\drivers:x86 [1223458]
Hosts:
(© 2015 Microsoft Corporation) C:\Users\Patryk\AppData\Local\Microsoft\BingSvc\BingSvc.exe
HKLM\...\Winlogon: [Userinit] userinit.exe, [26112 2014-11-21] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe, "C:\KMSpico\KMSpico_Setup.exe"
HKLM-x32\...\Winlogon: [Shell] explorer.exe, "C:\KMSpico\KMSpico_Setup.exe" [ ] () C:\KMSpico\KMSpico_Setup.exe [77960 2015-07-19] (Microsoft Corporation)
HKU\S-1-5-21-4227540301-480783279-3444538377-1001\...\Run: [BingSvc] => C:\Users\Patryk\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-03-24] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-4227540301-480783279-3444538377-1001\...\Run: [Windows] => C:\KMSpico\KMSpico_Setup.exe [77960 2015-07-19] (Microsoft Corporation)
HKU\S-1-5-21-4227540301-480783279-3444538377-1001\...\MountPoints2: {1e5af03c-9565-11e6-82e8-448a5b21a75b} - "F:\Setup.exe"
HKU\S-1-5-21-4227540301-480783279-3444538377-1001\...\MountPoints2: {43864fba-0a13-11e6-826a-448a5b21a75b} - "G:\Setup.exe"
HKU\S-1-5-18\...\Run: [] => [X]
IFEO\ccleaner64.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\iexplore.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\misc.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\origin.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\originer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\startcontrolcenter.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\super charger.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\update.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\wire.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - Brak pliku
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - Brak pliku
ShellExecuteHooks: Brak nazwy - {50F91B90-DE41-11E6-950F-64006A5CFC23} - -> Brak pliku
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => -> Brak pliku
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Brak pliku
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> Brak pliku
GroupPolicy: Ograniczenia {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> Brak pliku
CHR DefaultProfile: ChromeDefaultData
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.startpageing123.com/search/?type=ds&ts=1487704097&z=f6b007186fb21d6649a57b3g6zdb9m8m2edz6g3c9q&from=ggg0221&uid=ST500DM002-1BD142_W2AYLR9ZXXXXW2AYLR9Z&q={searchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData -> startpageing123
CHR Profile: C:\Users\Patryk\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-25]

czarny21223 · Answer

Thanks for your help, I will remember my advice for the future . close

Fixing Pop-up Window Issue with Windows Script Host - Missing Script File

Post #1

Post #2

Post #3

Post #4

Post #5

Post #6

Post #7

Didn't find an answer? Ask Artificial Intelligence

Topic summary