The Security Check log looks good but I spoke prematurely when I said you were clean. I thought we had done the scans for malware remnants but we haven't. I got sidetracked by the problem with the browsers. Also the ComboFix has a designator in the log that I'm asking the developer to clarify.
In the meantime we'll do the scans for malware remnants and I want to look at the registry keys that show information missing.
Since you are not going to keep MalwareBytes running realtime protection but it is still showing that it is running, let's uninstall MalwareBytes and run the MBAM cleanup tool to clear the registry entries that didn't get removed when the trial period expired. Then download a new copy of MalwareBytes to do the scan, but don't activate the free trial, and you should keep it to do on demand scans in the future.Step-1.Program uninstalls1.
Please click the Start Orb, click Control Panel
. Under the Programs
heading click Uninstall a program2.
In the list of programs installed, locate the following program(s):Malwarebytes Anti-Malware version 220.127.116.1103.
Click on each program to highlight it and click Change/Remove
. (Vista/7 users:
right click the program and click Uninstall4.
After the programs have been uninstalled, close the Installed Programs
window and the Control Panel
the computer.Delete the folders associated with the uninstalled programs
.(Only do this if you uninstalled the program)1.
Using Windows Explorer
(to get there right-click your Start button
and click "Explore"
), please delete the following folders(s)
(if present):C:\Program Files\Malwarebytes' Anti-Malware2.
Close Windows Explorer
.MBAM CleanUp Tool
1.Download and save MBAM Cleanup Utility
to your Computer.
2.Run the tool, this utility asks you to restart your computer to complete the uninstall process.
3.Reboot your Computer, Malwarebytes’ anti-malware will be completely removed from your Computer.Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from Here
or HereOnce downloaded, close all programs and browsers on your computer.
Double Click the mbam-setup.exe
file to install the application. (Windows Vista/7 users
will need to right click on the file and click Run As Administrator
, then click the Continue
button on the UAC
Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process.
- When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings.
- When the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- MBAM will now automatically start and you will see a message stating that you should update the program before performing a scan.
- As MBAM will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main program as shown below.
NOTE: When the program loads, Decline the Malwarebytes' Anti-Malware Trial
- On the Scanner tab, make sure the the Perform full scan option is selected and then click on the Scan button to start scanning your computer.
- MBAM will now start scanning your computer for malware. This process can take quite a while, so I suggest you go and do something else and periodically check on the status of the scan. When MBAM is scanning it will look like the image below.
- When the scan is finished a message box will appear as shown in the image below.
You should click on the OK button to close the message box and continue with the removal process.
- You will now be back at the main Scanner screen. At this point you should click on the Show Results button.
- A screen displaying all the malware that the program found will be shown as seen in the image below. Please note that the infections found may be different than what is shown in the image.
- Make sure that everything is checked, and click Remove Selected.<---Very Important
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy&Paste the entire report in your next reply.
If asked to restart the computer, please do so immediately.I would suggest that you keep this antimalware program.
Run a Quick Scan frequently and a Full Scan every week or so. Update the definition files before running a scan. Click the Update
tab and update from there.Step-2. Run ESET Online Scanner:Note:
You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus
, how to do so can be read here
.Vista / 7 users:
You will need to to right-click on the either the IE
icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from
the context menu.Note:
Do not forget to re-enable your Anti-Virus application after running the above scan!Step-3. OTL Custom Scan1.
Please copy the text in the code box below and paste it in the
box in OTL
. To do that:
- Highlight everything inside the code box, right click the mouse and click Copy.
on the desktop. To do that:
Step-4.Things For Your Next Post:1.
- Double click on the OTL icon to run it. (Vista / 7 Users:Right click on the icon and click Run as Administrator)
Make sure all other windows are closed.
- You will see a console like the one below:
- Click the greyed out None button at the top of the console
- Make sure the Output box at the top is set to Standard Output.
- Place the mouse pointer inside the box, right click and click Paste. This will put the above script inside OTL
- Click the button. Do not change any settings unless otherwise told to do so.
- Let the scan run uninterrupted.
- When the scan completes, it will open OTL.Txt. This file is also saved in the same location as OTL (it should be on your desktop).
- Please copy the contents of this file and paste it into your reply. To do that:
- On the OTL.txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
- Right click inside the forum post window then click Paste. This will paste the contents of the OTL.txt file in the in the post window.
the MBAM log2.
The ESET scan log3.
The new OTL.txt log