Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Laptop full of viruses need help removing [Solved]

viruses adware optimizer pro reg clean pro buenosearch

  • This topic is locked This topic is locked

#16
djmarzy

djmarzy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

zoek results

 

 
Zoek.exe v5.0.0.0 Updated 05-July-2014
Tool run by -LUKE- on 11/07/2014 at 21:52:51.88.
Microsoft® Windows Vista™ Home Basic  6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\-LUKE-\Desktop\zoek.exe [Scan all users] [Script inserted] 
 
==== Older Logs ======================
 
C:\zoek-results2014-07-10-133756.log 48211 bytes
C:\zoek-results2014-07-10-223002.log 81053 bytes
 
==== System Restore Info ======================
 
11/07/2014 21:54:50 Zoek.exe System Restore Point Created Succesfully.
 
==== Installed Programs ======================
 
æTorrent  
Acer eDataSecurity Management  
Acer Empowering Technology  
Acer ePresentation Management  
Acer eSettings Management  
Adobe AIR  
Adobe Download Manager  
Adobe Flash Player 14 ActiveX  
Adobe Flash Player 14 Plugin  
Adobe Reader X (10.1.1)  
Adobe Shockwave Player 11.5  
Apple Application Support  
Apple Mobile Device Support  
Apple Software Update  
ASIO4ALL  
Atheros Driver Installation Program  
Bonjour  
Broadcom Driver v4.170.25.19_Foxconn Installation Program  
FL Studio 11  
FlowStone FL 3.0  
Free File Viewer 2014  
GEAR 32bit Driver Installer  
Google Chrome  
Google Update Helper  
Hercules DJ Products Series drivers  
High-Definition Video Playback  
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)  
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)  
iCloud  
iFunbox (v2.8.2414.748), iFunbox DevTeam  
IL Download Manager  
IL Shared Libraries  
ImgBurn  
Intel® Graphics Media Accelerator Driver  
iTunes  
Java 7 Update 55  
Java DB 10.6.2.1  
Java™ SE Development Kit 6 Update 24  
JavaFX 2.1.1  
K-Lite Codec Pack 5.2.0 (Full)  
Malwarebytes Anti-Malware version 1.75.0.1300  
Microsoft .NET Framework 3.5 SP1  
Microsoft .NET Framework 4.5.1  
Microsoft Security Client  
Microsoft Security Essentials  
Microsoft Silverlight  
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Windows Media Center SDK 5.3  
Microsoft_VC80_ATL_x86  
Microsoft_VC80_CRT_x86  
Microsoft_VC80_MFC_x86  
Microsoft_VC80_MFCLOC_x86  
Microsoft_VC90_ATL_x86  
Microsoft_VC90_CRT_x86  
Microsoft_VC90_MFC_x86  
MSXML 4.0 SP2 (KB927978)  
MSXML 4.0 SP2 (KB954430)  
MSXML 4.0 SP2 (KB973688)  
MSXML 4.0 SP3 Parser  
MSXML 4.0 SP3 Parser (KB2721691)  
MSXML 4.0 SP3 Parser (KB2758694)  
MSXML 4.0 SP3 Parser (KB973685)  
Nero 10 Menu TemplatePack Basic  
Nero 10 Movie ThemePack Basic  
Nero BackItUp 10 Help (CHM)  
Nero BurningROM 10 Help (CHM)  
Nero BurnRights 10 Help (CHM)  
Nero Control Center 10  
Nero ControlCenter 10 Help (CHM)  
Nero Core Components 10  
Nero CoverDesigner 10 Help (CHM)  
Nero DiscCopyGadget 10 Help (CHM)  
Nero DiscSpeed 10 Help (CHM)  
Nero Dolby Files 10  
Nero Express 10 Help (CHM)  
Nero InfoTool 10 Help (CHM)  
Nero Recode 10 Help (CHM)  
Nero RescueAgent 10 Help (CHM)  
Nero SoundTrax 10 Help (CHM)  
Nero StartSmart 10 Help (CHM)  
Nero Vision 10 Help (CHM)  
Nero WaveEditor 10 Help (CHM)  
NeroKwikMedia Help (CHM)  
neroxml  
QuickTime 7  
reFX Nexus VSTi RTAS v2.2.0  
Revo Uninstaller Pro 3.0.8  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)  
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)  
Sylenth1 v2.20  
TuneUp Utilities Language Pack (en-GB)  
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)  
VirtualDJ PRO Full  
VLC media player 1.1.8  
Windows Media Player Firefox Plugin  
WinRAR archiver  
 
==== Running Processes ======================
 
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\-LUKE-\Desktop\zoek.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k swprv
 
==== Services (whitelist) ======================
Powered by E Dev
 
R2 - [MsMpSvc] - Microsoft Antimalware Service - "c:\Program Files\Microsoft Security Client\MsMpEng.exe"
R2 - [slsvc] - Software Licensing - C:\Windows\system32\SLsvc.exe
R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - "C:\Program Files\Windows Media Player\wmpnetwk.exe"
R2 - [WSearch] - Windows Search - C:\Windows\system32\SearchIndexer.exe /Embedding
R3 - [VSS] - Volume Shadow Copy - C:\Windows\system32\vssvc.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
S3 - [ALG] - Application Layer Gateway Service - C:\Windows\System32\alg.exe
S3 - [aspnet_state] - ASP.NET State Service - C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
S3 - [COMSysApp] - COM+ System Application - C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 - [DFSR] - DFS Replication - C:\Windows\system32\DFSR.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
S3 - [gupdatem] - Google Update Service (gupdatem) - "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc
S3 - [IDriverT] - InstallDriver Table Manager - "C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"
S3 - [iPod Service] - iPod Service - "C:\Program Files\iPod\bin\iPodService.exe"
S3 - [MSDTC] - Distributed Transaction Coordinator - C:\Windows\System32\msdtc.exe
S3 - [msiserver] - Windows Installer - C:\Windows\system32\msiexec /V
S3 - [NisSrv] - Microsoft Network Inspection - "c:\Program Files\Microsoft Security Client\NisSrv.exe"
S3 - [NMIndexingService] - NMIndexingService - "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe"
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - C:\Windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - C:\Windows\System32\snmptrap.exe
S3 - [TrustedInstaller] - Windows Modules Installer - C:\Windows\servicing\TrustedInstaller.exe
S3 - [vds] - Virtual Disk - C:\Windows\System32\vds.exe
S3 - [wmiApSrv] - WMI Performance Adapter - C:\Windows\system32\wbem\WmiApSrv.exe
S3 - [WPFFontCache_v0400] - Windows Presentation Foundation Font Cache 4.0.0.0 - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
S4 - [AdobeARMservice] - Adobe Acrobat Update Service - "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe"
S4 - [Apple Mobile Device] - Apple Mobile Device - "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
S4 - [Bonjour Service] - Bonjour Service - "C:\Program Files\Bonjour\mDNSResponder.exe"
S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
S4 - [eDataSecurity Service] - eDataSecurity Service - "C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe"
S4 - [eRecoveryService] - eRecovery Service - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
S4 - [eSettingsService] - eSettings Service - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
S4 - [gupdate] - Google Update Service (gupdate) - "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
S4 - [HerculesDJControlMP3] - Hercules DJ Control MP3 - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\x86\HerculesDJControlMP3.EXE
 
==== System Specs ======================
 
Windows: Windows Vista Home Basic Edition Service Pack 2 (Build 6002)
Memory (RAM): 1014 MB
CPU Info: Intel® Celeron® CPU          530  @ 1.73GHz
CPU Speed: 1683.3 MHz
Sound Card: Speakers (High Definition Audio | 
Display Adapters: Mobile Intel® 965 Express Chipset Family | Mobile Intel® 965 Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1280 X 800 - 32 bit
Network: Network Present
Network Adapters: Atheros AR5007EG Wireless Network Adapter | Generic Marvell Yukon Chipset based Ethernet Controller
CD / DVD Drives: 1x (D: | ) D: MATSHITADVD-RAM UJ-850S
Ports: COM3 LPT Port NOT Present. 
Mouse: 2 Button Mouse Present
Hard Disks: C:  64.8GB
Hard Disks - Free: C:  8.2GB
Manufacturer *: Phoenix Technologies LTD
BIOS Info: AT/AT COMPATIBLE | 09/05/07 | ACRSYS - 6040000
Time Zone: GMT Standard Time
Motherboard *: Acer            Volvi2
Country: United Kingdom 
Language: ENG 
 
==== System Specs (Software) ======================
 
Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Default Browser: Google Chrome 35.0.1916.153
Internet Explorer Version: 9.0.8112.16421 
Google Chrome version: 35.0.1916.153
Sun Java version: 1.7.0_55 (32-bit) 
Flash Player version: 14.0.0.145
Shockwave Player version: 11.5.9r620
 
==== Files Recently Created / Modified ======================
 
====== C:\Windows ====
====== C:\Users\-LUKE-\AppData\Local\Temp ====
2014-07-11 16:35:21 86F1895AE8C5E8B17D99ECE768A70732 348160 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\msvcr71.dll
2014-07-11 16:35:21 86F1895AE8C5E8B17D99ECE768A70732 348160 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\msvcr71.dll
2014-07-11 16:35:21 561FA2ABB31DFA8FAB762145F81667C2 499712 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\msvcp71.dll
2014-07-11 16:35:21 561FA2ABB31DFA8FAB762145F81667C2 499712 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\msvcp71.dll
2014-07-11 16:35:21 55A3768099D89870A77BC93CB37E08B4 61440 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\english\Base.dll
2014-07-11 16:35:21 55A3768099D89870A77BC93CB37E08B4 61440 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\english\Base.dll
2014-07-11 16:35:21 4EF2C07E609A13DFA539E918534C23A3 147456 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\aswRes.dll
2014-07-11 16:35:21 4EF2C07E609A13DFA539E918534C23A3 147456 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\aswRes.dll
2014-07-11 16:35:20 F04E6FC03EA56F0A09E632B224758F47 118784 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\ashTask.dll
2014-07-11 16:35:20 F04E6FC03EA56F0A09E632B224758F47 118784 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\ashTask.dll
2014-07-11 16:35:20 DD941B3009294441FBBD2019098F2260 233472 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\ashSSqlt.dll
2014-07-11 16:35:20 DD941B3009294441FBBD2019098F2260 233472 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\ashSSqlt.dll
2014-07-11 16:35:20 ACA1DF15A75F066837525FAEA5E2BE46 48128 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\ashSXML.dll
2014-07-11 16:35:20 ACA1DF15A75F066837525FAEA5E2BE46 48128 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\ashSXML.dll
2014-07-11 16:35:20 54C458A07FA6D44EE640777013E92A15 225280 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\ashBase.dll
2014-07-11 16:35:20 54C458A07FA6D44EE640777013E92A15 225280 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\ashBase.dll
2014-07-11 16:35:20 400F4A04D5D955BAD183B520BA1479E6 659456 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\aswAux.dll
2014-07-11 16:35:20 400F4A04D5D955BAD183B520BA1479E6 659456 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\aswAux.dll
2014-07-11 11:47:24 84E5F3986B04E57B2F89DCA6734F4AEE 8512320 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\data\uiaux0.dll
2014-07-11 11:47:24 84E5F3986B04E57B2F89DCA6734F4AEE 8512320 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\data\uiaux0.dll
2014-07-11 11:47:16 6AE2DDEF58A2E7088BC18FC4512AF054 2064520 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\data\aswar0.dll
2014-07-11 11:47:16 6AE2DDEF58A2E7088BC18FC4512AF054 2064520 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\data\aswar0.dll
2014-07-11 11:47:15 714CA51DE52C4071F136B524D48D63BD 10536 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\data\exts0.dll
2014-07-11 11:47:15 714CA51DE52C4071F136B524D48D63BD 10536 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\data\exts0.dll
2014-07-11 11:47:00 2846C04A98727A06E792FB26ABC50916 391216 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\data\clnr0.dll
2014-07-11 11:47:00 2846C04A98727A06E792FB26ABC50916 391216 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\data\clnr0.dll
2014-07-11 11:41:38 6B198F82D25A06E2E402385038E6785B 1228800 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\aswEngin.dll
2014-07-11 11:41:38 6B198F82D25A06E2E402385038E6785B 1228800 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\aswEngin.dll
2014-07-11 11:41:38 13EEB998A123530809BFBC16A6BE580E 192512 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\aswCmnS.dll
2014-07-11 11:41:38 13EEB998A123530809BFBC16A6BE580E 192512 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\aswCmnS.dll
2014-07-11 11:41:38 088022E7418526C11831394502A6E5BD 86016 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\aswScan.dll
2014-07-11 11:41:38 088022E7418526C11831394502A6E5BD 86016 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\aswScan.dll
2014-07-11 11:41:38 01033EDA5F63E4BA48C25099CE9D6BDD 81920 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\aswCmnOS.dll
2014-07-11 11:41:38 01033EDA5F63E4BA48C25099CE9D6BDD 81920 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\aswCmnOS.dll
2014-07-11 11:41:37 99F500385CB4DFF826F0A9058BEE2C98 131072 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\aswCmnB.dll
2014-07-11 11:41:37 99F500385CB4DFF826F0A9058BEE2C98 131072 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\_av4_\aswCmnB.dll
2014-07-10 22:43:22 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2014-07-10 22:43:22 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
====== Java Cache =====
2014-07-11 16:40:15 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\-LUKE-\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-4aa9d7c0
2014-07-11 16:40:15 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\-LUKE-\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-4aa9d7c0
====== C:\Windows\system32 =====
2014-07-10 22:51:20 E61114EA07574E25F31C55988EA65F6E 172032 ----a-w- C:\Windows\System32\igfxres.dll
2014-07-10 22:35:56 0DC5AF80D059DEC792B665ED598C6567 536576 ----a-w- C:\Windows\System32\sqlite3.dll
2014-07-10 13:12:37 130AD89BC58016AF6C8DCD884946D71B 2051072 ----a-w- C:\Windows\System32\win32k.sys
2014-07-10 13:12:32 69407A3E716210A27CD1DAC2DBC8D658 506880 ----a-w- C:\Windows\System32\qedit.dll
2014-07-10 13:12:16 7C5308EF989ED1D58FF104D6685EC19F 421376 ----a-w- C:\Windows\System32\vbscript.dll
2014-07-10 13:12:14 3529CC014F68A6807599B0B4E4D79879 353792 ----a-w- C:\Windows\System32\dxtmsft.dll
2014-07-10 13:12:13 A4636CC74620EC3EE05131655E36FBFB 717824 ----a-w- C:\Windows\System32\jscript.dll
2014-07-10 13:12:12 61D9AD9E55D7A1E10C0EF701ADE1C486 1129472 ----a-w- C:\Windows\System32\wininet.dll
2014-07-10 13:12:11 87061403346685B82D9E1300EBD0D84C 73728 ----a-w- C:\Windows\System32\mshtmled.dll
2014-07-10 13:12:11 6D85994A1B5B811E19CF761AF42B3453 176640 ----a-w- C:\Windows\System32\ieui.dll
2014-07-10 13:12:11 47297C4CA64236DA125951A8879D512B 223232 ----a-w- C:\Windows\System32\dxtrans.dll
2014-07-10 13:12:10 07AA09C276D0A9AAF215C5831FC5A068 1810432 ----a-w- C:\Windows\System32\jscript9.dll
2014-07-10 13:12:03 BEFE2A3B0FD950E895A623DF4238247E 12353024 ----a-w- C:\Windows\System32\mshtml.dll
2014-07-10 13:11:56 6B65935D3CC6067A21CF2A546FF0E860 10752 ----a-w- C:\Windows\System32\msfeedssync.exe
2014-07-10 13:11:56 01DF51C566DBD1FD2EB71FC1F7ED0163 41472 ----a-w- C:\Windows\System32\msfeedsbs.dll
2014-07-10 13:11:55 1194A8254BCB718632C9FD59B536E59D 607744 ----a-w- C:\Windows\System32\msfeeds.dll
2014-07-10 13:11:55 0510617D8970EFFEAF0925CC578E8A6C 65024 ----a-w- C:\Windows\System32\jsproxy.dll
2014-07-10 13:11:54 CF17BB569F00CBFB31ADD37E6D0CE49F 231936 ----a-w- C:\Windows\System32\url.dll
2014-07-10 13:11:48 50A9D2A6D74339C927B73F1DEA396380 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2014-07-10 13:11:46 9CE5BD4C26F8DE6FB34AF91F9A5EF30F 142848 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-07-10 13:11:43 83048D7A0993EF8D45D1CACA205F8C5E 1796096 ----a-w- C:\Windows\System32\iertutil.dll
2014-07-10 13:11:42 2A88BA359F10E9957EE08BC01C1DD764 9711616 ----a-w- C:\Windows\System32\ieframe.dll
2014-07-10 13:11:40 ACFC12807A5EA0771EE5A602CCDE7E64 1106432 ----a-w- C:\Windows\System32\urlmon.dll
2014-07-10 13:11:39 520F221209823156E53F5022C7106BC9 11776 ----a-w- C:\Windows\System32\mshta.exe
2014-07-10 13:11:38 1FC96DDA638BD3BEFD8065515F2AF4C4 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-07-09 23:19:34 EEA80AB2D477D2CA04A4AE395CFEE1EC 660760 ----a-w- C:\Windows\System32\rllsearch
2014-07-03 20:40:41 9033DAF3277F0498BC86C8D4566C25CE 1554944 ----a-w- C:\Windows\System32\vorbis.acm
====== C:\Windows\system32\drivers =====
2014-07-10 13:12:27 F5272A105F59A7B3B345D9D6D87DA7AD 273408 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-07-09 23:03:03 637318A990CCFB83C5FD40BDBB19E81B 18360 ----a-w- C:\Windows\System32\drivers\SPPD.sys
2014-07-03 23:33:49 CBEAEA2729985BFB260641AB424E0166 320120 ----a-w- C:\Windows\System32\drivers\sptd.sys
2014-06-12 17:12:37 A4196D394207369E1431E8681B373312 915392 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-06-12 17:12:37 95389980F70FC4990A4395A0B8BBE1D6 31232 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
====== C:\Windows\Tasks ======
2014-07-09 23:24:02 7B6627B2B3CBF604F240A0064C8F1D5E 3236 ----a-w- C:\Windows\system32\Tasks\Optimizer Pro Schedule
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-07-04 00:22:18 -------- d-----w- C:\Program Files\Steinberg
2014-07-04 00:04:08 -------- d-----w- C:\Program Files\Common Files\Digidesign
2014-07-03 20:43:32 -------- d-----w- C:\Program Files\ASIO4ALL v2
2014-07-03 20:43:14 -------- d-----w- C:\Program Files\VstPlugins
2014-07-03 20:40:16 -------- d-----w- C:\Program Files\DSPRobotics
2014-07-03 20:27:40 -------- d-----w- C:\Program Files\Image-Line
2014-06-30 20:30:36 -------- d-----w- C:\Program Files\iPod
======= C: =====
====== C:\Users\-LUKE-\AppData\Roaming ======
2014-07-10 22:26:27 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2014-07-10 22:26:27 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2014-07-10 22:26:27 -------- d-----w- C:\Users\Guest\AppData\Local\Temp
2014-07-10 22:26:27 -------- d-----w- C:\Users\Default\AppData\Local\Temp
2014-07-10 22:26:27 -------- d-----w- C:\Users\Default User\AppData\Local\Temp
2014-07-10 22:26:26 -------- d-----w- C:\Users\-LUKE-\AppData\Local\Temp
2014-07-10 22:26:26 -------- d-----w- C:\Users\-LUKE-\AppData\Local\Temp
2014-07-06 01:34:37 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\VS Revo Group
2014-07-06 01:34:37 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\VS Revo Group
2014-07-03 20:43:33 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-07-03 20:43:33 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-07-03 20:41:40 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Image-Line
2014-07-03 20:41:40 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Image-Line
2014-07-03 20:41:39 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-07-03 20:41:39 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-07-03 20:40:18 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\FlowStone
2014-07-03 20:40:18 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\FlowStone
2014-06-30 21:46:58 -------- d-----w- C:\Users\-LUKE-\AppData\Local\pangu
2014-06-30 21:46:58 -------- d-----w- C:\Users\-LUKE-\AppData\Local\pangu
2014-06-22 15:18:09 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Media Player Classic
2014-06-22 15:18:09 -------- d-----w- C:\Users\-LUKE-\AppData\Roaming\Media Player Classic
====== C:\Users\-LUKE- ======
2014-07-11 11:39:05 9302D77A9F6683672A4F231DA2B86059 5185536 ----a-w- C:\Users\-LUKE-\Desktop\aswMBR.exe
2014-07-11 11:39:05 9302D77A9F6683672A4F231DA2B86059 5185536 ----a-w- C:\Users\-LUKE-\Desktop\aswMBR.exe
2014-07-04 00:22:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2014-07-04 00:04:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX
2014-06-30 20:34:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-30 20:29:30 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
 
====== C: exe-files ==
2014-07-11 11:39:05 9302D77A9F6683672A4F231DA2B86059 5185536 ----a-w- C:\Users\-LUKE-\Desktop\aswMBR.exe
2014-07-10 22:43:22 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2014-07-10 13:11:56 F1D33F2C0AEDE67F85D9578BA49010DA 223232 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2014-07-10 13:11:56 8319DBE0C358D9330DB92AD41CD2C469 22528 ----a-w- C:\Program Files\Internet Explorer\ExtExport.exe
2014-07-10 13:11:56 6B65935D3CC6067A21CF2A546FF0E860 10752 ----a-w- C:\Windows\System32\msfeedssync.exe
2014-07-10 13:11:55 AA9B90593C22088BF7B5F729031A1C26 469504 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2014-07-10 13:11:46 9CE5BD4C26F8DE6FB34AF91F9A5EF30F 142848 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-07-10 13:11:45 08ED70F000508724BAF881AA07C21BE1 758000 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2014-07-10 13:11:39 520F221209823156E53F5022C7106BC9 11776 ----a-w- C:\Windows\System32\mshta.exe
2014-07-05 14:47:23 FB44E4C071B537EC3F2AF07C245E2973 695578 ----a-w- C:\Program Files\Image-Line\FL Studio 11\Plugins\VST\VSTPlugins\Sylenth1\unins000.exe
=== C: other files ==
2014-07-10 22:43:22 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\TDL4.bat
2014-07-10 22:43:22 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\medfos.bat
2014-07-10 22:43:22 A87CD1BAC46CAC0EEEDB571F07077032 8104 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\modules.bat
2014-07-10 22:43:22 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\searchlnk.bat
2014-07-10 22:43:22 7D8282EB94B5D639B7378811C1924A8F 9516 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\runvalues.bat
2014-07-10 22:43:22 5B92615B0CEA08D6BA1217C08CBB1443 15919 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\get.bat
2014-07-10 22:43:22 5B71358F97544D9DE58A9A0893079506 39458 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\prelim.bat
2014-07-10 22:43:22 3BC04DEBBE9027060D51901133F60101 154678 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\misc.bat
2014-07-10 22:43:22 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\iexplore.bat
2014-07-10 22:43:22 2F80D807DB405C8F6E0F3706B9FED710 10161 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\JRT.bat
2014-07-10 22:43:21 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\firefox.bat
2014-07-10 22:43:21 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\ev_clear.bat
2014-07-10 22:43:21 654E9FE74B930A454EE5BDE165794B65 85 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\delorphans.bat
2014-07-10 22:43:21 53B191266B30D57F2F835ABBF54C68C5 13963 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\chrome.bat
2014-07-10 22:43:21 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\ask.bat
2014-07-10 22:43:21 0D08FBD2E6F6C6AC6A504712C4CE6CE3 1226 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\FWPolicy.bat
2014-07-10 22:43:21 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- C:\Users\-LUKE-\AppData\Local\Temp\jrt\delfolders.bat
2014-07-10 13:12:37 130AD89BC58016AF6C8DCD884946D71B 2051072 ----a-w- C:\Windows\System32\win32k.sys
2014-07-10 13:12:27 F5272A105F59A7B3B345D9D6D87DA7AD 273408 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-07-09 23:03:03 637318A990CCFB83C5FD40BDBB19E81B 18360 ----a-w- C:\Windows\System32\drivers\SPPD.sys
2014-07-08 19:24:09 D7C414D4517212709B258F61F33DCE9C 5001 ----a-w- C:\Users\-LUKE-\Downloads\Proxy Chord Leads.zip
2014-07-05 15:29:25 561C7E42010B469640B60CC8DEA64744 19221903 ----a-w- C:\Users\-LUKE-\Downloads\3.0.0.106__Compressor DeEsser.zip
 
==== Startup Registry Enabled ======================
 
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"
 
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"Hercules DJ Series"="C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe /boot"
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"
 
==== Startup Registry Disabled ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""
 
 
==== Task Scheduler Jobs ======================
 
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [08/07/2014 21:06]
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf5e455071bfa0.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28/10/2013 17:09]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28/10/2013 17:09]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-114143902-2153543805-3046081360-1000Core.job --a------ C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-114143902-2153543805-3046081360-1000UA.job --a------ C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\User_Feed_Synchronization-{44D07C0B-BFB6-482D-8043-004548F37FC4}.job --ah----- C:\Windows\system32\msfeedssync.exe [06/06/2014 23:53]
 
==== Other Scheduled Tasks ======================
 
"C:\Windows\system32\tasks\0" [c:\program files\internet explorer\iexplore.exe]
"C:\Windows\system32\tasks\4576" [wscript.exe C:\Users\-LUKE-\AppData\Local\Temp\launchie.vbs //B]
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1cf5e455071bfa0" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-114143902-2153543805-3046081360-1000Core" [C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-114143902-2153543805-3046081360-1000UA" [C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\Optimizer Pro Schedule" ["C:\Program Files\Optimizer Pro\OptProLauncher.exe"]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{44D07C0B-BFB6-482D-8043-004548F37FC4}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [29/11/2013 15:33]
 
==== Firefox Extensions ======================
 
==== Firefox Plugins ======================
 
 
==== Chrome Look ======================
 
Google Voice Search Hotword (Beta) - -LUKE-\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Google Wallet - -LUKE-\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Google Docs - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Voice Search Hotword (Beta) - -LUKE-\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Google Wallet - -LUKE-\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
 
==== IE Start and Search Settings ======================
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512  Url="http://www.bing.com/...s}&FORM=IE8SRC"
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=1220 folders=329 236194569 bytes)
 
==== EOF on 11/07/2014 at 22:02:26.67 ======================

  • 0

Advertisements


#17
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi Luke :)

 

mbam-old.png Uninstall outdated Malwarebytes' Anti-Malware

Please download MBAM-clean and save it to your desktop.

  • Right-click on mbam-clean.exe icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • It will ask you to reboot the machine - please do so.

After that please download and install the newest version of MBAM.


51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.

  • Install the progam and select update.
  • Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.

 

Regards,

Naat :)


  • 0

#18
djmarzy

djmarzy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 12/07/2014
Scan Time: 14:30:51
Logfile: malbytsscan.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.07.12.03
Rootkit Database: v2014.07.09.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: -LUKE-
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 318710
Time Elapsed: 27 min, 31 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 6
PUP.Optional.Outbrowse, HKLM\SOFTWARE\CLASSES\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}, Quarantined, [ee91a3fa0a716bcb9f4469243dc57d83], 
PUP.Optional.Outbrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{03771AEF-400D-4A13-B712-25878EC4A3F5}, Quarantined, [ee91a3fa0a716bcb9f4469243dc57d83], 
PUP.Optional.CouponDownloader.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{10AD2C61-0898-4348-8600-14A342F22AC3}, Quarantined, [324dafee88f3b97dbea4252d62a0a759], 
PUP.Optional.DataMngr.A, HKU\S-1-5-21-114143902-2153543805-3046081360-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, Quarantined, [0f701c81017a43f3a06a8373fe05a060], 
PUP.Optional.DataMngr.A, HKU\S-1-5-21-114143902-2153543805-3046081360-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, Quarantined, [1b649c01cfac88ae1bee7a7c15ee659b], 
PUP.Optional.DiscountBuddy.A, HKU\S-1-5-21-114143902-2153543805-3046081360-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Discount Buddy, Quarantined, [1768fba2b3c8b97d9e109c297e841ee2], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 1
PUP.Optional.AdPeak.A, C:\temp, Quarantined, [b4cb35680b702511a40214ad26dcf907], 
 
Files: 8
PUP.Optional.AdPeak.A, C:\temp\t.msi, Quarantined, [9be4e4b9dc9f191df1f9cfba4aba27d9], 
PUP.Optional.RelevantKnowledge, C:\Windows\System32\rllsearch, Quarantined, [94ebe4b9f2898caa09c2733c44c04eb2], 
PUP.Optional.AdPeak.A, C:\temp\lsp2.log, Quarantined, [b4cb35680b702511a40214ad26dcf907], 
PUP.Optional.AdPeak.A, C:\temp\InstallFilter32.msi, Quarantined, [b4cb35680b702511a40214ad26dcf907], 
PUP.Optional.AdPeak.A, C:\temp\output.txt, Quarantined, [b4cb35680b702511a40214ad26dcf907], 
PUP.Optional.AdPeak.A, C:\temp\t.txt, Quarantined, [b4cb35680b702511a40214ad26dcf907], 
PUP.Optional.V9.A, C:\Users\-LUKE-\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.v9.com_0.localstorage, Quarantined, [215e326b2358c76f8d84daefa2608f71], 
PUP.Optional.V9.A, C:\Users\-LUKE-\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.v9.com_0.localstorage-journal, Quarantined, [b1ce960706758fa76aa7f7d2679b6a96], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

#19
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi :)

 

51c9d14017fa0-SecurityCheck.PNG Scan with Security Check

Please download Security Check by Screen317 and save it to your desktop.

  • Right-click on 51c9d14017fa0-SecurityCheck.PNG icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow onscreen instructions inside the black box. This scan won't take long.
  • Soon a notepad document called checkup.txt will open automaticaly.

Please include the content of that document. Do it before DelFix will be fired.


51a5ce45263de-delfix.png Clean with DelFix

Please download DelFix by Xplode and save it to your desktop.

  • Right-click on 51a5ce45263de-delfix.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Ensure that Remove disinfection toolsPurge system restore and Reset system settings are checked.
  • Push Run.
  • When finished, it will display a notepad report.

Include it for my review.
 

Cheers,

Naat :)


  • 0

#20
djmarzy

djmarzy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

naat here are the results from security check, also i noticed a lot of old nero files on some of the scans i dont use nero any more but them file aint on revo uninstaller is there another way i could get rid of them and other old files which i dont use?

 

 Results of screen317's Security Check version 0.99.85  
 Windows Vista Service Pack 2 x86 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 TuneUp Utilities Language Pack (en-GB) 
 JavaFX 2.1.1    
 Java 7 Update 55  
 Java™ SE Development Kit 6 Update 24 
 Java DB 10.6.2.1   
 Java version out of Date! 
 Adobe Flash Player 14.0.0.145  
 Adobe Reader 10.1.1 Adobe Reader out of Date!  
 Google Chrome 35.0.1916.114  
 Google Chrome 35.0.1916.153  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 7 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log`````````````````````` 

  • 0

#21
djmarzy

djmarzy

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 134 posts

delfix results

 

# DelFix v10.7 - Logfile created 12/07/2014 at 20:14:34
# Updated 27/04/2014 by Xplode
# Username : -LUKE- - OWNER-PC
# Operating System : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\_OTL
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\AdwCleaner[S1].txt
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2014-07-10-133756.log
Deleted : C:\zoek-results2014-07-10-223002.log
Deleted : C:\Users\-LUKE-\Desktop\SecurityCheck.exe
Deleted : C:\Users\-LUKE-\Desktop\zoek.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR
 
~ Cleaning system restore ...
 
Deleted : RP #1213 [Scheduled Checkpoint | 07/11/2014 20:01:25]
Deleted : RP #1214 [zoek.exe restore point | 07/11/2014 20:54:22]
Deleted : RP #1215 [Scheduled Checkpoint | 07/12/2014 16:35:46]
 
New restore point created !
 
~ Resetting system settings ... OK
 
########## - EOF - ##########

  • 0

#22
Naathim

Naathim

    GeekU Minion

  • Expert
  • 4,568 posts

Hi Luke. We're almost done here :)


updates.png Update outdated software

Staying always updated is crucial, not only for your operating system, but also for any third-party installed software.
Your logs clearly indicate that some of your apps need updating:

javacup.png Updating Java manually

  • Click the Start button
  • Click Control Panel
  • Double click Java - Looks like a coffee cup. You may have to switch to Classical View to see it.
  • Click the Update tab
  • Click Update Now
  • Allow any updates to be downloaded and installed.
  • If prompted (during the installation) to also install ASK toolbar, leave this unchecked - Ask does not have a good reputation.
  • From Control panel also please remove any older versions of Java - do not leave them installed!.

Please remember to always keep it up to date.

Adobe_Reader_v9-0_icon.png Updating Adobe manually

  • Visit Adobe website.
  • You will see a download option there for the newest Adobe Acrobat version.
  • In the center part you will be prompted to install McAfee Security Scan Plus
  • as a free program. This is foistware. Remember to leave the box for McAfee UNCHECKED.
  • Click on Install, save the file to a convenient location, double-click it and follow the prompts.

Please remember to always keep it up to date.



Below you will find my thoughts about securing your machine. Go ahead through it, you will benefit from some useful advice about safe computing.

 

Recommended reading:

 

icon_exclaim.gif MUST READ - security tips: Computer Security - a short guide to staying safer online.
icon_exclaim.gif MUST READ - general maintenance: What to do if your Computer is running slowly?




Recommended additional software:

 

icon_arrow.gifTFC - to clean unneeded temporary files.
icon_arrow.gifMalwarebytes' Anti-Malware - to scan your system from time to time in search for malware.
icon_arrow.gifMalwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.
icon_arrow.gifMcShield - to prevent infections spread by removable media.
icon_arrow.gifCryptoPrevent - to secure yourself from very severe CryptoLocker infection.
icon_arrow.gif[b]Unchecky
- to prevent from installing additional foistware, implemented in legitimate installations.


Now if you have any other questions, feel free to ask me. Otherwise simply acknowledge my recommendations and this topic will be closed.




Minion-Bye-smaller.jpg


Stay safe,
Naat :)


  • 0

#23
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics


Also tagged with one or more of these keywords: viruses, adware, optimizer pro, reg clean pro, buenosearch

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP