[heyage13]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-12-2014

Ran by Office PC at 2014-12-03 20:17:16 Run:1

Running from C:\Users\Office PC\Desktop

Loaded Profile: Office PC (Available profiles: Office PC)

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

SearchScopes: HKLM-x32 -> DefaultScope value is missing.

2014-11-25 18:40 - 2014-11-25 18:40 - 00783352 _____ (Elex do Brasil Participações Ltda) C:\Users\Office PC\Downloads\yet_another_cleaner_avae (1).exe

2014-11-24 22:15 - 2014-11-24 22:15 - 01058272 _____ () C:\Users\Office PC\Downloads\Setup (1).exe

2014-11-23 20:01 - 2014-11-23 20:01 - 01040360 _____ () C:\Users\Office PC\Downloads\flashplayer (3).exe

2014-11-23 12:08 - 2014-11-23 12:08 - 01040368 _____ () C:\Users\Office PC\Downloads\flashplayer (2).exe

2014-11-23 12:06 - 2014-11-23 12:06 - 00773824 _____ (Elex do Brasil Participações Ltda) C:\Users\Office PC\Downloads\yet_another_cleaner_avae.exe

2014-11-22 00:55 - 2014-11-22 00:55 - 01040368 _____ () C:\Users\Office PC\Downloads\flashplayer (1).exe

2014-11-22 00:55 - 2014-11-22 00:55 - 01040360 _____ () C:\Users\Office PC\Downloads\flashplayer.exe

2014-11-20 23:46 - 2014-11-20 23:46 - 00930768 _____ () C:\Users\Office PC\Downloads\Setup.exe

Task: {DE933F40-BFB9-4F55-AECE-8ECF1E423AAE} - \AutoKMS No Task File <==== ATTENTION

EmptyTemp:

CMD: bitsadmin /reset /allusers

 

*****************

 

"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

C:\Users\Office PC\Downloads\yet_another_cleaner_avae (1).exe => Moved successfully.

C:\Users\Office PC\Downloads\Setup (1).exe => Moved successfully.

C:\Users\Office PC\Downloads\flashplayer (3).exe => Moved successfully.

C:\Users\Office PC\Downloads\flashplayer (2).exe => Moved successfully.

C:\Users\Office PC\Downloads\yet_another_cleaner_avae.exe => Moved successfully.

C:\Users\Office PC\Downloads\flashplayer (1).exe => Moved successfully.

C:\Users\Office PC\Downloads\flashplayer.exe => Moved successfully.

C:\Users\Office PC\Downloads\Setup.exe => Moved successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{DE933F40-BFB9-4F55-AECE-8ECF1E423AAE}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE933F40-BFB9-4F55-AECE-8ECF1E423AAE}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.

 

=========  bitsadmin /reset /allusers =========

 

 

BITSADMIN version 3.0 [ 7.5.7601 ]

BITS administration utility.

© Copyright 2000-2006 Microsoft Corp.

 

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.

Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

 

{F331E295-70B6-43D7-9F07-E7E3BEC0A779} canceled.

{BB229EF7-C4B1-4510-ADC3-6929169335F9} canceled.

2 out of 2 jobs canceled.

 

========= End of CMD: =========

 

EmptyTemp: => Removed 440 MB temporary data.

 

 

The system needed a reboot. 

 

==== End of Fixlog ====

 

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 12/3/2014

Scan Time: 8:26:16 PM

Logfile: MB log.txt

Administrator: Yes

 

Version: 2.00.4.1028

Malware Database: v2014.12.04.01

Rootkit Database: v2014.12.03.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Office PC

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 319854

Time Elapsed: 9 min, 9 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 1

Rogue.Multiple, C:\ProgramData\3872871776, Quarantined, [5e19c995423a96a01e9f22e1f70c7d83], 

 

Files: 1

Hacktool.Patcher, C:\Program Files (x86)\VirtualDJ\2010kaiser PATCH.exe, Quarantined, [d2a565f90c706dc91dd9795dd92bd927], 

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

 

-__________________________________________________________________________________________

 

 Results of screen317's Security Check version 0.99.91  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  

 Internet Explorer 11  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

Microsoft Security Essentials   

 Antivirus up to date!  

`````````Anti-malware/Other Utilities Check:````````` 

 Java 7 Update 71  

 Adobe Reader XI  

 Google Chrome (39.0.2171.71) 

````````Process Check: objlist.exe by Laurent````````  

 Microsoft Security Essentials MSMpEng.exe 

 Microsoft Security Essentials msseces.exe 

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C: 0% 

````````````````````End of Log`````````````````````` 

[Advertisements]

How is the computer running now?

[23red]

How is the computer running now?

[heyage13]

Computer is running great!

 

Thanks for all your help it's been much appreciated. I'm assuming I am free and clear?

[23red]

Excellent   I'm glad you are happy
 
 Almost fnished     I need to cleanup after myself.  This will remove the tools I've used  and clear up restore points  

 

 

• Download Delfix from here
• Ensure Remove disinfection tools is ticked
  Also tick:
  • Create registry backup
  • Purge system restore

   

  

   

• Click Run

 

The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply so I can make sure all is well.

 

Thank you

[heyage13]

# DelFix v10.8 - Logfile created 05/12/2014 at 20:28:55

# Updated 29/07/2014 by Xplode

# Username : Office PC - OFFICEPC-PC

# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

 

~ Removing disinfection tools ...

 

Deleted : C:\_OTL

Deleted : C:\FRST

Deleted : C:\Users\Office PC\Downloads\FRST-OlderVersion

Deleted : C:\Users\Office PC\Desktop\FRST-OlderVersion

Deleted : C:\Users\Office PC\Desktop\Fixlog.txt

Deleted : C:\Users\Office PC\Desktop\FRST64.exe

Deleted : C:\Users\Office PC\Desktop\SecurityCheck.exe

Deleted : C:\Users\Office PC\Downloads\Addition.txt

Deleted : C:\Users\Office PC\Downloads\adwcleaner_4.101 (1).exe

Deleted : C:\Users\Office PC\Downloads\adwcleaner_4.101.exe

Deleted : C:\Users\Office PC\Downloads\CKScanner.exe

Deleted : C:\Users\Office PC\Downloads\FRST.txt

Deleted : C:\Users\Office PC\Downloads\JRT.exe

Deleted : HKLM\SOFTWARE\OldTimer Tools

Deleted : HKLM\SOFTWARE\AdwCleaner

 

~ Creating registry backup ... OK

 

~ Cleaning system restore ...

 

Deleted : RP #116 [Scheduled Checkpoint | 11/22/2014 22:02:19]

Deleted : RP #117 [Windows Update | 11/23/2014 17:08:15]

Deleted : RP #118 [OTL Restore Point - 11/25/2014 7:46:01 PM | 11/26/2014 00:46:02]

Deleted : RP #119 [Windows Update | 11/26/2014 22:12:15]

Deleted : RP #120 [Removed Java 7 Update 60 (64-bit) | 12/01/2014 17:21:44]

Deleted : RP #121 [Windows Update | 12/01/2014 17:27:03]

Deleted : RP #122 [Windows Update | 12/05/2014 22:09:01]

 

New restore point created !

 

########## - EOF - ##########

[23red]

Hello heyage13

Thank you for the log   Alright! Everything looks good Tools are removed, fresh clean restore point set.  Antivirus and Firewall are good to go.  You have Malwarebytes ~ Update it and run it weekly to help keep your system clean.

 

1.
Windows Updates
 
It is critical to have both a firewall and an anti virus to protect your system and to keep them updated, and to keep your operating system up to date make sure Windows Updates are kept current:
A major essential is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats, Microsoft releases security updates that help your computer from becoming vunerable. It is best if you have these set to download automatically.
If they are not already or if you need to check:
 
1. Open Windows Update by clicking the Start Orb. In the search box, type Update, and then, in the list of results, click Windows Update.
 
2. In the left pane, click Change settings.
 
3. Under Important updates, choose the option that you want. Recommended setting: Install updates automatically
 
4. Under Recommended updates, select the Give me recommended updates the same way I receive important updates check box, and then click OK. If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
 
 
*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*
 
2.
Program Updates
 
Keep Installed Programs Up to Date

It's important to keep all other programs on your computer updated because they can also have security vulnerabilities exploited by the malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications to fix vulnerabilities, this can be done manually by using the Update feature included in most programs or you can use the following program to help you with this:
 
FileHippo Update Checker
 
 
*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*
 
3.
CryptoLocker Warning
 
There is a particularly nasty infection out there at the moment.
 
Go here for information about CryptoLocker Ransomeware. Learning about what is out there may help prevent infection. The main thing with this infection here and others like it ~ is Backup. If you're using an external, keep it unplugged to the computer when you're not backing up files or using it. This will prevent the infection from getting to your backed up files if you ever do come across it.
 
We suggest users to Download CryptoPrevent free for home use. It will help prevent CryptoLocker. 
 
*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*

4.
Backups

Keep a backup of your important Files. Now, more than ever, it's especially important to protect your digital Files and memories. This article is full of good information on alternatives for home backup solutions.
 
*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*
 
5.
More Good stuff:

When installing\updating ANY program, make sure you always select Custom installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.
 
When looking to download a program whenever possible go to the authors site.
For example: Don't necessarily click on the top Firefox install listed after a search.  Look at the website it goes to.  In this case it should be Mozilla.org.
FileHippo is also a good place to look for safe downloads.

If you're not positive about a download or file go to jotti or VirusTotal and have it scanned. 
 
Surf safe

[heyage13]

Thanks very much for all your help and useful tips.

[23red]

You're very welcome

[23red]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.