Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

RegSvr32 error The module ""C:\...\Idrrsoft\rbj


  • This topic is locked This topic is locked

#16
kzion

kzion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Hello,it took a while but here is the log

[email protected] as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=ad17cfda1df7b04db9deefde343dbe1b
# engine=21407
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-12-05 06:32:10
# local_time=2014-12-05 12:32:10 (-0600, Central Standard Time (Mexico))
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 446424 169304580 0 0
# scanned=441529
# found=3
# cleaned=3
# scan_time=12909
# nod_component=V3 Build:0x30000000
sh=860EFD5893E4DD4E820227B7DEAD144F974456AC ft=1 fh=c0b9ed8dfe12ffb8 vn="a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Cheat Engine 6.4\standalonephase1.dat"
sh=EB64AF51118C596D984052D31EB5B8581035CCF3 ft=1 fh=7bdd91a320f8d7e0 vn="a variant of Win32/HackTool.Crack.CS potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Child of Light\steam_api.dll"
sh=8CB06BCA312ED2BFA02C7F9344F2717D02ECD931 ft=1 fh=ae24f2cd7ccbd608 vn="a variant of Win32/OpenCandy.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Kzion\Desktop\New folder (2)\temp\CheatEngine64.exe"
 
Thankyou for your time.

  • 0

Advertisements


#17
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

This is very good news. :)

 

Let's just make sure everything is up to date. This tool will do some checking and let us know if anything needs to be updated. Once we get that done, I'll remove all of my tools, give you some suggestions for keeping your machine clean and send you on your way :thumbsup:

 

51c9d14017fa0-SecurityCheck.PNG Scan with Security Check

Please download Security Check by Screen317 and save it to your desktop.

  • Right-click on 51c9d14017fa0-SecurityCheck.PNG icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow onscreen instructions inside the black box. This scan won't take long.
  • Soon a notepad document called checkup.txt will open automaticaly.

Please include the content of that document.


  • 0

#18
kzion

kzion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Good to hear its almost over, and here is the checkup.txt
 
 
Results of screen317's Security Check version 0.99.91  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
ESET Smart Security 6.0   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 TuneUp Utilities 2014   
 TuneUp Utilities 2014 (en-US)  
 TuneUp Utilities 2014   
 Java 7 Update 71  
 Java™ 6 Update 22  
 Adobe Flash Player 15.0.0.239  
 Adobe Reader 10.1.12 Adobe Reader out of Date!  
 Google Chrome (39.0.2171.65) 
 Google Chrome (39.0.2171.71) 
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 2% 
````````````````````End of Log`````````````````````` 
 
 
Thank you for all the help provided.

  • 0

#19
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Real nice! Only two things to tend to.

 

UAC is off. You might want that on. When invoked, it forces you (the user) to click a button before Admin level things occur. Often this is the only thing that stops malware from launching! In other words, you are clicking along on the Internet or whatever and suddenly a dialog box pops up asking permission to run something, (especially something you didn't ask to be run) you can answer "NO" and the Program/Potential Malware/nonsense is blocked. When this is turned off (as it is now) the changes just sail right through and then you and I are spending some quality time together undoing the changes ;)

 

This link will tell you a little more and tell you how to turn on UAC

 

Updating Adobe Reader

  • Malware will exploit any vulnerabilities it can find in outdated software. If you are using Adobe Reader for reading pdf files, try using FoxIt Reader. It is a very capable alternative to Adobe.
  • Please click here to download FoxIt Reader.
  • If you wish to continue to use Adobe Reader, then please update it by clicking here.
  • Please remember to uncheck the option to install Chrome for use as your default browser.

Let me know how that goes :)


  • 0

#20
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

How are doing with this? :) Any issues?


  • 0

#21
kzion

kzion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Sorry for the long wait, been busy with work, the adobe update issue was because i was afraid of it being a virus masking as adobe update notification, but already updated.
UAC generally i have it off to play online games which sometimes get locked when the popup of UAC appears, but as of now i have it up and running.

 

As of the lap, it feels really well now, haven't found any new issue yet, hope it keeps that way.

Thank you for your posts.


Edited by kzion, 09 December 2014 - 06:02 PM.

  • 0

#22
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Glad things are going well. :)  Here are you next steps as we head into the final stretch.
 
51a5ce45263de-delfix.png Clean with DelFix
 
Please download DelFix by Xplode and save it to your desktop.
 
  • Right-click on 51a5ce45263de-delfix.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Ensure that Remove disinfection tools, Purge system restore and Reset system settings are checked.
  • Push Run.
  • When finished, it will display a notepad report.
 
Include it for my review
 

Since we're getting close the end here, I wanted to post some Preventive Measures for you to consider as well.

 

Make sure to come back and let me know how all this works and if you have any questions.

Cryptolocker prevention
Cryptolocker is a new ransomware that heavily encrypts your important files. At the moment there are no programs that can decrypt these files. You can read how to protect against it here.

 

Preventing Re-Infection

An ounce of prevention is better than a pound of cure, so, I have listed some tips for you to stay safe on the internet in the future.

WARNING!: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java. Have a look at this article.

I would recommend that you completely uninstall Java unless you need it to run an important software. In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you still want to keep Java

  • Click the Start button
  • Click Control Panel
  • Double Click Java - Looks like a coffee cup. You may have to switch to Classical View on the upper left of the Control Panel to see it.
  • Click the Update tab
  • Click Update Now
  • Allow any updates to be downloaded and installed
  • Warning!: Make sure to uncheck Optional offer box when downloading Java or you will install an adware on your computer.

Adobe products have to always be updated, because they also are being used to infect your computer.

  • If you want to update Adobe Flash Player, visit this site.
  • If you want to update Adobe Reader, visit this site.
  • Warning!: Make sure to uncheck Optional offer box when downloading Adobe products or you will install an adware on your computer.

Turning on Automatic Updates is a crucial security measure. Keeping them out-of-date is like begging to get your system infected.

  • Click Start > Control Panel > System and Security > Windows Update
  • Under Windows Update click Turn automatic updating on or off
  • Make sure that your settings are set so that you will receive updates automatically and click OK.

FileHippo is one of programs that can check for out-of-date programs on your computer. You can get it here

Recommendations for security programs

  • Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is totally free but for real-time protection you will have to pay a small one-time fee.
  • WinPatrol as a robust security monitor, will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes a snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.

For some good tips about how to prevent infection in the future, visit this site.


  • 0

#23
kzion

kzion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Hello,
Thanks for the tips, i think i'll give winpatrol a chance

Also here is the log from delfix.txt

# DelFix v10.8 - Logfile created 10/12/2014 at 17:32:55
# Updated 29/07/2014 by Xplode
# Username : Kzion - DEZINA
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Kzion\Desktop\FRST-OlderVersion
Deleted : C:\Users\Kzion\Desktop\Addition old2.txt
Deleted : C:\Users\Kzion\Desktop\Addition.txt
Deleted : C:\Users\Kzion\Desktop\Additionold.txt
Deleted : C:\Users\Kzion\Desktop\adwcleaner_4.101.exe
Deleted : C:\Users\Kzion\Desktop\adwcleaner_4.103.exe
Deleted : C:\Users\Kzion\Desktop\Extras.Txt
Deleted : C:\Users\Kzion\Desktop\Fixlog old.txt
Deleted : C:\Users\Kzion\Desktop\Fixlog.txt
Deleted : C:\Users\Kzion\Desktop\FRST old2.txt
Deleted : C:\Users\Kzion\Desktop\FRST.txt
Deleted : C:\Users\Kzion\Desktop\FRST64.exe
Deleted : C:\Users\Kzion\Desktop\FRSTold.txt
Deleted : C:\Users\Kzion\Desktop\JRT.exe
Deleted : C:\Users\Kzion\Desktop\JRT.txt
Deleted : C:\Users\Kzion\Desktop\logfile old.txt
Deleted : C:\Users\Kzion\Desktop\logfile.txt
Deleted : C:\Users\Kzion\Desktop\OTL.Txt
Deleted : C:\Users\Kzion\Desktop\OTL.exe
Deleted : C:\Users\Kzion\Desktop\SecurityCheck.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
 
~ Cleaning system restore ...
 
Deleted : RP #214 [Scheduled Checkpoint | 11/29/2014 22:58:54]
Deleted : RP #215 [Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 | 12/05/2014 00:01:21]
 
New restore point created !
 
~ Resetting system settings ... OK
 
########## - EOF - ##########
 
Thank you for your support.

  • 0

#24
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

DId the machine run clean over the weekend? Any issues before we close? :)


  • 0

#25
kzion

kzion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Hello,

So far so good, i think we can close this case
Thank you very much for all the help and info provided.


  • 0

Advertisements


#26
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

So far so good, i think we can close this case
Thank you very much for all the help and info provided.

 

Excellent news! You are quite welcome :)

 

It's been a pleasure :thumbsup:      If you need anything else, don't hesitate to stop back :) :wave:


  • 0

#27
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP