Mortalblood Posted December 28, 2013 ID:769880 Share Posted December 28, 2013 A while ago i made a topic to kevinf80 to help me clean my pc it got cleaned up since then i havent downloaded anything but some how i got this after the newest update and i dont have anything in my extentions tab in mozillaMalwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.orgDatabase version: v2013.12.28.04Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16476User :: USER-PC [administrator]28/12/2013 10:27:08 PMmbam-log-2013-12-28 (22-27-08).txtScan type: Full scan (C:\|D:\|E:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2PScan options disabled:Objects scanned: 446189Time elapsed: 32 minute(s), 45 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 1HKCU\Software\Mozilla\Firefox\EXTENSIONS|{B21F5E31-B8E8-41CD-B74C-168A71A10E49} (PUP.Optional.GreatArcadeHits.A) -> Data: C:\Users\User\AppData\Local\GreatArcadeHits\gahff.xpi -> Quarantined and deleted successfully.Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end)I just removed it with malwarebytes and it was in quarantine but i removed it im just wondering is this a keylogger or something ? Link to post Share on other sites More sharing options...
Mortalblood Posted December 28, 2013 Author ID:769882 Share Posted December 28, 2013 Or is my pc still infected with it Link to post Share on other sites More sharing options...
Mortalblood Posted December 28, 2013 Author ID:769887 Share Posted December 28, 2013 2nd scan shows clean now continuing scan with Superantispyware Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.orgDatabase version: v2013.12.28.04Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16476User :: USER-PC [administrator]28/12/2013 11:07:49 PMmbam-log-2013-12-28 (23-07-49).txtScan type: Full scan (C:\|D:\|E:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2PScan options disabled:Objects scanned: 446668Time elapsed: 25 minute(s), 21 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
Mortalblood Posted December 28, 2013 Author ID:769895 Share Posted December 28, 2013 and superantispyware show's clean Link to post Share on other sites More sharing options...
Mortalblood Posted December 29, 2013 Author ID:770165 Share Posted December 29, 2013 Bump Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 31, 2013 Root Admin ID:771042 Share Posted December 31, 2013 Please go ahead and run through the following steps and post back the logs when ready.STEP 03Please download Malwarebytes Anti-Rootkit from hereUnzip the contents to a folder in a convenient location.Open the folder where the contents were unzipped and run mbar.exeFollow the instructions in the wizard to update and allow the program to scan your computer for threats.Click on the Cleanup button to remove any threats and reboot if prompted to do so.Wait while the system shuts down and the cleanup process is performed.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txtSTEP 04Please download Junkware Removal Tool to your desktop.Shutdown your antivirus to avoid any conflicts.Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.The tool will open and start scanning your system.Please be patient as this can take a while to complete.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next reply messageWhen completed make sure to re-enable your antivirusSTEP 05Lets clean out any adware now: (this will require a reboot so save all your work)Please download AdwCleaner by Xplode and save to your Desktop.Double click on AdwCleaner.exe to run the tool.Vista/Windows 7/8 users right-click and select Run As AdministratorClick on the Scan button.AdwCleaner will begin...be patient as the scan may take some time to complete.When it's done you'll see: Pending: Please uncheck elements you don't want removed.Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.Look over the log especially under Files/Folders for any program you want to save.If there's a program you may want to save, just uncheck it from AdwCleaner.If you're not sure, post the log for review. (all items found are adware/spyware/foistware)If you're ready to clean it all up.....click the Clean button.After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.Copy and paste the contents of that logfile in your next reply.A copy of that logfile will also be saved in the C:\AdwCleaner folder.Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\QuarantineTo restore an item that has been deleted:Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.Then..................Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.Make sure that everything is checked, and click Remove Selected.STEP 06Please go here to run the online antivirus scannner from ESET.Turn off the real time scanner of any existing antivirus program while performing the online scanTick the box next to YES, I accept the Terms of Use.Click StartWhen asked, allow the activex control to installClick StartMake sure that the option Remove found threats is untickedClick on Advanced Settings and ensure these options are ticked:Scan for potentially unwanted applicationsScan for potentially unsafe applicationsEnable Anti-Stealth TechnologyClick ScanWait for the scan to finishIf any threats were found, click the 'List of found threats' , then click Export to text file....Save it to your desktop, then please copy and paste that log as a reply to this topic.STEP 07Please download the Farbar Recovery Scan Tool and save it to your desktop.Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bitDouble-click to run it. When the tool opens click Yes to disclaimer.Press the Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well. Link to post Share on other sites More sharing options...
Mortalblood Posted December 31, 2013 Author ID:771139 Share Posted December 31, 2013 Sorry to keep u wating at a holiday resort for 10 days and ill be back on 9th of January Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 31, 2013 Root Admin ID:771319 Share Posted December 31, 2013 Well I'll be on a couple days vacation then when you get back. I'll go ahead and close your topic for now and you can either reopen it when you get back by sending a request to an Admin or Moderator or you can start a new post, or wait for me to get back too. Thanks and hope you're having a good time at the resort and Happy New Year. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 3, 2014 Root Admin ID:772682 Share Posted January 3, 2014 Reply to keep topic open Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 9, 2014 Root Admin ID:775699 Share Posted January 9, 2014 Topic unlocked but I'm out of town so cannot assist right now. Link to post Share on other sites More sharing options...
Mortalblood Posted January 9, 2014 Author ID:775701 Share Posted January 9, 2014 Done everything what u told me to do want me to post it soon anyways? And btw areAny of the program's u told me to download bad for my pc? Link to post Share on other sites More sharing options...
Mortalblood Posted January 9, 2014 Author ID:775710 Share Posted January 9, 2014 This is Mbarmbar-log-2014-01-09 (15-39-43).txtmbar-log-2014-01-09 (15-45-14).txtmbar-log-2014-01-09 (15-50-03).txtsystem-log.txt Link to post Share on other sites More sharing options...
Mortalblood Posted January 9, 2014 Author ID:775711 Share Posted January 9, 2014 This is the Junkware Removal Tool text JRTJRT.txt Link to post Share on other sites More sharing options...
Mortalblood Posted January 9, 2014 Author ID:775712 Share Posted January 9, 2014 These are the Adwarecleaner Text'sAdwCleanerR0.txtAdwCleanerS0.txt Link to post Share on other sites More sharing options...
Mortalblood Posted January 9, 2014 Author ID:775713 Share Posted January 9, 2014 This is my malwarebytes quick scan just renamed it so i can know what it wasquick scan.txt Link to post Share on other sites More sharing options...
Mortalblood Posted January 9, 2014 Author ID:775714 Share Posted January 9, 2014 Eset Online scaner Link to post Share on other sites More sharing options...
Mortalblood Posted January 9, 2014 Author ID:775716 Share Posted January 9, 2014 This is the FRST scan TextsFRST.txtAddition.txt Link to post Share on other sites More sharing options...
CarlosTurco Posted January 11, 2014 ID:776613 Share Posted January 11, 2014 Hi Mortalblood, As Ron said, he needed to leave. I'll be taking your topic. Next, Step 1 Download Security Check by screen317 from HERE or HERE.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.If you get Unsupported operating system. Aborting now, just reboot and try again.A Notepad document should open automatically called checkup.txt.Please Post the contents of that document.Do Not Attach It!!! Step 2 Download Zoek (By Smeenk) and save that file to your Desktop.http://www.hijackthi...220813/zoek.zip Double click zip file and extract to your Desktop: Select these lines inside CODE, right click on the selection and choose Copy. autoclean;emptyclsid;torpigcheck;shortcutfix;standardsearch; Right click on any white part of Zoek and select the paste option. Click the button [Run Script] Wait for the scan. At the end of the report will be generated C: \ zoek-results.txt Copy your content and post in your next response. NOTE1: If Zoek find files that you can not remove, you may have to restart your PC. Do this immediately, when asked whether to restart the PC. NOTE2: This script has been prepared only for this computer, according to the files and keys present. Link to post Share on other sites More sharing options...
Mortalblood Posted January 11, 2014 Author ID:776622 Share Posted January 11, 2014 Results of screen317's Security Check version 0.99.78 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! Windows Firewall Enabled! Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 45 Adobe Flash Player 11.9.900.170 Adobe Reader XI Mozilla Firefox (26.0) Google Chrome 31.0.1650.57 Google Chrome 31.0.1650.63 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe`````````````````System Health check````````````````` Total Fragmentation on Drive C: 12% Defragment your hard drive soon! (Do NOT defrag if SSD!)````````````````````End of Log`````````````````````` Link to post Share on other sites More sharing options...
Mortalblood Posted January 11, 2014 Author ID:776623 Share Posted January 11, 2014 only ths pops up nothing else Link to post Share on other sites More sharing options...
Mortalblood Posted January 11, 2014 Author ID:776625 Share Posted January 11, 2014 this notepad opens afterzoek-results.txt Link to post Share on other sites More sharing options...
Mortalblood Posted January 11, 2014 Author ID:776626 Share Posted January 11, 2014 so only the pic i posted and the log i posted only comes up Link to post Share on other sites More sharing options...
CarlosTurco Posted January 11, 2014 ID:776635 Share Posted January 11, 2014 only ths pops up nothing else You downloaded the wrong tool. Try this link. http://www.hijackthis.nl/smeenk/201213/zoek.zip Link to post Share on other sites More sharing options...
Mortalblood Posted January 11, 2014 Author ID:776639 Share Posted January 11, 2014 want me to make it a attatchment or copy paste it Link to post Share on other sites More sharing options...
Mortalblood Posted January 11, 2014 Author ID:776643 Share Posted January 11, 2014 i named it number2 cause not sure if the other one was from this scan or other but ill make it an attatchment cause its very long and has a ton of writingzoek-results2.txt Link to post Share on other sites More sharing options...
Recommended Posts