[Mr. C- More help needed]

Thanks so much!

[Mr. C- More help needed]

microsoft safety scanner also clean......is there anything else I should do?

[Mr. C- More help needed]

The Microsoft malicious software came up clean ....will try the microsoft security scanner next.........

[Mr. C- More help needed]

microsoft malicious software removal tool still sees it, but I think its in that OTL folder???

Happy Thanksgiving!

mrt.log

[Mr. C- More help needed]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 3.4.3 (11.21.2012)

OS: Windows 7 Home Premium x64

Ran by BNB on Wed 11/21/2012 at 19:23:20.22

Blog: http://thisisudax.blogspot.com

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Wed 11/21/2012 at 19:27:50.88

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Mr. C- More help needed]

ok...thanks for your time.

[Mr. C- More help needed]

I didn't delete anything yet.....it found 3 trojans, but they don't seem to have the same name......

HitmanPro_20121121_1405.log

[Mr. C- More help needed]

sorry

Malwarebytes Anti-Malware (Trial) 1.65.1.1000

www.malwarebytes.org

Database version: v2012.11.21.07

Windows 7 x64 NTFS

Internet Explorer 8.0.7600.16385

BNB :: BNB-PC [administrator]

Protection: Enabled

11/21/2012 11:00:27 AM

mbam-log-2012-11-21 (11-00-27).txt

Scan type: Full scan (C:\|D:\|E:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 391662

Time elapsed: 1 hour(s), 32 minute(s), 38 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[Mr. C- More help needed]

Scan completed and log attached.

Not sure if it matters, but Malwarebytes never detected it before.

protection-log-2012-11-21.txt

[Mr. C- More help needed]

I had uninstalled it weekend before last when I was cleaning everything up and have not reinstalled it.........I can find this file now that _OTL found it and has it in its moved file folder..........thoughts?

[Mr. C- More help needed]

Can I just open the folder, delete the file, and be good?

[Mr. C- More help needed]

Made it almost to the end of the scan before it located it again =(

mrt.log

[Mr. C- More help needed]

On this infection, I don't think I had noticed a problem......but, anti-virus found a problem and I thought I should get it removed. Should I run the tools that kept finding it again?

[Mr. C- More help needed]

========== FILES ==========

C:\Users\BNB\AppData\Local\Google\Chrome\Application\21.0.1180.89\Extensions\chromeupdate.crx moved successfully.

File\Folder C:\Users\BNB\AppData\Local\chromeupdate.crx not found.

File\Folder C:\Users\BNB\AppData\Local\{3CF27234-0DDB-11E2-8271-B8AC6F996F26} not found.

========== REGISTRY ==========

Registry key HKEY_CURRENT_USER\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cdjbnddbclciabnckgeahmneohjlahdm\ deleted successfully.

Registry key HKEY_USERS\S-1-5-21-448086352-994739028-191266335-1000\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cdjbnddbclciabnckgeahmneohjlahdm\ not found.

Registry key HKEY_USERS\S-1-5-21-448086352-994739028-191266335-1000_Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cdjbnddbclciabnckgeahmneohjlahdm\ not found.

Registry value HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\{3CF27234-0DDB-11E2-8271-B8AC6F996F26} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CF27234-0DDB-11E2-8271-B8AC6F996F26}\ not found.

Registry value HKEY_USERS\S-1-5-21-448086352-994739028-191266335-1000\Software\Mozilla\Firefox\Extensions\\{3CF27234-0DDB-11E2-8271-B8AC6F996F26} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CF27234-0DDB-11E2-8271-B8AC6F996F26}\ not found.

OTL by OldTimer - Version 3.2.69.0 log created on 11212012_083801

[Mr. C- More help needed]

System look log attached....thanks!

SystemLook.txt

[Mr. C- More help needed]

I think I messed up and told the eset to uninstall when complete....so I think that's why I don't have the log. I re downloaded and ran the Microsoft malicious software tool. It is still saying the file is still there......

mrt.log

[Mr. C- More help needed]

It found three items, but I can't locate the log now. So sorry.

[Mr. C- More help needed]

Results of screen317's Security Check version 0.99.54

Windows 7 x64 (UAC is enabled)

Out of date service pack!!

Internet Explorer 8 Out of date!

``````````````Antivirus/Firewall Check:``````````````

Windows Security Center service is not running! This report may not be accurate!

Windows Firewall Enabled!

McAfee Anti-Virus and Anti-Spyware

WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.65.1.1000

Adobe Flash Player 11.4.402.278

Mozilla Firefox (16.0.2)

Google Chrome 21.0.1180.89

Google Chrome Plugins...

````````Process Check: objlist.exe by Laurent````````

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:

````````````````````End of Log``````````````````````

[Mr. C- More help needed]

It wouldn't scan......the note pad reads : UNSUPPORTED OPERATING SYSTEM! ABORTED!

[Mr. C- More help needed]

Still found by Windows Malicious Software removal tool too.

[Mr. C- More help needed]

I thought good. McAfee scan came up clean, but Microsoft Safety Scanner shows Trojan:JS/Medfos.B Partially removed still. I am attaching the log; today's results are at the bottom of the log (it has all three scans). What do you suggest next? Thanks for your continued help.

msert.log

[Mr. C- More help needed]

I did delete the three set up apps I found when I searched. Here are the logs. I think the Junkware may have found it and deleted it.

AdwCleanerS1.txt

JRT.txt

[Mr. C- More help needed]

I can't find this extension. I had deleted chrome last week, during my clean up.....but, I came across a chromesetup app in the downloads from 11/10/12.....could that be it?

[Mr. C- More help needed]

Microsoft security scan just found it again and reported it partially removed it =(

msert.log

[Mr. C- More help needed]

I just did this. What should I do next?