Jump to content

DanJ75

Members
  • Posts

    8
  • Joined

  • Last visited

Reputation

0 Neutral

Profile Information

  • Location
    UK
  • Interests
    Fighting and fucking
  1. That's great, many thanks! As I am using Win7 rather than XP, does this mean I do not have to worry about "keeping the registry backed up (mainly for XP), and installing the Windows XP Recovery Console"? Cheers Dan
  2. Well, I wasn't really experiencing any slowness - maybe a bit from time to time but nothing long-term obvious. The worst of it was discovering Avast! disabled on Monday, then I scanned with Mbytes and found the 14 entries, Tuesday everything was clear, then today I did a quick scan and found 2 entries - that's when I decided to seek expert help! So now I will do a quick scan every day and keep an eye on things. Anything else I should do/know about? Many thanks for your help and superbly clear instructions by the way!
  3. Malwarebytes completed, nothing found: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.08.28.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16660 Dan :: INSPIRON5040 [administrator] 28/08/2013 21:51:10 mbam-log-2013-08-28 (21-51-10).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 272395 Time elapsed: 14 minute(s), 48 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  4. Here's the post-clean log: # AdwCleaner v3.001 - Report created 28/08/2013 at 21:38:35 # Updated 24/08/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Dan - INSPIRON5040 # Running from : C:\Users\Dan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\33N8SIPR\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\InstallMate Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search Folder Deleted : C:\Users\Dan\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Dan\AppData\LocalLow\ConduitEngine Folder Deleted : C:\Users\Dan\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar Folder Deleted : C:\Users\Chloe\AppData\LocalLow\AVG Secure Search Folder Deleted : C:\Users\Chloe\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Chloe\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar Folder Deleted : C:\Users\Chloe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Folder Deleted : C:\Users\Chloe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof File Deleted : C:\windows\SysWOW64\conduitEngine.tmp ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1 Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\IGearSettings Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\Freecause Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 ************************* AdwCleaner[R0].txt - [4891 octets] - [28/08/2013 21:27:19] AdwCleaner[s0].txt - [4881 octets] - [28/08/2013 21:38:35] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4941 octets] ##########
  5. Here's the first AdwCleaner Log: # AdwCleaner v3.001 - Report created 28/08/2013 at 21:27:19 # Updated 24/08/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Dan - INSPIRON5040 # Running from : C:\Users\Dan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\33N8SIPR\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Found : C:\windows\SysWOW64\conduitEngine.tmp Folder Found : C:\Users\Chloe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Folder Found : C:\Users\Chloe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search Folder Found C:\ProgramData\InstallMate Folder Found C:\Users\Chloe\AppData\LocalLow\AVG Secure Search Folder Found C:\Users\Chloe\AppData\LocalLow\Conduit Folder Found C:\Users\Chloe\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar Folder Found C:\Users\Dan\AppData\LocalLow\Conduit Folder Found C:\Users\Dan\AppData\LocalLow\ConduitEngine Folder Found C:\Users\Dan\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\AppDataLow\Software\conduitEngine Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Found : HKCU\Software\AppDataLow\Software\Freecause Key Found : HKCU\Software\AppDataLow\Software\Toolbar Key Found : HKCU\Software\AppDataLow\Toolbar Key Found : HKCU\Software\IGearSettings Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com Key Found : [x64] HKCU\Software\IGearSettings Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36} Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323} Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023} Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA} Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 ************************* AdwCleaner[R0].txt - [4739 octets] - [28/08/2013 21:27:19] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4799 octets] ########## I don't see anything in there I want to keep. Cheers Dan
  6. MrCharlie, Many thanks! I'll get right on that, but in the meantime, I was reading your tips with great interest and have a couple of quick questions: In your opinion, is Msoft Security Essentials better than Avast!? and Is PC Tools FW + better than Zonealarm? Cheers Dan
  7. I'm a Malwarebytes free user and I also use Avast for real time protection. I have utorrent but it is disabled from running automatically (I use WinPatrol to manage this sort of thing). My last few scans have turned up multiple examples of this: pup.optional.delta.a Although I have removed them using Malwarebytes it keeps coming back, and on Monday 26th Aug I discovered 14 entries and it had disabled Avast updates and broken its ability to repair - I decided to disconnect from the internet and un-install and then re-install Avast, which now reports it is running and updating as normal. Can you please assist me to get to the source of this and remove whatever is causing these infections?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.