Jump to content

gooner72

Members
  • Posts

    1
  • Joined

  • Last visited

Everything posted by gooner72

  1. Hi, was infected with wecare trovi, gorilla price etc. I ran malwarebytes and quarantined and deleted a bunch. Problem is, still see we care and others. I was unable to connect to the internet for a bit, but now seems like I can. So I reconfigured settings to my web search choices, but can't disable we care. I also seem to only be able to navigate to https sites not http. I am not very knowledgeable about things so hopefully you can help. I re-ran the malwarebytes scan so I'm posting the threats log: Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 6/23/2014Scan Time: 11:30:49 AMLogfile: Administrator: Yes Version: 2.00.2.1012Malware Database: v2014.06.23.10Rootkit Database: v2014.06.20.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: Disabled OS: Windows Vista Service Pack 2CPU: x64File System: NTFSUser: Ortega Scan Type: Threat ScanResult: CompletedObjects Scanned: 287444Time Elapsed: 15 min, 28 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 23PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, , [5393bbc0e19a93a3855505440ef49967], PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, , [5393bbc0e19a93a3855505440ef49967], PUP.Optional.WeCare.A, HKLM\SOFTWARE\CLASSES\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}, , [dd0937445229ad891fd5dba0fd057090], PUP.Optional.WeCare.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}, , [dd0937445229ad891fd5dba0fd057090], PUP.Optional.WeCare.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F773BB94-6C19-4643-A570-0E429103D1C3}, , [dd0937445229ad891fd5dba0fd057090], PUP.Optional.WeCare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F773BB94-6C19-4643-A570-0E429103D1C3}, , [dd0937445229ad891fd5dba0fd057090], PUP.Optional.WeCare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}, , [dd0937445229ad891fd5dba0fd057090], PUP.Optional.WeCare.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}, , [dd0937445229ad891fd5dba0fd057090], PUP.Optional.WeCare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}, , [dd0937445229ad891fd5dba0fd057090], PUP.Optional.WeCare.A, HKU\S-1-5-21-4278524220-2020624585-3401851079-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}, , [dd0937445229ad891fd5dba0fd057090], PUP.Optional.WeCare.A, HKU\S-1-5-21-4278524220-2020624585-3401851079-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}, , [dd0937445229ad891fd5dba0fd057090], Trojan.Vundo, HKU\S-1-5-21-4278524220-2020624585-3401851079-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{56256A51-B582-467e-B8D4-7786EDA79AE0}, , [8e582457accf68ce37b3c2b3af53d729], Trojan.Vundo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{56256A51-B582-467E-B8D4-7786EDA79AE0}, , [8e582457accf68ce37b3c2b3af53d729], PUP.Optional.FunWebProducts.A, HKU\S-1-5-21-4278524220-2020624585-3401851079-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}, , [fbeb5e1ddaa1c76fa05a473652b0cc34], PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}, , [fbeb5e1ddaa1c76fa05a473652b0cc34], PUP.Optional.DefaultTab.A, HKU\S-1-5-21-4278524220-2020624585-3401851079-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}, , [6a7cee8d304bc472439891b8d131aa56], PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WOW6432NODE\InstallIQ, , [09dd08731f5cf541e991dde8e02258a8], PUP.Optional.WeCare.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ippkomaaonokjnfjoikaemidanojkfmm, , [dd095a21c4b7b77f86df635bba48c33d], PUP.Optional.GorillaPrice, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\gorillaprice, , [a83ecdae8bf07eb8b6db5a71a062fb05], PUP.Optional.GorillaPrice.A, HKU\S-1-5-21-4278524220-2020624585-3401851079-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GorillaPrice, , [db0ba1da77049d9929291baadb271ae6], PUP.Optional.FunWebProducts.A, HKU\S-1-5-21-4278524220-2020624585-3401851079-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Fun Web Products, , [c224c5b65328270fc1f2129d49b9d828], PUP.Optional.FunWebProducts.A, HKU\S-1-5-21-4278524220-2020624585-3401851079-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\FunWebProducts, , [03e31e5d6e0da09622921c93857d11ef], PUP.Optional.FreeCauseTB.A, HKU\S-1-5-21-4278524220-2020624585-3401851079-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\FREECAUSE\Toolbars, , [16d07b00bac153e3e6dd9a28f50d07f9], Registry Values: 2Hijack.Regedit, HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|DisableRegedit, 0, , [499dbebdbcbf0135f62c80bc976c6b95]Hijack.Regedit, HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|DisableRegedit, 0, , [e600d3a8dba0053134ee93a913f0b947] Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 1PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, , [955183f80b70c27453013c89887ac838], Physical Sectors: 0(No malicious items detected) (end)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.