Jump to content

snadler

Members
  • Posts

    4
  • Joined

  • Last visited

Everything posted by snadler

  1. Thank you for your help. Attached are both log files you requested. FRST.txt Addition.txt
  2. Hello, I see there has been no reply to my topic yet all of the posts after mine have received replies. Will I be able to receive a review of my situation? Either way, I would appreciate someone letting me know.
  3. Hello, from reading a prior topic I believe I have removed the Vosteran Malware, but I wanted to ask for some help to make sure. I'd also like to thank you (in advance) as well as Malwarebytes for making such an outstanding product and providing such a great service. My first MWB log: Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 1/1/2015Scan Time: 11:04:47 PMLogfile: MWB Log 1.txtAdministrator: Yes Version: 2.00.4.1028Malware Database: v2015.01.02.03Rootkit Database: v2014.12.30.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: snadle01 Scan Type: Threat ScanResult: CompletedObjects Scanned: 435493Time Elapsed: 8 min, 17 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: WarnPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end) Then I downloaded and ran Adware Cleaner and here is that log: # AdwCleaner v4.106 - Report created 01/01/2015 at 23:16:28# Updated 21/12/2014 by Xplode# Database : 2015-01-01.1 [Live]# Operating System : Windows 7 Professional Service Pack 1 (64 bits)# Username : snadle01 - BLB7CW1# Running from : C:\Users\snadle01\Downloads\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** Service Deleted : PCKeeper2ServiceService Deleted : PCKeeperOcfService ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\apnFolder Deleted : C:\ProgramData\Driver SupportFolder Deleted : C:\ProgramData\KromtechFolder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileOpenerFolder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KromtechFolder Deleted : C:\Program Files (x86)\TweaksFolder Deleted : C:\Program Files (x86)\Driver SupportFolder Deleted : C:\Users\snadle01\AppData\Local\Temp\apnFolder Deleted : C:\Users\snadle01\AppData\Local\Temp\Framed DisplayFolder Deleted : C:\Program Files\KromtechFolder Deleted : C:\Users\snadle01\AppData\Local\KromtechFolder Deleted : C:\Users\snadle01\AppData\Roaming\DigitalSitesFolder Deleted : C:\Users\snadle01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driver SupportFolder Deleted : C:\Users\snadle01\Documents\Optimizer ProFile Deleted : C:\Users\snadle01\AppData\Local\Temp\DriverSupport.exeFile Deleted : C:\Users\snadle01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorageFile Deleted : C:\Users\snadle01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage-journalFile Deleted : C:\Users\snadle01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorageFile Deleted : C:\Users\snadle01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journalFile Deleted : C:\Users\snadle01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorageFile Deleted : C:\Users\snadle01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journalFile Deleted : C:\Users\snadle01\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal ***** [ Scheduled Tasks ] ***** Task Deleted : Driver Support-RTMRulesTask Deleted : Driver Support-RTMScanTask Deleted : Driver Support-RTMUpdaterTask Deleted : LaunchSignup ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{62C968DD-0E2A-43E2-B93F-EADB45AA9C0F}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}Key Deleted : HKCU\Software\Bitberry SoftwareKey Deleted : HKCU\Software\BitberryKey Deleted : HKCU\Software\Optimizer ProKey Deleted : HKCU\Software\Framed DisplayKey Deleted : HKCU\Software\DriverSupportKey Deleted : HKCU\Software\VosteranKey Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}Key Deleted : HKLM\SOFTWARE\InstallCoreKey Deleted : HKLM\SOFTWARE\Framed DisplayKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\File Opener PackagesKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DriverSupportKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Tweaks FileOpener ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16592 -\\ Google Chrome v39.0.2171.95 [C:\Users\snadle01\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : aaaaaiabcopkplhgaedhbloeejhhankf[C:\Users\snadle01\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : oilkkkefbalmbfppgjmgjoefbclebkce ************************* AdwCleaner[R0].txt - [4513 octets] - [01/01/2015 23:15:21]AdwCleaner[s0].txt - [4245 octets] - [01/01/2015 23:16:28] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4305 octets] ########## Then I downloaded and ran Junkware Removal Tool (JRT) and here is that log: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.4.1 (12.28.2014:1)OS: Windows 7 Professional x64Ran by snadle01 on Thu 01/01/2015 at 23:21:17.75~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\snadle01\appdata\local\pc_drivers_headquarters" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Thu 01/01/2015 at 23:23:52.24End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Then I ran MalwareBytes again following prior instruction to another user to: - Enable Scan for rootkit - Set both PUP and PUM to Treat detections as malware Here is the MWB log after that: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 1/1/2015Scan Time: 11:28:18 PMLogfile: MWB Log 2.txtAdministrator: Yes Version: 2.00.4.1028Malware Database: v2015.01.02.03Rootkit Database: v2014.12.30.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: Disabled OS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: snadle01 Scan Type: Threat ScanResult: CompletedObjects Scanned: 436857Time Elapsed: 7 min, 42 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: EnabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 2PUP.Optional.AceRace.A, HKU\S-1-5-21-1216698204-1542668753-1093625069-611774-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{68182220-3C75-49D9-A9C4-4093D3986279}, Quarantined, [e12082e7acd095a16db028b2cc3636ca], PUP.Optional.AceRace.A, HKU\S-1-5-21-1216698204-1542668753-1093625069-611774-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{68182220-3C75-49D9-A9C4-4093D3986279}, Quarantined, [e12082e7acd095a16db028b2cc3636ca], Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end) That is as far as I have gone and everything seems to be clean and the system appears to operating normally. I look forward to your response and any further suggestions. By the way, I believe I obtained this from downloading a .zip program to open .rar files Thanks, Steve
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.