Scorpion Saver, Tried other things still not gone

[Mcrakin]

I was a moron and installed a program I know and trust but I failed to realize when I was hitting accept I was allowing this stupid program to be installed.

I have tried this https://forums.malwarebytes.org/index.php?showtopic=137694

and some of this

I also tried to do this http://www.bleepingcomputer.com/virus-removal/remove-scorpion-saver although I did not do it in safe mode.

I also ran my virus protection software ESET, it found 11 threats but I never saw the option to clean or delete them.
 

Here is my systemlook.txt after doing all of the above

SystemLook.txt

[AdvancedSetup]

Did you run MBAM and check for updates and then do a Full Scan?

 

If so please post back that log.  If not then please do so and when completed post back the log.

 

I'll be heading out in a bit but go ahead and post the log and I'll check back on you tomorrow.

 

Thanks

[Mcrakin]

Should I do it in safe mode? I ran it last night but did not save the log. I am running it again right now but not in safe mode.

[AdvancedSetup]

No we want you to run from Normal Mode when possible.

 

Please post the log when ready.

[Mcrakin]

I am going to post 2 logs, the first is when I ran it the first time a couple of days ago before I tried anything then I will post the log from today, sorry for the delay. Ill check this topic again tomorrow.

1st.txt

3rd.txt

[AdvancedSetup]

Are you seeing any signs or issues anymore from Scorpion Saver ?

Please download Security Check by screen317 from HERE or HERE.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• If you get Unsupported operating system. Aborting now, just reboot and try again.
• A Notepad document should open automatically called checkup.txt.
• Please Post the contents of that document.
• Do Not Attach It!!!

[Mcrakin]

Yeah, Scorpien Saver is still installed. I have tried to remove it from the remove programs tool (after starting malwarebytes and everything else I'v tired). I got Scropien Saver from downloading and in stalled PDF- XChange Viewer, when I went to install it I was not paying attention (it was the first day after finals and in the morning I was trying to help my mom) and just hit accept (thinking it was legal stuff) from this site http://download.cnet.com/PDF-XChange-Viewer/3000-10743_4-10598377.html.

Here is the information you asked for

 Results of screen317's Security Check version 0.99.77  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
ESET NOD32 Antivirus 5.2   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 25  
 Java version out of Date!
 Adobe Flash Player 11.9.900.170  
 Adobe Reader 10.1.5 Adobe Reader out of Date!  
 Mozilla Firefox (25.0.1)
 Google Chrome 31.0.1650.57  
 Google Chrome 31.0.1650.63  
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Seagate DriveSettings Sync SeagateDriveSettingsService.exe
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
 

[AdvancedSetup]

Please uninstall ALL versions of Java and update your Adobe Reader.

Then run the following

Please visit this webpage and read the ComboFix User's Guide:

• Once you've read the article and are ready to use the program you can download it directly from the link below.
• Important! - Please make sure you save combofix to your desktop and do not run it from your browser
• Direct download link for: ComboFix.exe
• Please make sure you disable your security applications before running ComboFix.
• Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
• Please attach that log file to your next reply.
• If needed the file can be located here: C:\combofix.txt
• NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.

[Mcrakin]

On a short inspection it appears the problem is fixed. Thank you so very very very much. Is there a way I can give you any money for helping me? I saw someone had a donate option on their sig on another option, I cant give you a whole lot but maybe enough for you to buy dinner or something. I will check this forum later or tomorrow, thank you so much, please keep this topic open for one or two more days just encase something happens. Im going to defrag my computer now.

combolixlog.txt

[AdvancedSetup]

I'm very sorry, it looks like I overlooked your reply somehow.  Just now seeing it and looking at your log it would appear you probably have a few left over items that should still be cleaned up.

 

If you're still around and would like further assistance please let me know.

 

Thanks

 

These are not normal settings to have for most users on their browsers.

 

uInternet Settings,ProxyOverride = 192.168.*.*;*.local
uInternet Settings,ProxyServer = http=127.0.0.1:64000

[AdvancedSetup]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!