Jump to content

May be infected with Malware please help.

statman

By statman
in Resolved Malware Removal Logs

 Share

Recommended Posts

statman

statman

Posted
Posted

Hello , first off I own Malwarebytes  so I hope it caught all of the malware and PUP detections. I downloaded a program called youtube mp3 downloader from CNET so I thought it would be safe to install. Upon installing the program , Malwarebytes  detected  Trojan.Agent.ED so I followed all the prompts to get rid of it. I rebooted and decided to a full scan with Malwarebtes  and it detected 98 PUP infections so I checked off all of them and rebooted to have them removed also. I then ran Superantispyware free addition and it came up with nothing. I ran Malwarebytes again and it found two more files so I checked off and rebooted to delete them. Then I ran Microsoft Security Essentials full scan and it came up with nothing. Ran malwarebytes again and it came up with nothing this time. I did notice the youtube program installed something called Search Protect which I think Malwarebytes uninstalled since I don't see it anymore.

 

Thanks for the help.

 

 

DDS.txt

dds1.txt

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Welcome to the forum.

Please follow this procedure:

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Make sure you click on download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Well it seems to running fine.  Can this type of infection cause you to be at risk for stealing passwords and private info?

No....

Lets check your computers security before you go and we have a little cleanup to do also:

Download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!
MrC
Link to post
Share on other sites
statman

statman

Posted
  • Author
Posted

I did that but no results. I think something happened a long time ago with my notepad program but I don't remember what it was. Part of it might have gotten deleted somewhere but it has not worked the same since. I never really worried about it because I hardly ever use it. I don't know if there is some way to repair it back to normal without doing a reinstall of windows which I don't want to do right now. Do you know a way to fix it?

Link to post
Share on other sites
statman

statman

Posted
  • Author
Posted

Well I went through all of that and when I hit  Win+R and typed in notepad it doesn't come up. So I went back to my old notepad and it does come up when I type it in. That's telling me it must be working to generate notepad files when a program prompts it to. I ran Security checker again and I did catch some of the stuff zipping by about not recognizing the system or unsupported. 

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

OK, do this instead:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • List Installed Programs
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

MrC

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

OK, the important ones are the correct update.

A little clean up to do....

-----------------------------

Please download OTC to your desktop. (This will clean up most of the tools and logs)

http://oldtimer.geekstogo.com/OTC.exe

Double-click OTC to run it. (Vista and up users, please right click on OTC and select "Run as an Administrator")

Click on the CleanUp! button and follow the prompts.

(If you get a warning from your firewall or other security programs regarding OTC attempting to contact the Internet, please allow the connection.)

You will be asked to reboot the machine to finish the Cleanup process, choose Yes.

After the reboot all the tools we used should be gone.

Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind.

Any other programs or logs you can manually delete. (right click.....Delete)

IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST, MBAR, etc....AdwCleaner > just run the program and click uninstall.

Note:

If you used FRST and can't delete the quarantine folder:

Download the fixlist.txt to the same folder as FRST.exe.

Run FRST.exe and click Fix only once and wait

That will delete the quarantine folder created by FRST.

The rest you can manually delete.

-------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.